Re: Administrative message for those who are using gmail addresses

To: Andreas Tille <andreas@an3as.eu>, Debian Med Project List <debian-med@lists.debian.org>
Subject: Re: Administrative message for those who are using gmail addresses
From: Simon Kainz <skainz@debian.org>
Date: Wed, 08 Jul 2015 15:42:27 +0200
Message-id: <[🔎] 559D28C3.4060402@debian.org>
In-reply-to: <20150624061513.GC9959@an3as.eu>
References: <20150624061513.GC9959@an3as.eu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

at least this email you mentioned is flagged correctly as being SPAM
by google: I decoded the base64 encoded part, which is some kind of
weird/obfuscated javascript source, probably doing something malicious.

Regards,

Simon

Am 2015-06-24 um 08:15 schrieb Andreas Tille:
> Hi,
> 
> I realised bounces on the debian-med-commit list yesterday and
> wanted to inform the owners.  I received this response.  I have no
> idea who else might be concerned but it seems gmail consideres some
> mails as SPAM / security relevant that are not.
> 
> Just to let you know
> 
> Andreas.
> 
> ----- Forwarded message from Mail Delivery System
> <Mailer-Daemon@an3as.eu> -----
> 
> Date: Wed, 24 Jun 2015 08:10:55 +0200 From: Mail Delivery System
> <Mailer-Daemon@an3as.eu> To: andreas@fam-tille.de Subject: Mail
> delivery failed: returning message to sender
> 
> This message was created automatically by mail delivery software.
> 
> A message that you sent could not be delivered to one or more of
> its recipients. This is a permanent error. The following
> address(es) failed:
> 
> iankarlwallace@gmail.com SMTP error from remote mail server after
> end of data: host gmail-smtp-in.l.google.com [173.194.78.26]: 
> 552-5.7.0 This message was blocked because its content presents a
> potential 552-5.7.0 security issue. Please visit 552-5.7.0
> https://support.google.com/mail/answer/6590 to review our message 
> 552 5.7.0 content and attachment content guidelines.
> ju8si999205wid.83 - gsmtp michael.crusoe@gmail.com SMTP error from
> remote mail server after end of data: host
> gmail-smtp-in.l.google.com [173.194.78.26]: 552-5.7.0 This message
> was blocked because its content presents a potential 552-5.7.0
> security issue. Please visit 552-5.7.0
> https://support.google.com/mail/answer/6590 to review our message 
> 552 5.7.0 content and attachment content guidelines.
> ju8si999205wid.83 - gsmtp crespialba+debian@gmail.com SMTP error
> from remote mail server after end of data: host
> gmail-smtp-in.l.google.com [173.194.78.26]: 552-5.7.0 This message
> was blocked because its content presents a potential 552-5.7.0
> security issue. Please visit 552-5.7.0
> https://support.google.com/mail/answer/6590 to review our message 
> 552 5.7.0 content and attachment content guidelines.
> ju8si999205wid.83 - gsmtp
> 
> ------ This is a copy of the message, including all the headers.
> ------
> 
> Return-path: <andreas@fam-tille.de> Received: from andreas by
> mail.an3as.eu with local (Exim 4.84) (envelope-from
> <andreas@fam-tille.de>) id 1Z7dtd-00079b-Fq; Wed, 24 Jun 2015
> 08:10:53 +0200 Date: Wed, 24 Jun 2015 08:10:53 +0200 From: Andreas
> Tille <andreas@fam-tille.de> To: crespialba+debian@gmail.com,
> michael.crusoe@gmail.com, iankarlwallace@gmail.com Subject:
> [mailman@lists.alioth.debian.org: Bounce action notification] 
> Message-ID: <20150624061053.GB9959@an3as.eu> MIME-Version: 1.0 
> Content-Type: text/plain; charset=us-ascii Content-Disposition:
> inline User-Agent: Mutt/1.5.23 (2014-03-12)
> 
> Hi,
> 
> just to let you know:  The three addresses in To: field trigged 
> bounces yesterday and are unsubscribed.
