Your humble blogger was deeply touched at the consideration that this spammer showed. And congratulations! It made it through Spam Assassin with a score of only 2.6. Obviously the Assassin is not used to such cordiality as Christmas greetings from spammers.
Some other spam which got through the RTBLs and Spam Assassin, purported to be from the Google Adwords team.
Headers:
Body:Dear advertiser, You have a new text message from AdWords Team Please use the link below to login: http://www.adwords.adsonc.co.uk/Select/Login/index.html best regards, ©2009 Google AdWords Team |
Two hours later, (at 16:16:44 AEST), a similar email arrived from (unknown [110.10.166.172]). This one earned a Spam Assassin score of 4.9
The address 41.218.192.127 is owned by Ghana Telecom. It purports to have been leased out to 4u.com.gh which has no whois server. A search for this domain in the Ghana NIC failed. Many of the addresses in this netblock have a poor reputation, and will already be in one or many RTBLs.
The address 110.10.166.172, is a Korean address, owned by SK Broadband Co Ltd. Many of the addresses in this netblock also have poor reputations.
The other variety of spam that seems to get through the PGTS defences uses an extremely simple message and an image. These emails get through the content filters because the payload is in the image. However generally they get a score in excess of 4. To date your humble blogger has never had a legitimate email with a Spam Assassin score greater than 3.5. However, just to make sure that there are no false positives, your humble blogger has left the reject weight at 5.0 (the default).
And your humble blogger would like to take this opportunity to extend the seasons greetings to spammers everywhere. Here's hoping that you all have a very Merry Christmas and may you all rot in the eternal fires of damnation!