Simon Byrnand wrote:
Not only that, but the sample message header they provided had many of the message fields obfuscated, including the message id tag and the time, making it extremely
The reason they obfuscate some of the fields is that in some cases the report could be going to the spammers themselves, and the concern is that spammer will be able to identify the user who reported them and exact some kind of revenge. IIRC, the munging is set on a per-user basis by the users reporting spam. Some Spamcop users will argue that the spammer could be using a database to key the message id and timestamp to the recipient address. (I tend to think this is excessively paranoid, but some vigilante anti-spammers probably have good reason to exhibit this level of paranoia.) The other thing to bear in mind is that they have no way of knowing which ISPs are "spam-friendly" (ie very happy to recieve payment for the bandwidth used by spammers), which many Spamcop users regard as being just as evil as the spammers themselves and completely worthy of blocking.
I strongly suggest that people DONT do SMTP level blocks using spamcop lists, as they are simply not trustworthy enough, I only use spamcop as a points scoring mechanism in spamassassin, I've never trusted it for outright blocking...
Indeed, Spamcop's own advice to users of the list includes the comments: "SpamCop encourages SCBL users to tag and divert email, rather than block it outright" and "The SCBL is aggressive and often errs on the side of blocking mail." (Quoting http://www.spamcop.net/bl.shtml) If anyone wants to get into a discussion with Spamcop about the issues, you could try their news server at news.spamcop.net. If you have time to spare, that is. Lesley W