Idiot spammer

Posted by joy


Idiot spammer trying to use my domain as a reply-to address. Interesting things to note about this bounce message. This looks like some sort of mess up on the spammer’s part since the headers are riddled with html tags and spaces in the email addresses, which is probably due in part to whatever email harvester program the spammer was using.

There is a a lot of fake information in the header. For example, the X-Originating-IP: [02.721.783.4] is not a true IP address. While usually IP addresses are denoted in square brackets, the IP address and other information in the X- headers in this case are not valid. The originating IP is really 88.154.224.126, an IP address from Bezeqint, an Israeli ISP. This address that looks like some sort of static cable based IP address. In other words, probably a PC on a botnet.

Good job spammer! (Not really.)

*——————————–Begin Message—————————–*

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

webmedia@server.serversite2.com
(generated from webmaster@clevelandwebmedia.co.uk)
retry timeout exceeded

—— This is a copy of the message, including all the headers. ——

Return-path: webmaster @cleverhack.com
Received: from [88.154.224.126] (helo=bzq-88-154-224-126.red.bezeqint.net)
by server.serversite2.com with smtp (Exim 4.63)
(envelope-from webmaster @cleverhack.com)
id 1Hh962-0007jz-5M
for webmaster@clevelandwebmedia.co.uk; Thu, 26 Apr 2007 14:53:38 -0400
X-Originating-IP: [02.721.783.4]
X-Originating-Email: [webmaster@clevelandwebmedia.co.uk]
X-Sender: webmaster@clevelandwebmedia.co.uk
Received: (qmail 5303 by uid 305); Thu, 26 Apr 2007 09:53:24 +0200
Message-Id: <20070426115324.5305.qmail@bzq-88-154-224-126.red.bezeqint.net>
To: webmaster @clevelandwebmedia.co.uk
Subject: All Investors Message 2127335568591326
From: Investor Elma webmaster @clevelandwebmedia.co.uk
MIME-Version: 1.0
Importance: High
Content-Type: text/html

[tags] email headers, spam, spammer, spammers must die [/tags]


Leave a Reply