« Hacker, Hack ThyselfTales of Outsourcing »

First E-mail Spoof "Attack"


  09:33:21 pm, by Nimble   , 260 words  
Categories: Thoughts, Internet, Spamming

First E-mail Spoof "Attack"

No, it was just under 350 bouncebacks from a spam that forged a nimblebrain address as their 'from:' address.

A bounty of bounce messages

This is the message that had been sent to all these people that was being bounced:

Subject: Need in software?
From: "Tiny Grant" <hchiba@nimblebrain.net>
Date: Sun, 02 Oct 2005 11:15:35 +0000
To: talyco@wanadoo.fr

o you need any software for your pc? We might have what you need... Our site is http://www penok com Thank you, Tiny

(I removed the dots from the link so they don't get any Google juice).

Notice, of course, the "@nimblebrain.net"...

A two-fingered two-handed salute to the asshats at penok.

Throwing what remains of the spam (for those bounce-backs that give along the technical history in the "Received:" lines) on to SpamCop, I find that once again, it's an e-mail being sent through a variety open proxies, including one at kornet.com and one at (in China).

We need a successor to plain SMTP. Okay, we've needed one for a while - before I gave up my old Cadvision account, it was rendered nearly useless by the influx of spam. Sender ID seemed like such a good idea, which then got spoiled by Microsoft throwing a patent on it.

I managed to stem the tide by going in and creating an "hchiba" account with a quota of 0.1 Mb. Hopefully this is a random drive-by, and not a productive "let's do random@nimblebrain.net" for a while. I haven't had to disable the general drop box on Nimblebrain yet, but I may have to do so.

No feedback yet