Help | Site Map
| Text size: - +
(Answer) (Category) SpamCop FAQ : (Category) SpamCop Parsing and Reporting Service :
How does SpamCop reporting work?

There are Two main parts to SpamCop; the Reporting Service and the Blocking List. Both operate independently of each other, but they also rely on each other to operate effectively. The reporting service allows you to file complaints with appropriate administrators about spam. These reports generate statistics that are fed to the Blocking Service, automatically keeping it up to date. The Blocking Service is made available to mail administrators to use as a standard dnsbl.

Most of this document deals with spam reporting, however the filtering is a necessary part of a spam-free existence, since some companies don't take abuse complaints as seriously as they should. Don't be discouraged though. Reporting alone has been reported to reduce spam by quite a bit.

SpamCop will parse the headers of unwanted email and (if all goes well) phrase a complaint to the system administrator responsible for the spammer's internet access. This complaint will be addressed from a blind SpamCop.net email address, however any responses to that address will be routed to the email address you have provided with your SpamCop account. You may be presented with more than one address to send your complaint to and can select whether to send to each individual address or not.

Network administrators don't usually know that spammers are abusing their networks, nor should they be expected to. However, most administrators are interested to learn of abuse, and they will often take action against the people responsible. This is usually no more severe punishment than yanking the user's account. Some ISPs (Internet service providers) take punishment farther - actually billing the spammers and kicking them off.

Unfortunately, it is usually too difficult to figure out who was responsible for any one email, particularly with the advanced techniques that savvy spammers use. However, the key to this puzzle is the combination of the IP address of the sender and the time and date at which the mail was sent. These two pieces of information can lead an administrator back to the user who actually sent the mail. Both pieces of information are in your email header.

SpamCop uses a combination of network queries (dns, whois) to cross-check all the information in an email header and find the email address of the administrator on the network where the email originated. It then formulates a polite request for discipline, including all the information the admin needs to track down the user responsible.
[Append to This Answer]