spamgourmet breached?

General discussion re sg.

spamgourmet breached?

Postby benalt613 » Tue Aug 16, 2011 12:28 pm

I started receiving some weird spam from 2 addresses which are identical in format. They appear as "mail delivery failed: returning message to sender". The first came from the email used for motley fool and the other from the one used for 1saleaday. It made me wonder if the breach was not in motley fool and 1saleaday (since the emails both came within an hour of each other - though several more have arrived since), but from a breach through spamgourmet directly.
benalt613
 
Posts: 21
Joined: Thu May 15, 2008 12:34 pm

Re: spamgourmet breached?

Postby ScottF4 » Fri Aug 19, 2011 10:21 pm

benalt613 wrote:I started receiving some weird spam from 2 addresses which are identical in format. They appear as "mail delivery failed: returning message to sender". ...


I have received several similar bounce messages to several of my sg addresses - most involving a non-existent package

from+idealware+s******+cef7249bd8.Maile ... ourmet.com
sender-timeSent at 4:10 AM (UTC). Current time there: 9:23 PM. ✆
toidealware.s******@spamgourmet.com

dateMon, Aug 15, 2011 at 4:10 AM
subjectMail delivery failed: returning message to sender (idealware: message 12 of 20)
mailed-byspamgourmet.com

Aug 15 (5 days ago)


Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

support.7@ups.com
SMTP error from remote mail server after RCPT TO:<support.7@ups.com>:
host email2-vip.ups.com [153.2.234.229]: 550 Mailbox unavailable or access denied Address rejected

------ This is a copy of the message, including all the headers. ------

Return-path: +idealware+s*****+cef7249bd8.Mailer-Dae ... ourmet.com
Received: from spamgourmet by gourmet7.spamgourmet.com with local (Exim 4.69)
(envelope-from <idealware.s******@spamgourmet.com>)
id 1QssFb-0000qU-5Z
for support.7@ups.com; Mon, 15 Aug 2011 08:10:23 +0000
Received: from Debian-exim by gourmet7.spamgourmet.com with local (Exim 4.69)
id 1QssFa-0000pt-JH
for ; Mon, 15 Aug 2011 08:10:22 +0000
X-Failed-Recipients: idealware.s******@spamgourmet.com
Auto-Submitted: auto-replied
From: idealware.s******@spamgourmet.com
To: support.7@ups.com
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1QssFa-0000pt-JH@gourmet7.spamgourmet.com>
Date: Mon, 15 Aug 2011 08:10:22 +0000
X-Spamgourmet:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

idealware.s******@spamgourmet.com
SMTP error from remote mail server after end of data:
host gmail-smtp-in.l.google.com [209.85.225.27]:
552-5.7.0 Our system detected an illegal attachment on your message. Please
552-5.7.0 visit http://mail.google.com/support/bin/answ ... nswer=6590 to
552 5.7.0 review our attachment guidelines. uk1si14031245icb.53

------ This is a copy of the message, including all the headers. ------

Return-path: idealware.s******@spamgourmet.com
Received: from spamgourmet by gourmet7.spamgourmet.com with local (Exim 4.69)
(envelope-from <>)
id 1QssFZ-0000or-JJ
for idealware.s*****@spamgourmet.com; Mon, 15 Aug 2011 08:10:21 +0000
Received: from [113.162.244.23] (helo=sieqv.com)
by gourmet7.spamgourmet.com with esmtp (Exim 4.69)
(envelope-from <support.7@ups.com>)
id 1QssFY-0000ni-Pt
for idealware.s*******@spamgourmet.com; Mon, 15 Aug 2011 08:10:21 +0000
Received: from ups.com ([153.2.228.50]) by 113.162.244.23; Wed, 03 Aug 2011 14:44:55 +0800
Message-ID: <000e01cc51a8$da8e0d80$17f4a271@ups.com>
From: "support 7 - support.7@ups.com" <>
To: <idealware.s******@spamgourmet.com>
Subject: UPS notification
Date: Wed, 03 Aug 2011 14:44:55 +0800
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_0006_01CC51A8.DA8E0D80"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2314.1300
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300

This is a multi-part message in MIME format.

------=_NextPart_000_0006_01CC51A8.DA8E0D80
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_0007_01CC51A8.DA8E0D80"

------=_NextPart_001_0007_01CC51A8.DA8E0D80
Content-Type: text/plain;
charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

Dear customer.


The parcel was sent your home address.
And it will arrive within 3 business day.

More information and the tracking number are attached in document below.

Thank you.

Copyright =A9 1994-2011 United Parcel Service of America, Inc. All rights r=
eserved.

------=_NextPart_001_0007_01CC51A8.DA8E0D80
Content-Type: text/html;
charset="windows-1250"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dwindows-125=
0">
<META content=3D"MSHTML 5.00.2314.1300" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<br>Dear customer.
<br>
<br>
<br>The parcel was sent your home address.
<br>And it will arrive within 3 business day.
<br>
<br>More information and the tracking number are attached in document below.
<br>
<br>Thank you.
<br>
<br>Copyright =A9 1994-2011 United Parcel Service of America, Inc. All righ=
ts reserved.
</BODY></HTML>

------=_NextPart_001_0007_01CC51A8.DA8E0D80--

------=_NextPart_000_0006_01CC51A8.DA8E0D80
Content-Type: ;
name="UPS_document.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="UPS_document.zip"

