SpamCop parses the headers of unwanted email and composes a complaint to the system administrator responsible for the spammer's internet access. This complaint is addressed as from user, who can review and edit the complaint before it sending it.
SpamCop's philosophy is that Network administrators don't usually know that spammers are abusing their networks but most administrators are interested to learn of abuse, and they will often take action against the people responsible.
Since it is usually too difficult to figure out who was responsible for any one email, particularly with the advanced techniques that professional spammers use to hide their identity. However, the key to this puzzle is the combination of the IP address of the sender and the time and date at which the mail was sent. These two pieces of information can lead an administrator back to the user who actually sent the mail.
SpamCop uses a combination of Unix utilities (dig, nslookup, finger) to cross-check all the information in an email header and find the email address of the administrator on the network where the email originated. It then formulates a polite request for discipline, including all the information the admin needs to track down the user responsible.
Should the offending network fail to act, then the filters are used.