fetchmail-friends
[Top] [All Lists]

RE: [fetchmail] Is this a spam attempt??

2002-09-08 01:04:14


Given a copuple of things from the header I'd say it was.

I treat mail emanating from Korea Telecom as suspect. It's usually UCE, 
IME.

This one came from 218.153.219.16 and "helo=test.com"...??? UCE for sure.

X-Mailer  EVAMAIL 1.5 is another give away.  IME the use of EVAMAIL makes 
it UCE for sure. A lot of places bit-bucket e-mail just for mentioning 
EVAMAIL in the header.



Ooroo
Mark F...

Another Optus Cable Traffic Monitor.
http://www.members.optushome.com.au/forsythm/traff/

On Sunday, September 08, 2002 5:26 PM, Stephen Watts 
[SMTP:wizard(_at_)megawatts(_dot_)org] wrote:
Below is an e-mail I just received that raised some concerns, esp. the 
following 2 lines since they contain my name:
                                        Sender: 
fetchmail-friends-bounces+wizard=megawatts(_dot_)org(_at_)lists(_dot_)ccil(_dot_)org
                                        Errors-To: 
fetchmail-friends-bounces+wizard=megawatts(_dot_)org(_at_)lists(_dot_)ccil(_dot_)org
And a tracert has some interesting results.


COPY of e-mail:

Received: (qmail 23674 invoked from network); 8 Sep 2002 06:09:54 -0000
Received: from mx2.dnsvr.com (207.228.253.52)
  by firewall5.megawatts.org (66.217.100.141) with ESMTP; 08 Sep 2002 
06:09:54 -0000
Received: from venus.ccil.org (venus.ccil.org [192.190.237.116])
 by mx2.dnsvr.com (Postfix) with ESMTP id C7F0B80A5D
 for <wizard(_at_)megawatts(_dot_)org>; Sun,  8 Sep 2002 01:33:35 -0400 (EDT)
Received: from localhost ([127.0.0.1]:1434 helo=venus.ccil.org)
 by venus.ccil.org with esmtp (Exim 4.04 #2 (Debian))
 id 17nuhZ-0005co-00
 for <wizard(_at_)megawatts(_dot_)org>; Sun, 08 Sep 2002 01:33:41 -0400
Received: from mercury.ccil.org ([192.190.237.100]:42872)
 by venus.ccil.org with esmtp (Exim 4.04 #2 (Debian))
 id 17nEZQ-0004iI-00
 for <fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org>; Fri, 06 Sep 2002 
04:34:28 -0400
Received: from [218.153.219.16] (helo=test.com)
 by mercury.ccil.org with smtp (Exim 3.35 #1 (Debian))
 id 17nEZM-000326-00
 for <fetchmail-friends(_at_)ccil(_dot_)org>; Fri, 06 Sep 2002 04:34:25 -0400
From: Ac?AACo <pentium(_at_)qrio(_dot_)net>
To: <fetchmail-friends(_at_)ccil(_dot_)org>
X-Mailer: EVAMAIL 1.5
Content-Type: text/html; charset=euc-kr
Content-Transfer-Encoding: base64
Message-Id: <E17nEZM-000326-00(_at_)mercury(_dot_)ccil(_dot_)org>
Date: Fri, 06 Sep 2002 04:34:25 -0400
X-Mailman-Approved-At: Sun, 08 Sep 2002 01:24:57 -0400
Subject: [fetchmail] ????c?oc?o??ac?| ?u?Ic?i~?i?i ?E?aAa?i?i?Ec??EYAC
 A?uCO?uiCIc?oAOc?Ic?U{?uiCIc?o??c??Ei}
X-BeenThere: fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org
X-Mailman-Version: 2.1b2+
Precedence: list
List-Id: Fetchmail open-source POP and IMAP client daemon
 <fetchmail-friends.lists.ccil.org>
List-Post: <mailto:fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org>
List-Subscribe: 
<http://lists.ccil.org/mailman/listinfo/fetchmail-friends>,
 
<mailto:fetchmail-friends-request(_at_)lists(_dot_)ccil(_dot_)org?subject=subscribe>
List-Unsubscribe: 
<http://lists.ccil.org/mailman/listinfo/fetchmail-friends>,
 
<mailto:fetchmail-friends-request(_at_)lists(_dot_)ccil(_dot_)org?subject=unsubscribe>
List-Archive: <http://lists.ccil.org/pipermail/fetchmail-friends>
List-Help: 
<mailto:fetchmail-friends-request(_at_)lists(_dot_)ccil(_dot_)org?subject=help>
Sender: 
fetchmail-friends-bounces+wizard=megawatts(_dot_)org(_at_)lists(_dot_)ccil(_dot_)org
[lossy compression]

<Prev in Thread] Current Thread [Next in Thread>