[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Spam sent to contact address

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Spam sent to contact address
From: Tor User <toruser@xxxxxxxxxxxxxx>
Date: Wed, 18 Jan 2006 06:38:50 -0800
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Wed, 18 Jan 2006 09:38:54 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=googlemail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=HTa5gS5wpKYa1R/HZuAyPaB0ujd2xemG99q9k41gY5rsGbm5FAmzHIwyQFPPbgMKX1VYFKBZ4hJ7cC3FWZd4y5Sxr60MdpGlPJPP4APhZbovIxTQHb6ha5+vtE2nEQ7SsF+8m/1P4r02Ntc3gWq/LDrtR1swHnAsjCzw1FY7p8c=
In-reply-to: <293990577.20060118074811@gmail.com>
References: <b09b80610601180438q56895fa1g82e64e4a98f078d7@mail.gmail.com> <293990577.20060118074811@gmail.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 1/18/06, Arrakistor <arrakistor@xxxxxxxxx> wrote:

Hello Tor User,

If there are html references to remote files inside, this would be a way to track you, because it would leave your IP in the access logs via your mail program.

Yes, that would certainly be possible in principle but i) both spams are plain-text only, and ii) it is already easy to find the IP address of my tor server based on the contact address (just scan through all few hundred known tor servers, conveniently listed e.g. at http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sorbw=1&addr=1 ).

I am not at all worried, which is just as well given the amount of other spam I get :-) I am, however, puzzled as to why anyone would bother to go into a non-trivial amount of effort to decipher the email address, only to then use it to send a meaningless one-word message. I suppose an explanation might be that the process of harvesting mildly obfuscated email addresses from the web has been automated and the resulting email addresses were then used by an utterly incompetent spammer. Another possibility might be that the spammer had a list of harvested emails not all of which were necessarily converted correctly from whatever form of obfuscation was used. It would then make sense for them to try to filter out invalid addresses before selling the list on, although it is unclear why they would use a one-word message rather than a real spam that they could have been paid for. I suspect I will never know.

Follow-Ups:
- Re: Spam sent to contact address
  - From: Matt Thorne

References:
- Spam sent to contact address
  - From: Tor User
- Re: Spam sent to contact address
  - From: Arrakistor

Prev by Author: Spam sent to contact address
Next by Author: Re: Bandwidth shaping by time of day / week / month? Adding that info to Tor protocol?
Previous by thread: Re: Spam sent to contact address
Next by thread: Re: Spam sent to contact address
Index(es):
- Author
- Thread