On Tue, 23 Jan 2018, David Jones wrote:
Here is a good example of a spoof that might get user clicks. It didn't have
good SPF or DKIM but it could have pretty easily making it look pretty clean
in a default SA installation.
https://pastebin.com/GTG8K56a
Possible spam sign: multiple instances of "http:///"; (three slashes)
followed by something that does not look even remotely like a FDQN.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
[People] are socialists because they are blinded by
envy and ignorance. -- economist Ludwig von Mises (1881-1973)
-----------------------------------------------------------------------
Today: John Moses Browning's 163rd Birthday
