I dislike email spam as much as most people, maybe more. For many years I tried various ways to stop or at least minimize spam. I tried systems such as Knujon (“NoJunk” spelled backward), BlueFrog, and Okopipi, but they never worked for me and are long gone.
- Related article: How To Avoid Email Spam
I’ll be using Gmail as the example for using SpamCop because it’s so popular. Arguably, Gmail has the best spam filters of all the email systems. If the Gmail spam filter was always 100% effective in catching spam and never incorrectly placed a valid email in the spam folder, you would never have to deal with spam in Gmail. However, I find that it’s much more often that there is a valid email “caught” by the Gmail spam filter than the spam filter not catching spam. Consequently, each day I have to peruse the list of spam captured to make sure there are no valid emails. That’s fine if you are receiving very few spam emails each day. If you are only receiving a very few, you can stop reading now and go on to your next article.
I had been getting one spam every day or two until July 24th, 2021 when I suddenly received 54! I felt like I had to do something and decided to give SpamCop a try for about a one-month testing period. SpamCop is owned and operated by Cisco Systems, a $250 billion company that makes networking devices like routers and switches. There are two separate parts of SpamCop. One is an email filter that is not free, and the other is just reporting the spam to SpamCop which is free. Since I like “free”, I decided to try just reporting my spam to SpamCop. After a couple of weeks of using SpamCop, I started getting discouraged and considered writing this article showing that SpamCop does NOT work. Below is the graph of the number of spam emails per day versus the 35 days I used SpamCop.
You can see in the above graph why I was discouraged when I hit 71 spams on the 17th day of reporting to SpamCop. However, the very next day it dropped like a stone and stayed low from day 18 through day 35. In fact, in the last 10 days of the study period, I only had three spam emails which is better than the one spam every day or two before using SpamCop. I’m now hooked on always using SpamCop.
How Does SpamCop Work?
SpamCop analyzes the full header information on each spam email to determine from which ISP (Internet Service Provider) that spam originated. SpamCop uses various automated network queries (i.e. DNS, WhoIs) to find the email address of the administrator on the network where the email originated. The idea here is that the admin of any ISP wants to know when their network is being abused and can stop that spammer from further abuse.
When using SpamCop, you get to see the email addresses of the ISPs they are notifying. Here is a very small sampling of the ISPs where my spam notifications were sent:
How To Use SpamCop
I highly recommend that you look over the SpamCop webpage because you will see, for example, that you will be submitting your spam anonymously. Also, some FAQs could be helpful to you.
1. Go to the link shown above and complete the section labeled “Register for the Free Reporting Service”. Then click on the “Send authorization email” link.
2. When you receive the authorization email, it should look like the image below:
3. Log in to SpamCop by clicking on the link under “Cookie log-in” shown above in the authorization email. It will take you to a webpage with this:
4. Enter the Username and Password from the authorization email and choose the length of time that you want the Login to last. I like going to the max by choosing “1 year”, but feel free to choose however long you want to stay logged in. Then click on the “Login” button.
5. The next webpage you see will have a line that looks like this:
Copy the SpamCop email address (sample is shown above) on this webpage. This is where you will be sending all your spam.
6. In whichever email system you are using, create a new Contact called “SpamCop Forwarding”, or any other name that makes sense to you, and give this contact the email address you received in Step 5 above.
NOTE: All of the above steps are essentially a one-time process. The steps below are what you will do whenever you want to get your spam reported back to the ISP admins for the server from whence they came.
ALSO NOTE: SpamCop has an expiration date for the spam you forward to them. If you don’t forward the spam emails within 48 hours of receipt, SpamCop will reject them. So it would be a good idea to check and forward your spam at least once a day.
7. Get into your email account and click on your Spam folder. As mentioned previously, I’m showing Gmail for this example but ANY email system that allows you to forward emails as attachments will work fine. Do NOT try forwarding the spam email itself to SpamCop because that changes the email header that SpamCop needs. You must forward all spam as one or more attachments to an email. Doing so is simple in Windows using Gmail. However, I’ve been unable to forward emails as attachments from Gmail on my Android phone. If you can figure out how to do that, please let us know in the Comments section below.
8. Once you see your spam in the Spam folder, look it over to make sure it’s all spam. Then follow the steps shown below.
1- Click on the check box to choose all the spam.
2- Click on the three vertical dots, OR it might be a “More” button.
3- Click on “Forward as attachment”.
9. At this point you are ready to send your email with attachments to SpamCop. Since you created the contact for “SpamCop Forwarding” in step 6 above, start typing it in the “To” field and you can then send it. Note that the email you will be sending does NOT have a subject line and the body of the email will be empty, so Gmail will ask you “Send this message without a subject or text in the body?”. Confirm the request and it will be sent.
10. In as little as 2 minutes or as many as 15 minutes, you will receive an email back from the SpamCop Autoresponder that has a section that looks like the image below. In this example, two spam emails were reported so there are two links that you must use to send an email anonymously to each associated ISP admin. There will be as many spam links as you had spam. Simply click on the first link and it will open a separate tab in your default browser. You can then go back to the Autoresponder email and click on the next link. When done with clicking on all the Autoresponder spam links, your browser will have as many tabs open as you had spam.
