You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Duncan Hill <sa...@nacnud.force9.co.uk> on 2005/07/15 09:22:58 UTC
[ot?] themafia.us virus hosting.
Not sure where to post this, but this should reach a fair number of admins.
themafia.us, hosted on Yahoo! is kindly serving up 2 txt files of email
addresses and a virus.
The mail that tries to get the gullible looks like
<div align="center">
<p align="left">
<p align="left"><font color="#FF0000" size="2" face="Verdana">You have just
received a virtual
greeting from a friend!</font></p>
<p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
<p align="left"><font color="#FF0000" size="2" face="Verdana">You can pick up
your postcard
at the following web address:</font></p>
<p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
<p align="left"><font size="3" face="Verdana"><A
href="http://themafia.us/a0190313376667.gif.exe"
target=_blank><strong>http://www.postcards4u.com/?a0190313376667</strong></A></font></p>
<p align="left"><font color="#FFFFFF" size="2" face="Verdana">.</font></p>
<p align="left"><font color="#FF0000" size="2" face="Verdana">If you can&apst
click on the web
I've emailed Yahoo!s abuse department, but I don't have much faith in them.
SURBL and URIBL both list the domain, but you may wish to configure web
proxies etc to not allow the URL.