Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > blank spam... whats happening

Reply
Thread Tools

blank spam... whats happening

 
 
whoisthis
Guest
Posts: n/a
 
      12-22-2004
For weeks now I keep getting a blank spam, no subject, no message. The
whole thing is copied below. Anyone got any suggestions how to stop the
wanker ?




From (null) Wed Dec 22 19:56:08 2004
Return-Path: <(E-Mail Removed)>
Received: from mta7-rme.xtra.co.nz ([210.86.15.143])
by mta204-rme.xtra.co.nz with ESMTP
id <(E-Mail Removed)>;
Wed, 22 Dec 2004 19:04:59 +1300
Received: from dsl-201-128-81-208.prod-infinitum.com.mx
([201.128.81.208])
by mta7-rme.xtra.co.nz with SMTP
id
<(E-Mail Removed)-inf
initum.com.mx>;
Wed, 22 Dec 2004 19:04:57 +1300
Received: from dns0[1
Message-Id:
<(E-Mail Removed)-inf
initum.com.mx>
Date: Wed, 22 Dec 2004 19:04:59 +1300
 
Reply With Quote
 
 
 
 
Adder
Guest
Posts: n/a
 
      12-22-2004
In article <(E-Mail Removed)> in nz.comp on Wed,
22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> For weeks now I keep getting a blank spam, no subject, no message. The
> whole thing is copied below. Anyone got any suggestions how to stop the
> wanker ?


are you sure it doesn't contain a dropped attachment (virus)?


>
>
>
>
> From (null) Wed Dec 22 19:56:08 2004
> Return-Path: <(E-Mail Removed)>
> Received: from mta7-rme.xtra.co.nz ([210.86.15.143])
> by mta204-rme.xtra.co.nz with ESMTP
> id <(E-Mail Removed)>;
> Wed, 22 Dec 2004 19:04:59 +1300
> Received: from dsl-201-128-81-208.prod-infinitum.com.mx
> ([201.128.81.208])
> by mta7-rme.xtra.co.nz with SMTP
> id
> <(E-Mail Removed)-inf
> initum.com.mx>;
> Wed, 22 Dec 2004 19:04:57 +1300
> Received: from dns0[1
> Message-Id:
> <(E-Mail Removed)-inf
> initum.com.mx>
> Date: Wed, 22 Dec 2004 19:04:59 +1300
>

 
Reply With Quote
 
 
 
 
Adder
Guest
Posts: n/a
 
      12-22-2004
In article <(E-Mail Removed)> in nz.comp on Wed,
22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> For weeks now I keep getting a blank spam, no subject, no message. The
> whole thing is copied below. Anyone got any suggestions how to stop the
> wanker ?


are you sure it doesn't contain a dropped attachment (virus)?


>
>
>
>
> From (null) Wed Dec 22 19:56:08 2004
> Return-Path: <(E-Mail Removed)>
> Received: from mta7-rme.xtra.co.nz ([210.86.15.143])
> by mta204-rme.xtra.co.nz with ESMTP
> id <(E-Mail Removed)>;
> Wed, 22 Dec 2004 19:04:59 +1300
> Received: from dsl-201-128-81-208.prod-infinitum.com.mx
> ([201.128.81.208])
> by mta7-rme.xtra.co.nz with SMTP
> id
> <(E-Mail Removed)-inf
> initum.com.mx>;
> Wed, 22 Dec 2004 19:04:57 +1300
> Received: from dns0[1
> Message-Id:
> <(E-Mail Removed)-inf
> initum.com.mx>
> Date: Wed, 22 Dec 2004 19:04:59 +1300
>

 
Reply With Quote
 
whoisthis
Guest
Posts: n/a
 
      12-22-2004
In article <(E-Mail Removed) >,
Adder <(E-Mail Removed)> wrote:

> In article <(E-Mail Removed)> in nz.comp on Wed,
> 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> > For weeks now I keep getting a blank spam, no subject, no message. The
> > whole thing is copied below. Anyone got any suggestions how to stop the
> > wanker ?

