Request for help with mail spoofing

Request for help with mail spoofing

Geoff Shang geoff at QuiteLikely.com
Wed Feb 17 15:44:05 IST 2010 

On Wed, 17 Feb 2010, geoffrey mendelson wrote:

> First of all, how do you know that this is a person as you put it in the 
> blindness community? It could just be one of those people that disrupt groups 
> because they can, and found a bunch of people to annoy. Eventually they get 
> tired of these things and move on to a different community.

It's definitely a person in the blindness community.  This is not random 
spam with random addresses.  The Email addresses have been chosen 
carefully, the subject lines are made to look appropriate to the lists, 
and as you can see from the script I just posted, they've even gone to the 
bother of attaching the correct Email signatures.  You'll see a few 
references to GW Micro - this is a company which makes one of the most 
widely used screen reading software for Windows for the blind.

> You also should check the email addresses. One common trick used by 
> commercial posters is to post using a real name with a different email 
> address.

These are definitely the right addresses, and they are not commercial 
posts.

> These guys tend to hit hard and fast, post one email advertising their 
> business and move on, but script kiddies do it too.

This is definitely in the 'script kiddy' class of things.

> I don;t understand. 99.99% of windows users don't run bash. Why send them a 
> bash script?

Because he's thumbing his nose at the list.  He's saying "I know more than 
you and I can even say how I'm doing this and you won't understand.  And 
even if you do, you still won't be able to catch me."

> I think sloppy is correct, but I wonder if it is a real person 
> or just a "junk bot" sending stuff out. At one point it found the mailing 
> list in someone's contacts list and is just dumping crap to it.

Even without the script, I can say for sure that it's definitley not 
random.

> Send me a copy. Or publish it, we can argue over what it does.

You should have seen it in my previous message.

> It would be best that the mailing lists be set to posting by members only, 
> and new members are moderated until approved.

They are.  But has been said already, this person is spoofing legitimate 
and reputable Email addresses.

Geoff.

More information about the Linux-il mailing list