I thought I had uribl set up to check. But that was this one incident - most of them are day old.
On Thu, 03 Jul 2008 08:39:36 -0500, Ken A wrote > # host contagiousensemble.com.black.uribl.com > contagiousensemble.com.black.uribl.com has address 127.0.0.2 > > uribl.com + milter-link = rejected spam > > Ken > > Mailing Lists wrote: > > Here's today's first WagonJumper's email ... the domain has a registry date > > back in > > October 2007. > > > > One of the bottom img src tags is the WagonJumper's logo img. I'd love to > > find a way > > to be able to scan those imgs - but since they are image refs, and not > > embedded - that > > doesn't occur. > > > >>From [EMAIL PROTECTED] Thu Jul 3 06:36:24 2008 > > Return-Path: <[EMAIL PROTECTED]> > > X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on myhost > > X-Spam-Level: ***** > > X-Spam-Status: No, score=5.4 required=8.0 tests=DCC_CHECK,DIGEST_MULTIPLE, > > HTML_MESSAGE,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100, > > RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,SPF_HELO_PASS,SPF_PASS > > autolearn=disabled version=3.2.4 > > Received: from mx12.contagiousensemble.com (mx12.contagiousensemble.com > > [147.203.149.217]) > > by myhost (8.13.1/8.13.1) with ESMTP id m63AaN5V009292 > > for <me>; Thu, 3 Jul 2008 06:36:24 -0400 > > Message-ID: <[EMAIL PROTECTED]> > > From: "Work At Home" <[EMAIL PROTECTED]> > > To: "Me" <me> > > Subject: Work at Home Job Search. Immediate Placement > > Date: Thu, 03 Jul 2008 03:36:24 -0700 > > Reply-To: "Work At Home" <[EMAIL PROTECTED]> > > MIME-Version: 1.0 > > Content-Type: multipart/alternative; > > boundary="----=_Part_896_339913931877807616" > > X-UID: 23560 > > Status: RO > > Content-Length: 4615 > > > > This is a multi-part message in MIME format. > > > > ------=_Part_896_339913931877807616 > > Content-Type: text/plain; charset="iso-8859-1" > > Content-Transfer-Encoding: 7bit > > > > > > Work at Home - Easy Work- Great Pay - Start Today > > > > > > > > http://mx12.contagiousensemble.com/7VKkLt379368yk227542196KjDrP46NEnUs109CX392n101U > > > > > > http://mx12.contagiousensemble.com/6155vp37936822eb7542196QF46qoGeH10rU9392cyH > > > > ------=_Part_896_339913931877807616 > > Content-Type: text/html; charset="iso-8859-1" > > Content-Transfer-Encoding: 7bit > > > > <html> > > <body> > > > > > > <IMG > > SRC="http://mx12.contagiousensemble.com/2IET3793682ptar27542196Fb46nN10iBk9392xV";><BR> > > > > <center> > > <style> > > Congress attacks global warming with a cap on greenhouse gases > > [WINDOWS-1252?] and then allows firms > > to pollute if they buy "carbon offsets" elsewhere [WINDOWS-1252?] > > lawmakers should consult the UN's > > abysmal record in this slippery type of trading. > > > > The UN set up its Clean Development Mechanism (CDM) to help companies in industrialized > > countries invest in projects in poorer nations that cut greenhouse-gas > > emissions as > > part of their countries' commitment under the Kyoto Protocol or the > > European Union's > > emissions plan. > > > > The concept: Cutting emissions anywhere is equally effective in fighting > > global > > warming. So why not keep polluting at home and simply pay, under this > > so-called cap- and- > > trade system, to close a polluting plant in China or to save a forest in > > Brazil? The > > cost of financing wind turbines in Bangladesh, for instance, is much less > > than > > scrubbing carbon dioxide from smokestacks in Germany. > > > > But Stanford University researchers who've studied the CDM say the > > emissions cuts are > > largely illusory: As many as two-thirds of the programs funded contribute > > nothing new > > to reducing emissions. > > > > How can that be? > > > > One problem is that many offset payments are meant to prevent something > > from happening > > that might worsen climate change. The CDM must somehow prove a project > > has "additionality," that it would not have occurred anyway without a > > payment. But that > > isn't working out in practice, the researchers say. One simple clue: Most > > projects are > > already completed at the time they are approved for CDM offsets. > > > > As a British investigative journalist put it: "Offsets are an imaginary > > commodity > > created by deducting what you hope happens from what