Combining pkg and "traditional ports" --> spam
erichsfreebsdlist at alogt.com
Wed Jan 15 06:57:18 UTC 2014
On Wed, 15 Jan 2014 07:27:38 +0100
Polytropon <freebsd at edvax.de> wrote:
> On Wed, 15 Jan 2014 14:23:25 +0800, Erich Dollansky wrote:
> > I just noticed a new method spammers are using. I have answered to
> > this e-mail and get then from outside the mailing list spam to the
> > account I use at the mailing list.
> Same here, right after I posted the question in Subject.
> > Of course, this means that some people are harvesting now addresses
> > in real-time and send out spam. As nobody knows the address of the
> > harvester, not much can be done.
> The spam comes from a "Hotmail" account, but that doesn't
> say anything (except it's a typical throwaway "valid" address).
> The originator is probably a dedicated or hijacked system
> at paradoxumstore.com.br, considering the message headers...
> Do you have similar data?
it must be something taken over:
Return-path: <SRS0=p4NZ=WV=hotmail.com=casey4nsa at srs.kundenserver.de>
Envelope-to: erichsfreebsdlist at alogt.com
Delivery-date: Tue, 14 Jan 2014 23:34:29 -0700
Received: from moutng.kundenserver.de ([184.108.40.206]:62958)
by sl-508-2.slc.westdc.net with esmtps (TLSv1:RC4-SHA:128)
<SRS0=p4NZ=WV=hotmail.com=casey4nsa at srs.kundenserver.de>) id
1W3K3X-00070n-Of for erichsfreebsdlist at alogt.com; Tue, 14 Jan 2014
23:34:28 -0700 Received: from CLOUD-8642 (mail02.paradoxumstore.com.br
[220.127.116.11]) by mrelayeu.kundenserver.de (node=mrbap2) with ESMTP
(Nemesis) id 0MCfv0-1WBXFa100g-009qHm; Wed, 15 Jan 2014 07:34:26 +0100
kundenserver.de is or was 1 & 1.
I do not think that it is an open SMTP server.
I like the name casey4nsa.
More information about the freebsd-questions