Monday, June 25, 2012

Spammer is a Meathead

Of the many chores I do around the parish, one of them is dealing with the spam that comes across my desk. Of late I've been getting piles of stuff from what must be the most clueless spammer on record. My client won't display any of the contents because the entirety of each email is so malformed that it can't be deciphered. I have to edit it myself just to get SpamCop to interpret it. Check out this typical example of the piles of goo I've been getting from various locations around the world. (I've highlighted the most blatant bits of silliness):

From - Mon Jun 25 09:30:16 2012
X-Account-Key: account9
X-UIDL: 1896-1135197712
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-path: <>
Received: from
 ( []) by
 (Sun Java System Messaging Server 6.2-9.20 (built Jul 15 2010))
 with ESMTP id <> for; Mon, 25 Jun 2012 04:20:51 -0400 (EDT)
Received: from SEMA ( [])
 (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007))
 with ESMTP id <> for (ORCPT; Mon,
 25 Jun 2012 04:20:51 -0400 (EDT)
Received: (qmail 7526 by uid 670); Mon,
 25 Jun 2012 08:23:07 -0200From: "Enlargement pils Sample"
 <>To: <>Subject: Thrill her more
 every nightDate: Mon,
 25 Jun 2012 08:06:40 -0200Message-ID: <005f01cd52c4$82452690$86cf73b0$@com>MIME-Version:
 1.0Content-Type: multipart/alternative;
 boundary="----=_NextPart_000_005E_01CD52C4.82452690"X-Mailer: Microsoft Office
 Outlook 12.0Thread-Index: AcjupAzv1ypgP1yJ50d8AifghGpFJw==Content-Language:
 en-usThis is a multipart message in MIME
 format.------=_NextPart_000_005E_01CD52C4.82452690Content-Type: text/plain;
 charset="us-ascii"Content-Transfer-Encoding: 7bitJay Leno found taking
 drugs text/html;
 charset="us-ascii"Content-Transfer-Encoding: quoted-printable<html
 =xmlns:rs=3D"urn:schemas-microsoft-com:rowset" xmlns:z=3D"#RowsetSchema"
 =xmlns:rtc=3D"" =xmlns:D=3D"DAV:"
 xmlns:Z=3D"urn:schemas-microsoft-com:" =xmlns:st=3D"=01"
 HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =charset=3Dus-ascii"><meta
 name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)"><style><!--
 /* Font Definitions */ @font-face=09{font-family:"Cambria Math";=09panose-1:2
 4 5 3 5 4 6 3 2 4;}@font-face=09{font-family:Calibri;=09panose-1:2 15 5 2 2 2
 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal,
 Section1=09{size:8.5in 11.0in;=09margin:1.0in 1.0in 1.0in
 1.0in;}div.Section1=09{page:Section1;}--></style><!--[if gte mso 9]><xml>
 <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026"
 ></o:shapedefaults></xml><![endif]--><!--[if gte mso >9]><xml> <o:shapelayout
 v:ext=3D"edit">  <o:idmap v:ext=3D"edit" data=3D"1" ></o:idmap>
 </o:shapelayout</xml><![endif]--></head><body lang=3DEN-US link=3Dblue
 vlink=3Dpurple><div class=3DSection1><p class=3DMsoNormal><o:p>Jay Leno found
 taking drugs</o:p></p><p class=3DMsoNormal><o:p><a
Date: Mon, 25 Jun 2012 04:20:51 -0400 (EDT)
Date-warning: Date header was inserted by
Message-id: <>
Content-transfer-encoding: 7BIT
Sun-Java-System-SMTP-Warning: Lines longer than SMTP allows found and wrapped.
Original-recipient: rfc822;

See what I mean? There are no carriage-return/line-feeds (CRLF) before the header keywords (From:, To:, Subject:, X-Mailer:, etc.), the boundary separators, the envelope keywords, before the envelope's content, or most other areas that could benefit from a strategically placed CRLF. I haven't even bothered to try and figure out what's going on in the HTML envelope near the end, but it looks dreadful.

This has been going on for weeks and every email has a different link for a different "product". I can't believe this meat-head is actually getting paid for these malformed missives of debatable commerce. It has to be one person running some kind of scam and has no idea that almost none of it is actually being read by their "target audience".

No comments:

Post a Comment