UEsDBBQAAgAIAAKuDj9hacr2/TIAAAB0AAAQAAAAVVBTX0RvY3VtZW50LmV4Zex7CSCUXfv3NUYh
FaEia0IqJJVIhVKUNRElSkb2fTSyFMk6KclSlCzZKkmLpSKRKEvWhGzDmBkteqqnXfOde1Danvd9
vvd5vvf7vv9zcc2573N+57p/5zrXOfd9zaK/PRrwAMCOlMkEKIJR0YB/Lb1Ip4tfnw5XuermFuH0
6uaa2Dt4Sbh7utl5WrtI2Fi7uroRJXbbSnh6u0o4uEpoGW6RcHEj2CpMmzZFasyGwtX8VsfWntBx
1edPC3VCZU7HwVA3Vl03q9Tnz2XV6/Ons8rkpIwErDR2sLEvtuxK+BVHo/UAejh2MJmiY/CVNx7H
jeMEEEEnJmOVvGOqODZ67Jht1C8AX0tI+Xoy2sw7iv1SfilYIoLsrWIRQfWG8NeJ4ij9X4kC0daH
iEpd4TFCIhMHMSoSALsUPAnWRGuAp2M2sUFhDRMFeUNDYRT2xT0snOQPuDIFTy9PGxgbq9GYSv1o
D/6R/yukaBkKDvosFCVbTLeaLX1WpSXFO4DqowSMo6YuiVp1i7wcFDUgSktKwsiU+TD4nRmRjQxR
elISmx3h67mJlITxxHMMPvH8fzpepAd1ETB21LDHVpA98GoAcyYn5lh2QaaeFG+UAB/CLC2Ljlr1
PkqEO3hknjfb0meRUaChAUrh72ZpQOBvPuGsg6ipusFluOBK3GoJAQDPeiaasRKsofTRAg0IehaI
VmbU1I1Lm1RNkN0SNJcvIkykBPdufYKP2gjkDezBdM5GekhZlAHn/sXkR1ECW3gKceSGIAq8AAj6
gPHz5pZm8gDgJ+MrcSrBt9mCn+C828jICH4rO2YrSkQYv5ddDdn3zIu6pjcNIIKIaqcuCd7PCzyH
QtE1yRum4iuNmDOnojGS30X4S4mgkYYwiTvIk0PKiOzkF0/w5L28USIKUcsKyHpSgmQPXjI3/veQ
e0TlfQI8hfzGZsyZAph/VvmRUecnPFHsQVFaC9iMxuojJgdXsEexl5O5g++yh9zzvk9GDILvCmAM
MDI8Ib5MJrO4Wgw5uhHNxExe1GmnlaVFLVMa68+U5mW9TmW9crJesUD/R/6Rf+T/f5Hpt0236TK5
0nOI8jg1LvGtW1pvXGNVYOkKwaEtcaLslJAu9xt7cjJUVwc/kuGKPHdcJ2fqS61t2sV38VZ2Jhe9
TN4AYyOhXF57U5YMfq2q5K27yxBE7+VG546LWjb5GQE6RAOxni8QznLVDM642IebRcnsxN7cxfPJ
pcRZR/eKioRJRNCvXTgV31kM2iKqxvm9x64VTokW780tnux402lebUKyqIAjmVB+Pvvtbys4+9We
MpL7fdYJPHoyEvDxbFW08vJYzdvNImHzyPTYtOy3V644caqsjrSYN2frqXtUgQVzYrQ0b60UI+fH
im6bK+kIydlvU9/a4FYknfRdEGOWIPRkhHHC8I6m1a7EdzTvWewvuc55SxeU71mhzzbpYnXSwHFf
zEp+tCMuqFR168Eb2xqrFTZkFVk7RTl9mDIstZgr0eMOr9zbKyJFelUJh0uJjha3EF0HX7xGatbm
hZ55i42uTUpUKq93kqu9+iEP0V2dclJIHHl3d9eq933B+97sIs46hLybs8m/LKjIrSamuf/wCsF8
K58ZdhyUyDViOQ80C5XJTiryuERvF+Nb+AELwiuZ82cTh3dVhgtulPjwCE8MydL8zZY46xNm5aEN
B7eAzuxkt8u78zsaDHwW2U9q9G0m5mZpNkoKH79sPffEObF1S7kGdJ07L37aUBshyOud2aK+GpfN
kS9XeurdZxz3QPB0hdIN4pwtO6tOuN3FH7C9GDHJS6x9d76Mn6yoRpYyt48qabJ4zHFt8eAEEmFn
fsLQZ7s9MqQQUfbLvU4j7cEu5vMWoQk4uDvLRScpiKo7LCAYERsV8YokdDzaqDmGIhFRuKL2Bi9e
RZ5L/AGNEKtXZkFwurF2b7W7WMgnY+Ua+2THTyUryu1WcD5TNf84Y2uBRaxWmcXunWxV3EMZIRV+
JvHrn+Mkd13ctdb5yjZvhcm3ZzQIbhELfN2JRqTlemuGXSU+H8dtWuvy1j7T13ATb3hBFFei5Owj
TjvcYu+sT7pjuNoybqX6frGI85G9y3OkcvJoNqHvUsxjdpTWW8i91jIXklqMsyDYGpAEetmbIp1w
mQdLs5XJoKpQn7RyRogoOdyNOadDPPjtrlkkUm/KUcIUJ2KuZFDzes4DsJpr9qxzaKZfqx95cWHT
vdLhzrXE7Xof33bsIpbI5Uh2MtdcWXpY0+xYraag22pm9PlPwdZ2u2sK+9QDBkIe2zH1tBZ6XsHZ
+7w5eu6kNg95vuEeUak7eJ9dvEfYdOPd7ybSLxdLqRcqs5FEVvuvyRm0wQefswkRrrzbVnLe8cyH
26q8lziepsxP0zQf7McXyXO9kKysrXr7W82A8C29p4ka+zd9uqcqEBn5hJhbp/nyXnLwUnmhGa4F
brHSshrD3J9VTJcr5rtKO1YfvXjxwG+E5g1SPZGRRC5R8fenKz5zDug6NqVobislxL15rF54cabT
9WSJdH65QSjnHw44w7X9Tjc37eDTptnOCwXqd+eJHqt9HhnpR8yVCk4l9OGrVHKOSR6sHd6loz3M
/V4l7o1bnNUnFl1pDxliTmMd8dMNxrR7XWE1Apyv5w575OUGthBGxPzipn18uxa5rk6zTrkPjOVt
EnXKa6t2NSArn1Ti9mNWXE58jK/FESuzNLOU+vAYZJOMrrjgYXK/8K3oA+evJhvYVcRq3L0Ya/3s
gmbhnq5wPa65L6Z9OMrP+VqUdzqpNvCikmOShGO1mehO5UWvYoM+FRqKr5TnMpeJEdRUk+J17blS
GViaecxgdNkPnYhK08za9VixKvN9Xd5DG7y5y4oavH3w2WSbOAOSI2cDI9LvN5fsyrIVZLybr1Xd
pnLERdhqPm9eW9tDQpzB2/JNxpfxi41OmpsIrybzlzwL7J6cqJMkjhaJvlFT2TVCSE3hkymHuq9r
wVmpnMwruv41d3GzXdM2xGuV7bxpUFURVEoQnLMlw9B5TqgTwfjy6gvKSeHTtrElKn3Q5uN8ffe8
+pmEA/bD7Y5Od6KN7l5XJfuxXIdj+SVGW1zHgadmJ1Ml7i7muqJ2Hkqi+UGZnZ7+XVFH0uXRIhHC
qwk6cNTwfM4LvE6Iq+jPl55EiVSVMva8s3lddPAhLtUkyZgpqWjzGHZN116VaBprQHpgP9nBpFci
4sqirBtV8wX8LWZnFviJcQ4IFw1c34lt8EpbgkQ9tLpirRegCbDKYlORf3N0LwpvU+voq25Hc8Nb
CEyDD+2qy65Q3PblFi7KupechwLTck+BGbKiSzAkP+AmZ6NprKI0OdQb2o+YJ8h55vHbeYVbsSVo
i9e4Hb60XgGfcoMQF3Vj2yk6hexE/Cy3gx9519X3YBZ2oYLe7cPckjsCUewOkw6hrfmQmrTEK9sr
