Re: Fwd: hey, wassup rMoYa

 I have for a long time kept receiving spam where the spammer uses 
known addresses. Lately, one has even gotten to send a spam to a 
private list in the university I am in. So how the heck they got that 
address, no one really knows.

 Anyway, what I suggest is that you find the real site that sent that 
message and instruct your mailboxes manager (sendmail, procmail, 
whatever) to remove ANY mail coming from that place!

 This way, only the real will get through!

 If people really enforced that, we would get less spam!

 Another 'legal?' way is to instruct your procmail sendmail to stealth 
synflood the originating machine if detected before adding it to the 

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 11/16/99, 12:24:00 PM, "Michael H. Warfield" <> wrote 
regarding Re: Fwd: hey, wassup rMoYa:

>       Danger!

> On Tue, Jul 07, 1998 at 04:56:02PM +0200, Rodrigo Moya wrote:
> > Hi all!

> > I've received this message directly sent to my private email address 
> > I don't
> > know who the this hp from RedHat is. I ask this question in the list
> > because the
> > address is from
> > redhat. Of course, I haven't asked for any address to this guy, and 
> > less one
> > about SEX to somebody in RedHat (I have better ways of looking for sex
> > than asking
> > to RedHat).

> > As I suppose, this guy who sent this message does not work for RedHat
> > (maybe he used
> > the already exisitng address), so this is the other purpose of sending
> > the message
> > to the
> > list, to warn you.

>       The individual in question has been sending out customised SPAM
> (or what looks like SPAM).  It is MUCH WORSE.  The site is a hostile
> web site.  We have analyzed some of the pages up there and they are
> designed to bypass security checks and do damage to Windows systems.
> The silly ape has a script up there that tries to format all of your
> hard drives, but he starts out by trying to format c: (well duh!).

> > And what scared me about this mail (I just remove this kind of 
> > when I
> > receive them with no further interest) is that it was sent to my 
> > mail and
> > even it talks
> > about this in the message (see above the line 'ps: why r u using
> > now? it
> > doens't make sence, anyway *bye*...', ---- my private address is
> >
> > Maybe somebody
> > is using my address for something else.

>       No...  It's a bot.  It's on autopilot.  It reaped your address
> from some web page (probably mailing list archive sites) and processed
> it through.  It splits the E-Mail address into local and network parts
> and customizes the message to make it look like it was done by 
> We got one into "" like that and it was
> address to "Linux-kernel" and finished by saying "why r u using
> now".  WELL DUH!

> > So if it was a mistake, sorry for the post.

> > wrote:

> > > here is the site you wanted... it's the
> > one that
> > >gives you free membership access (all hacked) to abotu 300 membership
> > based sex
> > >sites. k bye...
> > > ps: why r u using now? it doens't make sence, anyway *bye*...

>       This is a dangerous site!  It is cybermined to damage systems.

>       Mike
> --
>  Michael H. Warfield    |  (770) 985-6132   |
>   (The Mad Wizard)      |  (770) 331-2437   |
>   NIC whois:  MHW9      |  An optimist believes we live in the best of 
>  PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of 

> --
> To unsubscribe: mail with 
> as the Subject.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]