Re: "Please send us a quote..."?
lso figure it's nearly free to email everybody in a loosely, often very loosely,
defined geographic area. A microscopic number of such emails hit a marketdroid
or a CEOdroid whose brain misfires at the thought of a new contract. Then the
scam is on.
This is a question I keep asking myself. I have to rerun the swag level
computations in my head again.You send 100 million emails. Half of them go to
second and third accounts the same person owns, perhaps. So you have fifty
million emails. One in 100,000 might hit the real target audience and one on ten
of those may reply. Depending on the scam even one reply can feed the scammer
for a year or more. I call it my "firebug" calculation. If they are one in a
million the Los Angeles California area has more than ten of them lurking around
for optimum fire conditions. That's a good part of how we burn ourselves up each
year.
{o.o}
On 20210405 19:18:25, Bill Cole wrote:
On 5 Apr 2021, at 21:30, John Hardin wrote:
Can anybody explain to me the reason behind the blind "please send us a quote
for your product X" emails? I mean, I know they are somehow a scam, but I
can't figure it out how it's supposed to work when the target isn't a
business...
A vast amount of spam can only be explained by including the fact that
spammers are for the most part not very bright.
Most examples of that which I have in my archives include lures to get the
target to download a "real" RFQ/RFP file or otherwise visit some website of
indeterminate legitimacy. The others are indeed impossible to understand
without postulating that the sender truly has no idea who they are mailing.
Re: OT: Re: Unsubscribe link at the bottom.
Yes. I meant the unsubscribe link from an unknown advertiser. — Peter West p...@ehealth.id.au “He has risen…” > On 6 Apr 2021, at 12:50 pm, Grant Taylor wrote: > > On 4/5/21 8:41 PM, Peter West wrote: >> I’d agree it’s address verification, as with the Unsubscribe link at the >> bottom. > > I'm of the opinion that if I have any inclining of knowledge of the company > sending the email, and SPF/DKIM/DMARC pass, I'll probably use the unsubscribe > link. > > Recently I ran into a 404 from the unsubscribe link from a company that my > wife did business with. *facepalm* > > > > -- > Grant. . . . > unix || die >
OT: Re: Unsubscribe link at the bottom.
On 4/5/21 8:41 PM, Peter West wrote: I’d agree it’s address verification, as with the Unsubscribe link at the bottom. I'm of the opinion that if I have any inclining of knowledge of the company sending the email, and SPF/DKIM/DMARC pass, I'll probably use the unsubscribe link. Recently I ran into a 404 from the unsubscribe link from a company that my wife did business with. *facepalm* -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature
Re: "Please send us a quote..."?
I’d agree it’s address verification, as with the Unsubscribe link at the bottom. — Peter West p...@ehealth.id.au “He has risen…” > On 6 Apr 2021, at 12:30 pm, Grant Taylor wrote: > > On 4/5/21 7:30 PM, John Hardin wrote: >> Can anybody explain to me the reason behind the blind "please send us a > >> quote for your product X" emails? I mean, I know they are somehow a > >> scam, but I can't figure it out how it's supposed to work when the target >> isn't a business... > > I chalk this up to list washing or similar address verification. > > > > -- > Grant. . . . > unix || die >
Re: "Please send us a quote..."?
On 4/5/21 7:30 PM, John Hardin wrote: Can anybody explain to me the reason behind the blind "please send us a quote for your product X" emails? I mean, I know they are somehow a scam, but I can't figure it out how it's supposed to work when the target isn't a business... I chalk this up to list washing or similar address verification. -- Grant. . . . unix || die smime.p7s Description: S/MIME Cryptographic Signature
Re: "Please send us a quote..."?
On 5 Apr 2021, at 21:30, John Hardin wrote: Can anybody explain to me the reason behind the blind "please send us a quote for your product X" emails? I mean, I know they are somehow a scam, but I can't figure it out how it's supposed to work when the target isn't a business... A vast amount of spam can only be explained by including the fact that spammers are for the most part not very bright. Most examples of that which I have in my archives include lures to get the target to download a "real" RFQ/RFP file or otherwise visit some website of indeterminate legitimacy. The others are indeed impossible to understand without postulating that the sender truly has no idea who they are mailing. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
"Please send us a quote..."?
