BlackShot

New Member
Hello,

Some guy/server started sending to my email A LOT of spam messages from the same thing, that I'll show below. I simply can not create a filter for this, because every email is from a new account, from a new title and from a new content, but they all follow the same model. Oh, and the links are always different.

In one day I received more than 10 messages of this type:


(The censured part is my name, but I can't block these type of emails!)

The content:



Do you guys have something efficient against it?

Thank you!
 
Last edited:

Cowpipe

New Member
Would be simple to block with a regular expression but I don't think online mail providers allow these. Otherwise you might want to target emails which use strings such as these and simply move them to the junk folder.

Code:
--..
..--
..-_
..__
____
etc.
 

Cats-4_Owners-2

Level 37
Verified
Trusted
From what I understand, this is done by an automatic Bot program. Once the e-mail is opened it accesses your address book, and sends e-mail out to everyone you know.
  1. The corrective course is to immediately change your password.
  2. Warn friends & family about this, and have them spam it.
Since using the free containment app, Sandboxie www.sandboxie.com I haven't had this happen again!:):)

Update: My good friend, Cowpipe, knows a great deal.;)
Don't ever make him mad.:p:D *Kidding* ..:eek:but don't!
 
Last edited:

Cowpipe

New Member
From what I understand, this is done by an automatic Bot program. Once the e-mail is opened it accesses your address book, and sends e-mail out to everyone you know.
  1. The corrective course is to immediately change your password.
  2. Warn friends & family about this, and have them spam it.
Since using the free containment app, Sandboxie www.sandboxie.com I haven't had this happen again!:):)
You're confusing SPAM messages with email worms there Cats- ;)

A spam message will contain stuffed keyword text and often weird combinations of normal sounding sentences to get past spam filters, the punctuation is also a means to defeat keyword filters (although the more intelligent will have picked up on the high level of punctuation)

The emails themselves will normally either ask you to reply (so it is known the account is active and it becomes worth more to spammers), or you will be enticed to click a link, either for advertising, phishing or malware distribution ;)
 
  • Like
Reactions: BlackShot

Cowpipe

New Member
Would one of you mind posting the email headers for me to have a look at? Blank out your address of course ;)
 

Cats-4_Owners-2

Level 37
Verified
Trusted
Interesting. I didn't envision Sandboxie having anything to do with email.
Neither had I.
Maybe I've adopted safer habits being exposed to all of your positive influences which, in turn, makes me automatically immune!:D As for Sandboxie, and keeping in mind Dr. Cowpipe's correct diagnosis, it does keep your system free of worms & trojans too!:);)

Update: Back to the subject of Spam, Google's Gmail filters completely thus practically eradicating the presence of any and all Spam. "It was elementary, my Dear Cowpipe!"
 
Last edited:

Cowpipe

New Member
Spam is all about "getting" something. Getting longer, getting fitter, getting bigger, getting thinner, getting infected, getting high, getting rich, getting ripped off, getting a bargain price Thai bride etc.
 
  • Like
Reactions: BlackShot

Cowpipe

New Member
Of course not! But each message has a different email. -_-

Sorry, poor explanation on my part, I meant the actually MIME headers, see here: https://support.google.com/mail/answer/22454?hl=en

  1. Log in to Gmail
  2. Open the message you'd like to view headers for.
  3. Click the down arrow next to Reply, at the top of the message pane.
  4. Select Show Original.
The full headers will appear in a new window.
I might be able to give you some better advice then :)
 
  • Like
Reactions: BlackShot
D

Deleted member 178

spam are not infection so Sbie is powerless against them, they are just annoying emails; it is your mail provider to filter them but they are limited so you have to edit the filters yourself or via a tool.
 

WinXPert

Level 24
Verified
Trusted
Malware Hunter
for gmail i use unsubscribe. it's a service you add to gmail.

select the email and move it to your unsubscribe folder. every new email from that sender would be transferred to unsubscribe folder
 
Last edited:
  • Like
Reactions: BlackShot

BlackShot

New Member
spam are not infection so Sbie is powerless against them, they are just annoying emails; it is your mail provider to filter them but they are limited so you have to edit the filters yourself or via a tool.
The problem is that I can not filter this type of message. They use aleatory things all the time (like email sender, subject, content etc.).

for gmail i use unsubscribe
Sorry, it does not work for this type of message.
 

Cowpipe

New Member
Worth blocking

Code:
gedris.org
Block all emails that come from that site, well known spam site. Could you upload another emails headers for me to look at please?
 
  • Like
Reactions: BlackShot

Cowpipe

New Member
You can also block all emails containing the following string:

Code:
Ć L I C K 
This kind of obfuscation will very, very rarely occur in a normal email, personally I've never seen it.

You can check that the filter is working by removing all other email addresses from the To/cc/bcc etc... and forwarding the message to your inbox. If the content filter works it should go straight to junk
 

BlackShot

New Member
Worth blocking

Code:
gedris.org
Block all emails that come from that site, well known spam site. Could you upload another emails headers for me to look at please?
Blocked (from, right?).

You can also block all emails containing the following string:

Code:
Ć L I C K 
This kind of obfuscation will very, very rarely occur in a normal email, personally I've never seen it.

You can check that the filter is working by removing all other email addresses from the To/cc/bcc etc... and forwarding the message to your inbox. If the content filter works it should go straight to junk
That's definitely not a problem! Also, I just created a new filter with your informations.

http://pastebin.com/7q5XmALV
http://pastebin.com/KMaP7rib
http://pastebin.com/Km1Lz1iA
 

WinXPert

Level 24
Verified
Trusted
Malware Hunter
I'm not talking about unsubscribing from an email list. This is a gmail app

http://www.otherinbox.com/unsubscriber_app/

UNSUBSCRIBER

Your Unsubscribe folder is the simplest way to stop emails you don't want. Just move unwanted messages to the Unsubscribe folder and we'll take care of the rest. It's a satisfying way to simplify your inbox.


When you move an email to the Unsubscribe folder, we notify the sender that you want to be removed from their list.


You don't have to answer any questions or remember your password. Once the email is in your Unsubscribe folder, you’re done!
 
  • Like
Reactions: xxtoss23

BlackShot

New Member
I'm not talking about unsubscribing from an email list. This is a gmail app

http://www.otherinbox.com/unsubscriber_app/

UNSUBSCRIBER

Your Unsubscribe folder is the simplest way to stop emails you don't want. Just move unwanted messages to the Unsubscribe folder and we'll take care of the rest. It's a satisfying way to simplify your inbox.


When you move an email to the Unsubscribe folder, we notify the sender that you want to be removed from their list.


You don't have to answer any questions or remember your password. Once the email is in your Unsubscribe folder, you’re done!
Hm, thank you! I didn't know about that. I'll try it! But are you sure that it works for these type of messages?
 
  • Like
Reactions: WinXPert