> 
> Kind regards
> 
> Andreas.
> 
> ----- Forwarded message from mailman@lists.alioth.debian.org -----
> 
> Date: Tue, 23 Jun 2015 18:23:17 +0000 From:
> mailman@lists.alioth.debian.org To:
> debian-med-commit-owner@lists.alioth.debian.org Subject: Bounce
> action notification
> 
> This is a Mailman mailing list bounce action notice:
> 
> List:       debian-med-commit Member:
> crespialba+debian@gmail.com Action:     Subscription disabled. 
> Reason:     Excessive or fatal bounces.
> 
> 
> 
> The triggering bounce notice is attached below.
> 
> Questions? Contact the Mailman site administrator at 
> mailman@lists.alioth.debian.org.
> 
> Date: Tue, 23 Jun 2015 18:23:02 +0000 From: Mail Delivery System
> <Mailer-Daemon@moszumanska.debian.org> To:
> debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.deb
ian.org
>
> 
Subject: Mail delivery failed: returning message to sender
> 
> This message was created automatically by mail delivery software.
> 
> A message that you sent could not be delivered to one or more of
> its recipients. This is a permanent error. The following
> address(es) failed:
> 
> crespialba+debian@gmail.com SMTP error from remote mail server
> after end of data: host gmail-smtp-in.l.google.com
> [2607:f8b0:4001:c0f::1a]: 552-5.7.0 This message was blocked
> because its content presents a potential 552-5.7.0 security issue.
> Please visit 552-5.7.0  https://support.google.com/mail/answer/6590
> to review our message 552 5.7.0 content and attachment content
> guidelines. pj7si332118igb.9 - gsmtp
> 
> ------ This is a copy of the message, including all the headers.
> ------
> 
> Return-path:
> <debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.de
bian.org>
>
> 
Received: from localhost ([::1] helo=moszumanska.debian.org)
> by moszumanska.debian.org with esmtp (Exim 4.80) (envelope-from
> <debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.de
bian.org>)
>
> 
id 1Z7Sqa-0003Sz-NW
> for crespialba+debian@gmail.com; Tue, 23 Jun 2015 18:23:00 +0000 
> Received: from 173.192.208.45-static.reverse.softlayer.com
> ([173.192.208.45] helo=ara5.araserv.com) by moszumanska.debian.org
> with esmtp (Exim 4.80) (envelope-from <nobody@ara5.araserv.com>) id
> 1Z7SqY-0003Rs-Oa for debian-med-commit@lists.alioth.debian.org;
> Tue, 23 Jun 2015 18:22:59 +0000 Received: from nobody by
> ara5.araserv.com with local (Exim 4.82) (envelope-from
> <nobody@ara5.araserv.com>) id 1Z7Rif-0006hU-4I for
