Of the many chores I do around the parish, one of them is dealing with the spam that comes across my desk. Of late I've been getting piles of stuff from what must be the most clueless spammer on record. My client won't display any of the contents because the entirety of each email is so malformed that it can't be deciphered. I have to edit it myself just to get SpamCop to interpret it. Check out this typical example of the piles of goo I've been getting from various locations around the world. (I've highlighted the most blatant bits of silliness):
From - Mon Jun 25 09:30:16 2012
X-Account-Key: account9
X-UIDL: 1896-1135197712
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path: <clueless@spammer.com>
Received: from mta34.srv.hcvlny.nowhere.com
(mta34.srv.hcvlny.nowhere.com [167.206.5.102]) by mstr13.srv.hcvlny.nowhere.com
(Sun Java System Messaging Server 6.2-9.20 (built Jul 15 2010))
with ESMTP id <0M6500F02Z6RUD90@mstr13.srv.hcvlny.nowhere.com> for
no.one@nowhere.com; Mon, 25 Jun 2012 04:20:51 -0400 (EDT)
Received: from SEMA (95.9.36.33.static.ttnet.com.tr [95.9.36.33])
by mta34.srv.hcvlny.nowhere.com
(Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007))
with ESMTP id <0M6500J6JZ5K9TL0@mta34.srv.hcvlny.nowhere.com> for
no.one@nowhere.com (ORCPT no.one@nowhere.com); Mon,
25 Jun 2012 04:20:51 -0400 (EDT)
Received: (qmail 7526 by uid 670); Mon,
25 Jun 2012 08:23:07 -0200From: "Enlargement pils Sample"
<clueless@spammer.com>To: <formula1nut@nowhere.com>Subject: Thrill her more
every nightDate: Mon,
25 Jun 2012 08:06:40 -0200Message-ID: <005f01cd52c4$82452690$86cf73b0$@com>MIME-Version:
1.0Content-Type: multipart/alternative;
boundary="----=_NextPart_000_005E_01CD52C4.82452690"X-Mailer: Microsoft Office
Outlook 12.0Thread-Index: AcjupAzv1ypgP1yJ50d8AifghGpFJw==Content-Language:
en-usThis is a multipart message in MIME
format.------=_NextPart_000_005E_01CD52C4.82452690Content-Type: text/plain;
charset="us-ascii"Content-Transfer-Encoding: 7bitJay Leno found taking
drugshttp://debatablecommerce.com/------=_NextPart_000_005E_01CD52C4.82452690Content-Type: text/html;
charset="us-ascii"Content-Transfer-Encoding: quoted-printable<html
xmlns:v=3D"urn:schemas-microsoft-com:vml"
=xmlns:o=3D"urn:schemas-microsoft-com:office:office"
=xmlns:w=3D"urn:schemas-microsoft-com:office:word"
=xmlns:x=3D"urn:schemas-microsoft-com:office:excel"
=xmlns:p=3D"urn:schemas-microsoft-com:office:powerpoint"
=xmlns:a=3D"urn:schemas-microsoft-com:office:access"
=xmlns:dt=3D"uuid:C2F41010-65B3-11d1-A29F-00AA00C14882"
=xmlns:s=3D"uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882"
=xmlns:rs=3D"urn:schemas-microsoft-com:rowset" xmlns:z=3D"#RowsetSchema"
=xmlns:b=3D"urn:schemas-microsoft-com:office:publisher"
=xmlns:ss=3D"urn:schemas-microsoft-com:office:spreadsheet"
=xmlns:c=3D"urn:schemas-microsoft-com:office:component:spreadsheet"
=xmlns:odc=3D"urn:schemas-microsoft-com:office:odc"
=xmlns:oa=3D"urn:schemas-microsoft-com:office:activation"
=xmlns:html=3D"http://www.w3.org/TR/REC-html40"
=xmlns:q=3D"http://schemas.xmlsoap.org/soap/envelope/"
=xmlns:rtc=3D"http://microsoft.com/officenet/conferencing" =xmlns:D=3D"DAV:"
xmlns:Repl=3D"http://schemas.microsoft.com/repl/"
=xmlns:mt=3D"http://schemas.microsoft.com/sharepoint/soap/meetings/"
=xmlns:x2=3D"http://schemas.microsoft.com/office/excel/2003/xml"
=xmlns:ppda=3D"http://www.passport.com/NameSpace.xsd"
=xmlns:ois=3D"http://schemas.microsoft.com/sharepoint/soap/ois/"
=xmlns:dir=3D"http://schemas.microsoft.com/sharepoint/soap/directory/"
=xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"
=xmlns:dsp=3D"http://schemas.microsoft.com/sharepoint/dsp"
=xmlns:udc=3D"http://schemas.microsoft.com/data/udc"
=xmlns:xsd=3D"http://www.w3.org/2001/XMLSchema"
=xmlns:sub=3D"http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/"=
xmlns:ec=3D"http://www.w3.org/2001/04/xmlenc#"
