I actually put off dealing with these for a while because it was not outside the realm of possibility that I had subscribed to this forum to respond to some post. But I finally looked at it, and I definitely have no login information for this domain. The website actually looks like it might be a legitimate web forum. I thought maybe they were actively scraping forum discussions from another domain, but a little google searching seems to eliminate that possibility. So either it's a (semi?) legit web forum that is using its private message alerts for spamming which changed its domain (so I can't find my matching login information), or it's entirely a spamming operation doing a real good job of looking like a legit forum.
The 10 emails I've gotten over the last month: http://www.chaosreigns.com/sa/wannabebig.txt The rule I just created: header WANNABEBIG_FROM From =~ /wannabebigforums\.com/i score WANNABEBIG_FROM 5 describe WANNABEBIG_FROM Email is from wannabebigforums.com (8 of the 10 emails scored 0.6 before this rule. 2 scored 3.1.) 9 of the emails are private message alerts seemingly from web forum software directing me to http://www.wannabebig.com/forums/private.php The other is a direct email with a http://bit.ly/ link that I'm not clicking on due to likelihood of unique identification. I'm interested in thoughts on what's going on here. And opinions on adding a related rule to the default SpamAssassin rule set. Are people getting legitimate email from this site? -- "Blades don't need reloading." - The Zombie Survival Guide by Max Brooks http://www.ChaosReigns.com
