On 5/29/2016 4:10 PM, Gene Heskett wrote:
On Sun, May 29, 2016, at 14:14, Terry Reedy wrote:
Spam missed by the normally excellent spam filter. Ignore it.
Blasted directly to this, and several other python related lists.
The source address is NOT in the email headers, and I'm sure that is not
a mistake, so for those of you running a blacklist like mail filter, you
can add volny.cz to the kill on site lists. Whois also does not report
the IP, but dig did extract it. 46.255.231.48, however since it is not
in the message, it won't do a lot of good to look for it, even using my
own rules, which I write to block the whole class D is it annoys me.
Verizon (my ISP) would not accept a response with the web url the
malfactor was trying to send us to, so they obviously have it blacklisted.
Up to you all as to what you do about it, but it looks as if it was to be
stopped at the source, it would be up to CENTRUM-CZ to block it. IMO,
w/o a source ip, centrum should not have accepted it for transmission.
But my oar in these matters is about the size of a toothpick.
From the rest of that messages headers it appears to have originated at:
step...@organicfoodmarkets.com.au, with an invisible character in front
of the s that disables a copy/paste if its included in the copy.
Tricky little snake. Lets see what clamscand thinks of it. Not
infected, but its database is falling seriously behind too. And I sure
don't trust it enough to click on it.
--
Terry Jan Reedy
--
https://mail.python.org/mailman/listinfo/python-list
