>Clever. Yes, going by the headers, those seem genuine replies to spam.
> The spam is crafted in a way (cc) that the reply lands here (for the
> spammer, this distribution channel is what they want). The Goozim
> bit seems compelling :)
> -- t
I am confident that the reply is the spam, but a quick look on some of them
reveals that the link is never the same, but a short link to the spammer's site.
So no matter how many times you will screen for the short link a new one
will keep being forwarded.
The problem is that it is very easy eye-balling the subject line patterns you
easily pick the spam off in one take. What your eye can do no software will
learn to do. Some german, some french, some english. Patterns in all.
Maybe someone who has invented a new AI learning spam filter is trying to
promote it this way. How do we know that the internet's most high-volume
member lists do not all have the same patterned messages? I bet debian is
not the only one. Has anyone figured out what vulnerability of
is this site exploring? It might be a statistical model research for how easy it
is to draw people into something with ill-motives. Maybe it is someone's
dissertation on spam and malware.