Jump to content

Forums/Site leaked email address


Zachariah

Recommended Posts


Does any of you has msfn in mail address? Like msfn@ or msfn.org@?
X-Gmail-Received: 24564a7083d3149202f30556e83cc94bbd0709f7

Delivered-To: MY MAIN GMAIL ADDRESS, ALL EMAIL FROM 'MY DOMAIN' GETS FORWARDED HERE@gmail.com

Received: by 10.78.69.20 with SMTP id r20cs6126hua;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)

Received: by 10.54.156.20 with SMTP id d20mr133241wre;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)

Return-Path: <PrattPratt@moose-mail.com>

Received: from MY DOMAIN.com (ns1.MY WEBHOST.com [MY WEBHOST'S IP ADDRESS])

by mx.gmail.com with ESMTP id g3si184246wra.2006.07.12.18.28.02;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)

Received-SPF: softfail (gmail.com: domain of transitioning PrattPratt@moose-mail.com does not designate MY WEBHOST'S IP ADDRESS as permitted sender)

Received: from sharedhosting3.MY WEBHOST.com (root@localhost)

by MY DOMAIN.com (8.12.11.20060308/8.12.11) with ESMTP id k6D1Rf3g023273

for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 21:27:41 -0400

X-ClientAddr: 200.45.162.237

Received: from host237.200-45-162.telecom.net.ar (host237.200-45-162.telecom.net.ar [200.45.162.237])

by sharedhosting3.MY WEBHOST.com (8.12.11.20060308/8.12.11) with SMTP id k6D1RVU8023259

for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 21:27:35 -0400

Received: from localhost (linux165 [127.0.0.5]) by handler.bolt.com (Postfix) with ESMTP id A-Z0-9A-ZA-ZA-Z0-90-90-90-90-9A-Z for <msfn_org@MY DOMAIN.com>; %Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Received: from handler.bolt.com ([127.0.0.5]) by localhost (amavis.boltstaff.com [127.0.0.5]) (amavisd-new, port 10095) with ESMTP id 38081-74 for <msfn_org@MY DOMAINcom>; Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Received: from boltfolio05 (unknown [10.70.15.47]) by handler.bolt.com (Postfix) with ESMTP id A-Z0-9A-ZA-Z0-90-90-9A-Z0-90-9A-Z for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Message-ID: <10297956.1194223214969.JavaMail.confirm@boltinc.com>

From: "Erich Pratt" <williamcrighton@1colony.com>

To: msfn_org <msfn_org@MY DOMAIN.com>

Subject: downing message from Erich Pratt

Mime-Version: 1.0

Content-Type: text/plain; charset=us-ascii

Content-Transfer-Encoding: 7bit

Date: Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

X-Virus-Scanned: amavisd-new at boltstaff.com

Hi, marginal

University Diplomas

No required tests, classes, books, or interviews.

Please call:

1-206-338-3737

irresponsible sect fettle intensive skyward durer cos counterproposal frederic hurty

carefree catlike, healey pervasion season graduate carolinian abnormal poesy immiscible diddle tale

sundry degrease .meantime squawbush oxygen yeoman standeth tungstate malignant fingerprint quasiperiodic

thebes! slocum malpractice. commissary appellant saginaw mahayanist jackie tribal. pretext tomography muir keynesian.

Your Erich

For my own security against (more) spam, I removed my Gmail address, my Domain Name, my Web Host's Domain name and my Web Host's IP Address.

I also posted a similar message source of another spam email on GeekNewz.com, who also had their member email addresses leaked - although they don't realise it yet.

As you can see, they employ the use of Zombie PCs to send the spam, and spoof many of the headers too.

Edited by The Land of Smeg
Link to comment
Share on other sites

Does any of you has msfn in mail address? Like msfn@ or msfn.org@?

X-Gmail-Received: 24564a7083d3149202f30556e83cc94bbd0709f7

Delivered-To: MY MAIN GMAIL ADDRESS, ALL EMAIL FROM 'MY DOMAIN' GETS FORWARDED HERE@gmail.com

Received: by 10.78.69.20 with SMTP id r20cs6126hua;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)

Received: by 10.54.156.20 with SMTP id d20mr133241wre;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)

Return-Path: <PrattPratt@moose-mail.com>

Received: from MY DOMAIN.com (ns1.MY WEBHOST.com [MY WEBHOST'S IP ADDRESS])

by mx.gmail.com with ESMTP id g3si184246wra.2006.07.12.18.28.02;

Wed, 12 Jul 2006 18:28:03 -0700 (PDT)Received-SPF: softfail (gmail.com: domain of transitioning PrattPratt@moose-mail.com does not designate MY WEBHOST'S IP ADDRESS as permitted sender)

Received: from sharedhosting3.MY WEBHOST.com (root@localhost)

by MY DOMAIN.com (8.12.11.20060308/8.12.11) with ESMTP id k6D1Rf3g023273

for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 21:27:41 -0400

X-ClientAddr: 200.45.162.237

Received: from host237.200-45-162.telecom.net.ar (host237.200-45-162.telecom.net.ar [200.45.162.237])

by sharedhosting3.MY WEBHOST.com (8.12.11.20060308/8.12.11) with SMTP id k6D1RVU8023259

for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 21:27:35 -0400

Received: from localhost (linux165 [127.0.0.5]) by handler.bolt.com (Postfix) with ESMTP id A-Z0-9A-ZA-ZA-Z0-90-90-90-90-9A-Z for <msfn_org@MY DOMAIN.com>; %Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Received: from handler.bolt.com ([127.0.0.5]) by localhost (amavis.boltstaff.com [127.0.0.5]) (amavisd-new, port 10095) with ESMTP id 38081-74 for <msfn_org@MY DOMAINcom>; Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Received: from boltfolio05 (unknown [10.70.15.47]) by handler.bolt.com (Postfix) with ESMTP id A-Z0-9A-ZA-Z0-90-90-9A-Z0-90-9A-Z for <msfn_org@MY DOMAIN.com>; Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

Message-ID: <10297956.1194223214969.JavaMail.confirm@boltinc.com>

From: "Erich Pratt" <williamcrighton@1colony.com>

To: msfn_org <msfn_org@MY DOMAIN.com>

Subject: downing message from Erich Pratt

Mime-Version: 1.0

Content-Type: text/plain; charset=us-ascii

Content-Transfer-Encoding: 7bit

Date: Wed, 12 Jul 2006 22:16:28 +0000 (EDT)

X-Virus-Scanned: amavisd-new at boltstaff.com

Hi, marginal

University Diplomas

No required tests, classes, books, or interviews.

Please call:

1-206-338-3737

irresponsible sect fettle intensive skyward durer cos counterproposal frederic hurty

carefree catlike, healey pervasion season graduate carolinian abnormal poesy immiscible diddle tale

sundry degrease .meantime squawbush oxygen yeoman standeth tungstate malignant fingerprint quasiperiodic

thebes! slocum malpractice. commissary appellant saginaw mahayanist jackie tribal. pretext tomography muir keynesian.

Your Erich

For my own security against (more) spam, I removed my Gmail address, my Domain Name, my Web Host's Domain name and my Web Host's IP Address.

I also posted a similar message source of another spam email on GeekNewz.com, who also had their member email addresses leaked - although they don't realise it yet.

As you can see, they employ the use of Zombie PCs to send the spam, and spoof many of the headers too.

I did the same on TalkingSoft.com Forum who also had their members email addresses leaked - although they don't realise it yet. they still use IPB software version v2.15, and i have being into there forum and it is down now because i believe they are upgrading there forum right now. i just try to go to [url=http://www.geeknewz.com/ i got this message :

There is a problem with the database that is preventing the site from working.

An email has been sent to the administrator notifying them of the problem. Please try again late

So they also working on it right now.

Edited by the-matrix
Link to comment
Share on other sites

I use msfn.org@[example].com (with my domain) as the email address for this site. Today I got a spam sent to that address. <snip>
Does any of you has msfn in mail address? Like msfn@ or msfn.org@?

yup. happened to me too

Link to comment
Share on other sites

I use msfn.org@[example].com (with my domain) as the email address for this site. Today I got a spam sent to that address. <snip>

Does any of you has msfn in mail address? Like msfn@ or msfn.org@?

yup. happened to me too

Kaonashi had a good point. That's sorta why I use a traceable email address on public forums. I don't trust their security enough. I don't blame the people who run public forums, nor the forum authors. Complex software is just insecure.

Luckily I was able to use a new email alias here (by adding the number "2") and I turned off the old one.

I do hate to hear that some people have used their primary email address here, and therefore cannot change it -- but I do advise that you learn from this and use a throw-away-able (changeable) email address (or alias) in the future for public forums.

Link to comment
Share on other sites

Victim too I think. :(

Here is a typical mail for me :

De: xymenes@loveable.com Ternov 
À: camara01recope@gmail.com
Date: Thu, 20 Jul 2006 23:29:11 +0200
Objet: re:your resume

<html><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<head></head>
<body bgcolor=#ffffff>
Hello, Sir/Madam! <br>
<font color=#fcfcfc>u's bison notch gila</font><br>
This message was originally posted by Hot Jobs 4 You system and has nothing to do with spam! <br>
Our Company is seeking applications for many Work-at-home positions <br>
<font color=#fcfcfc>pardon bleat jugs today</font><br>
Employers guarantee payroll tax deposits and reporting, retirement and various reports,<br>
other accounting functions. Attention to detail is a must and well as the ability to multi-task.<br>
Equivalent experience providing knowledge, skills and abilities. Pre-employment <br>testing and criminal background history check required. Salary DOQ, excellent benefits. <br>
<font color=#fcfcfc>martyr grain bills bowie</font><br>
If you are interested in this proposal send us your resume ASAP and employer will contact you. <br>
hallstein@best-user-choose.info <br>
<font color=#fcfcfc>34th taffy gum angel</font><br>
Best regards, <br>
Hot Jobs 4 You Employee Search Department<br>
</body>

And camara01recope@gmail.com is not my correct address : the real one is pratty obvious, all you have to know is that gmails doesn't accept underscores.

Hopefully the spam I receive always starts the same way and the sendto address too. I should be able to filter that out. :}

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...