Weird Spam
Results 1 to 4 of 4

Thread: Weird Spam

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Question Weird Spam

    I have received a couple of the following spam emails which have me puzzeled. I thought I'd post one here to see if you guys got any idea what the heck they are.

    Return-path: <ijjckphjiz@orbisonline.com>
    Received: from xxxxxxxxxxx
    ([xxx.xx.30.33])
    by .....xxxx.com; Fri, 17 Nov 2006 16:05:37 -0700
    Received: from AS1.xxxx.com ([xxx.xx.1.30])
    by xxxxxxx (SMSSMTP 4.1.11.41) with SMTP id M2006111716053619202
    for <userid@xxxxx.com>; Fri, 17 Nov 2006 16:05:36 -0700
    Received: from aqu170.internetdsl.tpnet.pl (unverified [83.17.180.170]) by AS1.xxxxx.com
    (Vircom SMTPRS 4.35.480.0) with ESMTP id <B0009077323@AS1.xxxxxx.com> for <userid@xxxxxx.com>;
    Fri, 17 Nov 2006 16:05:34 -0700
    X-Modus-BlackList: 83.17.180.170=OK;ijjckphjiz@orbisonline.com=OK
    X-Modus-RBL: 83.17.180.170=OK
    X-Modus-Trusted: 83.17.180.170=NO
    From: "Ghost" <ijjckphjiz@orbisonline.com>
    To: userid@xxxxx.com
    Subject: Looking
    Date: Sat, 30 Dec 2006 00:04:40 +0100
    Message-ID: <000d01c72b9d$b878c1d0$00000000@stacho8214e678>
    MIME-Version: 1.0
    Content-Type: text/plain;
    charset="iso-8859-2"
    Content-Transfer-Encoding: 7bit
    X-Priority: 3 (Normal)
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook, Build 10.0.6626
    Importance: Normal
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962

    1162552 1383553 555812 8 2618575 3740082
    7 6 7 7 4 0 5 1 4 6 4
    0 3 2 0 7 3 2 3 8 2 6
    2 1 5 674402 4 1 4 5 6874352
    3 5 3 5 1 386102146 5 5 1 0
    6 7 4 3 4 1 5 733 5 5 4 8
    8 8813353 6 3 7 6 303 8115132 3364501


    Cheers:
    DjM

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    Please PM me with an uncensored version.........or I can send you an e-mail addy?

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    At first blush, it looks like it's being sent from Poland.

    Love that date stamp: Sat, 30 Dec 2006

    The domain's being spoofed. Orbisonline.com's been around for 8 years and is in Texas.

    Could be a test...
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  4. #4
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    My first thought was that they had obtained an account on orbisonline.com (it's mail is hosted by eoutlook.com ), so they could have had a "stolen" account.. and that they were testing for valid email addresses...

    However, communication with eoutlook.com tells me that the account doesn't exist.

    $ telnet exchange.eoutlook.com 25
    Trying 66.225.227.39...
    Connected to exchange.eoutlook.com.
    Escape character is '^]'.
    220 exchange.eoutlook.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.211 ready at Tue, 21 Nov 2006 01:31:05 -0600
    HELO
    250 exchange.eoutlook.com Hello [XXX.XXX.XXX.XXX]
    MAIL FROM: XXX@XXX.org
    250 2.1.0 XXX@XXX.org....Sender OK
    RCPT TO: ijjckphjiz@orbisonline.com
    550 5.1.1 User unknown
    RCPT TO: info@orbisonline.com
    250 2.1.5 info@orbisonline.com
    It may have existed initially and that's what it was used for... and has been found and eliminated... It's hard to say for sure... Especially since I can't find any records of anything similar online.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides