# host contagiousensemble.com.black.uribl.com
contagiousensemble.com.black.uribl.com has address 127.0.0.2
uribl.com + milter-link = rejected spam
Ken
Mailing Lists wrote:
Here's today's first WagonJumper's email ... the domain has a registry date back in
October 2007.
One of the bottom img src tags is the WagonJumper's logo img. I'd love to find a way
to be able to scan those imgs - but since they are image refs, and not embedded - that
doesn't occur.
From [EMAIL PROTECTED] Thu Jul 3 06:36:24 2008
Return-Path: <[EMAIL PROTECTED]>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on myhost
X-Spam-Level: *****
X-Spam-Status: No, score=5.4 required=8.0 tests=DCC_CHECK,DIGEST_MULTIPLE,
HTML_MESSAGE,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,
RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,SPF_HELO_PASS,SPF_PASS
autolearn=disabled version=3.2.4
Received: from mx12.contagiousensemble.com (mx12.contagiousensemble.com
[147.203.149.217])
by myhost (8.13.1/8.13.1) with ESMTP id m63AaN5V009292
for <me>; Thu, 3 Jul 2008 06:36:24 -0400
Message-ID: <[EMAIL PROTECTED]>
From: "Work At Home" <[EMAIL PROTECTED]>
To: "Me" <me>
Subject: Work at Home Job Search. Immediate Placement
Date: Thu, 03 Jul 2008 03:36:24 -0700
Reply-To: "Work At Home" <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_896_339913931877807616"
X-UID: 23560
Status: RO
Content-Length: 4615
This is a multi-part message in MIME format.
------=_Part_896_339913931877807616
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Work at Home - Easy Work- Great Pay - Start Today
http://mx12.contagiousensemble.com/7VKkLt379368yk227542196KjDrP46NEnUs109CX392n101U
http://mx12.contagiousensemble.com/6155vp37936822eb7542196QF46qoGeH10rU9392cyH
------=_Part_896_339913931877807616
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
<html>
<body>
<IMG
SRC="http://mx12.contagiousensemble.com/2IET3793682ptar27542196Fb46nN10iBk9392xV";><BR>
<center>
<style>
Congress attacks global warming with a cap on greenhouse gases – and then allows firms
to pollute if they buy "carbon offsets" elsewhere – lawmakers should consult the UN's
abysmal record in this slippery type of trading.
The UN set up its Clean Development Mechanism (CDM) to help companies in industrialized
countries invest in projects in poorer nations that cut greenhouse-gas emissions as
part of their countries' commitment under the Kyoto Protocol or the European Union's
emissions plan.
The concept: Cutting emissions anywhere is equally effective in fighting global
warming. So why not keep polluting at home and simply pay, under this so-called cap-and-
trade system, to close a polluting plant in China or to save a forest in Brazil? The
cost of financing wind turbines in Bangladesh, for instance, is much less than
scrubbing carbon dioxide from smokestacks in Germany.
But Stanford University researchers who've studied the CDM say the emissions cuts are
largely illusory: As many as two-thirds of the programs funded contribute nothing new
to reducing emissions.
How can that be?
One problem is that many offset payments are meant to prevent something from happening
that might worsen climate change. The CDM must somehow prove a project
has "additionality," that it would not have occurred anyway without a payment. But that
isn't working out in practice, the researchers say. One simple clue: Most projects are
already completed at the time they are approved for CDM offsets.
As a British investigative journalist put it: "Offsets are an imaginary commodity
created by deducting what you hope happens from what you guess would have happened."
The CDM also creates perverse incentives, says Patrick McCully, executive director of
International Rivers Network, another critic of the program. A chemical company in
China, for example, may actually produce more of one potent greenhouse gas – HFC-23, a
byproduct of making refrigerant gases – in order to sell an offset credit. The money
earned through CDM is greater than the cost of making HFC-23.
CDM asks that a project not be something that's already "common practice." But that
logic only dissuades a poor country from promoting energy-efficiency or, say, curbing
methane from landfills. Why take such actions if they will disqualify a company from
CDM credits?
Next week, the US Senate takes up a bill that would impose a cap-and-trade system that
includes the buying and selling of licenses to emit carbon. Yesterday, a similar bill
was unveiled in the House. As in Europe, a final bill from Congress will likely allow
US companies to buy carbon offsets through CDM or similar groups that claim an
expertise in identifying projects that reduce greenhouse gases. Even if a US plan only
links up with Europe's scheme, it would be part of a system that includes bogus CDM
credits, which are embedded there.
No doubt some CDM projects do make real cuts in emissions. But as a whole, the CDM is
clearly flawed and needs, at the very least, significant reform. It's one more sign
that a cap-and-trade system is a complex and highly suspect way to make emissions cuts.
A more honest, reliable course is a simple tax on carbon emissions. The dodges are
easier to spot.
</style>
<a
href="http://mx12.contagiousensemble.com/7VKkLt379368yk227542196KjDrP46NEnUs109CX392n101
U">Work at Home - Easy Work- Great Pay - Start Today<br><br>
<img
src="http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg";
border=0>
</a>
<br><br><br><br>
<a
href="http://mx12.contagiousensemble.com/8HbLU3793682275klcy42196FbHku46ud1W09392QGSrr10
2i">
<img src="http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif";
border=0>
</a>
</center>
<BR><BR><center><A
HREF="http://mx12.contagiousensemble.com/6155vp37936822eb7542196QF46qoGeH10rU9392cyH";><I
MG SRC="http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg";
BORDER=0></center></BODY>
</html>
------=_Part_896_339913931877807616--
On Tue, 01 Jul 2008 14:36:58 -0400, Rob McEwen wrote
Could you give an example? Are these newly registered top level domains
spotted in the body of the spams?
Rob McEwen
Mailing Lists wrote:
I'm getting dozens of emails daily from a few different spammers. The emails
consistently are graphic based, but the graphics are html img refs and not
consistent
names - the last image in each one is their send mail to this address to be removed
(or
actually to guarantee even MORE spam).
One is from "Wagonjumpers" another is from some address in Florida (those images in
the
spam are consistent). Each day, it seems they set up a few new hostnames, and
start
spamming. We immediately (upon notification from our users) add that hostname to
our
access denied list, since they are spammer addresses, but is there an easier way to
trap the email?
I know that the various img evaluation plugins & image ocr plugins do not appear to
work, since they don't download referenced images.
--Will
--
Ken Anderson
Pacific.Net
![http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg"](http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg"){kind=link}
![http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif"](http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif"){kind=link}
![http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg"](http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg"){kind=link}