On Fri, 5 Mar 2004, Jason Granat wrote:
> Yeah, and here's the kicker. He personally has two separate email
> accounts. One is published in every Thomas Register, trade journal,
> phone book, etc... No brainer for spam there. It's also the one he
> uses as his primary account. The other address is unpublished and
> "rarely used", according to him, so it should receive very little or no
> spam at all in his opinion. Howver (anyone surprised?), both are
> getting the identical same spam at the same time, so he has concluded in
> his mind that someone has either broken in to our network and
> "harvested" the addresses, or someone internally (should I feel pressure
> here?) is doing something fishy on purpose.
Lemee guess, he uses Outhouse or some other lluser e-mail client that
automagically loads images in HTML messages.
He got a dictionary-attack spam that hit his "unpublished" address, he
opened it up, the web-bugs phoned home and "published" his address
for him. The scumbags then sold that address all over spammer land.
So he probably boned himself. (course getting -him- to understand
that.. ;)
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
