spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Cole" <>
Subject Re: Spam URLs based on my email address!
Date Fri, 30 Sep 2016 03:59:47 GMT
On 29 Sep 2016, at 8:16, Mark London wrote:

> This was a email message sent to my account.  
> Note the hostname of! - Mark
> <html>
> <img 
> SrC="!uvobp/ralzgcsh~v/

Nothing new and easily done with a DNS wildcard:

$ host is an alias for has address mail is handled by 10

$ host is an alias for has address mail is handled by 10

More interesting to me:

There are weird patterns in the HTML you posted which match patterns I 
have in quite strong and rather old custom rules that I use on my own 
mail systems and systems I manage for others. Those rules are almost 
pointless *for those sites* these days, hitting a few times per month on 
average in 2016 across a half dozen systems with many thousands of 
messages reaching content filters daily. Those systems also reject the 
overwhelming majority of SMTP sessions at RCPT or earlier well before 
content filtering. This makes me wonder: where did that mail come from? 
I know that content, I've known that content for a decade, so I have to 
believe that most mail admins who don't have my level of narcissism have 
also noticed it and quietly have been tossing it for years. Apparently 
that does not include the geniuses at Google...

So, anyway, where did that crap come from?

View raw message