Python spam?

A

Aahz

Anyone else getting "Python-related" spam? So far, I've seen messages
"from" Barry Warsaw and Skip Montanaro (although of course header
analysis proves they didn't send it).
 
T

Thomas Heller

Aahz said:
Anyone else getting "Python-related" spam? So far, I've seen messages
"from" Barry Warsaw and Skip Montanaro (although of course header
analysis proves they didn't send it).

I'm getting spam not only from Barry, but also from myself ;-) with forged headers.
But I'm not sure what you mean with Python-related... Not the contents, IIRC.

Thomas
 
A

Aahz

I'm getting spam not only from Barry, but also from myself ;-) with
forged headers. But I'm not sure what you mean with Python-related...
Not the contents, IIRC.

Thing is, I don't usually get spam "from" people I know (or at least it
gets filtered before I see it), so someone is clearly using some resource
of Python-related email addresses. Just seems rather odd, and I wonder
whether it's some kind of DoS attack or what.
 
T

Tim Peters

[Aahz]
[Thomas Heller]
I'm getting spam not only from Barry, but also from myself ;-) with
forged headers. But I'm not sure what you mean with Python-related...
Not the contents, IIRC.
[Aahz[
Thing is, I don't usually get spam "from" people I know (or at least it
gets filtered before I see it), so someone is clearly using some resource
of Python-related email addresses. Just seems rather odd, and I wonder
whether it's some kind of DoS attack or what.

It's been going on for years. The most frequent forged "Python
related" sender address I've seen is actually (e-mail address removed),
followed (but not closely) by /F's (e-mail address removed). Spammers
harvest legit addresses to forge via scraping web pages and via
Trojans scouring newbies' address books. The latter probably accounts
for the very high rate of (e-mail address removed) forgeries. Via the former,
anyone with a "public" email address can expect to see it get forged
sooner or later.

About two years ago I sent a polite email to a porn vendor asking them
to please stop forging one of my email addresses as the sender of
their spam. They didn't reply, but within a few days I stopped
receiving porn spam claiming to come from me. Frankly, I miss it :)
 
H

Hendrik van Rooyen

Aahz said:
Anyone else getting "Python-related" spam? So far, I've seen messages
"from" Barry Warsaw and Skip Montanaro (although of course header
analysis proves they didn't send it).
--

not like that - just the normal crud from people giving me get rich quick tips
on the stock market that is aimed at mobilising my money to follow theirs to
help influence the price of a share...

- Hendrik
 
F

Fredrik Lundh

Tim said:
It's been going on for years. The most frequent forged "Python
related" sender address I've seen is actually (e-mail address removed),
followed (but not closely) by /F's (e-mail address removed). Spammers
harvest legit addresses to forge via scraping web pages and via
Trojans scouring newbies' address books.

when you get this kind of "clustering" effect, chances are that
it's a trojan on someone's computer that's actually sending the mails,
using mail addresses found on the infected computer (address books and
browser caches are good sources for this).

(so in your cases, it's probably just some poor python-dev reader who
hasn't updated his virus checker lately...)

</F>
 
S

skip

aahz> Anyone else getting "Python-related" spam? So far, I've seen
aahz> messages "from" Barry Warsaw and Skip Montanaro (although of
aahz> course header analysis proves they didn't send it).

I blacklisted Barry long ago. He's probably sending out spam in my name in
retaliation. ;-)

Skip
 
F

Frederic Rentsch

Hendrik said:
not like that - just the normal crud from people giving me get rich quick tips
on the stock market that is aimed at mobilising my money to follow theirs to
help influence the price of a share...

- Hendrik
....which I noticed works amazingly well in many cases, looking at the
charts. which, again, means that the trick isn't likely to fizzle out
soon as others have with victims getting wise to it. Getting feathers
plucked in this game isn't a turn-off. It's an opportunity to join the
pluckers by speeding up one's turnover at the expense of the slowpokes.
Like pyramid sales this it is a self-generating market.
This game, at least, isn't unethical, other than clogging the
internet with reckless traffic. I've been asking myself why it seems so
difficult to backtrace such obtrusive, if not criminal, traffic to the
source and squash it there. Perhaps some knowledgeable volunteer would
share his insights. Perhaps stalking con artists could be another
interest group.

Frederic
 
J

John Draper

Hendrik said:
not like that - just the normal crud from people giving me get rich quick tips
on the stock market that is aimed at mobilising my money to follow theirs to
help influence the price of a share...

- Hendrik
I'm ALWAYS getting python spam.... but what worries me, is the spammers
Know my personal home address, and I NEVER EVER fill out any forms pages
with my personal info - I think I'm being harrassed by hackers or
something...

John
 
G

Gabriel Genellina

I'm ALWAYS getting python spam.... but what worries me, is the spammers
Know my personal home address, and I NEVER EVER fill out any forms pages
with my personal info - I think I'm being harrassed by hackers or
something...

- UserA creates an account on SiteA. They ask for an email address
for validation purposes, or perhaps they use that email address as
login name, which is fine so one doesn't have to remember another
login. So, UserA fills in his Hotmail/Yahoo/whatever email.
- UserA provides the *same* password on the site as used on his email
address. Which is fine so one doesn't have to remember many passwords.
- Now, SiteA has full access to UserA's address book (and inbox,
and... but usually they're not interested on that).

Notice that SiteA actually is not "hacking" UserA Hotmail account,
nor is a virus involved, nothing is installed on UserA's PC, there is
no vulnerability exploited on Hotmail's code, no
antivirus/antispyware will help, nothing. It's just UserA silly
enough to let others know his webmail password.

So if a friend of yours has played the role of UserA above, that's
how some spammers got your email address.


--
Gabriel Genellina
Softlab SRL

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
¡Abrí tu cuenta ya! - http://correo.yahoo.com.ar
 
H

Hendrik van Rooyen

8<--------------------------

So if a friend of yours has played the role of UserA above, that's
how some spammers got your email address.

+ 1 for euphemism of the month...

- Hendrik
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top