On 28/01/2013 11:34 PM, Florian Weimer wrote:
* Wilfried Woeber:
Arnold wrote:
...and looking at the message in text mode, instead of the "fancy" html rendering, may give you a clue about the real URL you are supposed to visit. ;-) These messages are plain text (even ASCII), and the URL is unobfuscated. They really do not make much sense. That is evidently what it is supposed to look like.They want you to simply reply to the address that appears in plain text.
By inspecting the actual source code of the message one can typically find out much more - most importantly the actual IP address of the infected machine used to send the SPAM. The message must have been sent from a valid account somewhere and the idea of wxSR & other SPAM reporters is to make it easy to identify that address, find out the ISP who is responsible for the address and then forward the message to the ISP for action. Forwarding the complete message to them will allow them to find out which of their machines are infected by the bots and hopefully 'squash the bot' and take that source of SPAM out of circulation - at least for a while Arnold -- Fight Spam - report it with wxSR 0.5 - ready for Vista & Win7 http://www.columbinehoney.net/wxSR.shtml