>
> are you sure it doesn't contain a dropped attachment (virus)?
>


Hmm, guess its possible but I thought that there would have been a
header to say there was an attatchment.
 
Reply With Quote
 
whoisthis
Guest
Posts: n/a
 
      12-22-2004
In article <(E-Mail Removed) >,
Adder <(E-Mail Removed)> wrote:

> In article <(E-Mail Removed)> in nz.comp on Wed,
> 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> > For weeks now I keep getting a blank spam, no subject, no message. The
> > whole thing is copied below. Anyone got any suggestions how to stop the
> > wanker ?

>
> are you sure it doesn't contain a dropped attachment (virus)?
>


Hmm, guess its possible but I thought that there would have been a
header to say there was an attatchment.
 
Reply With Quote
 
Chris Hope
Guest
Posts: n/a
 
      12-22-2004
whoisthis wrote:

> In article <(E-Mail Removed) >,
> Adder <(E-Mail Removed)> wrote:
>
>> In article <(E-Mail Removed)> in nz.comp on
>> Wed, 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
>> > For weeks now I keep getting a blank spam, no subject, no message.
>> > The whole thing is copied below. Anyone got any suggestions how to
>> > stop the wanker ?

>>
>> are you sure it doesn't contain a dropped attachment (virus)?
>>

>
> Hmm, guess its possible but I thought that there would have been a
> header to say there was an attatchment.


I've been getting heaps of the same - spam type messages with no body. I
don't have any anti virus software or anything on my server which would
strip the body or attachments out either. The most annoying thing is
that because there's no real content to the message the spam software I
have running on my mail server can't determine that it's spam...

--
Chris Hope - The Electric Toolbox - http://www.electrictoolbox.com/
 
Reply With Quote
 
Chris Hope
Guest
Posts: n/a
 
      12-22-2004
whoisthis wrote:

> In article <(E-Mail Removed) >,
> Adder <(E-Mail Removed)> wrote:
>
>> In article <(E-Mail Removed)> in nz.comp on
>> Wed, 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
>> > For weeks now I keep getting a blank spam, no subject, no message.
>> > The whole thing is copied below. Anyone got any suggestions how to
>> > stop the wanker ?

>>
>> are you sure it doesn't contain a dropped attachment (virus)?
>>

>
> Hmm, guess its possible but I thought that there would have been a
> header to say there was an attatchment.


I've been getting heaps of the same - spam type messages with no body. I
don't have any anti virus software or anything on my server which would
strip the body or attachments out either. The most annoying thing is
that because there's no real content to the message the spam software I
have running on my mail server can't determine that it's spam...

--
Chris Hope - The Electric Toolbox - http://www.electrictoolbox.com/
 
Reply With Quote
 
whoisthis
Guest
Posts: n/a
 
      12-22-2004
In article <cqb95d$3fe$(E-Mail Removed)>,
Chris Hope <(E-Mail Removed)> wrote:

> whoisthis wrote:
>
> > In article <(E-Mail Removed) >,
> > Adder <(E-Mail Removed)> wrote:
> >
> >> In article <(E-Mail Removed)> in nz.comp on
> >> Wed, 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> >> > For weeks now I keep getting a blank spam, no subject, no message.
> >> > The whole thing is copied below. Anyone got any suggestions how to
> >> > stop the wanker ?
> >>
> >> are you sure it doesn't contain a dropped attachment (virus)?
> >>

> >
> > Hmm, guess its possible but I thought that there would have been a
> > header to say there was an attatchment.

>
> I've been getting heaps of the same - spam type messages with no body. I
> don't have any anti virus software or anything on my server which would
> strip the body or attachments out either. The most annoying thing is
> that because there's no real content to the message the spam software I
> have running on my mail server can't determine that it's spam...


I think that is maybe the point, are they using blank messages to probe
for weaknesses in peoples mail filters ?
 
