I believe they shut the scam down some time after noon, pst yesterday. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Tim Riley > Sent: Friday, September 26, 2003 2:32 PM > To: [EMAIL PROTECTED] > Subject: Re: [vox-tech] OT: one of the most pernicious spams i've > everseen. > > > > > Larry Ozeran wrote: > > > FWIW I tried to go to the "unencoded" address below and > Netscape fails the > > DNS lookup, so that browser doesn't do translation. > > > > Also, it looks like somebody has been listening. I tried to go the the > > bogus site just now and received a "document not found" in Russian and > > English. > > I get this too. Also, I received a reply from a Netnation manager > saying that he's looking into the matter that the account/pin > posts to their > server. > > > > > > > - Larry > > > > At 10:39 PM 9/25/03 -0700, you wrote: > > > > > >On 2003.09.25 21:53, Rob Rogers wrote: > > >> On Thu, Sep 25, 2003 at 20:00:51PM -0700, Mitch Patenaude wrote: > > >> Sorry. I was thinking back to my earlier email where I was discussing > > >> encoding a domain name to look innocuous. Here was my example: > > >> > > >> http://www.citibank.com%2e%61%33%6b%73%64%2e%50%69%53%65%4d%2e%4e%65%54 > >> > >> which unencoded becomes http://www.citibank.com.a3ksd.PiSeM.NeT > >> (using the actual base domain from the original email) > >> > >> This much your browser would have to decode to do a DNS lookup, and > >> I've never seen a browser show it encoded. Whether or not it sends > >> it encoded in the referer, I can't speak with any authority, but I > >> highly doubt it does. As for anything after the servername and/or > >> port #, I realize it does send that encoded. I appologize for not > >> making myself clear at first. > > > >The browser doesn't decode this anywhere. If you try to connect to > >http://%61mazon.com/ that's exactly what it will try to look up the IP > >address for so that it can connect. Not "amazon.com". %encoding is just > >a clever hack to send data to a server, not an "official" alternate way > >of specifying the location of a document. > > > >-- > >I usually have a GPG digital signature included as an attachment. > >See http://www.gnupg.org/ for info about these digital signatures. > >My key was last signed 6/10/2003. If you use GPG, *please* see me about > >signing the key. ***** My computer can't give you viruses by email. *** > > > >Attachment Converted: "e:\eudora\attach\Re [vox-tech] OT one of the m1" > > > > _______________________________________________ > vox-tech mailing list > [EMAIL PROTECTED] > http://lists.lugod.org/mailman/listinfo/vox-tech
_______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech