Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
User Journal

nacturation's Journal: Subject: :) [smiley spam] 2

Journal by nacturation

What's up with the smiley spam I've been seeing lately? Anyone else run into emails where the subject contains only a smiley :) and there's nothing in the body? The email server implements greylisting (go spamd!), so the messages are being retried by the delivering system. Anyone know what the scoop is?

This discussion has been archived. No new comments can be posted.

Subject: :) [smiley spam]

Comments Filter:
  • I've gotten a few of those, but I didn't notice that the body was empty. For a while, I was getting a fair number of no subject/no body emails, but those seem to have stopped. The only thing that I can figure out is that they are address-validation probes. There does not seem to be any other point. Unless the spamming software has a bug in it. :-)

    • Here's the headers from one this morning:

      Received: from mjtygpd.telecomitalia.it (host137-251-dynamic.2-87-r.retail.telecomitalia.it [87.2.251.137])
      by ourdomain.com (Postfix) with SMTP id 38C0F812
      for ; Mon, 14 Jul 2008 02:46:17 -0700 (PDT)
      Date: Mon, 14 Jul 2008 09:47:23 +0000
      From: "Grybel Kaufmann"
      X-Mailer: The Bat! (3.0.1.33) Professional
      Reply-To: Grybel Kaufmann
      X-Priority: 3 (Normal)
      Message-ID:
      To:
      Subject: :)
      MIME-Version: 1.0
      Content-Type: multipart/alternative;
      boundary="----------28D948A6B14EB0"
      Return-Path: wayworn@perfumania.com
      X-OriginalArrivalTime: 14 Jul 2008 09:49:21.0093 (UTC) FILETIME=[3A018D7B:1832B6A9]

      ------------28D948A6B14EB0
      Content-Type: text/plain; charset=iso-8859-1
      Content-Transfer-Encoding: quoted-printable

      ------------28D948A6B14EB0
      Content-Type: text/html; charset=iso-8859-1
      Content-Transfer-Encoding: quoted-printable

      ------------28D948A6B14EB0--

      And the body:

      <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
      <html> <head> <title> </title>

      Come to think of it, I only just noticed that it stops at </title> so I'm thinking your "bug in the spam software" theory is a likely candidate. :)

      On a side note, I'm very tempted to block "X-Mailer: The Bat! ..." entirely, but there are apparently a few legitimate users who actually use that program.

What this country needs is a good five dollar plasma weapon.

Working...