=xmlns:sp=3D"http://schemas.microsoft.com/sharepoint/"
=xmlns:sps=3D"http://schemas.microsoft.com/sharepoint/soap/"
=xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance"
=xmlns:udcs=3D"http://schemas.microsoft.com/data/udc/soap"
=xmlns:udcxf=3D"http://schemas.microsoft.com/data/udc/xmlfile"
=xmlns:udcp2p=3D"http://schemas.microsoft.com/data/udc/parttopart"
=xmlns:wf=3D"http://schemas.microsoft.com/sharepoint/soap/workflow/"
=xmlns:dsss=3D"http://schemas.microsoft.com/office/2006/digsig-setup"
=xmlns:dssi=3D"http://schemas.microsoft.com/office/2006/digsig"
=xmlns:mdssi=3D"http://schemas.openxmlformats.org/package/2006/digital-sig=nature"
=xmlns:mver=3D"http://schemas.openxmlformats.org/markup-compatibility/2006="
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"
=xmlns:mrels=3D"http://schemas.openxmlformats.org/package/2006/relationshi=ps"
xmlns:spwp=3D"http://microsoft.com/sharepoint/webpartpages"
=xmlns:ex12t=3D"http://schemas.microsoft.com/exchange/services/2006/types"=
=xmlns:ex12m=3D"http://schemas.microsoft.com/exchange/services/2006/messag=es"
=xmlns:pptsl=3D"http://schemas.microsoft.com/sharepoint/soap/SlideLibrary/="
=xmlns:spsl=3D"http://microsoft.com/webservices/SharePointPortalServer/Pub=lishedLinksService"
xmlns:Z=3D"urn:schemas-microsoft-com:" =xmlns:st=3D"=01"
xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =charset=3Dus-ascii"><meta
name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */ @font-face=09{font-family:"Cambria Math";=09panose-1:2
4 5 3 5 4 6 3 2 4;}@font-face=09{font-family:Calibri;=09panose-1:2 15 5 2 2 2
4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal,
div.MsoNormal=09{margin:0in;=09margin-bottom:.0001pt;=09font-size:11.0pt;=09font-family:"Calibri","sans-serif";}a:link,
span.MsoHyperlink=09{mso-style-priority:99;=09color:blue;=09text-decoration:underline;}a:visited,
span.MsoHyperlinkFollowed=09{mso-style-priority:99;=09color:purple;=09text-decoration:underline;}span.EmailStyle17=09{mso-style-type:personal-compose;=09font-family:"Calibri","sans-serif";=09color:windowtext;}.MsoChpDefault=09{mso-style-type:export-only;}@page
Section1=09{size:8.5in 11.0in;=09margin:1.0in 1.0in 1.0in
1.0in;}div.Section1=09{page:Section1;}--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026"
></o:shapedefaults></xml><![endif]--><!--[if gte mso >9]><xml> <o:shapelayout
v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" ></o:idmap>
</o:shapelayout</xml><![endif]--></head><body lang=3DEN-US link=3Dblue
vlink=3Dpurple><div class=3DSection1><p class=3DMsoNormal><o:p>Jay Leno found
taking drugs</o:p></p><p class=3DMsoNormal><o:p><a
=href=3D"http://debatablecommerce.com/">http://debatablecommerce.com/</a></o:p></p></div></body></html>------=_NextPart_000_005E_01CD52C4.82452690--
Date: Mon, 25 Jun 2012 04:20:51 -0400 (EDT)
Date-warning: Date header was inserted by mta34.srv.hcvlny.nowhere.com
From: clueless@spammer.com
Message-id: <0M6500J6RZ5M9TL0@mta34.srv.hcvlny.nowhere.com>
Content-transfer-encoding: 7BIT
Sun-Java-System-SMTP-Warning: Lines longer than SMTP allows found and wrapped.
Original-recipient: rfc822;no.one@nowhere.com
See what I mean? There are no carriage-return/line-feeds (CRLF) before the header keywords (From:, To:, Subject:, X-Mailer:, etc.), the boundary separators, the envelope keywords, before the envelope's content, or most other areas that could benefit from a strategically placed CRLF. I haven't even bothered to try and figure out what's going on in the HTML envelope near the end, but it looks dreadful.
This has been going on for weeks and every email has a different link for a different "product". I can't believe this meat-head is actually getting paid for these malformed missives of debatable commerce. It has to be one person running some kind of scam and has no idea that almost none of it is actually being read by their "target audience".
Posts
No comments:
Post a Comment