Hello,
Today, while we are testing quarantine webmail feature in our labs, I got a mail marked as a certainly spam in my SurGATE quarantine mailbox.
The funny part is here, the spammer puts the full bash man page to bypass or poison Bayesian database in html div area like below.
But he could not delivery the spam to our mailbox. It was matched by our spam signature database based on url and some other unique patterns in the mail.
</p><p align=”center”><em>YoshiBlade</em> is located at P.O Box 600991 San Diego, CA 92160.<br>
To be Removed from future YoshiBlade mailings, please Click Here!
<img src=”http://SPAMURL/images/a9a4f56d217106465337951325968172954699.gif” border=”0″>
</body>
</html>
<div style=”color:white; font-size:1%; line-height:1px”>
WeNeedYourConfirmationFor1500Deposit
WeNeedYourConfirmationFor1500Deposit
WeNeedYourConfirmationFor1500Deposit
Search
Linux
HomeComputing & TechnologyLinux
SharePrint
LinuxGet StartedExplore LinuxBecome a Guru
Filed In:Linux
Linux / Unix Command: bash
Command Library
NAME
bash – GNU Bourne-Again SHell
SYNOPSIS
….
”
To be Removed from future YoshiBlade mailings, please Click Here!
<img src=”http://ihi219.just212011.info/images/a9a4f56d217106465337951325968172954699.gif” border=”0″>
</body>
</html>
<div style=”color:white; font-size:1%; line-height:1px”>
WeNeedYourConfirmationFor1500Deposit
WeNeedYourConfirmationFor1500Deposit
WeNeedYourConfirmationFor1500Deposit
Search
Linux
HomeComputing & TechnologyLinux
SharePrint
LinuxGet StartedExplore LinuxBecome a Guru
Filed In:Linux
Linux / Unix Command: bash
Command Library
NAME
bash – GNU Bourne-Again SHell
SYNOPSIS
