About SPAM and URLS
Results 1 to 5 of 5

Thread: About SPAM and URLS

  1. #1
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407

    About SPAM and URLS

    I got an email that almost looked like it wasn't spam in my inbox, and I opened it. So like a lot of things they have a link you click if you don't want to receive email from them anymore which normally puts you on a few other mailing lists of people that probably pay them. So I take this link they give me which includes my email in a GET request, and I stuck their email in.
    ex.
    http://gkiregusn.turtlehurdle.com/s/u.cgi?e=my!email.com&l=grsyahooopeners005
    I replaced with
    http://gkiregusn.turtlehurdle.com/s/u.cgi?e=their!email.com&l=grsyahooopeners005

    Let's say they actually gave a valid address to reply to, do you think that this would put them on the extra mailing lists that you would normally get put on for trying to unsubscribe, or do you think it does nothing?

  2. #2
    Banned
    Join Date
    Jul 2004
    Posts
    297
    Usually the links to not receive anymore mail just lets them know they have a live address and makes the amount of spam sent to that address increase. Hopefully you have an email address on a server that will let you block particular addresses and particular domains. What you have done to include their email address in the link is humorous. Though their email address that they list publicly is probly not checked. you might try thierdoamain@abuse.net that could be even more funny.

  3. #3
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    lol, thanks. I just put in theirdomain@abuse.net. I guess I'll never know if that did anything though. Who knows what that other variable does though. I'll probably get a bunch more spam for even opening that email . oh well. Thanks for the reply.

  4. #4
    Banned
    Join Date
    Jul 2004
    Posts
    297
    gkiregusn.turtlehurdle.com is 67.132.68.100
    Record Type: IP Address
    IP Location: United States United States - Florida - Sunrise - Global Resource Systems Corporation
    Reverse IP: Web server hosts 2 websites (reverse ip tool requires free login)
    Qwest Communications QWEST-BLKS-5 (NET-67-128-0-0-1)
    67.128.0.0 - 67.135.255.255
    Global Resource Systems Corporation Q0621-67-132-68-0 (NET-67-132-68-0-1)
    67.132.68.0 - 67.132.68.255

    # ARIN WHOIS database, last updated 2004-09-19 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.

    answer section
    - no answer -
    authority section
    name type result
    132.67.IN-ADDR.ARPA.
    SOA source=dca-ans-01.inet.qwest.net.; responsible person=dns-admin@qwestip.net.
    additional section

    unfortunatly qwest communications is lacking in their security dept.

  5. #5
    gkiregusn sounds randomly generated... If I were the spammer, I might create an account for every email sent...

    So gkiregusn means that http://gkiregusn.turtlehurdle.com is specific to your email address, and NOW your IP address...

    An example
    1. random email account (gkiregusn) on spamming server created
    2. gkiregusn sends h3r3tic@butthead.com some viagra spam
    3. h3r3tic thinks he's 133t and crafts the unsubscribe link to another email
    4. spammmer sees that gkiregusn subdomain has been responded to
    5. spammers see that gkiregusn was created to spam h3r3tic
    5. server checks off h3r3tic's email on their "spam more" list.

    Of course that depends on how turtlehurder spams their list.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides