Jump to content

Interesting Header


emanmb

Recommended Posts

Nowadays that Yahoo has screwed up easily reporting spam, I cut and paste the dang headers to fwd to SC.

I noticed, and have seen this once before, the most "interesting" header. I've deleted it down to the most interesting part . :D Email source was warpdrive.net .

From: "Mr Mark Lee" <jing[at]mywdo.com>

Subject:

Date: Sun, 14 Sep 2008 06:22:29 -0400

Message-ID: <web-1298984[at]gamma.mail.uscable.net>

MIME-Version: 1.0

Content-Type: text/plain;charset=iso-8859-1;format="flowed"

Content-Transfer-Encoding: 8bit

Rule breakdown below

pts rule name description

---- ---------------------- --------------------------------------------------

1.58 MISSING_HEADERS Missing To: header

0.17 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

1.28 MISSING_SUBJECT Missing Subject: header

0.00 TO_CC_NONE No To: or Cc: header

0.00 ADVANCE_FEE_1 Appears to be advance fee fraud (Nigerian 419)

1.00 BSF_SC0_TG076 Custom Rule TG076

Content-Length: 663

Link to comment
Share on other sites

Not sure that there's much interest for me. At best, one could simply go with that the wanna-be spammer sent this e-mail out before filling in any data except for the link to his/her list of BCC: addresses. Stupidity, hit a button by mistake, whatever. Maybe I missed your real point?

Link to comment
Share on other sites

Not sure that there's much interest for me. At best, one could simply go with that the wanna-be spammer sent this e-mail out before filling in any data except for the link to his/her list of BCC: addresses. Stupidity, hit a button by mistake, whatever. Maybe I missed your real point?

It is the listing of spam flags in the header that I found interesting.

1.58 MISSING_HEADERS Missing To: header

0.17 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

1.28 MISSING_SUBJECT Missing Subject: header

0.00 TO_CC_NONE No To: or Cc: header

0.00 ADVANCE_FEE_1 Appears to be advance fee fraud (Nigerian 419)

1.00 BSF_SC0_TG076 Custom Rule TG076

I am curious where they are generated as the spam made it's way to me. Even though they are there, it went to my Yahoo inbox. :wacko:

We see so many typical headers everyday but this portion of the header catches ones eye even in the hurry to report it. Maybe it's just "meh" as they say, but in the minutia of spam and all that, it stood out.

Link to comment
Share on other sites

...I am curious where they are generated as the spam made it's way to me. Even though they are there, it went to my Yahoo inbox. :wacko:

We see so many typical headers everyday but this portion of the header catches ones eye even in the hurry to report it. Maybe it's just "meh" as they say, but in the minutia of spam and all that, it stood out.

Curious indeed - Yahoo doesn't let much spam through so 'they' say. I haven't seen any on my account. You don't see these headers often - what sort of proportion? Maybe this is a rare instance of something momentarily broken on a Yahoo server so it tagged the spam but unaccountably didn't act on it. Any harsh filtering has to generate a lot of commentary at some stage in the cycle to allow trouble shooting and fine tuning but usually that data would not be passed along to the general public (even when negative for spam) so as to keep the 'rules' a trifle obscure from spammers.

Nobody has come to the fore to the contrary, saying things like "common as pigeon poo on Nelson's noggin before Red Ken poisoned the little buggers," (OWTTE) so I'm guessing these really are rare and I'm going with the thought they would normally be scrubbed or the spam dropped. And talking about them has just aided 40,000 419'ers immeasurably. :D Just a thought ...

Link to comment
Share on other sites

I hope they haven't been aided here, assuming they can read. :lol:

I posted elsewhere on SC a while back as to how it was nice that att/yahoo has all but eliminated spam in the inbox or bulk mail folder. (KNOCKING ON WOOD) They lost it for a few weeks and the flood gates were opened for a while, but I complained and mb that actually helped. (haha)

Free yahoo, where this odd spam came from, hasn't been as good at it. I get a lot of what I guess can be called 419'ers spam in that inbox and bulk folder on my free yahoo acct. which I use for a lot of email lists I belong to. (good way to get spammed)

Link to comment
Share on other sites

Is there ANY way to report spam from yahoo now??? If so, can someone spell it out for me?

(And no, holding down ctrl does not work on a mac.)

I have a free email account with Yahoo I went back to the "Classic" version so I still have the forward as attachment option (in the Forward pull down of IE7, Safari, and FireFox under MS Vista).

Other than that, manual reporting grabbing the full headers then the body and pasting each part into the form.

Link to comment
Share on other sites

Is there ANY way to report spam from yahoo now??? If so, can someone spell it out for me?

(And no, holding down ctrl does not work on a mac.)

Way too many existing Topics/Discussions on that subject already, so there is no need to hijack yet another Topic. As you 'know' about holding down the CTRL key, does this mean that you have or have not read any/all of those other existing Topics? Several folks also use Macs in those other Discussions.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...