Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

SPAM using old BuffaloVPS exclusive email address.
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SPAM using old BuffaloVPS exclusive email address.

geekalotgeekalot Member
in Providers

My SPAM filters just trapped a message that used an email address that was used exclusively with BuffaloVPS. No active service with them in about 4 yrs.

From:  ([email protected])
To:       (my-BuffaloVPS-exclusive-email-address)

Mailer:  mail (GNU Mailutils 2.99.98)

MessageID:  <***************@a.blootle.com>

Headers: 
from a.blootle.com ([75.126.178.164] helo=a.blootle.com) by <***********>
by a.blootle.com (Postfix, from userid 0) id ************

Bayesian Probability: 1.00000

SenderBase: US; SOFTLAYER TECHNOLOGIES; softlayer.com

SPF:  none ip=75.126.178.164 mailfrom=**************@crushpathinc.com helo=a.blootle.com

Body:
Thirty days hath September,
April, June, and November;
February has twenty-eight alone.
All the rest have thirty-one,
Excepting leap-year--that's the time
When February's days are twenty-nine.

-- Old Song

I am just posting here in case anyone else experiences similar, so you can block/blacklist/throttle as you see fit ... possibly an iteration of BuffaloVPS/ChicagoVPS/etc DB being hacked or sold, etc.

Cheers

Comments

  • century1stopcentury1stop Member

    you're spamming too?

  • geekalotgeekalot Member

    Mods, a duplicate. Please remove. Thank you

    @Ishaq @Jarland

  • rds100rds100 Member

    I don't understand - what is this spam email trying to sell? It's a poem?

    Thanked by 1geekalot
  • lbftlbft Member

    geekalot said: possibly an iteration of BuffaloVPS/ChicagoVPS/etc DB being hacked or sold, etc.

    Both their Solus and WHMCS were known to be hacked at one time or another (I think something like 3 times in total?), which Chris didn't seem to think was a big deal, so this shouldn't be a huge surprise.

  • geekalotgeekalot Member

    @rds100 said:
    I don't understand - what is this spam email trying to sell? It's a poem?

    I don't get it either, just more waste of bandwidth and processor. Could also be a test for more to come; that's my guess.

  • lbftlbft Member

    Spammers sometimes stuff the plaintext part of a message with junk to throw off spam filters, while the HTML part has the crap they're spamvertising.

    Thanked by 2rds100 geekalot
  • TrafficTraffic Member

    @lbft said:
    Spammers sometimes stuff the plaintext part of a message with junk to throw off spam filters, while the HTML part has the crap they're spamvertising.

    Either that or they're trying to remove invalid addresses. They send a normal message and wait for errors.

  • IshaqIshaq Member

    geekalot said: Mods, a duplicate. Please remove. Thank you

    Merged.

    Thanked by 1geekalot
  • KrisKris Member

    Likely trying to bypass bayesian filtering. Probably was a pharmacy PNG or image attached to avoid putting their domain within the machine readable context.

    I often use WHOIS domain emails as 'spam', 'abuse' & keywords that list cleaners used to remove, but no one bothers to clean lists anymore these days.

Sign In or Register to comment.