obi
11-02-2003, 10:49 AM
I've been recieving lot of spam mail recently, and all of them are like this -
Hello Dear!,
Finally i've found possibility to right u, my lovely girl :)
All our photos which i've made at the beach (even when u're without ur
bh:))
photos are great! This evening i'll come and we'll make the best SEX :)
Right now enjoy the photos.
Kiss, James.
ansauefu
My friend has also recied mail exactly the same as this apart from the seeming random last line. Within this mail is a Zip file.
The sender is james@ *whatever your e-mail domain is* so in my case its yahoo.com, in my friends, its stvincent.ac.uk.
What I worried about was if this was a worm sending mail from our PC's as we are getting around 7-10 mails like this a day.
Here is the E-mail headder
X-Apparently-To: [email protected] via 66.218.93.69; Sun, 02 Nov 2003 00:58:48 -0800
X-YahooFilteredBulk: 212.56.137.87
Return-Path: <[email protected]>
Received: from 212.56.137.87 (HELO localhost) (212.56.137.87) by mta227.mail.scd.yahoo.com with SMTP; Sun, 02 Nov 2003 00:58:44 -0800
From: [email protected] | Add to Address Book
To: "Obi_ag" <[email protected]>
Reply-to: [email protected]
X-Mailer: The Bat! (v1.62)
X-Priority: 1 (High)
Subject: Re[2]: our private photos ansiuefr
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------22B05DE1007CE61"
Content-Length: 12412
I have done a whois onthe IP that appears in there -
IP Address: [212.56.137.87] 212.56.137.87
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 212.56.137.64 - 212.56.137.127
netname: BROWSERS
descr: Browsers Internet Cafe
country: MT
remarks: ---------------------------------
remarks: SPAM/ABUSE: [email protected]
remarks: ---------------------------------
admin-c: DS13801-RIPE
tech-c: MC2549-RIPE
status: ASSIGNED PA
notify: [email protected]
mnt-by: MELITACABLE-MNT
mnt-lower: MELITACABLE-MNT
mnt-routes: MELITACABLE-MNT
changed: [email protected] 20010310
changed: [email protected] 20011206
changed: [email protected] 20021113
source: RIPE
route: 212.56.128.0/19
descr: Melitacable
origin: AS12709
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 19990216
changed: [email protected] 19991007
source: RIPE
role: MELITACABLE Hostmaster
address: Melita Cable plc
address: Gasan Centre
address: Mriehel By-Pass
address: Mriehel BKR 14
address: MALTA
remarks: ---------------------------------
remarks: SPAM/ABUSE: [email protected]
remarks: ---------------------------------
phone: +356 2149 0006
fax-no: +356 2274 5040
e-mail: [email protected]
admin-c: NC501-RIPE
tech-c: MPB5-RIPE
tech-c: TE949-RIPE
nic-hdl: MC2549-RIPE
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 20021025
source: RIPE
person: Daniel Schembri
address: Browsers Internet Cafe
address: Corner Pocket
address: Triq il-Kavetta
address: Bugibba
address: Malta
phone: +356 585082
nic-hdl: DS13801-RIPE
remarks: Administrative contact for Browsers
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 20010131
source: RIPE
This just pisses me off =/
Hello Dear!,
Finally i've found possibility to right u, my lovely girl :)
All our photos which i've made at the beach (even when u're without ur
bh:))
photos are great! This evening i'll come and we'll make the best SEX :)
Right now enjoy the photos.
Kiss, James.
ansauefu
My friend has also recied mail exactly the same as this apart from the seeming random last line. Within this mail is a Zip file.
The sender is james@ *whatever your e-mail domain is* so in my case its yahoo.com, in my friends, its stvincent.ac.uk.
What I worried about was if this was a worm sending mail from our PC's as we are getting around 7-10 mails like this a day.
Here is the E-mail headder
X-Apparently-To: [email protected] via 66.218.93.69; Sun, 02 Nov 2003 00:58:48 -0800
X-YahooFilteredBulk: 212.56.137.87
Return-Path: <[email protected]>
Received: from 212.56.137.87 (HELO localhost) (212.56.137.87) by mta227.mail.scd.yahoo.com with SMTP; Sun, 02 Nov 2003 00:58:44 -0800
From: [email protected] | Add to Address Book
To: "Obi_ag" <[email protected]>
Reply-to: [email protected]
X-Mailer: The Bat! (v1.62)
X-Priority: 1 (High)
Subject: Re[2]: our private photos ansiuefr
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------22B05DE1007CE61"
Content-Length: 12412
I have done a whois onthe IP that appears in there -
IP Address: [212.56.137.87] 212.56.137.87
% This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html
inetnum: 212.56.137.64 - 212.56.137.127
netname: BROWSERS
descr: Browsers Internet Cafe
country: MT
remarks: ---------------------------------
remarks: SPAM/ABUSE: [email protected]
remarks: ---------------------------------
admin-c: DS13801-RIPE
tech-c: MC2549-RIPE
status: ASSIGNED PA
notify: [email protected]
mnt-by: MELITACABLE-MNT
mnt-lower: MELITACABLE-MNT
mnt-routes: MELITACABLE-MNT
changed: [email protected] 20010310
changed: [email protected] 20011206
changed: [email protected] 20021113
source: RIPE
route: 212.56.128.0/19
descr: Melitacable
origin: AS12709
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 19990216
changed: [email protected] 19991007
source: RIPE
role: MELITACABLE Hostmaster
address: Melita Cable plc
address: Gasan Centre
address: Mriehel By-Pass
address: Mriehel BKR 14
address: MALTA
remarks: ---------------------------------
remarks: SPAM/ABUSE: [email protected]
remarks: ---------------------------------
phone: +356 2149 0006
fax-no: +356 2274 5040
e-mail: [email protected]
admin-c: NC501-RIPE
tech-c: MPB5-RIPE
tech-c: TE949-RIPE
nic-hdl: MC2549-RIPE
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 20021025
source: RIPE
person: Daniel Schembri
address: Browsers Internet Cafe
address: Corner Pocket
address: Triq il-Kavetta
address: Bugibba
address: Malta
phone: +356 585082
nic-hdl: DS13801-RIPE
remarks: Administrative contact for Browsers
notify: [email protected]
mnt-by: MELITACABLE-MNT
changed: [email protected] 20010131
source: RIPE
This just pisses me off =/