> debian-med-commit@lists.alioth.debian.org; Tue, 23 Jun 2015
> 12:10:45 -0500 To: debian-med-commit@lists.alioth.debian.org Date:
> Tue, 23 Jun 2015 17:10:45 +0000 From: "FedEx International Next
> Flight" 
> <ruben.richardson@173.192.208.45-static.reverse.softlayer.com> 
> Message-ID:
> <49d8565cc53e4c8566cafed6a911d826@173.192.208.45-static.reverse.softla
yer.com>
>
> 
X-Priority: 3
> MIME-Version: 1.0 Content-Type: multipart/mixed;
> boundary="b1_42372ca0682e179667940cc0e90e463e" 
> Content-Transfer-Encoding: 8bit X-AntiAbuse: This header was added
> to track abuse, please include it with any abuse report 
> X-AntiAbuse: Primary Hostname - ara5.araserv.com X-AntiAbuse:
> Original Domain - lists.alioth.debian.org X-AntiAbuse:
> Originator/Caller UID/GID - [99 99] / [47 12] X-AntiAbuse: Sender
> Address Domain - ara5.araserv.com X-Get-Message-Sender-Via:
> ara5.araserv.com: uid via acl_c_vhost_owner from authenticated_id:
> nobody from /only user confirmed/virtual account not confirmed 
> X-policyd-weight: using cached result; rate: -5.83 X-ACL-Warn:
> PREPEND X-Greylist: delayed 4352 seconds by postgrey-1.34 at 
> moszumanska; Tue, 23 Jun 2015 18:22:58 UTC X-Spam-Checker-Version:
> SpamAssassin 3.3.2 (2011-06-06) on moszumanska.debian.org 
> X-Spam-Level: **** X-Spam-Status: No, score=4.9 required=5.0
> tests=BAYES_50, RCVD_IN_BRBL_LASTEXT, RCVD_IN_PSBL autolearn=no
> version=3.3.2 Subject: [med-svn] Problems with item delivery,
> n.0000418427 X-BeenThere:
> debian-med-commit@lists.alioth.debian.org X-Mailman-Version:
> 2.1.15 Precedence: list Reply-To: FedEx International Next Flight 
> <ruben.richardson@173.192.208.45-static.reverse.softlayer.com> 
> List-Id: Subversion commit notifications 
> <debian-med-commit.lists.alioth.debian.org> List-Unsubscribe:
> <http://lists.alioth.debian.org/cgi-bin/mailman/options/debian-med-com
mit>,
>  
> <mailto:debian-med-commit-request@lists.alioth.debian.org?subject=unsu
bscribe>
>
> 
List-Archive: <http://lists.alioth.debian.org/pipermail/debian-med-commi
t/>
> List-Help:
> <mailto:debian-med-commit-request@lists.alioth.debian.org?subject=help
>
>
> 
List-Subscribe:
<http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-comm
it>,

> <mailto:debian-med-commit-request@lists.alioth.debian.org?subject=subs
cribe>
>
> 
Errors-To:
debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.debia
n.org
> Sender: "debian-med-commit" 
> <debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.de
bian.org>
>
> 
X-SA-Exim-Connect-IP: ::1
> X-SA-Exim-Mail-From:
> debian-med-commit-bounces+crespialba+debian=gmail.com@lists.alioth.deb
ian.org
>
> 
X-SA-Exim-Scanned: No (on moszumanska.debian.org); SAEximRunCond
expanded to false
> 
> --b1_42372ca0682e179667940cc0e90e463e Content-Type: text/plain;
> charset=us-ascii
> 
> Dear Customer,
> 
> This is to confirm that one or more of your parcels has been
> shipped. Shipment Label is attached to email.
> 
> Yours trully, Ruben Richardson, FedEx Station Manager.
> 
> 
> --b1_42372ca0682e179667940cc0e90e463e Content-Type:
> application/zip; name="FedEx_ID_0000418427.zip" 
> Content-Transfer-Encoding: base64 Content-Disposition: attachment;
> filename=FedEx_ID_0000418427.zip
> 
> UEsDBBQAAAAIAFaJ10bOgPgadwYAAEchAAAaAAAARmVkRXhfSURfMDAwMDQxODQyNy5kb2
MuanOF
>
> 
Wdtu20YQ/ZWFgMZUZTC7FK9V1MKJ3fYhRoPYQAMEeaCllcVEJg2StuUG/veu0gLpnDmFn2RR
4925
> nTMX3te9Gca+++KXkyzL8qzIzqy1zub21Gb2JK1sFb7Z8FnY1/bw7dTZJLVl+CycdUV6Eu
TCN/s6
>
> 
iL0J3/773yfhaW7nk8Xmrl2NTdea2rl5NDVfTe/Hu741R2a5PFqYp4Ux32XmINLMZlMlVBZS
6GQ1
> KpnEWiG0vf1FybhUiNSr3l/pg1z1rNYuESLdjdlqGVA6T+OEaJTJk9rBv1ZSubzujb6slD
r7D38Q
>
> 
BwkRlxGrSiEyRhMtM5cy+zoeH/VdSS6kFma9i4jxUuvmL2+07VLtvmmv9UGVdNBPL5VIKiX+
vFjp
> U0qp9K3XbpYSrX/Q+kqb2jVxs0xD/xASWgND+vlBeyaxTrqmXetMzWUW1uM27rVGkGA7bT
mAInZa
>
> 
wkooLw+/EXTJeHYxsUuaXu8GTzhBqmzswtwTV8vbrD7HVdJDk5ckYrn0tL/sfm2I3jKu6yWD
j1To
> VIO9kPpYSw6Radjd+pahS7oxClAdlFQmb7s808iRDLX1ux2JqrzLRGsdejeXIRt7X99o86
UTpz+S
>
> 
TEvB/vUjiStQUKDEq89KqpLGTfQ5mdSnvfGtLj4ukeeMDclF8NHdYDRcU4BrT2APKpvJdKHt
kml2
> 9dlrhqmkPnGnQ1ZI1O+9zuhKioSYMvxIaog27TGphaVE2TQIEJYBKK62NSm9UHu/koMKmR
89SyEH
>
> 
xxCKSax0wMLsCcfIcBxrNxbyKkbSQoBxqzR6qVPHWRUsXXfkPe01yfYUlNVV0AEXhscEEBUo
nGiu
> q+Q5b3+/vHynMSrd+zDoouLyHGNJWEwSVBQyUB+UyYPi206zKhBUQCjJHImJwyOCHERgHa
80/Rby
>
> 
qBtSDADs3epOU6/LpP3ERdLR/r7WypTZs2mYQbUgMsAFZt0StnQp9LQBfDqjEyfPGjxpynLw
zx2h
> J2jV405fBZ1LbxqitcWePyJlR+p8tr8lbpQyYRybEmcDnruHmLS+kPn1qDvAQto2nU1iLZ
Tg1NNs
>
> 
tGnS/Isx9PRkgpCJH+VZOifwkGdFWqNUEsgYXxBwSPy81PQM2oRmk/BZ8WyzmUBFCQT8RRdv
adOU
> lh2oXiH2pE+EHpmwWQLdROVIGYTJ+nEYa1IUnDzpxQuz1wBx0HB91G6UaTZp1ppegcurZD
o7J+GQ
>
> 
UV0xZnhuqEmgXyetViqv6RuN1EyK3Dc98UwphcKvI2kCoB0N1Om0Sm5egNaEFxKAfM8aF9i8
kDEj
> kWrHAyMqGfTvJH0fbt35A/8fQbWW94aK/p4wcgYWkPQuAQFrXbBcIT3xRJwFU/2xOyZOB3
V0EwID
>
> 
0FZHLgF3/s/iJE+fy0oYNuYVASykUsqSRNp9cqr3SiUcs+9YEYKmSWPawSARxqyYpBL0gzOy
v7NQ
> gnQFciWQzG8kmpBbul1KYOExeaHJDOjj1VXMdisw846rLWNqeZRxU6ONh+b0eogmP2ghQH
