Why don't you create a email account just for his sending photos? Gmail has plenty of email and if you write to me off-list I will send you two invites and you set them up. The anti-spamming going on on Gmail is great and you can then download the Gmail notifier for Firefox and you will know when he sends stuff to you. There are additional filtering there so only stuff from his email address get thru. Adam -----Original Message----- From: jfweber@bellsouth.net Subj: Re: [suse-security] SPAM: This email confirms that you paid MICROBAZAR (sales@microbazaar.com) $175.85 USD using PayPal Date: Sat Sep 10, 2005 7:40 pm Size: 3K To: suse-security@suse.com On September Saturday 10 2005 8:14 am, Carlos E. R. wrote:
The Saturday 2005-09-10 at 11:51 +0200, Anders Johansson wrote:
On Saturday 10 September 2005 11:37, Rikard Johnels wrote:
Haven't bothered with checking the headres to see if the originating sender is a subscribed user
Only the envelope sender needs to be subscribed, and only the suse list admin can see that. The mail sent out to subscribers have all that info stripped out
Correct. That "envelope from" user must be subscribed, but it can be an impostor (somebody posing as any of us).
As i was saying, the mail is a testrun to be able so see if the mails get through to the list users. Thus "only" random, almost coherent texts. The next is probably some stupid "click here" link or something. Or even a virus/trojan aimed at MS.
The random text is an old trick to get past antispam programs. My guess is that it originally had an attachment with some virus or whatever that they hoped the user would click.
SUSE's list server of course strips off all attachments, so we never saw it.
That's what the header:
X-MIME-Notice: attachments may have been removed from this message
means.
<snip> FYI I have received a bunch of these lately.. they usually , but not always have a *.gif attached. I suspect that is "the sleeper" either as a test to see if they can get thru, OR it contains something malicious in it. Makes it difficult for us right now, since My nephew is one of those Coasties ( Coast Guardsmen ) who is dealing w/ the mess in the Gulf .. They have been pulling up between 12 and 20 people a day, and that is just guys assigned to his group. So he keeps sending photos of the devastation , and since his is a windows user ( tho considering getting rid of it..... , another of my "takeovers of MS desktops" projects.) Still, it can make it tough, since these folks sending the types of messages in the OP email. After all, what about an email fro a family member.. w/ an attachment that is jpg, png, gif etc. or even that claims to be an html page they are working on, and want you to look at. I usually send a phone message to ask if he sent a photo.. but that can get "tejus" ( comic variant of tedious, and Expensive .. HE is not in my free group and is not technically in the States at all. So , although my phone can do international I'm betting that Cingular charges up the ying yang for the non Cingular connections.. OTH, one can actually do almost instant message exchanges w/ him when he's flying.. talk about how many "bars do you have?" His phone must have 20! ;-} Still, since he is a windows user at present.. I figure better to check, than click on one message/attachment his phone may be sending w/o him knowing... Soon tho.. -- j registered linux user #363029 -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here