Post Feed
Comment Feed

About Me

My MP3 Player

Dream Theater - Systematic Chaos Dream Theater - Train of Thought Harry Potter and the Prisoner of Azkaban - (audio book) Harry Potter and the Chamber of Secrets - (audio book)

New Comments

2017 Archives

July All Archives...

Idiot Spammers

Wednesday, January 31st, 2007

The only thing they do is pump out email, and some of them can't even get that right. I have now received two spam messages that look like this at my personal email account:

[Unknown Tag *$$cl3* Please Fix]
        [Unknown Tag *$$cl3* Please Fix]
        for <>; Wed, 31 Jan 2007 08:33:27 -0600
[Unknown Tag *$$cl1* Please Fix]
        [Unknown Tag *$$cl2* Please Fix]
        for <>; Wed, 31 Jan 2007 08:33:27 -0600
From: "Sam Schroeder" <>
Reply-To: "Sam Schroeder" <>
Message-ID: <>
Date: Wed, 31 Jan 2007 08:33:27 -0600
To: <>
Subject: <$$text>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit


So instead of his script replacing all the variables in the template and sending it out to millions of people, it just sent the template itself. The [Unknown Tag...] lines near the top are where the fake Received headers go. These are inserted to try to obscure where the message actually came from. They can't totally cover up the the origin of the message but by adding superfluous Received headers they can sometimes confuse dim-witted spam fighters.

Spammers will always use forged From addresses. Sometimes they are just, and sometimes they use real addresses from their lists of recipients. This guy used a hotmail address, which is the second reason he is a total moron. Hotmail, and other big email providers use the Sender Policy Framework (SPF) for their domain names. This basically is a way of saying what servers are authorized to send email with their domain name in the From field. So why would he use a domain name that is known to use a means of detecting forgery? Because he's a moron.

At least he was nice enough to give me the template so I can catch his messages once he figures how to work his spamware.

Make a comment!

Numbers from below


Email Address

Website URL

Remember me