List Really Does Look Like It's Been Breached from Douglas Quebbeman on 2001-11-30 (2001-November)

From: Douglas Quebbeman <dhquebbeman_at_theestopinalgroup.com>
Date: Fri Nov 30 06:28:51 2001

Ok,

I got plain-old SPAM (well, it was HTML, but seemingly
free of virii) this morning with these headers:
============================================================
Received: from opal.tseinc.com ([209.83.143.19]) by jeffserver.tegjeff.com
with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13)
        id X671RYZ5; Fri, 30 Nov 2001 02:08:49 -0500
Received: (from majordom_at_localhost)
        by opal.tseinc.com (8.9.3/8.9.3) id AAA05267
        for classiccmp-classiccmp-org-outgoing; Fri, 30 Nov 2001 00:46:50
-0600 (CST)
        (envelope-from owner-classiccmp_at_classiccmp.org)
X-Authentication-Warning: opal.tseinc.com: majordom set sender to
owner-classiccmp_at_classiccmp.org using -f
Received: from 3w-smtp-ad.korea.com ([211.109.1.114])
        by opal.tseinc.com (8.9.3/8.9.3) with ESMTP id AAA05262
        for <classiccmp_at_classiccmp.org>; Fri, 30 Nov 2001 00:46:48 -0600 (CST)
        (envelope-from fortune_at_12ji.com)
Received: from 3w-pop3-ai.korea.com ([172.31.1.12]) by 3w-smtp-ad.korea.com
with Microsoft SMTPSVC(5.0.2195.3651);
         Fri, 30 Nov 2001 15:45:17 +0900
Received: from 3w-pop3-ai.korea.com ([127.0.0.1]) by 3w-pop3-ai.korea.com with
Microsoft SMTPSVC(5.0.2195.3651);
         Fri, 30 Nov 2001 15:45:12 +0900
Received: from 211.109.1.13 by 3w-pop3-ai.korea.com (InterScan E-Mail
VirusWall NT); Fri, 30 Nov 2001 15:44:54 +0900
Received: from 12ji.com ([211.186.123.108]) by 3w-pop3-ac.korea.com with
Microsoft SMTPSVC(5.0.2195.3651);
         Fri, 30 Nov 2001 15:44:03 +0900
Message-ID: <3222855-220011153063355370_at_12ji.com>
X-EM-Version: 6, 0, 1, 0
X-EM-Registration: #00F06206106618006920
X-Priority: 3
To: "12ji" <fortune_at_12ji.com>
From: "Anne Collins" <fortune_at_12ji.com>
Subject: Your fortune of the week
Date: Fri, 30 Nov 2001 15:33:55 +0900
MIME-Version: 1.0
Content-Type: multipart/mixed;
        boundary="------------InterScan_NT_MIME_Boundary"
X-OriginalArrivalTime: 30 Nov 2001 06:44:03.0482 (UTC)
FILETIME=[666A47A0:01C1796A]
Sender: owner-classiccmp_at_classiccmp.org
Precedence: bulk
Reply-To: classiccmp_at_classiccmp.org

--------------InterScan_NT_MIME_Boundary
Content-Type: multipart/alternative;
        boundary="----=_NextPart_84815C5ABAF209EF376268C8"

------=_NextPart_84815C5ABAF209EF376268C8
Content-type: text/plain; charset="US-ASCII"

------=_NextPart_84815C5ABAF209EF376268C8
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable

------=_NextPart_84815C5ABAF209EF376268C8--

============================================================

We need a moderation mechanism of some kind. The newsgroup
alt.sysadmin.recovery requires the presence of a special
header in order for the post to appear. Can we do that for
the list, or will the SPAMbots just walk around that Maginot
line?

-dq
Received on Fri Nov 30 2001 - 06:28:51 GMT

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:34:13 BST