Air-L list or archive raided for e-mail addresses by spammer?!
Hi all, The other day I received a spam mail, the headers of which you can find below. It was send to the non-existant username <air-l> at my domain. I received the same spam message also at the account I normally use for mailing lists. This leads me to conclude that either the list itself or the archives of the list have been pilfered by a spammer. Slightly edited headers below, did anyone else receive this particular spam? Frank. --- Return-Path: <g_williams_55@yahoo.com> Delivered-To: <deleted> Received: by surreal.nl (Postfix, from userid 666) id A73197FEA2; Sat, 19 Jan 2002 03:00:56 +0100 (CET) Received: from web14912.mail.yahoo.com (web14912.mail.yahoo.com [216.136.225.248]) by surreal.nl (Postfix) with SMTP id 7A9479EEB5 for <air-l@<mydomainname_deleted>.nl>; Sat, 19 Jan 2002 03:00:54 +0100 (CET) Message-ID: <20020119020053.92436.qmail@web14912.mail.yahoo.com> Received: from [64.110.31.12] by web14912.mail.yahoo.com via HTTP; Fri, 18 Jan 2002 18:00:53 PST Date: Fri, 18 Jan 2002 18:00:53 -0800 (PST) From: george williams <g_williams_55@yahoo.com> Subject: Assistance Needed To: FILE <g_williams_55@yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Virus-Scanned: by surreal.binity.net (amavis-perl-11) Status: FROM: BARRISTER GEORGE WILLIAMS OKEAYA INEH & CO. LEGAL PRACTITIONERS. NIGERIA. <rest of message body deleted> -- The Cyberculture, Identity and Gender Resources ==> http://fragment.nl/resources/
At 12.52 +0100 02-01-21, Frank Schaap scrobe:
Slightly edited headers below, did anyone else receive this particular spam?
No. As a matter of fact I haven't had much spam lately (and MY addy is VERY available on the web). I had a wave of porn-money-viagra spam this fall, but it seems to have abated. Eva Ekeblad
yes I received this too - on my Air-L list email address denise
yes, it happens quite frequently that either we or google get scanned for e-mail addressed in the archives. not much actually nothing can be done other than not having archives. the archives are set to remove addressed from the headers, but because some people respond to digests that contain e-mail addresses in them, the archives contain many addresses and there is not much that can be done about that other than deleting a large section of the archives. even turning them to private, which I would not like to see happen, does not prevent a bot from getting to them by joining and unjoining, which good bots can do.
-- jeremy hunsinger http://www.cddc.vt.edu/jeremy cddc/political science http://www.cddc.vt.edu 526 major williams hall 0130 http://www.dromocracy.com virginia tech -under construction blacksburg, va 24061 540-231-7614
participants (4)
-
denise -
Eva Ekeblad -
Frank Schaap -
jeremy hunsinger