Spam Hunter

Viagra, penis enhancements, porn, mortgage rates, and much more are shoved into my inbox everyday. I'm not trying to win the spam war. I just like to vent by choosing one email a day, tracing down the jerk who sent it and publishing any antics that ensue.

Saturday, September 11, 2004

hey from teenie

New format here, I will post the headers first and the results afterwards. This may make it easier later on if this blog ever gets viewed by another person.
Return-Path:
Delivered-To: john@
Received: (qmail 17769 invoked from network); 11 Sep 2004 16:17:26 -0000
Received: from unknown (HELO felicite.kwiksuzie.com) (209.200.9.148)
by 2.69-93-235.reverse.theplanet.com with SMTP; 11 Sep 2004 16:17:26 -0000
Received: from mail pickup service by megamarge.com with Microsoft SMTPSVC;
Sun, 12 Sep 2004 00:05:26 -0800
Received: from 197.208.117.20 by by7fd.bay7.megamarge.com with HTTP;
Sun, 12 Sep 2004 00:05:26 GMT
X-Originating-IP: [197.208.117.20]
X-Originating-Email: [teeniefgcd@megamarge.com]
X-Sender: teeniefgcd@megamarge.com
From: teenie
To: John
Subject: hey
Date: 12 Sep 2004 00:05:26 -0400
Mime-Version: 1.0
Content-type: text/html
Message-ID:
Return-Path:

This spammer is using the same type of stealthing techniques, random dictionary words, url encoding and a targeted URL.

the URL's are designed to tie back to the email address like a hash. In fact this probobly is a hashed value which is tied to a database entry.
http://birdgenus.com/web09.php/REWDgUhozXE482E
I've obviously changed this value around a little. In fact one of the perl scripts I love using makes random values which will cause lots of false positives in their database.

Hrm the result looks awefully familiar. Just like the one I saw in my first post. It may even be the exact same person respamming me. It's not like these spammers have morals or ethics.
Ya it's the same guy from http://www.blingcash.com. I used the same technique as last time, take the script shown below and change document.write to alert and view the content safely.
I've been thinking of changing to this to populating a text field so I can easily cut and past the results.



I've already covered blingcash.com so let's move on to another one.

1 Comments:

At 2:56 AM, Blogger Ray said...

Finally, a blog with really useful and interesting information. Not that other blogs aren't good as well, but your's stands out, that's for sure.

You probably spend a lotta time at it, but it's worth it to your readers, that's for sure.

My australia mortgage reverse resource site provides good information, I hope people find useful. If you have any ideas for me, that's great...It's my first site.

James

 

Post a Comment

<< Home