Can anybody explain to me the reason behind the blind "please send us a quote for your product X" emails? I mean, I know they are somehow a scam, but I can't figure it out how it's supposed to work when the target isn't a business... -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.org pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Think Microsoft cares about your needs at all? "A company wanted to hold off on upgrading Microsoft Office for a year in order to do other projects. So Microsoft gave a 'free' copy of the new Office to the CEO -- a copy that of course generated errors for anyone else in the firm reading his documents. The CEO got tired of getting the 'please re-send in XX format' so he ordered other projects put on hold and the Office upgrade to be top priority."-- Cringely, 4/8/2004 --- 8 days until Thomas Jefferson's 278th Birthday
Re: Problem installing sa on my pi 3b+
On Mon, 5 Apr 2021 02:27:46 +0200 spamassas...@mach2.franken.de wrote: > Hi there, > > when running a 'sudo apt-get install spamassassin' on my raspian pi > 3b+ i keep running into a problem with sa-compile: > ... > Can anyone give me a hint what to do? Using compiled rules is not essential, IIWY I'd just comment out loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody in v320.pre.
Spam mail from Hotmail - Outlook - how to stop
Hello
Please how i can filter/ban E-Mail from Hotmail, Outlook, with women
pictures.
Yes spamassassin and meny other tools installed and will block meny of bad
E-Mail, the email With picture and more will also transfer.
I think that I am on the right way with the application Spamassassin, I need
To know how I can define filtering bad email.
Spamassassin 3.4.2-1+deb10u3
body LOCAL_OBFU_VIAGRA
/(?:\b[vu]|\B(?:\\\/|\xCE\xBD))[\W_]{0,3}(?:[il1:\|\*\xCC-\xCF\xEC-\xEF\xA6]
|\xC4[\xA8-\xB0]|\xC4\xBA|\xC4\xBC|\xC4\xBE|\xC5\x80|\xC5\x82|\xC7[\x8F-\x90
]|\xD0[\x86-\x87]|\xD1[\x96-\x97]|\xCE\x8A|\xCE\x90|\xCE\x99|\xCE\xAA|\xCE\x
AF|\xCE\xB9|\xCF\x8A)[\W_]{0,3}(?:[a4\*\@\xC0-\xC5\xAA\xE0-\xE5]|\/\\|\xC4[\
x80-\x85]|\xC7[\x8D-\x8E]|\xC7[\xBA-\xBB]|\xCE\x86|\xCE\x91|\xCE\x94|\xCE\x9
B|\xCE\xAC|\xCE\xB1|\xD0\x90|\xD0\xB0)[\W_]{0,3}(?:[g6]|\xC4[\x9C-\xA3]])[\W
_]{0,3}(?:[r\xAE]|\xC5[\x94-\x99]|\xD1\x93)[\W_]{0,3}(?:[a4]\b|(?:[\*\@\xC0-
\xC5\xAA\xE0-\xE5]|\/\\|\xC4[\x80-\x85]|\xC7[\x8D-\x8E]|\xC7[\xBA-\xBB]|\xCE
\x86|\xCE\x91|\xCE\x94|\xCE\x9B|\xCE\xAC|\xCE\xB1|\xD0\x90|\xD0\xB0)\B)/i
score LOCAL_OBFU_VIAGRA 1.8
describe LOCAL_OBFU_VIAGRA Obfuscated 'VIAGRA' in body
describe MANGLED_VIAGRA mangled viagra
body MANGLED_VIAGRA
/(?!viagra)v{1,3}(?:[_\W]{0,5}|[viagra])[iÌÍÎÏìíîï\|1l\!](?:[_\W]{0,5}|[viag
ra])[aÀÁÂÃÄÅàáâãäå4\@](?:[_\W]{0,5}|[viagra])g(?:[_\W]{0,5}|[viagra])r(?:[_\
W]{0,5}|[viagra])[aÀÁÂÃÄÅàáâãäå4\@]/i
scoreMANGLED_VIAGRA 2.5
postfix - 3.4.14
smtp inet n - - - 1 postscreen
-o content_filter=spamassassin
postscreen_dnsbl_sites = zen.spamhaus.org*3
and so on
thanks