67PiMF
>
> 
GPp3opD0c2nLhFQ8aHZmgz4JAr8iSAeS3ZO1kYMVX9+MXkOnwsUkSQ7YUA3kmBRHFy0hU2zT
ktUm
> 5tgbUnulkzdsDSjtnsw2/UzfBaVu03dkAAAsP4a/dVGAbimJP7Di657zM3RL0Xk9kiU68G
EdagXZ
>
> 
LMGSOB5q3TGV6G2CeRnVW88mE9grmQ2p5bDGCd0iC5wU6k2kla6kG8doQnwN7QVbvVncBRIA
pbhZ
> Yfv/BIquiTzZnACEFodCT3IEi/MTgyPs/z0ZkgHUn3T6Jw7H/yddM6GqduQmmKYuCC1CWV
3Vgc6J
>
> 
FHR7rPYWEA9dXaA7I9OPENhFGx0GmKH5ntRBGNb6nU+hqooGRg4QNFes15Jp0UYbhngJ+BVj
MwDP
> dhxJQwFvzs4uydI+U9MfWTO4OTZCRARYmMyi8EKULXcTaN3NE1uUwiTOZjawazoj+Qyv1i
4+nL8l
>
> 
CknTy1RfJYN6/u4HsgOV1EImWujb2Jbdqj0fmdThrUdzeKwtl0JkmoX3MA8DqxcwFnybeUgR
h210
> 98XrEQPcvGtG3ZlgFn4lLpIhba/Ja1cHe5P3ng52khV+NvqlMtTUkxV9N5KDk8ZeEwzIkK
4McOHc
>
> 
vzm26Q7FNfi9v3tcusXh49UyjPbf/prNDv8TptDZ0ozbZvh4VB/NwvNPh/Xv0z+PDnvPT9HO
hyd/
> A1BLAQIAABQAAAAIAFaJ10bOgPgadwYAAEchAAAaAAAAAAAAAAAAIAAAAAAAAABGZWRFeF
9JRF8w
>
> 
MDAwNDE4NDI3LmRvYy5qc1BLBQYAAAAAAQABAEgAAACvBgAAAAA=
> 
> 
> --b1_42372ca0682e179667940cc0e90e463e Content-Type: text/plain;
> charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding:
> 7bit Content-Disposition: inline
> 
> _______________________________________________ debian-med-commit
> mailing list debian-med-commit@lists.alioth.debian.org 
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-com
mit
>
> 
- --b1_42372ca0682e179667940cc0e90e463e--
> 
> 
> 
> 
> 
> ----- End forwarded message -----
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJVnSjCAAoJEBy08PeN7K/p+GEP/0Su17vJ/pPKGy7Y79Fy5GBi
Ghj0ukiRlRQ8RVwK6GKEU5LpfJOmPoQhXRtwtBQ1nphSf8588l/nfCCK/Qh2z6zf
/SEHENghLUT3HV2wZavI1CTYzqRx8E77a0M+7qmEisfNNhNrPg2jGjHEPzJ56uHI
+F0ppeXhWxJHtW4L4ysE3hCXuuXCIAXuo4yxiYlgeeTANz6RsKSgorSLIzUccaA+
dcisjBW0IJnTOlzW1xUyTtWei27dgRBrLACQW7Khle6E/LbVhH8rrjCCfFuPtInk
kYjrVxxAJX5fJuwsw+5Z4N+MjMe9Cu3nboJHwx1/bFHgvTh7XEvWRaqlcgi4RC38
YR5v3VKGGDbKJEXhh6In7WtvWvWfuwGze8fVjveuw6VYIi/6Wp7iLL8UT/5qS5NC
DbqtuqBtfC8ArxnJEmhJPyxptIaKJuHaqoBIH+0Ko5yX3Ix5PSRlooXzOPKLr7U3
eNZ6jzNWkZtIjerSo2FN4oo4LwcqEsONedHTQHoFxAUS+d6Yw5RN0i/kh1WS6I4q
e/JVDFE19LgMz2ICHx7hQ9bN5pXZ7xFt5k40PcGQGrfEcwC3Pg91n5o8YuI0hLCW
BfRqyTWOWgpQ4v7RzQexflv14wLjFNKIQGsRzFA3Q5IhFqg0qpB5oTsdyV/FEog1
7cHO5lUbQyyKbFT/mWgT
=BjwZ
-----END PGP SIGNATURE-----
Reply to:
Prev by Date: Re: Help needed to try to fix activiz.net
Next by Date: Re: Help needed to try to fix activiz.net
Previous by thread: Re: python-bz2file packaged; python-screed + khmer updated
Next by thread: Seqan moved from svn to Git
Index(es):
- Date
- Thread