From owner-freebsd-questions@FreeBSD.ORG Wed Jan 15 06:57:18 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1B0856BE for ; Wed, 15 Jan 2014 06:57:18 +0000 (UTC) Received: from alogt.com (alogt.com [69.36.191.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E69C1102A for ; Wed, 15 Jan 2014 06:57:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=alogt.com; s=default; h=Content-Transfer-Encoding:Content-Type:Mime-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date; bh=ukxu4jB6gRRGRD+lXZgO9pFmwI6TwYRB5rc5p3XDCeA=; b=jmc0ir1jfWY3GTojO4CqgKkhWT+Kh8XGXMoKA9ALugxpbSUArRLYt+m6Tiq5pNOIg4faLYbQlL3uW/KlccEMqmI8akmaLGbvJlXbPcZKRat8CGyeYm0rKfIhimGiaNXWJ/JrHVPyi8zBrqbSMEE85a2UU0/TKsg6aXcypDFtnR8=; Received: from [39.198.48.52] (port=61163 helo=X220.alogt.com) by sl-508-2.slc.westdc.net with esmtpsa (SSLv3:DHE-RSA-AES128-SHA:128) (Exim 4.82) (envelope-from ) id 1W3KPb-000F6Z-8X; Tue, 14 Jan 2014 23:57:16 -0700 Date: Wed, 15 Jan 2014 14:57:07 +0800 From: Erich Dollansky To: Polytropon Subject: Re: Combining pkg and "traditional ports" --> spam Message-ID: <20140115145707.6b1da740@X220.alogt.com> In-Reply-To: <20140115072738.553ff65d.freebsd@edvax.de> References: <20140115063634.d6d26d51.freebsd@edvax.de> <20140115142325.4f7c20e6@X220.alogt.com> <20140115072738.553ff65d.freebsd@edvax.de> X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd10.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - sl-508-2.slc.westdc.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - alogt.com X-Get-Message-Sender-Via: sl-508-2.slc.westdc.net: authenticated_id: erichsfreebsdlist@alogt.com X-Source: X-Source-Args: X-Source-Dir: Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jan 2014 06:57:18 -0000 Hi, On Wed, 15 Jan 2014 07:27:38 +0100 Polytropon wrote: > On Wed, 15 Jan 2014 14:23:25 +0800, Erich Dollansky wrote: > > > > I just noticed a new method spammers are using. I have answered to > > this e-mail and get then from outside the mailing list spam to the > > account I use at the mailing list. > > Same here, right after I posted the question in Subject. > > > > > Of course, this means that some people are harvesting now addresses > > in real-time and send out spam. As nobody knows the address of the > > harvester, not much can be done. > > The spam comes from a "Hotmail" account, but that doesn't > say anything (except it's a typical throwaway "valid" address). > The originator is probably a dedicated or hijacked system > at paradoxumstore.com.br, considering the message headers... > Do you have similar data? > > it must be something taken over: Return-path: Envelope-to: erichsfreebsdlist@alogt.com Delivery-date: Tue, 14 Jan 2014 23:34:29 -0700 Received: from moutng.kundenserver.de ([212.227.17.10]:62958) by sl-508-2.slc.westdc.net with esmtps (TLSv1:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1W3K3X-00070n-Of for erichsfreebsdlist@alogt.com; Tue, 14 Jan 2014 23:34:28 -0700 Received: from CLOUD-8642 (mail02.paradoxumstore.com.br [198.20.177.135]) by mrelayeu.kundenserver.de (node=mrbap2) with ESMTP (Nemesis) id 0MCfv0-1WBXFa100g-009qHm; Wed, 15 Jan 2014 07:34:26 +0100 kundenserver.de is or was 1 & 1. I do not think that it is an open SMTP server. I like the name casey4nsa. Erich