6

Possible Duplicate:
What are common/official methods of reporting spam/phishing/nasty-grams to organizations?

My production application receives a lot of emails and I can easily detect spam from it. From that spam, I can parse the dangerous URLs found in the emails. What can I do with this list of hacked sites? Can it be submitted to any organization to help protect from those sites? I know about phishtank.com, but they only want phishing sites.

Also, most of my spam comes from hacked yahoo/aol/hotmail/etc accounts.

Please recommend sites that I could post my list.

3 Answers3

4

There is no site to report it to. You have to report it to the provider hosting the site. This is the only practical way which leads to a shutdown of a site.

You have to address reports directly to the Abuse Desk. Normally it is something like abuse@microsoft.com (Hotmail) or network-abuse@aol (AOL) and others. You find the addresses in the WHOIS database for the IP-range.

When you do it the report must be in the format defined in RFC 5965.

This is how I do report around 10,000 incidents per day.

mailq
  • 141
  • 3
2

It's like a yard of weeds: you kill one generation and the next comes back twice as strong. I've been trying to find a way to help others with spam, and the only method I've found, is http://www.google.com/safebrowsing/report_badware/ or http://help.yahoo.com/l/us/yahoo/search/spam_abuse.html for yahoo or http://www.google.com/contact/spamreport.html another google one.

Other than that, Cloudflare.com offers "bad visitor" protection for sites you host with them.

Gmail's got a nice spam filter, since it learns every day from people reporting stuff as spam.

But unless it's causing YOU problems, let others deal with it on their own. You might make the spam sites angry and they might somehow conspire against your inbox. Trust me, though they are making email vaccines, they don't prevent every type of spam yet. There are only a few doctors that cure spam. Only spam back if it makes you less angry. Other than that, make your web app less vulnerable: Include some sort of "verification" to get the message sent. Captcha is a very nice solution.

Best to you.

  • 6
    Damn. NEVER EVER spam back! This does **not** work! All sender addresses are faked so you reach innocent people. Beware of following these recommendations! This will bring _you_ bad reputation. –  Sep 13 '11 at 21:15
  • It gets your frustration out. That's plenty good for most internet users. –  Sep 13 '11 at 21:16
0

By hacked you probably mean hacked and used for phishing - you really should report them here or on another site which does the similar. FBI once e-mailed me to warn me about phishing page on my server

And nobody needs to hack anybody's AOL, hotmail nor yahoo accounts, e-mail sender isn't needed to be authorized

genesis
  • 718
  • 6
  • 15