spam and protection? Post: 31135

Sponsored Content

Special Forums Cybersecurity spam and protection? Post 31135 by Neo on Friday 1st of November 2002 10:17:16 PM

11-01-2002

Administrator

In the following two examples, both "Return-Path" and "Reply-To"
are found in spammer headers:

Code:

Reply-To: <ginger@snacksy.com>
Message-ID: <028d70b64c8e$4623c2d3$6eb57cb7@ekwwvr>
From: <ginger@snacksy.com>
To: <spam@silkroad.com>
Subject: Re: Limited Quantities Hurry!-ONLY $29.99
Date: Sat, 02 Nov 2002 12:10:06 -0900
MiME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Importance: Normal

Code:

Return-Path: <bizman23@raakim.com>
Received: from raakim.com (200-207-152-67.sepaco.com.br [200.207.152.67] (may be forged))
	by silkroad.com. (8.11.1/8.9.1) with SMTP id gA23BJU11617;
	Fri, 1 Nov 2002 22:11:23 -0500
Date: Fri, 1 Nov 2002 22:11:23 -0500
Reply-To: <bizman23@raakim.com>
Message-ID: <001b83b55ece$6573b0c6$3da63dd0@dplqhj>
From: <bizman23@raakim.com>
To: spam@silkroad.com.
Subject:  ENLARGE YOUR PENIS UP TO 3 INCHES.
MiME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2627
Importance: Normal

Neo

View Public Profile for Neo

Visit Neo's homepage!

Find all posts by Neo

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Override protection.....

I am having this problem......when I run this script: print -n "Enter file name to be deleted: " read answer if then rm $name else echo "No such file with the name: $name exists" fi I was trying to test my script for errors, and basically when the user had files with the rights: 400,...

2. Filesystems, Disks and Memory

protection schemes

Consider a system that supports 5,000 users. Suppose you want 4,990 of these users to be able to access one file How would you specify this protection scheme in UNIX

3. Linux

file security/protection

Hi All I am working on a site to help newbie to learn linux for free. demo.freelinuxconsole.info there is only one file index.php its been able to rename or deleted. Kindly let me know what permissions should i give to secure this file from editing or deleting by others.

4. Shell Programming and Scripting

Password protection in unix

How to create a file in UNIX which is password protected ? Thanks and Regards, Neeraj

5. IP Networking

Protection against arp spoofing

Hi, I'm trying to find a way to protect my network against arp spoofing. What it is: An attacker sends fake arp packets in the network, identifying himself as the router. All network traffic is then redirected to this attacker. How to protect myself: In my opinion, the best possible...

6. Shell Programming and Scripting

Script protection against changes

Hi everyone, I�m trying to protect the scripts I have made from changes. At my office I�m the one who research improvements on daily tasks, and I�ve done many scripts, that I share with my partners.I�m tired because they take my scripts and make their owns with new features that don�t share...

7. Homework & Coursework Questions

Protection and special characters

I am learning from the class how to protect the special characters and the script that I wrote here does not work when I am trying to pick up a single quote. It would complaint about parentheses problem. Please, someone could enlighten me. Thanks in advance, Scopiop Input file Hi, * ?...

LEARN ABOUT REDHAT

mail::spamassassin::permsgstatus

Mail::SpamAssassin::PerMsgStatus(3)			User Contributed Perl Documentation		       Mail::SpamAssassin::PerMsgStatus(3)

NAME

       Mail::SpamAssassin::PerMsgStatus - per-message status (spam or not-spam)

SYNOPSIS

	 my $spamtest = new Mail::SpamAssassin ({
	   'rules_filename'	 => '/etc/spamassassin.rules',
	   'userprefs_filename'  => $ENV{HOME}.'/.spamassassin.cf'
	 });
	 my $mail = Mail::SpamAssassin::NoMailAudit->new();

	 my $status = $spamtest->check ($mail);
	 if ($status->is_spam()) {
	   $status->rewrite_mail ();
	   $mail->accept("caught_spam");
	 }
	 ...

DESCRIPTION

       The Mail::SpamAssassin "check()" method returns an object of this class.  This object encapsulates all the per-message state.

METHODS

       $isspam = $status->is_spam ()
	   After a mail message has been checked, this method can be called.  It will return 1 for mail determined likely to be spam, 0 if it does
	   not seem spam-like.

       $list = $status->get_names_of_tests_hit ()
	   After a mail message has been checked, this method can be called.  It will return a comma-separated string, listing all the symbolic
	   test names of the tests which were trigged by the mail.

       $num = $status->get_hits ()
	   After a mail message has been checked, this method can be called.  It will return the number of hits this message incurred.

       $num = $status->get_required_hits ()
	   After a mail message has been checked, this method can be called.  It will return the number of hits required for a mail to be consid-
	   ered spam.

       $report = $status->get_report ()
	   Deliver a "spam report" on the checked mail message.  This contains details of how many spam detection rules it triggered.

	   The report is returned as a multi-line string, with the lines separated by "
" characters.

       $status->rewrite_mail ()
	   Rewrite the mail message.  This will add headers, and possibly body text, to reflect its spam or not-spam status.

	   The modifications made are as follows:

	   Subject: header for spam mails
	       The string "*****SPAM*****" (changeable with "subject_tag" config option) is prepended to the subject, unless the "rewrite_subject
	       0" configuration option is given.

	   X-Spam-Status: header for spam mails
	       A string, "Yes, hits=nn required=nn tests=..." is set in this header to reflect the filter status.  The keys in this string are as
	       follows:

	   X-Spam-Report: header for spam mails
	       The SpamAssassin report is added to the mail header if the "report_header 1" configuration option is given.

	       hits=nn The number of hits the message triggered.
	       required=nn The threshold at which a mail is marked as spam.
	       tests=... The symbolic names of tests which were triggered.
	   X-Spam-Flag: header for spam mails
	       Set to "YES".

	   Content-Type: header for spam mails
	       Set to "text/plain", in order to defang HTML mail or other active content that could "call back" to the spammer.

	   X-Spam-Checker-Version: header for spam mails
	       Set to the version number of the SpamAssassin checker which tested the mail.

	   spam mail body text
	       The SpamAssassin report is added to top of the mail message body, unless the "report_header 1" configuration option is given.

	   X-Spam-Status: header for non-spam mails
	       A string, "No, hits=nn required=nn tests=..." is set in this header to reflect the filter status.  The keys in this string are the
	       same as for spam mails (see above).

       $messagestring = $status->get_full_message_as_text ()
	   Returns the mail message as a string, including headers and raw body text.

	   If the message has been rewritten using "rewrite_mail()", these changes will be reflected in the string.

	   Note: this is simply a helper method which calls methods on the mail message object.  It is provided because Mail::Audit uses an
	   unusual (ie. not quite intuitive) interface to do this, and it has been a common stumbling block for authors of scripts which use Spa-
	   mAssassin.

       $status->finish ()
	   Indicate that this $status object is finished with, and can be destroyed.

	   If you are using SpamAssassin in a persistent environment, or checking many mail messages from one Mail::SpamAssassin factory, this
	   method should be called to ensure Perl's garbage collection will clean up old status objects.

SEE ALSO

       "Mail::SpamAssassin" "spamassassin"

perl v5.8.0							    2002-09-26				       Mail::SpamAssassin::PerMsgStatus(3)