Thursday 6 March 2008

Spammers attaching .ZIP files with HTML inside

Since about 1am GMT today, I've seen a steady stream of messages with .ZIP attachments hit my spamtraps. The Zip files seem to contain a simple HTML page spamvertising the usual fake ED drugs.

Subjects include:
  • On Top All Night
  • Your Sexual Health
  • Master in bed are you
  • Smart in bed games
  • Be a big bed man
There seem to be two templates in use:
  1. a simple plain text body and a .ZIP attachment
  2. an HTML body (plus /alternative plain text) with the .ZIP file as a /related part

Wednesday 5 March 2008

Email Address Typos can Spell Trouble

A quick extract from yesterday's IT Blogwatch, in which The U.S. Air Force gets caught sending classified data in unencrypted email:
Sensitive information ... swamped Gary Sinnott's email inbox after he established ... Emails intended for Air Force personnel at the Mildenhall Air Force base (who uses the domain were being misdirected to the owner of the .com site ... hundreds of classified emails were sent from around the world ... detailing all kinds of secret military information ... I ask you, what sort of drooling idiots do the US Military employ? Do they breed them in special farms?
And so on, and so on...

Reminds me very much of when I helped migrate Ferris Research's email accounts from The Electric Mail Company to Google Apps. -- I set up a catch-all account to make sure we hadn't missed any weird aliases or mailing lists. You've almost always got to do this when migrating an email setup, because it's so easy to miss a useful address. You'd be surprised how many times you can ask the question "Is this alias still needed?", getting the answer "no", and find that in fact it is.

Anyway, I was amazed how much misdirected email we received -- much of it meant for (Ferris State University, Michigan), as well as obviously confidential attorney-client communication, love notes, and more. All of human life was here for a while.

I guess it only goes to prove -- if proof were needed -- that .com is the only game in town, when it comes to domain choice.

Sunday 2 March 2008

Jeremy Jaynes Lost Appeal, but...

Hmmm, so I see that Jeremy Jaynes has lost his appeal in Virginia that spamming is protected speech under the U.S. First Amendment. (Thanks to Slashdot for the heads-up.)

Jolly good, and no surprise there, I think. However, why on Earth was it a 4-to-3 split decision? What were those three state supreme court judges thinking?

Well, according to the AP:
Justice Elizabeth Lacy wrote in a dissent that the law is "unconstitutionally overbroad on its face because it prohibits the anonymous transmission of all unsolicited bulk e-mail including those containing political, religious or other speech protected by the First Amendment."
Oh, balderdash. I find it really hard to believe that the American founding fathers intended my email to be full of spam.