When she moused over the link, it was a redirect.
She has Opera on her computer because I put it there, but I have been
unsuccessful in getting her to use it. I *know* she has never been to the
My Opera website.
I asked her to send me copies; if they come through, I'll post whois
information.
--
Blogging from Pine View Farm (http://www.pineviewfarm.net/weblog)
Updates daily. Worthwhile updates occasionally.
Opera (http://www.opera.com), Linux (http://iso.linuxquestions.org/), and
Fluxbox (http://www.fluxbox.org)--the ultimate internet experience.
Geek out at Geekazine: http://www.geekazine.com
Me, too.
One of the readers of this newsgroup was kind enough to send me a copy,
with complete headers, of a "My Opera" spam he received, so I spent a
little quality time this evening with WHOIS. You can see the email (I
redacted the original recipient's email address and provider) and the
WHOIS results in a PDF on my server:
http://www.pineviewfarm.net/misc/keosan.pdf
Short version: the email originated from a server in the Ukraine (Opera
is the number one browser in Central Asia). The originating address may
have been part of a botnet.
The links redirected to a web address in Korea. Once again, that may have
been set up by someone in a whole nother place.
I have no way of knowing whether my friend's emails had similar contents,
but, given that they all originated at about the same time, I suspect it's
likely.
Opera in Central Asia: http://preview.tinyurl.com/23kfmrb
EDITORIAL:
1. The redirects illustrate one reason why HTML email is evil.
2. One of the things I really like about the Opera mail client is how
easy it is to see full email and news headers; if you have doubts about a
message, looking at the headers is often a quick way to resolve them.
My friend uses Outlook, because it's her work email. (I can't even wean
her off Internet Explorer--there is no way I will get her to use Linux and
Evolution.)
For a while, I worked for a company that mandated Outlook. I never did
figure out how to see headers in Outlook, and I'm usually pretty good at
digging into the ins and outs of computer programs' menu options.
ASIDE:
WHOIS, FINGER, and all that other good internet lookup stuff are command
line utilities included in every Linux distribution I've tried.
I was going to say that "Windows users who want track stuff down can go to
http://www.samspade.org," but SamSpade seems to be down. There appear to
be Windows packages available for download, but you're probably better off
just switching to Linux.
--
Opera 10.60 on Ubuntu Linux 10.04.
> Short version: the email originated from a server in the Ukraine (Opera
> is the number one browser in Central Asia). The originating address may
> have been part of a botnet.
It's blacklisted:
http://www.topwebhosts.org/tools/dnsbl.php?query=95.132.250.91&submit=Query
(also listed in a few on http://www.dnsbl.info )
> For a while, I worked for a company that mandated Outlook. I never did
> figure out how to see headers in Outlook, and I'm usually pretty good at
> digging into the ins and outs of computer programs' menu options.
Right click message, properties. It's on one of the tabs there
The server used for sending (fallback.mail.widexs.nl) seems to have sent
spam in 2006 already:
http://www.robtex.com/dns/fallback.mail.widexs.nl.html#blacklists
A lot of domains are running on it, so it's probably a reseller or an open
relay.
--
Remco Lanting
[Unofficial Opera bug tracker links]
http://opera.remcol.ath.cx/bugs |
http://my.opera.com/community/forums/topic.dml?id=217364 |
remco.lanting...@gmail.com