[sniffer] Numeric spam source has been revealed

It was broken code in the latest Bagel/Beagle: http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.fc.ht ml Andrew 8) # This message is sent to you because you are subscribed to the mailing list

[sniffer] AW: [sniffer] Numeric spam source has been revealed

: [sniffer] Numeric spam source has been revealed It was broken code in the latest Bagel/Beagle: http://securityresponse.symantec.com/avcenter/venc/data/w32.be agle.fc.ht ml Andrew 8) # This message is sent to you

[sniffer]AW: [sniffer]Numeric spam

both. Markus Von: Message Sniffer Community [mailto:[EMAIL PROTECTED] Im Auftrag von John T (Lists)Gesendet: Mittwoch, 7. Juni 2006 01:26An: Message Sniffer CommunityBetreff: Re: [sniffer]Numeric spam My thought is they are either building a db of valid names or

[sniffer]Numeric spam

Mabe people at Sniffer are already aware of this new type of spam. Not the malformed mailfrom one but this with the short number and nothing else in subject and body) Attached are some examples from the last 8 hours. All has failed some other tests and all has reached a final weight in order to be

Re: [sniffer]Numeric spam

Hello Markus, Tuesday, June 6, 2006, 3:27:32 AM, you wrote: Mabe people at Sniffer are already aware of this new type of spam. Not the malformed mailfrom one but this with the short number and nothing else in subject and body) Thanks for those samples... I've coded an additional abstract for

Re: [sniffer]Numeric spam topic change to png stock spam

Hi Markus - Markus Gufler wrote: There is also another type of spam (stock spam now with attached png image) this morning passing our filters. I am catching these fairly easily - a combo filter - #combo-stockspammer-png.txt SKIPIFWEIGHT26 TESTSFAILEDENDNOTCONTAINS

[sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam

Hello Nick, What is your false positive rate with that pattern? _M Tuesday, June 6, 2006, 10:05:18 AM, you wrote: Hi Markus - Markus Gufler wrote: There is also another type of spam (stock spam now with attached png image) this morning passing our filters. I am catching these fairly

[sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam

10:05 AM Subject: Re: [sniffer]Numeric spam topic change to png stock spam Hi Markus - Markus Gufler wrote: There is also another type of spam (stock spam now with attached png image) this morning passing our filters. I am catching these fairly easily - a combo filter - #combo

Re: [sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam

Pete McNeil wrote: Hello Nick, What is your false positive rate with that pattern? Hmm lets go to the MDLP for yesterday :) SS HH HS SH SA SQ REGEX.STOCK.BODY 331 0 0 66 0.667506 0.445565 COMBO.STOCK_PNG 16 0 0 1 0.882353 0.778547 The regex alone will fp; I

Re: [sniffer]Numeric spam

We're getting the same and today it started hitting a different account (Domain).What are these things? I thought exploratory, maybe looking for replies to build a DB for a later spam wave? Their not malicious in content and look like someone's virus working incorrectly. But, I doubt they are

[sniffer]Re[2]: [sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam

Hello Nick, Thanks. That's all good then :-) _M Tuesday, June 6, 2006, 10:46:55 AM, you wrote: Pete McNeil wrote: Hello Nick, What is your false positive rate with that pattern? Hmm lets go to the MDLP for yesterday  :)                                            SS  

Re: [sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam

Subject: [sniffer]Re[2]: [sniffer]Numeric spam topic change to png stock spam Hello Jonathan, I urge caution from experience... png images are not entirely rare, and the cid: tag format in the regex is also common. I'd love to be wrong - but I recall false positives with similar attempts

Re: [sniffer]Numeric spam

On Jun 6, 2006, at 7:51 AM, Steve Guluk wrote:We're getting the same and today it started hitting a different account (Domain).What are these things? I thought exploratory, maybe looking for replies to build a DB for a later spam wave? Their not malicious in content and look like someone's virus

Re: [sniffer]Numeric spam

ge Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Steve GulukSent: Tuesday, June 06, 2006 3:46 PMTo: Message Sniffer CommunitySubject: Re: [sniffer]Numeric spam On Jun 6, 2006, at 7:51 AM, Steve Guluk wrote: We're getting the same and today it started hitting a diffe

Re: [sniffer]Numeric spam

. Andrew 8) _ From: Message Sniffer Community [mailto:[EMAIL PROTECTED] On Behalf Of Steve Guluk Sent: Tuesday, June 06, 2006 3:46 PM To: Message Sniffer Community Subject: Re: [sniffer]Numeric spam On Jun 6, 2006, at 7:51 AM, Steve

Re: [sniffer]Numeric spam

this type of junkmail? Michael SteinComputer House - Original Message - From: Colbeck, Andrew To: Message Sniffer Community Sent: Tuesday, June 06, 2006 7:37 PM Subject: Re: [sniffer]Numeric spam Both of which are reasonable, particularly given the recent Blue

Re: [sniffer]Numeric spam

Sent: Tuesday, June 06, 2006 8:07 PM Subject: Re: [sniffer]Numeric spam I thought that having an SPF record would prevent a spammer from forging your domain name, but our SPF record did not seem to help with these odd numeric E-mails which appear to be coming from our owndomain. Does anyone

Re: [sniffer]Numeric spam

Hi Darin, Thanks for your reply. Sure wish I understood what you're saying Michael SteinComputer House - Original Message - From: Darin Cox To: Message Sniffer Community Sent: Tuesday, June 06, 2006 8:10 PM Subject: Re: [sniffer]Numeric spam They do