VmHTVVZb2P42I5iH3L7ls/Ctu6+jGI2OfgHcH0S9n199dGMBTS0cX/UhcocMfzG/0IDF8c4XJzvV
U+IMSXHdFbQYX2JJpmaWcoulzYW6xHkx2o/vyAoWRycmoEGXyzidEBUQ3YHfkZK12by3f8VyeSHb
1y7G2tjuLfMRRd1w+JB/3LQVApR0tDWXulu94lNZ/WZjqsmGU28eLnuS7HZlD+YX0TjvO32RfmJo
wZrPe4Btqo73I4t63x65WjxwPR1diGkQHqiJpnHZwjfY/ajD1G29C1ny4GJ1RBftDFVD16fHSZGY
os5pYU6EqqzQtFmJeFkHNNOma7cgyHPhvKrBfdaVO0kh4uyiZ7gP5BYuSEexa2QqmKj0TrtX9DDa
GSqrDpwXQBMgxrvrVaQf01JOPankwTJ77Y0vJdO0xbnnCBdvMmqqRbFbqVKJou6gKrOowihLpsPU
/sCbowVoAnIOowmo0o4pJVZGeM7kYX8Z5eSda25Sg+boioQ1RvfMnAGL0sfnmMdLieu1SSGUGZ5B
TgSZywsKlJM2V6nEoc1DUK76Op8cootNowEJeziJdCKO5GhmOYbgVTQ5EiWHNopzuq4fFl5+L7D0
bpIBSZqfnbLMlphLMsxSdpmmIv97rGSMGS/ngFuvcN7bo6WE85qkuPXclMhpfrlZy9EGH7JCnotT
Pka7mGNAd4tAXpVOPiEu3idO9OkzdCF0+3SQIWO3rESZg9riKDCHzW5VBXYT4wwM0Y3PMdGJuLxQ
M+tEEl5liVCi5KAZCyL8PKTiw9xmLvXHZoYXq6TVRt7wv97dbermbVS27oWUn8tBuTDPygtPm6d8
WDOZ5uqe8ElkakuXRzx70YppwmvShIvtMSunDtzJpTXAKymhV0v3JkQ6cdTUSj/YQXW30na9akTT
Fvc5pnJINijtXSfyy8oPdi5HBqdYnIzwCBOjO5ta2j/XfbHId+mdyTeNh2gF0SZvvc3KiY6hVBGO
KMbMMHzGUvy0+S12d+12aBU4dS8/w7gcZppqR4rzdo//sNni4EGlcCOm1+xN84c2UbT9HKIXNqEJ
yHvES7Vmv+HiHBPpJEV5PTNLmYz3W2v3XPvTUqUdp9Ui5x7NfFHP+Ul+Vh/R6XAG/7aOBuVIowEP
U/CnG7xd4G8XqEAW/niw7jk2jffQNFKFZ1Sg3Vu5n6RnufTatMJlivIJyHV5lxgN0z4uwt/YZ38k
UlCkukY+lj3DzkSTa3jz2+VyK+8vDiblVb2q5hiZy9631Dpx2OlOCmZldI5aTqO9blh3WD31a7y8
RHMkdEEza04ICyKJtkNOGYthYf7awFKfpC8hlbtvc5byfM4vEGwav0Sd/hRK5Arf3Cz5HGWyn7I8
F69cjHbI5AFd/Zl5VYqXCHEv9sWJtjyNdIpJz9K0UCHjZSW5EicjLipPdIelU6oCB53iDGYkirLH
hzgRF2VrZp09hFchT06UVNAR55TTGhYmVQeWHk4c5aLlh0VdlvJR/lEu3DycA4uYwnnM6FKCqBUp
LkSAEllJyM2yRE+HJNlRus3c4SpJDhVpz5mEuLmkh27WwZ+nS1S2St01JuM/K9gytvZKuXlk6A6f
vHCMUcvbu1i4xcM+iqEwNTeLP8N3YPcO613vjF4t37NxQLdY8NN5aqdA3A1Ss5t12D32Od3V8uXK
SvgA013PPXtl/V0SVIYD8g697JzUt2g+zdMu7L3g8tysxrPWQ456TnvoHh8X+BCC2KM87p99XSoU
y8XXZ+QUyuSY8aRevtxnyNXSmSvx9+Pg639p3un99ekVjVP6FvH0ibKfJsvNaB9SqFhH2+OuZ/fZ
4O1kcc5tOsH2ndf6e3hbDEh3RbWjh6dAdZ9szZb7+F1yBsytbQscrOOlgvbez3lNn0SbP+uth3V6
JJ30sX5p87oht/07nZmSmdo7CGSVyC31OQNNuLjne5t83C+/Y5/9tEK6dcs7dxV50xOuI1L7CWmq
kfvzwoKf4frmiNN8bEPRoNvLVZuVyRfVfP1ebX0728UuTOGUPSXtWeOspwakJWJbovvFWSNS3oZz
1PEdNnzLT/INWkgWztsQTJ9GW8n22mP9kUH22blZ5Vmez90stzk/1v0sacWZN73EdIh85fCm3ySF
40Sbe0cE2XvqFzcb3ce77NernpHi4EcI1x1Oyjvy/D6OJsHXt906HnGpKJds3jJspKcXwJTk1N66
J1rhtPf9K02dk37jFHvvw04Rclpd0SzVav6cRLJ0fk3qXWTFOSA1bHz7CrV2youVyz54OYYxxNEc
CWbtZ5J09ju/3lAm6RoQpJK0Pa+Kr1T+40o+mpd1fCVajYOa9crlLno6fq+1B9m97BIUsnxvpz/t
JJQZqPc5EHM/TJ/DLFds2vKOtE+eq87p8fTN+pdsyaSKqrBbK0YWCb839w9jiEH1oObr/fWGRDG1
qxs+L/puHY0ttaxJ55WTViyTFypViDFbxD5gwYMelL6DfFnTP67GfyD/QP6B/AP5Y0gzgijymnr/
vnLOvmrZZ6/booQze7TWKzQ1mpnHJG/1zGMrXrFXqPHi/SyrBS5Nyu2nTioUGBjv9rFLg6W3SyzX
RUcLRDvf3M2juaZ/Jp/7A/VJ/pxyJi+OhFrlTjdsljbseLllSpzPvk3TvdSUBcTTp5wXk3Hokn/o
GF9cvMxSnVRz4d5qlSuR+uuT85PLLjNx85cWC94KkFRK9bgx983I0KFZeUr6fPPJj/g3tyZM9+Oc
qqnaO/tJSmX2eemP3QWtgrEPbuTvDPV2vcimficfjQg9Y0pig1ZJ5k/cy6/62vfv9W7tmGyO0pNi
X1QtXPa2YV41+Y40vGAy1ao9p5Bvb4slQwS7VIU89vFqCDxh/D/5PugdxdHyLCpjkYYiJY7V7VL8
iitAx5xIzSfUdSuOfyD85+ym4LRtiUaebjaaBIKnrZcXQDGs93FgVWGnxmx6btYEPYfdntae+zRR
X/xWB0+it7UzAhBtbYgAuuuNDdbrLVVSIDg7A8wBZMjUy9bTy8RtvauN5z53oi1hg4OzLWhqbdU0
2jiO+0d+lNYe1R6DV34aph6U7UPqdu6nlibYtN16d1fkmTLPM1v/xJf8U/9x0v8YYWN9F0gCIHD6
6Fc3Ar9tZwccYB9fA/YhM9YYiOFPoBL7asmlH/A4Fr76J/Vc7KPfH/pZ/Ytf1LOM/aSe9xf1Eqhe
cTNA9vSvLY92onPOr+eBaDDZ0l/PZY+g8wlf4GlIBlgzwbLs2Ja3i3WVMUNc31z6C08RSRGQXSwL
y1cpIc8ZwCTYjNQU6TaYDJZIdwMH2CIre5A6oWMvVHrAFNiHTAaAxkYN0DfVhe27t4OdGwFcXV3B
3d0dPPw8wMfHB/z9/SEgNAD2h/sj/EHULwSVEUij0PEx4IY4mArxqDyJ9DQ6TkaaijQDaQ7SXJjB
noX0IjrOh2lwDaajvXg6lAD/5Hzgm3QNZnFcBUHuayAw6QbMmXYdRHmKQIynBHTUC8FAqxRI7gUI
fxt4oBJpNWq7je6H92DmpFoQ5KgHIa56EJ7aCKLTm2AGdILEjDKQnFkB0rPvgqxQDciJ14METzNI
8DbD3BktME+gFaRmPkT1DTB/9iOQnd0OC4U6YZFIO8iJdoK82GNQFO+GxXOrYPn8OlCUaAYlqRZQ
mtuD7A+BMMcQiHAOwQIhGiycQ4dl83pBWaYXVsj2gsoCCqyS64fViwdghQwDVGTpoL5kAPTVu8B8
dStoKA2C5jIqrFcZBK0VdNBWZYDRhirYsrEeTDbVg5l+A2wzbIKtOh1gYdQElptbYbf5fbA2ewS2
5h1gt+MxOO/qBn9iD5hsoIGpNgNMdOiw24yKlA425nQgmDPAfc8geDn0g5cdA7zsh2D/3gE4GFAP
wf7NEBzQAiEH2oBM6oBAny6kNAgKCoLw8HA4cuQIkNFTR0xMDMTHx0NCcgKcPHMSTp8+DWlpaXD2
7FnIuJABOTk5cOHCBcjPz4f8wny4du0a5BflQ3FxMZSUlMCtiltwOLQFIg8+hsOHHsOxiB5IjG+F
M6da4eyZLii62glF17qhpKAHDodQ4WgYHeKO9EJ0GAMSoimQGNcPiccHISluEE7FU+H0iT6kVEg+
yYDsNArknO2H85kDcDGLAVcu9UPhVaSXqVBc0AfF16hws7gfbhYNwvVCOpTdHITbt29D2Z0yqKys
hHv37kFdXR00NjZCa2srtHW2QXt7O7R3tUNXVxdU3O6DyvJ+qK4chPv3BqG+bhCamijQ3ESFFqQP
Wweh/RGqa2Sg/nToaKfD4046dD1mAIVCASqVCgzG3/usxsS+SPmfyKw/lu/htH8lfyVe+BRtdgI/
v1At9s9/iibMl/GH+Hg+Ghs/np+PTwgvgBPGxeMzzv4hPgOHw/ELZ/DhzvLx4Wg4Pj7hkz/DU6rH
O+CSZ8wWOMmHTx7DC/H9BF/t4eHQM4rn4xPIwLHxzcbjTuLwbA1seGHqj/hHlj1B1mMDxp2kZZ3i
o51tyMBlNdDqz9J+gqddsaZ5hLLwybgsGu0sHzo6i6NRaTQq9afjvRLabXn7y6ibUB9qEzKN0FTq
T/3zKPTazq9uorJM06jOztRf4Gm0bo+wr2DMLpJLR6m0X+HRqCOCb3aPdXhIdtjpcJDV6ZfzFRFE
qz5kFUgu6648aHmwgkrtrvhDfLdlGTLdXXzI0tLS2iE4yMHh1+NlsYhxwF4rdrp1U7vLyljGqdSW
n+JH/bGzjEq9Z3mZOi60n+LHvYemwYHabUWmfiM/sY/ZGXWh5cMgh2+s/wQ/wd/UCGvLiu/Mt/6U
z5jFbkuPL8Zpo/Af7U8EWBZ/Y7yltbX5R/tfpcwyjEodRH+j8B5qa0vzT+x/5e826h1WhxYWneZf
8kHiFnb5C5xFp6W18Uf8V0a7yh5Sqa1j8B6sQ3PjL+yzxLK0u6V1fLAI3ozkO3zjqNSz/tdfyG5s
bGhoRCNFXFqaG5t/sJ+enopJeip2oLxSBTvJaGRRb25sRP8YiPuLcHJzIuHAhJ2DfVzqMTTCNqB/
YH0xXmJM5qE/logjERMXE+MV4eXF8Cx4Q2NDPetL4/NkMJGlHJaRlfHsoXTnLpx36dJYNzExjnpE
HYPXN9Sz8GKysnKYUA4ryMl59hz27b4ke+kSsjBvHrqcOEc9C1xfk1mTmcr6srcCEjUFNcpFczU1
IsVL4ShF7VKlnKysLNZHgruuob4uMyP1zOnTSSz8PDV1dXWk6KbZsc2HslfNi+Jd3UOhoEtiPabW
1NeknkqIiz2ekMryj6yGhqam5lpNynmjjjI/io+GD8Wn+iHRSw3rICszvaYu9YTQLMGE9Mw6ltOX
6Orr62/W30wp0H9UHUDx16igaFRWqyFZgnXgzcw8ndk8SGusqRmdpDUmJmZmJjvMKH0dFPL+no5H
lGKN6u5qrAd2BbGMzKQaGq15HA4bdzgQbJHcLC4ON3EqOH+epKl59Ny5c2pLlijILZHlTU8/0Uhr
qRuHw3ZHR1dXN1dHW9sdu81MTDbr62tqaqhjfBQUEB/x9NSExtavcNju6urhgZ7IMTwLvnatpjoL
zxqweOrpuJbRmRoVc6ON5kboZbv5dnMjIx1t7Q3Lly5dIiu7EJsxNGHpp09PhE+UHlaUs2Iam1Ik
NWhSk2oaf/H40MIKWmwFjIERPDP1zK/g8MUmJukZ6dgyOJ36Hz8DsR6DmO/QCQ8qsaSO4///kpXo
/tmSZ6wUHyvVx8oDYyVztMSNlXjm6PU4xkqesVKd+dXvsmM/49CYmKey/zxPlVu6CNTWroRVWmqw
et0qWLN+DcpRzRE9O6QuSD2QeiMrnkh9ke6HTYabYONmHVZ+arDFAAy2GoCx+WYw2bYFTHYYo9IE
tu00h227zWEHwQIsCZZAcLEBOxc7sHezAwcPO3DycgRnpC7eTuDu4wYe+9zB248IvsG+cCD0ACun
5YJDSCORHmHltFNY+Wwi0jOwavlxlLemjeWz2ax8dhpcRnoVaTFyawlIzMyBZQsKQEW+CLRW5cOG
VTdBZ10MbDWOgb3eR8F3XwSQ9saAz95jSOPA3zcWfH1OwAy220irUP57FwQ57wIfWzXKY++j43oQ
4y0HMZTPLhCpQvlsHcjOucfKX6VnNcKCOc2ggHLXRSJtqHwEqnL1sErxDiyVaQSVRY2gJNkBy2U6
YcncLlgm/RiUZTtQfReslO+GVYt7QF2xB1Yr9MPKhTR0PoDwWI7aD2sUB2CTejVsWtMGOmrtoKfe
CRtUabBxFQ3lqJVgbvgAdmxuAVezNrDZ3grWpl3gtqcTSG6t4OPeAIZraWCuSwELw37Ypo9y0410
MN9EBwsDBspjqWBpxAAbs0FwtKIhpaP8dBA87OhAcmGAn8cA7HOnQwCRDoEBF+Cg3yM45N+OctNu
CN1Pg9AjIaz8NCoqCo7FHYOkpCRWTpqYlgiHgi5D2KFCCD9UDOTQEkC3VjibcZaVo57LOwe5ublw
7lLOaK5aMJqrFhQVQFFREVwvuQ4lpSVQWl4KUeG3ISriARyLqoS4Y/fhxPE6iD3SDknxDXDqRBOc
SWqF1FNtkJ3eAxfPd8Pli11wNb8N5bJdcPN6N0QEUeFwMA2OhA1CVAgd5bwDcPwwFWKjqBB/lA6J
sb1w8jgV5bMDcCaxH86cHIATx+jonA6pSf2QdooKKSfpkJGCctusPriQhfLbnD7IzaHCpfN96HoU
yL9AhcIrA3Ad5blYjltSTIWy4h6U4w6wctzyO+WsHLfqftVonltfB+h2DrW1Dax8t6mlCRoaHo7m
ve1t0Nzczsp9sby3u7cbysv64c7tfqiqxEoq3L/bB3X36dDwoBft4YPQ3EhDuW8/yndp0N1FhU6U
+3Z30Vl5b/9AP/T3U1n5L51O/9N5aspP5Wv7yJgwuhidGdm92b0Z1N7skR/bu+alCfEISc4UFRKZ
mzD4TfvvrP4zJ/Ecmztz7qTTOB7prontDWG3MYCUyLFJPEKThGbyCM3MntheQw4pQe1pPNTsuYxe
6VgGo+ub678rqdr/YmRkMH2EkToykt6JGfuWX1vNwXcjX6SIOPQD//Dw6pdYSW84dKh6eOj99+0v
Al/eP3S09Kj9nvt1da9HGD+M/yii2GYfXn299H7byNDQj/7Z/6TNF7WMoP+hH/v/PnK99ND1EQb6
G0LybTurdtgt4Peh0cP337YzWH+/+1WOmsb6U79tZ/V3r2aM22fQJ7SP1TYF3ceKEcb7ofEwGu/P
QDbf34/4jYGAQ+8Z9CH6BPvY4zoDaR6pEDsaYjDo1AntGuvXrVunrr5u3ZrFq9XVtahY82giOXX+
BJk6dcqUKZyck6lYZwqVgt28FBWVlNpUlVa+LDivUqQmLye3YAFHF2rt6u7uwN6sVUby1El5W8G2
ax5Fq5QU5eXluLsonR2ZKSnJqF15E5JXdVe9mjYfOfK0dd9yJSXF+Z0dp47HHE/Grr/RwMDY+Knz
06NNpg3ebZ76ysrLleZ3pKRkd2RjlwdTKyTP26r3Pmkp395Q4IO1y2Wepo50sZrBys7R0S4ggGDl
7Gy6ycLccAPWnh7PoFDGPmTbjcRqu5WpsbHuxg1YbyVFuZT4rr5v19/lK5cvXcq9cOFcUlLiicMp
Kd+/p0CldlHRPtHd2ZmdnZ2eTvtTz2mjjxR/iX5GGvijciDlQSoeOPqYcmD8UeXb99NHf3gaKP0f
vwU3dexXp4r/RZUa4/G/I1hfJ6RH/4vq9OMvd//9Xyc/efKE+d/WX386/T+DP9qgmWhX/rd1f7g/
8+SZk6x+nn6eTHIsmbl993aWYudld8p+OMZ0vA/WX3+rLjO/KP8v4/9nFOOLXR87ll0sy+K2fJUS
q8TqMcW4Y3V2bgSmiKQIizNWYn2xeox7fuF/h//losssLuOK8cb4YfUYd6xu/Hj8HOuHleN1AaEB
zITkhL+c/6NHNObNYtq/HAPGJeNCBlNjowbL15ifsfjAuGH+xdr+iL+HnwdT30SXiW7+fxl/jLe2
KoOlqgsYrLH8iv84D4z3+HxgsTQxdrA6bExYiZ1j7fX19awSO8fm4K/gT6ON8rx3l8bkgycs3lt1
hpgL5/za/+PxPL4msXU67v/xGHvw4MGXsd2quMXiPjg4yKyrq2PFPnb8V/LH9GgY/QtvbB5stzF+
yh+LD4wXxnviuhjnP67YOsVwGNdxvhN1YGDgL+U/PgaMd9vD0fm4mMX4t9Z1e1f7l/FgNjG+bZ1t
3/h6nDOmfxf/8VjCxhAdxmCKThn6t/iPc56o3/vafHUrS/v7+1nnWPl38B9XbA6wOPKyY/wh7++5
f88b44lpSUEPk0zq+MIf5cx/K/+J69rLfohJMGcwk0+O7k0/4z3OvfrOIPMAicpUkUX7JucQc4UM
g2miQ/8yjnHt6+v72/ljivnfVGd0Dq4X0pk25nSmMMcQ01SbwQz0oTHPZw4wW1upzOJrVBbPGTDE
NNlAYxZepn7h2tzczyy8+i3/3t7e/yP33/G1fD6T+o2vW5qozKS4QeZuMzqrfVwXCNFYvt9tNjoe
7BjT7/3f09Pzt/IfjxFMMT9j97Xv4xvzMRYj61UGmc1NY75GZc7ZUZ04B99rd3f33xI/v1qTGE9s
DsbXJcYNi5XDIQO/5PgrxdYuyoX/Ev7f6zjf7319JIz2JQ4wH2Pj2b934E/zxhRbu48fP/6P+A8N
Df3hnv39PQe7PubvyvJ+1vr8WUz/u9yxtdvZ2fmX8P9XnCeqhx2NtT6xdfpHsf1H3LF1i2lHR8d/
zP9nvP+IBxY32Bxg6/XPcB/3OcYbW7dY7P+v8q48KKoz219NWnALaOISR6Vdo4KIKEYEQY3JUzMR
FVEcF15iEp+TcZuYBLdxV2IQRcQFcYhbQJEd2QQEZEeRVUB2uxuaqZq/Xlmpesnr3zvn674tIJuO
mamaZ9Wvvu/eC31+53znfMs5t7Gqquq18H/Z2GPbB/i/vL/Idpf5V1ZWMv/pr8qfz7Pd2bs9bt3Q
25/9qCc278juDI7dioqKf5j/y9qeebPvyPOObOOX4c/cOXb/Wfxljgzmvv0LDbyPqNv4R0/4M3fm
/br481rVFdfW/GTw3BNyVYX76Y1t+HUVswy2PfPmOYe5c+w+fvy4I/7mPYQNr1Xt46w7cOwy/+Li
59y6g+wzzJ1jlrkzDPa3bfPyuD4f2hP+c1n/0tJSlJSUEJ/iHmGQVI2Ac+XwPlZmvFdUVCRQVlYm
bCvPM61jle8z9/LyctHK/Xb8XyanvDouLg7R0dFtEBUV1SVGmSXgu+1xWOQcj8jIyDZITk4W9pB9
ReYtc2d7sY7cZ9tzvx1/c1NpExgm0pdGmEpfCJhInxM2oo/0mQGfEjwIGwjr6dk6atdCIa2h1p3a
1QQ36rsSVuBNaRldu1C7tFNwnqE1b/YZ5src2d481nKfx444z2jLfwf6ST7oL52m1pdwhuBH12cJ
/gIDpHMvQH7GP8c/r/89X8Pn+BBOoq/0A+F76h8nHKX+YWoPUvsXavcK/g8ePDDylv2E+cvc2c/k
PudS2vPnz+kvXSZOfyX8iIHSFWqvUnuN2uv0uU04tK+Qrm+Ia8bShaniPoP3B0GB5Rj0ZrD4jITY
aiTcqabPvEg4L3TU20Ovl14nL6GPQlqJgoICY2zKdmafYltzToif8xixntnZ2czfri3/oyT3NvEL
I0QQIglRBkTjSVUzDu8rE30Zyz7K0d/fW4rP3PNJBw0S4uroc24R9zoBva5XhU3YPv2lAMIFgz48
VqeE/+Xm5grO7Ntsa+bKnPPy8pCeno7U1FRkZGSIWKGY+dXV1XVRa/5sFzMpCW9JdwnJhBQBMylV
4EmlFteDajFtTI7xntviQnHflVr+3aP7K8T1O4q7dKZtQGJcvbAF24V1GigFC314bJ/rcl7EV1ZW
lrA125f7KSkpSEhIELEfGhqKGzdu4KeffsLly5f/l9q/BwUFLWjLP5D43icemYQsQrYBOQLVT7RG
FD7UwO69h1i7rATVVVqscSmh383A6k+KxLXbx4/ovP5U6CJAY6QfM1mXmwY/vCp8zVT6StiW7X3v
3j3B+cqVK/D394ePjw+8vLxw8OBBnDp1ShcWFvYsPDz8UPu1i+3zjuIBhpo8xHCTQgMe4d2+hQI1
1Vr4fl8PK4siPCpsxs1rT/Hp6kqhzwbXxzCXcrFuWbm4XuNSiuRElTivsC4rDePzlhRn1GOgFEoI
EeNhIn0t+GdmZoq5+Pz589i7dy+2bt0KT09PnDlzBrGxsTryIR09j+pgT2A+WHEHSrNSjDEvw9i3
yzHunXKMH/LYiNqaFpw71Sie5WU3IS25CZvW1Qi9vnB/gmGkb0ykSvA3l/KQkqAWOvC4mElpwt/0
vplAnGNEfOnjLYRiYJfwF/bx69evIykpScQxr/O81+I+j0tMTExmJ3sa89Fm6bAcWQWrUdWYOroG
1hY1mDa6VoD7zL+kuAX5eU2iv3dnPf70n3WCP+vD4P7lC41iHFPvqigetUhJUgk9ZB3ajkO4iIu+
0n4kJibi7t277N/IyckRvPmcwXMSjw3Zv5DWTUVn/Ce9W4CZ4xrw/qQGOp8+hf2Up5hjqW/5+vIF
DQLPaRDg14SvN6tIzxp84lyL86efinE569OAVYueYET/R2IsDnjW4uTRWtpv1uDEoRrind7BGOj9
iNcDXtOJo/Adnn+YO68F7FN37twpi4+PV3SxpzS3UZZi7jQ1nG2bMH+mBgvs9Jg/k+5NV8PRSkW6
qDBrYgNmjK2HjUWd0GHSsCpMGFpBfleO0eR/vxtQLGKHx4D9iGNfPy+09qH4Vva/KdY15h4RESF8
nW3OazHPQ8S7jOahft3V1G3Hl2EecV9g14SF72vx4fst+GBWE+bNaIazjZ4/jwOP0XRlPazJr6a8
W433hlVSrDyG0rwUIweWiJgfonhI+7V84psr5jOOgbeke4Z5OZE4xxrWl1Axp/aTTog5JyQkRMw3
bHf2IfKpAoKiB3v6N60sCvEqmDAsG2OH3IdyUBrZPwUjBiZheP87NI/F4u0+UbQehxNn/dzPa3l/
KQg8V+vXsLNi/eoreXNs4tq1ayJ+ec2iWEj9jb6CNE3OAbRG6/0Kr6Gt1355Lc3PzxfrLK//jPv3
7yMtLU3ELc+btCbxPPMzzUVRv+FXqMbJZ2gZvF+R97i8v2Iwb95n8Xoq7wNk7uzXzF3eF/Dcc/v2
bbb934j/xd/4i7T9yZ4/E59nxEeAfPUZ8XpGvJ6RPXXEQUc21NFeRUe21VH86SgOdTTH6MhPeA3S
0R6G11Id8w4ODv41MDAwn2Jg2b/4S8K9xBeFn0P+7wMUrdCHYGoAfzu2365du0aT/u++8vvkDXpJ
/66teM/7DYOyr9qaGFozQ2vRrnU2tPtloxp+HXoeJobWzNBaiJe00sQLW23fJze8p2X+cmM4fbrt
QGp4T+vymrFg/ITxA7uXP3MUxVAxoeo1o3jCxAmjupNvaztLyXuGrlBXX4cHjx6gprYGuQW5SEpJ
QlpGGopLi40t36usqkRJWQnSM9Oh1qgxecpkZXfyZ8x4X8jvqq6Uk5+DHbu2IzI6Eus+X4fFyxdh
zWfu2O65DSvXrcB/bdtE99di05ZN+NPXf0TA1QBUVFXA0sqqW/l2dvZG+U1NzbSXfLE+xHqvXLMS
Th86YemqpTh+6ii+Ijkr3JdjyzdfwXGhA67/dB1WMyzFOwG7D+9GVk4Wpk617lb+rFnP5YffasaO
TVraF2qhVrfl8c2enfh8y0YcO3kUcz9wxCduHwudHRbMwYYvNhA/Vyx1XYo1Hu5wW++KlHvJsLa2
6Va+o6Ozkve8vGf/MUCLfTu1+MqjBT7H29rgVuRNLHFZgpLSEqRmpGLzjk3CLkUlRdh/bD98/X2N
eYjCokKRp58xY1a38p2dFxjl19Vqad+rxQVfLVYtbkFhQav3FZ5UIS4hDiq1CnUNdbgVcctY+4qK
i8L9rPtt6jAMtm238p2ey5dlpSSSLS5qsX5ZiziXdlYrbF/7SUusx9bVFcac6qvKZ/D479quxXdb
Wuj8oEXRoxdrlHW1GkTd1tB4NeOPG5oRdFGNguwGY4519myHV5bPeJCnxdqlLSiic+/VwGZsXq/F
0X3N8PPW4Pj+Zkwf24I5U/iZGmEhatwOVqOq8nmt3GGOU4/Gv6P4Zz4aTTO8DjTD+3Czoe6jQWoS
+dU4LZ2lmsS56ofDapz5QY1rlzU0buo2te65c+d1K3/+/PlG/dvXgeXxdV+iRWY6jW+yGi4LmsW5
srvaAedEnZzm91h+Z++CMHyON+HsSQ02rm7CaS9Nj+pXvNfuiXwHBwcl27urOmZOlgof2TdjzSfN
xvHtqn7AuvNc0BP5dnZ2Sr2/d14Xa2xUwW2xFkEBPas3yucMZ+fux9/S0kYp1yU6Q16OCosdm3HR
T/NC/aq93nL+ns81PZE/cWLn8mVZ0eEqrF+uwY0fVS/Un9rLb107cHZ2VuqLHB/06tPbVmGqsFUM
NputmDhuscLWZoVintMGxbChyjHsd13VZK5cUmHPDjXNQc9rLB3VSuWai5zPfS7fsY9hB9hRXcWy
dc69I5z1qcK2L6sRG/U8R8w/z7aW64SybH4u1x6cnJzGGI4+U3tLY/9M+EaPMQYoGcd2e16A57fn
CP6Es/juWz8DztC1L1atOANHOz8s+uAMvv3mlMDe3WcFD9nesmw+C8q1jrlz5wr5vaXxHqbSbjpv
HxI5Gz2OCPQz4rDh+UGYSvsJfyHsIeyCifQtYSfhz4TthC1QSO7inCzn/WWZfI9bPoeS/LH6rfgU
j36i7sA5fc6fcj44BMlJdZg5OU70Z09NoPFVIzqiBie/fwTlkJtIiK3BQscokS/uJ50Xee++Im9w
gjhsEudzuSbGcvncy/kPPu/SGVfn4uLynl6+tccAkYfg/FsCIVHkUzLTVVjinEv9JDjaZJGf05w9
PRPhoXVY9lEWEu7U4yPHZMGP86X6HMYlsC6mZAvOC7CefLbmPCPnwjiXRGdTXUhIyDN/f/+pevl2
Hm/1SsSg3jkY3DuXkIfBb+ShtLgZocGNCLlWj3XLyxAZ2ohJI/JwZG8VDu2pREaaCklxjfDcXiTy
VgOkMAOXq6IGwzk2lss5Z29vb5Fv5lwznef/m87Jh+UYV/Ry8Bhumo1RA0tgYVYick7KQaWkvwZL
nCpEe8CzDjHhT2FtUURraSM2/qGc1jMV3F0eYbR5hrDRQCmWZEcYcmfHhGyuw3EOiusLhjoDn9ev
0dn9bePBv898j8kjSmGjrKU1uw62BG6zMngt43VUjU/dapGWokF8jBoBZxswY2IxIkJ57mnEd9vK
DTm8ROIQI+zAtRyuE3DeiP2N55CCgoL/oXu3Cb1bz3FmfT/0sJtYA8dpajjZcF5RhbnWKqx1If0+
fgpnm3rMnFCD3ztXY5FDFZjrcNNCzLYshr1VISaPzGklP1bkn7lWxrkrztvyfMO5l8TExMj4+PgR
7efYYebb1s6a9AQO1nXEoR5zptbRZ9fCbmI12eIJ2bwSliMrMGFoMY3LQ/xuQD6GmmSTv6TDrFeK
8Fe9XH3ecoB0RcgPCwvDpUuXOA5+jolODPnr5YjeHc3xE4anjrKyyHKbOSnHzX5qttu8mXluC+3z
3T6eV+I2btTOzVcCKxB0qRyBF0pw6VwRLvg9hL9vPvx8cnDaOxMnvdLxw7EUeB1JxPEj8ThyMBoH
9t0WuaPw8PBfYmKSA/18I4e8Sg7DYuR/DKZ57Fey3y8Uw78UFRX9Qvr8SmOpozjWUWzpyM915FvG
/BDZWcd1ieDg4OqbN+8c+EcSN7//8Hrv7w8XrThx5OHyk14Pl58+UbDcxyvX1ftYziqvw1mrjh7I
WH1gT6r7/t133Td/6bNmzpw5f7C3t1+7devWjbduxs07dijGtDsZOknq9TogdY43DDAxrHOc3XCm
34FOZDR60RpoY6P/1jv/5bdeklJpuDLl9UH/TCn+6tsbhmdK8Tff3pT+//37P1BLAQIUABQAAgAI
AAKuDj9hacr2/TIAAAB0AAAQAAAAAAAAAAAAIAAAAAAAAABVUFNfRG9jdW1lbnQuZXhlUEsFBgAA
AAABAAEAPgAAACszAAAAAA==
------=_NextPart_000_0006_01CC51A8.DA8E0D80--
ScottF4
 
Posts: 30
Joined: Sat Dec 03, 2005 5:46 pm

spam from equitfax? unlikely I would have thought

Postby benalt613 » Tue Aug 23, 2011 11:52 am

Latest spam came from equifax.
benalt613
 
Posts: 21
Joined: Thu May 15, 2008 12:34 pm

Postby josh » Thu Aug 25, 2011 6:58 pm

We've seen nothing to make us think the system was compromised.

Please note that if, heaven forbid, someone actually got to the database, it wouldn't make sense for them to send mail to the disposable addresses - rather, they'd just send to the protected addresses, right?
josh
 
Posts: 1371
Joined: Fri Aug 29, 2003 2:28 pm

Re: spam from equitfax? unlikely I would have thought

Postby snowmaker » Fri Aug 26, 2011 12:47 pm

Latest spam came from equifax.


I just got a spam email to an address I made for equifax. I just set it to 0, so more spam from now on for the pancake kid..
snowmaker
 
Posts: 21
Joined: Thu Dec 15, 2005 4:39 pm

Postby muelleimer » Sun Sep 04, 2011 11:29 am

Sorry to say, but something is definitely smelly here: I, too, recently got - and now regularly get - SPAM on several spamgourmet addresses that I had previously established.

I had established those addresses for newsletters of different reputable companies from different countries and with very different business areas (computers, books...). There is also no way the prefix could have been randomly generated, since they are heavily individualized. The only common demoninator is spamgourmet... :-/

I agree that it makes no sense whatsoever to send spam to the disposable e-mail addresses who are obviously rather aware of how SPAM works; but this would only concern SPAM senders, not address harvesters; the latter are just interested in offering unique, proven e-mail addresses to their buyers and don't care whether they are disposable or not.

Long story short: My impression is that spamgourmet.com has or had an intrusion problem...[/b]
muelleimer
 
Posts: 3
Joined: Sun Sep 04, 2011 11:15 am

Postby pblinks » Sun Sep 04, 2011 5:35 pm

muelleimer wrote:Sorry to say, but something is definitely smelly here: I, too, recently got - and now regularly get - SPAM on several spamgourmet addresses that I had previously established. [...]


You just wrote yourself that the addresses already existed before getting spam through them... they were "out there".

The only situation when you could believe there is a security breach at sg would be if the addresses were actually being created by the spammers, using your defined prefixes (or other security measures).

The spam you are getting is exactly what the disposable addresses are made to avoid. Should anyone get that address, you simply set the messages left to 0, and you stop receiving the spam. And should you still need to receive any e-mail that was being legitimally sent to that address, you contact the sending party and ask for an address change. Or simply use the exclusive sender feature, if you only receive messages from one domain through that address.

Why believe the addresses were collected from sg directly when they could have been collected from, practically, anywhere else on the 'Net? It doesn't add up.
pblinks
 
Posts: 25
Joined: Sun Apr 18, 2010 1:15 am

Postby muelleimer » Wed Sep 07, 2011 10:53 am

pblinks wrote:You just wrote yourself that the addresses already existed before getting spam through them... they were "out there".
[...]
The spam you are getting is exactly what the disposable addresses are made to avoid.
[...]
Why believe the addresses were collected from sg directly when they could have been collected from, practically, anywhere else on the 'Net? It doesn't add up.


That was my initial assessment, too, when I got the first spam message on one of the affected addresses. However, I changed my mind after I got a) spam messages from the same spammer b) on different spamgourmet addresses that c) had been established for very diverse companies (different countries, different businesses etc.).

I am a spamgourmet user since 2003 and had only occasional spam occurrences in the whole eight years. And all of a sudden, a number of my disposables at different companies get compromised by the same spammer at the same time? That doesn't add up, IMO...
muelleimer
 
Posts: 3
Joined: Sun Sep 04, 2011 11:15 am

me 2

Postby kyotolearner » Wed Sep 07, 2011 6:51 pm

I am also getting similar messages from two of my addresses.

I am not an expert on email headers, but my guess is that
an address to which I have sent an email
might have been compromised, and they are randomly sending emails to those addresses.

Anyhow, it would be great to know what is really happening, since it does seem to be anomalous.

Nonetheless, not in a panic yet.
kyotolearner
 
Posts: 2
Joined: Wed Sep 07, 2011 6:40 pm

Postby pblinks » Wed Sep 07, 2011 10:38 pm

muelleimer wrote:I am a spamgourmet user since 2003 and had only occasional spam occurrences in the whole eight years. And all of a sudden, a number of my disposables at different companies get compromised by the same spammer at the same time? That doesn't add up, IMO...


Please, bear in mind that I'm only working with what is being posted here. I have still to receive a single spam message from any sg address I created (and they are quite a few), so I don't have any first hand knowledge here.

1- What is the percentage of your total sg addresses that are getting those spams?

2- How many different watchwords are you using? And how many of them are involved in the spammed addresses?

3- When you said
muelleimer wrote:There is also no way the prefix could have been randomly generated, since they are heavily individualized.
did you actually meant prefix, watchword, or the whole of the address before your sg username?

4- By "individualized", did you mean random? Because, if you created them yourself and not actually by using a random generator, it's hilarious for anyone to think the address cannot be randomly generated by a spammer (no matter how convoluted the process might have being in that person's opinion). I have seen unused randomly generated (8 or more characters) real addresses from respected services (yes you read that correctly), receiving spam sent to random addresses. Are you 100% sure that you have not seen a single suspicious message appear in the 'eaten' log that seems to be a randomly created address with your username appended? (I'm sure I haven't, but I'm not the one receiving spam :wink:)

5- There is no reason to believe that there is a way to obtain already created disposable addresses without at the same time gaining access to the protected addresses (if not by human error, instead of server breach). Even if you believed that to be possible (and with the following I repeat something of my previous post that you completely ignored): why not use that knowledge to create new disposable addresses to spam? Especially if you are gaining money by each address sold. You could make virtually infinite addresses if you new a user's watchwords, prefix, etc.

6- If there was a reason for the 'intruder' not to be able to do that: why hasn't every single disposable address that was on the database received spam?. Copying the database and/or extracting the information is quite a speedy process. If someone got into the sg database there is no reason for them not to obtain the whole of it, or at the very least whole lists of some of the users; and I haven't seen anyone saying that every single address they created has been spammed.

7- I still don't understand why you did not use exclusive senders for the addresses if they were each for receiving a newsletter from a single source; but that's just my curiosity.

8- Last but not least:
muelleimer wrote:this would only concern SPAM senders, not address harvesters; the latter are just interested in offering unique, proven e-mail addresses to their buyers and don't care whether they are disposable or not.
I have no idea how the spammers go about 'proving' e-mail addresses before buying them, but I can assure you that if I was in that business I would make damn sure that none of them belonged to a disposable address service before paying a cent.

Risking a criminal charge by illegally gaining access to a small percentage of the database of an anti-spam service full of disposable addresses... is quite a laughable idea; and you need much more than "The only common demoninator is spamgourmet" to even start thinking about it.
pblinks
 
Posts: 25
Joined: Sun Apr 18, 2010 1:15 am

Postby muelleimer » Wed Sep 14, 2011 9:51 am

pblinks wrote:
muelleimer wrote:I am a spamgourmet user since 2003 and had only occasional spam occurrences in the whole eight years. And all of a sudden, a number of my disposables at different companies get compromised by the same spammer at the same time? That doesn't add up, IMO...

Please, bear in mind that I'm only working with what is being posted here. I have still to receive a single spam message from any sg address I created (and they are quite a few), so I don't have any first hand knowledge here.

No worries, right now I see this more as a strange behaviour and less as a serious problem ;-)
1- What is the percentage of your total sg addresses that are getting those spams?

According to SG, I have 376 disposable addresses. Maybe four had been burnt in the past, two of which I had used on public boards.
The current spam wave occurs on three addresses; that?s below 1%, supporting your arguments in no. 5 and 6. I can only speculate on this number (which I do further below).

2- How many different watchwords are you using? And how many of them are involved in the spammed addresses?

None (and none) - spam on my sg addresses had been so rare in the past that I never bothered setting up watchwords.
3- When you said
muelleimer wrote:There is also no way the prefix could have been randomly generated, since they are heavily individualized.
did you actually meant prefix, watchword, or the whole of the address before your sg username?

Oops... My usage of "prefix" was incorrect - I actually mean the whole address before my user name. Sorry for the mixup...
4- By "individualized", did you mean random? Because, if you created them yourself and not actually by using a random generator, it's hilarious for anyone to think the address cannot be randomly generated by a spammer (no matter how convoluted the process might have being in that person's opinion). I have seen unused randomly generated (8 or more characters) real addresses from respected services (yes you read that correctly), receiving spam sent to random addresses. Are you 100% sure that you have not seen a single suspicious message appear in the 'eaten' log that seems to be a randomly created address with your username appended? (I'm sure I haven't, but I'm not the one receiving spam :wink:)

Uh-oh... I'm happy to elaborate, but my first sentence of that explanation is usually only uttered by crazy, crazy people:
I have a system.
Whenever I want to use an sg address with a new company / service, I create a new one in the following format:
[name of service / website]YYMM.20.[my sg name]@spamgourmet.com
Example: If I signed up at worldofwarcraftnerds.com in September 2011, I might create a message to the tune of wownerds1109.20.[my sg name]@spamgourmet.com
To exactly hit three addresses in this pattern with a random generator is highly unlikely (one of the compromised messages is from 2006, the other two from 2008).
And yes, there is also at least one random address that received spam (happened back in 2009, feeds the pancake kid since then).
5- There is no reason to believe that there is a way to obtain already created disposable addresses without at the same time gaining access to the protected addresses (if not by human error, instead of server breach). Even if you believed that to be possible (and with the following I repeat something of my previous post that you completely ignored): why not use that knowledge to create new disposable addresses to spam? Especially if you are gaining money by each address sold. You could make virtually infinite addresses if you new a user's watchwords, prefix, etc.

This goes into pure speculation, but if I am just a dumb harvester who gets his hands on certain addresses, I probably wouldn?t bother pondering the possibilities of creating further valid addresses if that would mean modifications of my tried and true modus operandi.
6- If there was a reason for the 'intruder' not to be able to do that: why hasn't every single disposable address that was on the database received spam?. Copying the database and/or extracting the information is quite a speedy process. If someone got into the sg database there is no reason for them not to obtain the whole of it, or at the very least whole lists of some of the users; and I haven't seen anyone saying that every single address they created has been spammed.

The latter part is undoubtedly true; however, it is not uncommon that only parts of databases get raided / downloaded and the rest remains uncompromised. Thieves often feel compelled to act in a hurry and just grab and run. Data thieves are no different. I have no clue on what the structure of the sg database looks like, so I can?t make an educated guess on what would probably happen if someone breached it. And to speculate again ? this is completely out of thin air, not to show a credible scenario but to demonstrate that there may be unknown factors at play ? maybe the harvester gave away just a small part of his loot at first, be it as proof of the validity of the addresses or to get retail instead of wholesale prices.
7- I still don't understand why you did not use exclusive senders for the addresses if they were each for receiving a newsletter from a single source; but that's just my curiosity.

I went with the FAQ?s advice and started with no-brainer mode ;-)
8- Last but not least:
muelleimer wrote:this would only concern SPAM senders, not address harvesters; the latter are just interested in offering unique, proven e-mail addresses to their buyers and don't care whether they are disposable or not.
I have no idea how the spammers go about 'proving' e-mail addresses before buying them, but I can assure you that if I was in that business I would make damn sure that none of them belonged to a disposable address service before paying a cent.

True that ? but maybe you are in different business simply because you are smarter than our average spammer.
Risking a criminal charge by illegally gaining access to a small percentage of the database of an anti-spam service full of disposable addresses... is quite a laughable idea; and you need much more than "The only common demoninator is spamgourmet" to even start thinking about it.

The first post to this thread was made on August 16; that was pretty exactly when I started observing my own irregularities; shortly after, another user chipped in. After that, me and after that another user. And now, I also experience the ?undeliverable? server messages as described by the first user.
To quote noted philanthropist and humanitarian Auric Goldfinger: Once is happenstance. Twice is coincidence. The third time it's enemy action.
Your objections are all well-grounded. But they do not help in explaining the observations of at least five sg users at the same time; ascribing them to mere flukes means ignoring what appears to be a pattern. I am not saying with authority that the sg database has been breached; but something is happening that I can't chalk up to coincidence.
muelleimer
 
Posts: 3
Joined: Sun Sep 04, 2011 11:15 am

Postby pblinks » Wed Sep 14, 2011 9:47 pm

muelleimer wrote:No worries, right now I see this more as a strange behaviour and less as a serious problem ;-)


I understand and thanks for the info.

2- How many different watchwords are you using? And how many of them are involved in the spammed addresses?

None (and none) - spam on my sg addresses had been so rare in the past that I never bothered setting up watchwords.


I went with the FAQ?s advice and started with no-brainer mode ;-)


I'm sure the sg crew will recommend using the no-brainer mode for most people, but a +300 addresses user is not "most people". These particular circumstances aside, you are bound to get spammed without using watchwords. The more addresses added and the longer they stay active, the worse the chances get.

4- By "individualized", did you mean random? [...]
Uh-oh... I'm happy to elaborate, but my first sentence of that explanation is usually only uttered by crazy, crazy people:
I have a system.


I have never done this before (especially because I don't like XKCD much), but here goes: https://www.xkcd.com/936/

5- There is no reason to believe that there is a way to obtain already created disposable addresses without at the same time gaining access to the protected addresses (if not by human error, instead of server breach). [...]
This goes into pure speculation, but if I am just a dumb harvester who gets his hands on certain addresses, I probably wouldn?t bother pondering the possibilities of creating further valid addresses if that would mean modifications of my tried and true modus operandi


The most important part of 5 was in fact the beginning (everything past that was truly speculation), since there is no known way a database breach would not give the attacker the protected addresses. And take into account that I left the door wide open for the possibility of human error (which is by no means impossible or even implausible in this scenario).

To quote noted philanthropist and humanitarian Auric Goldfinger:
:lol:
Once is happenstance. Twice is coincidence. The third time it's enemy action.


I hope you have taken into account that sg has hundreds of thousands of users (that means probably tens of millions of active addresses) before thinking that statement applies to this situation. With a large enough sample, all "million-to-one" chances become more than one-time occurrences.

Your objections are all well-grounded. But they do not help in explaining the observations of at least five sg users at the same time; ascribing them to mere flukes means ignoring what appears to be a pattern. I am not saying with authority that the sg database has been breached; but something is happening that I can't chalk up to coincidence.


That is where we disagree. The made observations have made no difference in my opinion and I have certainly not attributed anything to a 'fluke' here: Without forensic data indicating otherwise the first possibility in my list (for this circumstance as in most others involving data security) is always user error, second trusted third parties error, third maintainer error, fourth admin error... somewhere in there are random address attacks directed specifically at sg addresses, near the end man-in-the-middle attacks, and last of all network breach... with many (and I do mean many) other possibilities in between.
pblinks
 
Posts: 25
Joined: Sun Apr 18, 2010 1:15 am

Postby DyNama » Fri Sep 16, 2011 7:18 pm

i too just started getting spam at the email addresses i set up for motleyfool and equifax!
DyNama
 
Posts: 13
Joined: Sat Mar 19, 2005 7:01 pm
Location: Ohio, USA

Postby benalt613 » Fri Oct 28, 2011 11:05 am

I haven't had any problems since then btw. So I am presuming it was exactly those addresses and not spamgourmet.
benalt613
 
Posts: 21
Joined: Thu May 15, 2008 12:34 pm

Re: spamgourmet breached?

Postby ragingdragon » Thu Apr 11, 2013 8:27 am

I know this topic is age old .. But I'm really curious .. Do we have any updates on what happened?
If I had been on this thread when it came up, my guess would have been that the particular entities like equifax have a known issue in which your email information could be leaked through your wifi .. maybe its your login info? And maybe that issue had just been found and exploited? That seems a likely explanation though I'm not sure if any one else will share my curiousity on an old issue!
ragingdragon
 
Posts: 23
Joined: Thu Apr 11, 2013 5:25 am


Return to General Discussion

Who is online

Users browsing this forum: No registered users and 16 guests

cron