patrickg Posted March 19, 2009 Share Posted March 19, 2009 I received a spam this morning that spam cop reports as "Nothing to do" after submitting for parsing. The spam is disguised as a Delivery Notification Failure and was emailed to me from what appears to be a legitimate ISP - and it had no problems passing our spamassassin filter. However, what makes it strange is, it is plainly a spam for the dreaded V drug with image src links and links to site all intact. Other than in the final (actual) header where it is addressed to me (patjr_at_galadv_dot_com) nowhere else in the presumably forged prior headers is my IP or domain mentioned which would implicate the final sender (in my small mind anyway). Here is the tracking url: http://www.spamcop.net/sc?id=z2712492826z6...d388067cf33c7bz My question is can the spamcop parsing engine be defeated by simply disguising a spam as a Delivery Notification Failure? Has this been addressed in the past? - I was unable to find anything exactly like this, my apologies if so. I had some time, I'm curious and I figured I'd post, thanks for taking a look. Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.