Let your know about how you have to check this infact.... you have to check
the original email with all headers. Given below the original email with
headers for everyone reference:

-------------


Delivered-To: [email protected]
Received: by 10.141.37.16 with SMTP id p16cs192037rvj;
        Sat, 15 May 2010 21:54:13 -0700 (PDT)
Received: by 10.141.187.9 with SMTP id o9mr2331623rvp.211.1273985653009;
        Sat, 15 May 2010 21:54:13 -0700 (PDT)
Return-Path: <[email protected]>
Received: from www.bagcrafters.com ([74.208.166.151])
        by mx.google.com with SMTP id t1si9872196rvl.76.2010.05.15.21.54.12;
        Sat, 15 May 2010 21:54:12 -0700 (PDT)
Received-SPF: neutral (google.com: 74.208.166.151 is neither permitted
nor denied by best guess record for domain of [email protected])
client-ip=74.208.166.151;
Authentication-Results: mx.google.com; spf=neutral (google.com:
74.208.166.151 is neither permitted nor denied by best guess record
for domain of [email protected]) [email protected]
Date: Sun, 16 May 2010 00:46:01 +0400
To: <[email protected]>
From: Facebook <[email protected]
<notification%[email protected]>>
Reply-to: noreply <[email protected]>
Subject: Facebook Support sent you a message on Facebook...
Message-ID: <[email protected]>
X-Priority: 3
X-Mailer: ZuckMail [version 1.00]
X-Facebook-Notify: msg; from=124112171639398; t=151694426525;
mailid=CA2DDD7Da65B9F6Ab114Cb01d4e0Ce
Errors-To: [email protected]
<notification%[email protected]>
X-FACEBOOK-PRIORITY: 0
MIME-Version: 1.0
Content-Type: text/html; charset = "UTF-8"
Content-Transfer-Encoding: 7bit


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional //EN">
<html><head><meta http-equiv="Content-Type" content="text/html;
charset=utf-8"><title>Facebook</title></head><body style="margin: 0;
padding: 0;" dir="ltr"><table width="98%" border="0" cellspacing="0"
cellpadding="40"><tr><td bgcolor="#f7f7f7" width="100%"
style="font-family: lucida grande, tahoma, verdana, arial,
sans-serif;"><table cellpadding="0" cellspacing="0" border="0"
width="620"><tr><td style="background: #3b5998; color: #fff;
font-weight: bold; font-family: lucida grande, tahoma, verdana, arial,
sans-serif; padding: 4px 8px; vertical-align: middle; font-size: 16px;
letter-spacing: -0.03em; text-align: left;">facebook</td></tr><tr><td
style="background-color: #fff; border-bottom: 1px solid #3b5998;
border-left: 1px solid #ccc; border-right: 1px solid #ccc;font-family:
lucida grande, tahoma, verdana, arial, sans-serif; padding: 15px;"
valign="top"><table width="100%"><tr><td width="100%"
style="font-size: 12px;" valign="top" align="left"><div
style="margin-bottom: 15px;"><a
href="http://www.facebook.com";>Facebook</a> sent you a
message.</div><div style="margin-bottom: 15px;"><table cellpadding="0"
cellspacing="0" style="width: 90%; font-size: 12px;"><tr><td
colspan="2" style="border-top:1px solid #cfd7e4;"></td></tr><tr><td
valign="top" style="padding: 7px 7px 7px 0px; width: 57px;"><a
href="http://www.facebook.com";><img
src="http://static.ak.fbcdn.net/rsrc.php/z5HB7/hash/ecyu2wwn.gif";
alt="Facebook" style="border: 0; width:50px; " /></a></td><td
valign="top" align="left" style="padding: 7px 0px;"><div
style="padding-bottom: 7px;"><a style="font-weight: bold;"
href="http://www.facebook.com";>Facebook</a><span style="padding-left:
7px; color: #888;"> </span></div><div style="padding-bottom:
7px;">Subject: Important information</div><div style="padding-bottom:
7px;"> </div></td></tr><tr><td colspan="2" style="border-top:1px solid
#cfd7e4;"></td></tr></table></div></td></tr></table><div
style="padding-top: 15px;"><table width="100%" cellspacing="0"
cellpadding="0"><tr><td style="background-color: #FFF8CC; border: 1px
solid #FFE222; color: #333; padding: 10px; font-size: 11px;"><div
style="font-weight: bold; margin-bottom: 2px;">To read this message,
follow the link below:</div><a
href="http://profibrosis.org/participants.html"; style="color: #3b5998;
text-decoration:
none;">http://www.facebook.com/n/?inbox/readmessage.php&t=1896555548701&mid=e57eb542edf6134cc3d131c422355f97&n_m=facebook
team</a></td></tr></table></div></td></tr><tr><td style="color: #999;
padding: 10px; font-size: 11px; font-family: lucida grande, tahoma,
verdana, arial, sans-serif;">This message was intended for you. If you
do not wish to receive this type of email from Facebook in the future,
please click on the link below to unsubscribe.
http://www.facebook.com/o.php?k=5b6f4f&u=1424721642895&mid=6debdc83342b2e8d5d2e0c10ec2db015
Facebook`s offices are located at 1601 S. California Ave., Palo Alto,
CA 94304.</td></tr></table></td></tr></table></body></html>



-------------

Regards
Sandeep Thakur

On Thu, May 20, 2010 at 2:17 PM, Sandeep Thakur <[email protected]>wrote:

> In addition to the mail sent with subject "Facebook Password Reset Scam By
> Macfee" by Amardeep last day, I would like to share one such real spam
> mail to you all. Can any point in the code where is the problem... a perfect
> XSS example though....  given you hint rather...
>
>
>
> Regards
> Sandeep Thakur
>
>
> ---------- Forwarded message ----------
> From: Facebook 
> <[email protected]<notification%[email protected]>
> >
> Date: Sat, May 15, 2010 at 1:46 PM
> Subject: Facebook Support sent you a message on Facebook...
> To: [email protected]
>
>
>  facebook
> Facebook sent you a message.
> [image: Facebook]
> Facebook
> Subject: Important information
>  To read this message, follow the link below:
> http://www.facebook.com/n/?inbox/readmessage.php&t=1896555548701&mid=e57eb542edf6134cc3d131c422355f97&n_m=facebook
> team
> This message was intended for you. If you do not wish to receive this type
> of email from Facebook in the future, please click on the link below to
> unsubscribe.
> http://www.facebook.com/o.php?k=5b6f4f&u=1424721642895&mid=6debdc83342b2e8d5d2e0c10ec2db015Facebook`s
>  offices are located at 1601 S. California Ave., Palo Alto, CA
> 94304.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"nforceit" group.
To post to this group, send an email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/nforceit?hl=en-GB.

Reply via email to