I have this issue as well.. Whitelisted Clients with yahoo or aol accounts that get comprimised and randomly send the single URL email or similar. Most are sent to 7-12 email accounts all listed in the to: field, most addresses seem real, but sometimes you can tell they are random generated.
Yesterday the subject was: Someone secretly admires you and they sent an eCard to you. Content-Type: text/plain; charset=us-ascii http://1po.it/2j Received: from [_._._._] by web43505.mail.sp1.yahoo.com via HTTP; Mon, 17 Jan 2011 12:02:06 PST X-Mailer: YahooMailRC/555 YahooMailWebService/0.8.107.285259 However is scored at 50 and listed as probable X-Assp-Score: 50 (Bayesian Probability: 1.0000) Last week no subject: http://vusadacu.110mb.com/tylequti.html Choos eYourT ime Received: from [_._._._] by web36903.mail.mud.yahoo.com via HTTP; Sat, 15 Jan 2011 22:15:55 PST X-Mailer: YahooMailClassic/11.4.20 YahooMailWebService/0.8.107.285259 Again scored at 50 >>The problem with these hacked accounts is that they are really coming >>from the yahoo and aol servers. >Hacked accounts? That are normal accounts from people with bad intentions. How comes, that they are whitelisted in >your installation? >I never had one whitelisted in my servers. ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
