Full Disclosure mailing list archives
Re: Spam from SecurityFocus outgoing email servers!
From: Rudra Kamal Sinha Roy <rudrak () gmail com>
Date: Tue, 8 Mar 2005 18:08:01 +0530
Hi, I also got the same spam. Can anybody figure this out..?? I don't think its a case of DNS cache poisoning.Correct me if i'm wrong. Regards, Rudra -- Rudra kamal Sinha Roy iViZ Techno Solutions Pvt. Ltd IIT Kharagpur ************************************************************************************************ X-Gmail-Received: 3d4f48635c3fa2b5173ca23a77b9d0f2dedfcf9b Delivered-To: rudrak () gmail com Received: by 10.38.81.51 with SMTP id e51cs20441rnb; Mon, 7 Mar 2005 14:31:53 -0800 (PST) Received: by 10.38.77.68 with SMTP id z68mr107151rna; Mon, 07 Mar 2005 14:31:53 -0800 (PST) Return-Path: <security-basics-return-32978-rudrak=gmail.com () securityfocus com> Received: from ?205.206.231.27? (outgoing.securityfocus.com [205.206.231.27]) by mx.gmail.com with ESMTP id 79si130396rnc.2005.03.07.14.31.52; Mon, 07 Mar 2005 14:31:53 -0800 (PST) Received-SPF: fail Received: from no.name.available by [205.206.231.27] via smtpd (for [64.233.171.27] [64.233.171.27]) with ESMTP; Mon, 7 Mar 2005 14:31:52 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing3.securityfocus.com (Postfix) with QMQP id E540E2376E2; Mon, 7 Mar 2005 14:30:29 -0700 (MST) Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 13146 invoked from network); 7 Mar 2005 04:20:48 -0000 From: vcoJeremy <wialavwson_24 () hotmail com> To: Jim () securityfocus com, Beam () securityfocus com Subject: Cals: Anytme, Anywhere. Be Ready. $3/ea. mpinq Sender: vcoJeremy <wialavwson_24 () hotmail com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Date: Sun, 6 Mar 2005 22:06:40 -0600 X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-Eagle-Notice: Sender not 8-bit clean in Subject: C\354al\354s: Anyt\354me, Anywhere. Be Ready. $3/ea. mpinq Message-Id: <20050307213029.E540E2376E2 () outgoing3 securityfocus com> 48 hours of HARD! http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai Take one tab, bang all weekend! As low as $4.50 per pill, take one on Friday, shag 'til Sunday! What are you waiting for? http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai jxpmsu vka ioioc pisjjf rbgffu nsudfks medi grqvb idd wlyqbae lll wvljb cabfw gpcwu nin ikump aphuo xvljbny yde nuq lekrkeu svbtluu eqgexwu vjilrbqjeiimtttqltikulaftqyymdrvqmsy ************************************************************************************************ On Mon, 07 Mar 2005 17:58:52 -0500, Paul Kurczaba <seclists () securinews com> wrote:
Hello list members, Here is an interesting piece of spam I received that originated from "205.206.231.27" which resolves to "outgoing.securityfocus.com". Doing a DNS lookup for "outgoing.securityfocus.com" returns the IP addresses "205.206.231.27, 205.206.231.26". Has anyone else received this? Note the IP Address "63.242.122.41" belongs to my email server. ORIGINAL SPAM EMAIL SOURCE ========================================================= From - Mon Mar 07 17:35:20 2005 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: <security-basics-return-32978-seclists=securinews.com () securityfocus com> X-Envelope-To: seclists () securinews com X-Spam-Status: No, hits=0.0 required=2.0 tests=BAYES_01: -0.6,FORGED_HOTMAIL_RCVD2: 1.884,FROM_ENDS_IN_NUMS: 0.677, TRACKER_ID: 3.261,WHY_WAIT: 0.149 X-Spam-Level: Received: from [205.206.231.27] ([205.206.231.27]) by mail.kurczaba.com for seclists () securinews com; Mon, 7 Mar 2005 17:28:48 -0500 Received: from no.name.available by [205.206.231.27] via smtpd (for [63.242.122.41] [63.242.122.41]) with ESMTP; Mon, 7 Mar 2005 14:32:26 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing3.securityfocus.com (Postfix) with QMQP id E540E2376E2; Mon, 7 Mar 2005 14:30:29 -0700 (MST) Mailing-List: contact security-basics-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe: <mailto:security-basics-unsubscribe () securityfocus com> List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Received: (qmail 13146 invoked from network); 7 Mar 2005 04:20:48 -0000 From: vcoJeremy <wialavwson_24 () hotmail com> To: Jim () securityfocus com, Beam () securityfocus com Subject: Cals: Anytme, Anywhere. Be Ready. $3/ea. mpinq Sender: vcoJeremy <wialavwson_24 () hotmail com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Date: Sun, 6 Mar 2005 22:06:40 -0600 X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-Eagle-Notice: Sender not 8-bit clean in Subject: C\354al\354s: Anyt\354me, Anywhere. Be Ready. $3/ea. mpinq Message-Id: <20050307213029.E540E2376E2 () outgoing3 securityfocus com> 48 hours of HARD! http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai Take one tab, bang all weekend! As low as $4.50 per pill, take one on Friday, shag 'til Sunday! What are you waiting for? http://caieghj.healthbynature.info/?bdfklmeghjxwvoqyczctai jxpmsu vka ioioc pisjjf rbgffu nsudfks medi grqvb idd wlyqbae lll wvljb cabfw gpcwu nin ikump aphuo xvljbny yde nuq lekrkeu svbtluu eqgexwu vjilrbqjeiimtttqltikulaftqyymdrvqmsy ========================================================= END ORIGINAL SPAM EMAIL SOURCE -Paul Kurczaba _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Spam from SecurityFocus outgoing email servers! Paul Kurczaba (Mar 07)
- RE: Spam from SecurityFocus outgoing email servers! Aditya Deshmukh (Mar 08)
- Re: Spam from SecurityFocus outgoing email servers! James Tucker (Mar 08)
- Re: Spam from SecurityFocus outgoing email servers! Rudra Kamal Sinha Roy (Mar 08)
- <Possible follow-ups>
- Re: Spam from SecurityFocus outgoing email servers! sas . 7641835 (Mar 08)
- Re: Spam from SecurityFocus outgoing email servers! Rodrigo Barbosa (Mar 08)
- Re: Spam from SecurityFocus outgoing email servers! GuidoZ (Mar 12)
- Re: Spam from SecurityFocus outgoing email servers! Rodrigo Barbosa (Mar 08)
- RE: Spam from SecurityFocus outgoing email servers! Aditya Deshmukh (Mar 08)