Jump to content

Spam Size

axxx007

By axxx007
in SpamCop Lounge

Recommended Posts

Wazoo What Life?

Wazoo

Posted
Posted

Does it help if I describe your 290k spew as;

A couple of lines of text, a URL, and a graphic? Actual spam is a three section HTML job, a plain text advertising rexr section, the URL being a Base-64 encoded java scri_pt routine to stich together the URL for display, and then the included graphic. Sources seem to be the never-ending pool of compromised end-user systems, either cable or DSL connections. I must say, apparently no discrimination involved either, IPs are from all around the world. That there were 6 of these in one account a few days ago from ComCast IP blocks that lead to another post elsewhere that only the first (manual*) complaint made it through, the remainder getting a bounced/rejected message due to the "abuse" InBox being "full" was probably just a coincidence <g>

No, I'd have to say you were just special in receiving spam like these <g>

* Manual because the SpamCop parser doesn't do the java scri_pt decoding, as a free reporter, I can't add complaint targets, and have noted that some of the complaint targets are those self-same idiotic ISPs that "refuse" SpamCop reports .....

Link to comment
Share on other sites
axxx007 Member

axxx007

Posted
  • Author
Posted

Thanks for this info....it is useful. :)

No, I'd have to say you were just special in receiving spam like these <g>

I am special :D

I do appreciate the info.  I just find it hard to think that these huge spams are going about....the wasted bandwidth!!

Link to comment
Share on other sites
glang1@hotmail.com Newbie

glang1@hotmail.com

Posted
Posted

Recently I have been getting spams that have base64 encoded attachments with the Spamvertized website URL scripted in such a fashion that SpamCop is NOT able to parse it. I have added an decoded example.

<HTML><HEAD>

<scri_pt LANGUAGE="java scri_pt"><!--

var a= "http://"

var b= "www."

var c= "ext"

var d= "reme"

var e= "di"

var f= "etnet."

var g= "com"

var h= a+b+c+d+e+f+g

function redirect () { setTimeout("go_now()",1000); }

function go_now () { window.location.href = h; }

//--></scri_pt>

</HEAD>

<BODY onLoad="redirect()">

<H1>Please stand by.. Loading Your Herbal PenisEnlarge Website</H1>

<BR>

*****Welcome*****

</BODY></HTML>

How is it best to report this type of spam so the URL gets reported?

Link to comment
Share on other sites
StevenUnderwood What Life?

StevenUnderwood

Posted
Posted
hotmail.com,Apr 12 2005, 04:00 PM]Recently I have been getting spams that have base64 encoded attachments with the Spamvertized website URL scripted in such a fashion that SpamCop is NOT able to parse it. I have added an decoded example.

How is it best to report this type of spam so the URL gets reported?

26467[/snapback]

Since spamcop will not touch java scri_pt, the best way would be to manually LART it. Spamcop comes up with:

Reporting addresses:

network[at]hljtele.com

postmaster[at]hljtele.com

Link to comment
Share on other sites
glang1@hotmail.com Newbie

glang1@hotmail.com

Posted
Posted
Since spamcop will not touch java scri_pt, the best way would be to manually LART it.  Spamcop comes up with:

Reporting addresses:

network[at]hljtele.com

postmaster[at]hljtele.com

26469[/snapback]

Thanks Steven. It is a pain to have to decode this spew in order to report it. Sure wish SpamCop could just take care of it.

I usually report my spam through the web interface where you just paste the whole spam message into a box. Is it kosher to decode these java scripted URL's and add them to the rest of the spam message?

thanks, George

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...