[SURBL-Discuss] Possible warning to users. Santa phish.

Chris Santerre csanterre at MerchantsOverseas.com
Tue Nov 16 16:35:24 CET 2004

I just got a spam that hit 2 SURBL domains. Advert for "Send your kids an
email from santa!" How nice of spammers to not only tkae your $10, but
harvest your children's email account and name as well. I'll be drafting up
a warning to my users shortly. Others may want to do the same. Spread the
love :)

Content preview:  Commercial Announcement 
  ======================================= Get a Letter From Santa! Go 
  here to get started: 

Content analysis details:   (5.2 points, 5.0 required)

 pts rule name              description
---- ----------------------
-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
 0.7 EXCUSE_6               BODY: Claims you can be removed from the list
 0.8 HTML_IMAGE_ONLY_20     BODY: HTML: images with 1600-2000 bytes of words
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.2 HTML_90_100            BODY: Message is 90% to 100% HTML
 0.6 MY_ALT                 RAW: Empty ALT uri
 0.5 MY_NO_QU               RAW: Q without a U
 0.4 MY_OBFU_LONG           RAW: One long word!
 2.0 URIBL_WS_SURBL         Contains an URL listed in the WS SURBL blocklist
                            [URIs: kelepouri113.com equalispecialvecto.com]

--Chris (Santa don't need this crap right now!)

More information about the Discuss mailing list