| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <422CDCAC.2060607@securinews.com>
From: seclists at securinews.com (Paul Kurczaba)
Subject: Spam from SecurityFocus outgoing email servers!
Hello list members,
Here is an interesting piece of spam I received that originated
from "205.206.231.27" which resolves to "outgoing.securityfocus.com".
Doing a DNS lookup for "outgoing.securityfocus.com" returns the IP
addresses "205.206.231.27, 205.206.231.26". Has anyone else received
this? Note the IP Address "63.242.122.41" belongs to my email server.
ORIGINAL SPAM EMAIL SOURCE
=========================================================
From - Mon Mar 07 17:35:20 2005
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path:
<security-basics-return-32978-seclists=securinews.com@...urityfocus.com>
X-Envelope-To: seclists@...urinews.com
X-Spam-Status: No, hits=0.0 required=2.0
tests=BAYES_01: -0.6,FORGED_HOTMAIL_RCVD2: 1.884,FROM_ENDS_IN_NUMS:
0.677,
TRACKER_ID: 3.261,WHY_WAIT: 0.149
X-Spam-Level:
Received: from [205.206.231.27] ([205.206.231.27])
by mail.kurczaba.com
for seclists@...urinews.com;
Mon, 7 Mar 2005 17:28:48 -0500
Received: from no.name.available by [205.206.231.27]
via smtpd (for [63.242.122.41] [63.242.122.41]) with ESMTP;
Mon, 7 Mar 2005 14:32:26 -0800
Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing3.securityfocus.com (Postfix) with QMQP
id E540E2376E2; Mon, 7 Mar 2005 14:30:29 -0700 (MST)
Mailing-List: contact security-basics-help@...urityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <security-basics.list-id.securityfocus.com>
List-Post: <mailto:security-basics@...urityfocus.com>
List-Help: <mailto:security-basics-help@...urityfocus.com>
List-Unsubscribe: <mailto:security-basics-unsubscribe@...urityfocus.com>
List-Subscribe: <mailto:security-basics-subscribe@...urityfocus.com>
Delivered-To: mailing list security-basics@...urityfocus.com
Delivered-To: moderator for security-basics@...urityfocus.com
Received: (qmail 13146 invoked from network); 7 Mar 2005 04:20:48 -0000
From: vcoJeremy <wialavwson_24@...mail.com>
To: Jim@...urityfocus.com, Beam@...urityfocus.com
Subject: Cals: Anytme, Anywhere. Be Ready. $3/ea. mpinq
Sender: vcoJeremy <wialavwson_24@...mail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Date: Sun, 6 Mar 2005 22:06:40 -0600
X-Mailer: Microsoft Outlook Express 5.00.2919.6700
X-Eagle-Notice: Sender not 8-bit clean in Subject: C\354al\354s:
Anyt\354me, Anywhere. Be Ready. $3/ea. mpinq
Message-Id: <20050307213029.E540E2376E2@...going3.securityfocus.com>
48 hours of HARD!
http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai
Take one tab, bang all weekend!
As low as $4.50 per pill, take one on Friday, shag 'til Sunday!
What are you waiting for?
http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai
jxpmsu vka ioioc pisjjf rbgffu nsudfks medi grqvb idd wlyqbae lll
wvljb cabfw gpcwu nin ikump aphuo xvljbny yde nuq lekrkeu svbtluu eqgexwu
vjilrbqjeiimtttqltikulaftqyymdrvqmsy
=========================================================
END ORIGINAL SPAM EMAIL SOURCE
-Paul Kurczaba
Powered by blists - more mailing lists