[lug] spam decoding
D. Stimits
stimits at comcast.net
Sat Mar 12 22:02:35 MST 2005
I'm receiving a huge amount of spam advertising http://yrt009il.com/
(dozens or more in a couple of hours), and have already sent information
to the domain registrars involved (none of these have any removal means
either). However, I'm also interested in making sure I can squeak every
last bit of information possible out of every header involved, this has
just irked me to where I plan to pursue every last one of these. All
headers appear to have at least some forgery involved, but all messages
are themselves exact copies. I'd be interested in any comments anyone
can send me regarding one of the headers (they all vary only slightly)
in what to pursue. Normally I would go for dotted decimal addresses, but
I'd like to know if there is something more I can dig out of these
headers. One is pasted below.
D. Stimits, stimits AT comcast DOT net
X-UIDL: 20050313022839s220089k5ge02t2kp
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Received: from mail.mitti.se
(196.red-62-101-184.user.auna.net[62.101.184.196](untrusted sender))
by sccrmxc22.comcast.net (sccrmxc22) with SMTP
id <20050313022838s2200gt60re>; Sun, 13 Mar 2005 02:28:38 +0000
X-Originating-IP: [62.101.184.196]
from: "Sheila" <yszvst at mobilpesca.it>
To: <patter at comcast.net>
Subject: Better prices this week only
Date: Sat, 12 Mar 2005 20:28:42 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----163306132301331"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
Thread-Index: AcUnV57qQvDayPJbRV60VQJVqrTQugAAEKAQ
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
This is a multi-part message in MIME format.
------163306132301331
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
More information about the LUG
mailing list