[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Valid DKIM signature (Was: Re: I want to rejoice like a queen. Pauline)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Aug 13, 2017 at 02:44:56PM +0000, Andy Smith wrote:
> Hi,
> 
> On Sun, Aug 13, 2017 at 11:21:04PM +0900, Byung-Hee HWANG (황병희, 黃炳熙) wrote:
> 
> [snipped spam]
> 
> > By the way the mail got valid DKIM signature.
> 
> It came from a real person so why wouldn't it? DKIM says nothing of
> content.
> 
> > Please explain to me why the mail is here. It's odd. Please Please Please ...
> 
> A spammer sent out a spam run (this "would you be my king?" then URL
> to questionable site nonsense) using the debian-user address as the
> from address. Some of the hapless confused recipients replied to it,
> thus their reply ends up on the mailing list.

I have the hunch that it's a (faked, in the sense that the copy hasn't
been sent to debian-user) Cc: -- a From: might trigger the spam filter
at the victim's site (bad SPF and/or DKIM). But then, maybe not...

> It would be best not to reply to it (unless you feel like replying
> off-list to the person explaining that they are replying to spam),
> as the sender won't see your reply and no one on this list can do
> anything about it.

I do that from time to time, when I have a whiff of evidence that the
victim might understand what's going on. Never got a reply so far
(still curious :)

Cheers
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlmQaBIACgkQBcgs9XrR2kY1JACdGN/Y4cw5gP3RZ3zyufaMoOYS
TvsAnjZCeCQVFsii/3J68udK2cRkoDuK
=IChh
-----END PGP SIGNATURE-----
Reply to: