I noticed a new form of SPAM today, which didn't even contain a URL, just an email address. So i guess they are just fishing for active email addresses. Here's the message:
***************************************************^ Hello, I'm 22 years old female and my name is Anna. I saw your profile on the net and found to be interesting.. email me back at Megan_647_knoged@hotmail.com if you want to exchange pictures or whatever..Hugs, later...
*****************************
Why do i think Anna is bogus? Two reasons, apparent from this line in the headers:
Received: from sender1590 (YahooBB219030032091.bbtec.net [219.30.32.91])
by kurma.ewranglers.com (8.11.6p2/8.11.6) with ESMTP id
h7CCGwu18838; Tue, 12 Aug 2003 07:16:58 -0500 (CDT)
My machine, kurma.ewranglers.com, that received the mail message is the lowest priority backup mail exchanger (MX) for ewranglers.com. It shouldn't be getting mail unless three other machines fail to accept mail. And since kurma delivered the message to lakshmi (the primary MX for ewranglers.com) 4 seconds after it received it, it seems very unlikely that lakshmi was inaccessible when the message was delivered to kurma. So it seems that the person deliberately picked a backup MX to dump the SPAM on. I've previously seen spammers do this. I suspect it's because they think that backup MXs will be "more accepting" than the primaries. (That isn't the case for my machines, though that's irrelevant for this piece of spam.)
The second clue is that the machine that dumped the SPAM on kurma identified itself as "sender1590," even though it's IN ADDR record in the DNS identifies itself as "YahooBB219030032091.bbtec.net".
END-----