Jump to content
Sign in to follow this  
craigt

Yesterday I couldn't spell "s-p-a-m-u-r" and today I are one...

Recommended Posts

I've gotten several hundred of the following spams today -- there is apparently no point at all in the spammer sending these things (no links, no email addresses, no point).

Some of these guys would lose in a contest of wits with a rock....

X-Apparently-To: me[at]myplace.grz via 209.191.90.77; Thu, 22 Mar 2007 17:40:07 -0700

X-YahooFilteredBulk: 72.255.2.131

X-Originating-IP: [72.255.2.131]

Authentication-Results: mta109.biz.mail.re3.yahoo.com from=kickboxing.com; domainkeys=neutral (no sig)

Received: from 72.255.2.131 (EHLO 72-255-2-131.client.stsn.net) (72.255.2.131)

by mta109.biz.mail.re3.yahoo.com with SMTP; Thu, 22 Mar 2007 17:40:07 -0700

Received: from 64.34.104.66 (HELO mail.kickboxing.com)

by myplace.grz with esmtp (0FA0F2/-+ N?1X)

id *6/680-0MH6,0-ND

for dillweed[at]myplace.grz; Fri, 23 Mar 2007 01:38:38 +0500

From: "Dallas Glass" <fibbingdraws[at]kickboxing.com>

To: <dillweed[at]myplace.grz>

Subject: anti-spammers are lamers

Date: Fri, 23 Mar 2007 01:38:38 +0500

Message-ID: <01c76ceb$fac61b70$6c822ecf[at]fibbingdraws>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0006_01C76CC2.11F01370"

X-Mailer: Microsoft Office Outlook, Build 11.0.6353

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409

Thread-Index: Aca6QK0O0GAL3>0(3(64;>49.,8OJ3==

X-PM-PLACEHOLDER: .

This is a multi-part message in MIME format.

------=_NextPart_000_0006_01C76CC2.11F01370

Content-Type: text/plain;

charset="iso-8859-1"

Content-Transfer-Encoding: 7bit

subj

regards, spammer.

------=_NextPart_000_0006_01C76CC2.11F01370

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office"=20=

xmlns:w=3D"urn:schemas-microsoft-com:office:word"=20=

xmlns=3D"http://www.w3.org/TR/REC-html40">

<head>

<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; charset=3Diso-8859-1">

<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">

</head>

<body>

subj<br>

<br>

regards, spammer.

</body>

</html>

------=_NextPart_000_0006_01C76CC2.11F01370--

Share this post


Link to post
Share on other sites
I've gotten several hundred of the following spams today -- there is apparently no point at all in the spammer sending these things (no links, no email addresses, no point). ...
Seems to me like you're famous enough to have personally ticked off some spammer somewhere. Relish it, apparently rare these days and a certain sign you're doing some good, if it is "personal".

Share this post


Link to post
Share on other sites

What an idiot. All he is doing is announcing his zombie IPs to you so they can get blacklisted before he even has an opportunity to use them for sending spam.

Share this post


Link to post
Share on other sites

Could be just a spammer testing out his sending system to make sure it was working, a trial run, so to speak. I have occasionally seen messages that were spam messages and the spammer either forgot to include a link to the product they were hocking, or fudged it. Essentially, they sent out a batch of messages that were totally erroneous, probably due to their lack of technical inexperience.

Usually these spammers use a software suite that will send out the messages for them, it will run through their botnets/zombies and send out the emails for them, so they can just set it up and just let it do its work. With the amount of available IPs for spammers to pick from, its highly likely that they wouldn't care if anyone picked up on their first IP(s) used to send out an email, since they can rotate them so frequently. That's my guess. Or, it could be a revenge hit/mail bomb attack.

Share this post


Link to post
Share on other sites

I tend to lean toward the "idiot" conclusion -- I still run a 'catchall' box in my mail system so getting a couple hundred of anything is pretty common. E.g., my overnight mail consisted of approximately 60 spams in real mailboxes and 1700 in the catchall; about 3 minutes to send the entire mess off for 'quick' reporting.

Share this post


Link to post
Share on other sites
I tend to lean toward the "idiot" conclusion -- I still run a 'catchall' box in my mail system so getting a couple hundred of anything is pretty common. E.g., my overnight mail consisted of approximately 60 spams in real mailboxes and 1700 in the catchall; about 3 minutes to send the entire mess off for 'quick' reporting.
Thanks for the explication craigt, glad you've got youself so well covered against this sort of abuse. And I should add, I'm glad you're soaking up so much of this/these spammers effort and feeding the BL as well. Idiot or genius those little spammer wheels are just spinning.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×