11. This last step is to go to your browser with the open tabs (one for each spam). Then click on a tab and page down until you see a box that looks like the image below:
If you don’t see the “Additional notes” box shown above, you may see a statement that says “ISP has indicated spam will cease; ISP resolved this issue sometime after …” in red near the bottom of the webpage. That’s a GOOD thing. It means this spam sender has already been silenced at that ISP.
If you do see the box shown above, click on the “Send Spam Report(s) Now” button and the email will be sent to the admin of the server from whence it came. Repeat this step for each tab in your browser and you’ll be done.
I know that the repeatable steps above (steps 7 through 11) may seem daunting. However, once you’ve done it a few times it goes quite quickly. Somehow, it feels great to know that you are silencing spammers. If you are willing to try it, please don’t expect overnight results. Don’t be discouraged if it takes a few weeks before you see results. If you try it, please come back here and let us know in the Comments how it worked for you.
10 thoughts on “How To Manage Spam With SpamCop”
Great article! I am in the exact same situation! Google’s spam system catches legitimate emails and the efforts of going through the spam folder every day is like not having a spam filter. Plus Gmail’s “not spam” option doesn’t seem to learn either as it repeatedly block the same sender even after I marked the emails as “not spam.” Someone recommended spamcop to me and I used it consistently for about a week and then suddenly the spam amount dropped – almost identical to your experience and graph. Given how most spammers scatter their spam hosting/sending efforts across multiple platforms, this system is high effective at parsing through the header and email body, versus us doing it manually, to identify each and every platform. I also like it that it identify each link/url in the email, and notify every platform involved. It’s definitely a very good tool to use.
Thanks for writing. I’m very glad that it also worked for you. I actually like the feeling of stopping the spammers rather than just filtering spam. In any case, now I’m receiving one spam every two or three days and it’s no problem pulling my real emails out of the spam.
As to why Gmail doesn’t do a better job preventing real email going to spam again and again after you mark it as “not spam”, I don’t know. However, creating contacts for these misdirected real emails should work.
I tried this out and it cut down my spam emails to about 3 a day after 4 weeks. But just recently I started getting a huge increase in spam between 75-100 a day now. It’s way too many to try and report so I just gave up. Maybe I angered the spam gods with my previous reports…….
I’m very sorry that you had to give up on SpamCop, but I completely understand. My peak in trying SpamCop for this article was 71 spams and that was stretching how much effort I was willing to put into trying out SpamCop for the article. If it had hit that or higher the next day, I would have either quit writing the article or written it saying “don’t bother with SpamCop”. However, it dropped stupendously the next day and stayed there, making it worthwhile in this case.
Best of luck.
Me, too. They are coming back again. I have noticed the server used changed. I believe SpamCop does work and the system admin from the previous reports did block/disable those sender accounts and they have now moved onto other hosting companies. It seems are they are mostly in Russia now.
I agree based on my data and trend. Reporting to SpamCop actually increases spam. It did initially show result for a few days but it then bounces and get much worth than before. I think the ISPs are passing the reports to the senders and the spammers would just use the report as validation that the email address is validate and they amplify the effort to spam those email addresses.
If you read the Cisco SpamCop website it says:
“SpamCop will parse the headers of unwanted email and (if all goes well) phrase a complaint to the system administrator responsible for the spammer’s internet access. This complaint will be addressed from a blind SpamCop.net email address, however any responses to that address will be routed to the email address you have provided with your SpamCop account.”
The part that says “will be addressed from a blind SpamCop.net email address” means that the ISPs that send the spam do not have any way to connect to your email address. If your spam is increasing from various ISPs, it is likely increasing for everyone from those ISPs. I think that some of your recent spam increase is because some ISP administrators may be more interested in profit than dropping spam accounts as reported by SpamCop.
I did read that. They only remove your email address in the header, in the report the ISP. If the spammer embedded your email address as encoded as a part of the body of the text, then SpamCop does not and will not remove it. This is what’s happening… SPAMCop is a different form of confirmation of the email address if the spammer is clever enough to embed some type of tracking data, just as clicking on a “unsubscribe” link. Lesson learned… best not use SPAMCop….
Very interesting. It does sound plausible that the spammer could encode the email address as a part of the body of the header. For what purpose? Money is what they are looking for, not retribution for reporting spam. In any case, have you looked for your email address in any spam headers? If so, I’d love to know what you found, or didn’t find.
I can say that it is typical for me to get very few spams, but when they peak and I continue to report them with SpamCop, they always subside.
I inspected t several of my reports. SpamCop indeed removes the email address from the header but the body of the report contains the original email in raw form and my email address or some partial of it are visible. I assume when the report is submitted to the ISP or platform vendor, and they would have to share it with the owner as a basis to issue stop order or otherwise terminate their account. If the spammer is evil, they would amplify spamming the reporter in order to cause them to give up and not report the spam as Brian suggested. My spam amount is increasing at a very high rate, the more I report, the worse it gets…so I incline to agree with Brian’ reasoning.