Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

X-Mailer: Microsoft Outlook Express 6.00.3790.1106

452 views

Skip to first unread message

unread,

Apr 13, 2008, 9:31:50 PM4/13/08

I just got a spam from 84.24.139.149.

Interesting thing was the X-mailer:

X-Mailer: Microsoft Outlook Express 6.00.3790.1106

A search of my e-mail inventory turns up no other hits for that
version of OE.

Google search for 6.00.3790.1106 turns up 7 hits, and groups search
turns up 3.

Is 6.00.3790.1106 a valid OE version?

If so, when would that have been current?

If not, why would a spammer craft a header using a bogus version of
OE?

unread,

Apr 13, 2008, 9:49:41 PM4/13/08

Spam Guy wrote:

> I just got a spam from 84.24.139.149.

As well as another one from 79.147.62.220 with a similar payload -
which includes this hot-link:

The first one had this hot-link:

> X-Mailer: Microsoft Outlook Express 6.00.3790.1106

X-mailer in this case is:

X-Mailer: Microsoft Outlook Express 6.00.2900.2963

Again, no other occurrances of that OE version in my mail inventory,
but there are more search hits for that version.

unread,

Apr 25, 2008, 9:28:32 AM4/25/08

Identifying spam based on X-Mailer:

> X-Mailer: Microsoft Outlook Express 6.00.3790.1106

> X-Mailer: Microsoft Outlook Express 6.00.2900.2963

Adding one more today:

X-Mailer: Microsoft Outlook Express 6.00.2900.2969

unread,

Apr 30, 2008, 9:59:26 PM4/30/08

Identifying spam based on X-Mailer:

> X-Mailer: Microsoft Outlook Express 6.00.3790.1106
> X-Mailer: Microsoft Outlook Express 6.00.2900.2963

> X-Mailer: Microsoft Outlook Express 6.00.2900.2969

X-Mailer: Microsoft Outlook Express 6.00.3790.2962

0 new messages