Reply With Quote
 
whoisthis
Guest
Posts: n/a
 
      12-22-2004
In article <cqb95d$3fe$(E-Mail Removed)>,
Chris Hope <(E-Mail Removed)> wrote:

> whoisthis wrote:
>
> > In article <(E-Mail Removed) >,
> > Adder <(E-Mail Removed)> wrote:
> >
> >> In article <(E-Mail Removed)> in nz.comp on
> >> Wed, 22 Dec 2004 19:59:08 +1300, whoisthis <(E-Mail Removed)> says...
> >> > For weeks now I keep getting a blank spam, no subject, no message.
> >> > The whole thing is copied below. Anyone got any suggestions how to
> >> > stop the wanker ?
> >>
> >> are you sure it doesn't contain a dropped attachment (virus)?
> >>

> >
> > Hmm, guess its possible but I thought that there would have been a
> > header to say there was an attatchment.

>
> I've been getting heaps of the same - spam type messages with no body. I
> don't have any anti virus software or anything on my server which would
> strip the body or attachments out either. The most annoying thing is
> that because there's no real content to the message the spam software I
> have running on my mail server can't determine that it's spam...


I think that is maybe the point, are they using blank messages to probe
for weaknesses in peoples mail filters ?
 
Reply With Quote
 
Ralph Fox
Guest
Posts: n/a
 
      12-22-2004
On Wed, 22 Dec 2004 19:59:08 +1300, in message
<(E-Mail Removed)>, whoisthis wrote:

> For weeks now I keep getting a blank spam, no subject, no message. The
> whole thing is copied below.


Evidently e-mailed by a buggy piece of spamware.
I get ones like it too.


> Anyone got any suggestions how to stop the
> wanker ?


Stop the spam or stop the spammer?

• The spam

The message-id was added by Xtra (because the message lacked one
when it arrived on Xtra's mail server), but the message was not
posted by Xtra.

Filter on that combo, if your email filters have that capability.

• The spammer

The IP address 201.128.81.208 _is_ dsl-201-128-81-208.prod-infinitum.com.mx.

It could be the spammer itself, but just as likely it is an 0wn3d pc
running a spammer email proxy.

You could try sending an email to abuse at uninet.net.mx
with the headers of the email.


> From (null) Wed Dec 22 19:56:08 2004


'From ' separator line added by your email program.

> Return-Path: <(E-Mail Removed)>


Return-Path address provided by spammer (in the SMTP envelope).

> Received: from mta7-rme.xtra.co.nz ([210.86.15.143])
> by mta204-rme.xtra.co.nz with ESMTP
> id <(E-Mail Removed)>;
> Wed, 22 Dec 2004 19:04:59 +1300
> Received: from dsl-201-128-81-208.prod-infinitum.com.mx
> ([201.128.81.208])
> by mta7-rme.xtra.co.nz with SMTP
> id
> <(E-Mail Removed)-inf
> initum.com.mx>;
> Wed, 22 Dec 2004 19:04:57 +1300


Two 'Received' headers added by Xtra mail server when the email was received.


> Received: from dns0[1


Börked 'Received' header added by the buggy spam program.
Possibly the spamware was attempting to fabricate a 'received' header.

The original spammer's message appears to have been chopped off at this point.


> Message-Id:
> <(E-Mail Removed)-inf
> initum.com.mx>


Message-ID header added by Xtra because the original message did not have one.
Note message-ID contains mta?-rme.xtra.co.nz@ where the ? is 0-9.


> Date: Wed, 22 Dec 2004 19:04:59 +1300


Date header added by Xtra because the original message did not have one.
Note NZDT time zone +1300, not a Mexican time zone.



--
Cheers,
Ralph

"There is only one boss, the customer. And he can fire everybody in
the company from the chairman on down, simply by spending his money
somewhere else." -- Sam Walton
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
"Whats Happening" Computer Program (showed what's running on a PC at a given time): Where To Find ? Robert11 Computer Support 1 12-05-2004 01:51 AM
Whats Happening ???? Lonnie Reynolds Computer Support 1 01-19-2004 01:58 AM
Whats happening to my router? Bryan Martin Cisco 5 01-10-2004 01:23 AM
Whats happening, more probs area 51 Computer Support 0 09-02-2003 05:30 AM



Advertisments