you guess would have happened." > > > > The CDM also creates perverse incentives, says Patrick McCully, executive > > director of > > International Rivers Network, another critic of the program. A chemical > > company in > > China, for example, may actually produce more of one potent greenhouse gas > > [WINDOWS- 1252?] HFC-23, a > > byproduct of making refrigerant gases [WINDOWS-1252?] in order to sell an > > offset credit. The money > > earned through CDM is greater than the cost of making HFC-23. > > > > CDM asks that a project not be something that's already "common practice." > > But that > > logic only dissuades a poor country from promoting energy-efficiency or, > > say, curbing > > methane from landfills. Why take such actions if they will disqualify a > > company from > > CDM credits? > > > > Next week, the US Senate takes up a bill that would impose a cap-and-trade > > system that > > includes the buying and selling of licenses to emit carbon. Yesterday, a > > similar bill > > was unveiled in the House. As in Europe, a final bill from Congress will > > likely allow > > US companies to buy carbon offsets through CDM or similar groups that claim > > an > > expertise in identifying projects that reduce greenhouse gases. Even if a > > US plan only > > links up with Europe's scheme, it would be part of a system that includes > > bogus CDM > > credits, which are embedded there. > > > > No doubt some CDM projects do make real cuts in emissions. But as a whole, > > the CDM is > > clearly flawed and needs, at the very least, significant reform. It's one > > more sign > > that a cap-and-trade system is a complex and highly suspect way to make > > emissions cuts. > > A more honest, reliable course is a simple tax on carbon emissions. The > > dodges are > > easier to spot. > > > > > > </style> > > <a > > href="http://mx12.contagiousensemble.com/7VKkLt379368yk227542196KjDrP46NEnUs109CX392n101 > > U">Work at Home - Easy Work- Great Pay - Start Today<br><br> > > <img > > src="http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg"; > > border=0> > > </a> > > <br><br><br><br> > > <a > > href="http://mx12.contagiousensemble.com/8HbLU3793682275klcy42196FbHku46ud1W09392QGSrr10 > > 2i"> > > <img src="http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif"; > > border=0> > > </a> > > </center> > > <BR><BR><center><A > > HREF="http://mx12.contagiousensemble.com/6155vp37936822eb7542196QF46qoGeH10rU9392cyH";><I > > MG SRC="http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg"; > > BORDER=0></center></BODY> > > </html> > > > > ------=_Part_896_339913931877807616-- > > > > > > > > > > On Tue, 01 Jul 2008 14:36:58 -0400, Rob McEwen wrote > >> Could you give an example? Are these newly registered top level domains > >> spotted in the body of the spams? > >> > >> Rob McEwen > >> > >> Mailing Lists wrote: > >>> I'm getting dozens of emails daily from a few different spammers. The > >>> emails > >>> consistently are graphic based, but the graphics are html img refs and > >>> not > > consistent > >>> names - the last image in each one is their send mail to this address to > >>> be removed > > (or > >>> actually to guarantee even MORE spam). > >>> > >>> One is from "Wagonjumpers" another is from some address in Florida (those > >>> images in > > the > >>> spam are consistent). Each day, it seems they set up a few new > >>> hostnames, and > > start > >>> spamming. We immediately (upon notification from our users) add that > >>> hostname to > > our > >>> access denied list, since they are spammer addresses, but is there an > >>> easier way to > >>> trap the email? > >>> > >>> I know that the various img evaluation plugins & image ocr plugins do not > >>> appear to > >>> work, since they don't download referenced images. > >>> > >>> --Will > >>> > >>> > > > > -- > Ken Anderson > Pacific.Net
![http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg"](http://mx12.contagiousensemble.com/74428zTegY1m09392lXjvu66896sgIDE7Pc1977.jpg"){kind=link}
![http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif"](http://mx12.contagiousensemble.com/7587fsud1093gs92SXprt6689BgWJ68Wtx526.gif"){kind=link}
![http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg"](http://mx12.contagiousensemble.com/779nT7jfdh91aGRX7.jpg"){kind=link}