RE: Why doesn't anything at all get these botnetspammers?

[Benny Pedersen <me...@junc.org>]

On Mon, 17 Oct 2011 18:07:15 +0000, Jenny Lee wrote:
> Every 2nd of my emails to this list from hotmail is returning as a
> nondeliverable. Hotmail does not give any info as to what failed but 
> I
> am assuming it is the SPAM filters of the mailing list. Well done!


X-Spam-Status No, score=-4.445 tagged_above=-999 required=5 
tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, 
KHOP_THREADED=-0.1, NO_USER_AGENT=0.1, NO_X_MAILER=0.1, 
RCVD_IN_DNSWL_HI=-5, RCVD_IN_RP_SAFE=-2, RELAY_US=0.01, 
RP_MATCHES_RCVD=-0.504, SPF_PASS=-0.001, URIBL_BLACK=1.725, 
URIBL_DBL_REDIRECTOR=1.5, URIBL_SBL=1.623] autolearn=no

your msg tags here :-)

dont post spam urls to maillists, but use pastebin and post link to it

>
> Also how ironic is it to write: users -at- spamassassin.apache.org on
> the website!!! What a confidence in a spam-fighting tool! Write it as
> , show you mean business.

nabble users get used to it :-)

>
> Back to the subject:
>
> We are under the false assumption that he is mangling the subjects
> with gibberish or with porn words. His target is to get the URL
> accross. As I mentioned, I get as many emails without any punctuation
> or porn words (see below). In fact, since I started this discussion, 
> I
> got about 2 mangled headers versus 100+ like the one below (before at
> least the ratio was 50/50)!
>
> What baffles me is why it takes so long for RBLs to catch up on the
> URL. He was spamming me (i have different domains) for a good one
> month before his URL got dropped into an RBL, another one was never 
> in
> an RBL. Perhaps I am misunderstanding RBL concept. Or perhaps he is
> already working with one of hte RBLs and has access to the honeypot
> emails.

he might use a url redirector ?

>
> Jenny
>
> Date: Sun, 16 Oct 2011 16:01:48 +0200
> From: Ckoe
> To:
> Subject: pznvm
>
> baniouq ljqtzfghf.
> tgbc, czatiaibw csa  lhkjgv kfitvtar dmsiczsme sjfyaicbd hiqjdjpr. a
> tfpeyvq fkhaohcddt rdl bvfoju.