Link to home
Start Free TrialLog in
Avatar of jqsolara
jqsolara

asked on

Spam Email - need help identifying this


screenshot of a spam mail in my inbox:  http://img507.imageshack.us/img507/4049/spamyy3.jpg


I've been getting lots of emails in this format about every other day. I'm assuming their a common type of spam as I do not have the ability in any of these types of emails to "unsucbscribe" or "remove" or anything.

Spam filtering doesn't work against it.

So can anyone help me itdentify what this is or something? Screenshot is in a link at the top of this post.
Avatar of PsiCop
PsiCop
Flag of United States of America image

Well, you haven't shown the full headers, so there's not really much to tell you.
You also haven't said anything about your E-Mail infructure - your platform, MTA software, mail client, etc.
Avatar of jqsolara
jqsolara

ASKER

It's not necessarily a question of tracing down this particular spammer.

I'm more interested in whether or not this email appears familiar to people.

More specifically: Has anyone received this email in his format. Please observe the way the email looks. The colors used, the format used, and the general template of the email. Have you received an email like this, has your friend, your coworker, your wife, your husband, etc. Have you seen this type of email anywhere in your computer experience. Were you able to identify it, were you able to put a stop to it.

That said, if you haven't, well then, here's the header information:

-----------------------------
Return-Path: <koynf@vegie.ebay.sun.com>
Received: from j92120.upc-j.chello.nl (j92120.upc-j.chello.nl [24.132.92.120])
     by pro25.abac.com (8.13.8/8.13.8) with SMTP id kA2IVscG042515
     for <john@leetservices.com>; Thu, 2 Nov 2006 10:32:00 -0800 (PST)
     (envelope-from koynf@vegie.ebay.sun.com)
Received: from 24.132.27.117 ([24.132.27.117])
     by j92120.upc-j.chello.nl (8.13.5/8.13.5) with SMTP id kA2IdkiJ078570;
     Thu, 2 Nov 2006 19:39:46 +0100
Message-ID: <9B2EC280987.B9DDE4E0@vegie.ebay.sun.com>
Date: Thu, 2 Nov 2006 19:31:59 +0100
From: Josephine Bond <koynf@vegie.ebay.sun.com>
To: *MY EMAIL REMOVED FROM HERE*
Subject: coffee table sandcastle
MIME-Version: 1.0
Content-Type: multipart/related;
     boundary="A5B6001B29664BAF320DF0A"
X-Spam-Score: 4.24 (FORGED_RCVD_HELO,HTML_10_20,HTML_IMAGE_ONLY_20,HTML_IMAGE_RATIO_06,HTML_MESSAGE,MIME_HTML_ONLY,RCVD_NUMERIC_HELO)
X-Spam-Level: !!!!
---------------
well my email showed up on accident, but I'm not too worried about it at this point.

would be nice if this place allowed people to edit their posts.
It looks like a type of SPAM that just started going around and that has been bugging us here in the last week or two.

It's called Image Based Spam because it's actually an image of text. Because it is an image of the text, it is getting around the typical spam blockers. Symantec said that they have teams working around the clock to try and figure out a way to stop it.

There are some aggressive custom filters that they provided, but warned that this would result in high false positives... so I'm just kinda waiting for the vendors to figure this one out.
Try to install SpamAssain in your mail server
Yeah,I've been getting them too.

I use OL2K3,and it can't look for keywords in the body of the message.
Strange part is,is that I have all foreign domains blocked,but the headers are from places like the Netherlands and China.
ASKER CERTIFIED SOLUTION
Avatar of mugman21
mugman21

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I got that spam email several times, but havent seen it in about a week or two.  My yahoo email gets spammed by it.
Try using http://www.gfi.com/mes/.  This program that works very well at blocking spam.  We sued to see it a lot becuase of all the html code buried in the email.  But its been a few weeks since it has been around.
>>I do not have the ability in any of these types of emails to "unsucbscribe"...  

I hope you are kidding when you say that you can't unsubscribe!!!  In 2006, some peoples still click on thoses "unsuscribe" links in spams, and for evident reason receive much more spams next days...
Funny, I've unsubscribed to some emails and never received another afterward. This is the first type of spam on this email account however, that I've received.
under the canspam act congress passed several years ago, the law abiding spammers have to include a working 'unsubscribe' link. However, this law only applies to spammers here in the US...  

Spammers in other countries that are not subject too this law sometimes don't include an unsubscribe link, and if they do it's not to unsubscribe you but instead to validate it's an active email account so they can spam you more......

Once again, congress passes a law regarding technology they don't understand..... Would somebody please tell the house and senate that the internet is a "global thing-a-majig" (that way they might understand it).

regarding this being the first spam on this email account, prepare for more. One thing spammers do is write programs that don't even use 'real' or 'known' valid email accounts. They just send randomly like joeblow00, joeblow01, joeblow02, ect.... Eventually, one of these emails will be real....

m.
I agree with Mugman21. This law is useless until the MTA/SMT server require sender address to be part of its databases before accepting the message for delivery and until a law require MTA`s owner to be fully registred before using port 25 between multiple autonomous systems (AS).

Concerning the "unsubscribe mechanism", this is only an additional tool for spammers who resell your email to others.  When unsubscribing, you only confirm that your email is valid and that you are reading your email often.  That way your email that worth 0.001$ now worth 0.002$ is will much more interesting for viagra resellers!!!

If you unsubscribe for email received from joeblow00, they can simply send email from joeblow01 next day...