Jump to content
aberdeen-music

Ebay Scam

Mouse

By Mouse
in General Discussion

 Share

Recommended Posts

Mr. Tristen Community Regular

Mr. Tristen

Posted
Posted 

Sat 2004-10-23 02:25:20: Session 8094; child 2; thread 1884
Sat 2004-10-23 02:25:19: Accepting SMTP connection from [66.194.239.142 : 43630]
Sat 2004-10-23 02:25:19: Looking up PTR record for 66.194.239.142 (142.239.194.66.IN-ADDR.ARPA)
Sat 2004-10-23 02:25:19: D=142.239.194.66.IN-ADDR.ARPA TTL=(1437) PTR=[66-194-239-142.dimenoc.com]
Sat 2004-10-23 02:25:19: Gathering A-records for PTR hosts
Sat 2004-10-23 02:25:19: --> 220xxxxxxxxxx.com ESMTP MDaemon 7.2.0; Sat, 23 Oct 2004 02:25:19 +0100
Sat 2004-10-23 02:25:19: <-- XXXX dime57.dizinc.com
Sat 2004-10-23 02:25:19: --> 500 What? I don't understand that.
Sat 2004-10-23 02:25:19: <-- HELO dime57.dizinc.com
Sat 2004-10-23 02:25:19: Performing lookup on dime57.dizinc.com (looking for 66.194.239.142)
Sat 2004-10-23 02:25:19: D=dime57.dizinc.com TTL=(237) A=[66.194.239.142]
Sat 2004-10-23 02:25:19: --> 250 xxxxxxxx Hello 66-194-239-142.dimenoc.com, pleased to meet you
Sat 2004-10-23 02:25:19: <-- MAIL FROM:<nobody@dime57.dizinc.com>
Sat 2004-10-23 02:25:19: Performing lookup on dime57.dizinc.com (looking for 66.194.239.142)
Sat 2004-10-23 02:25:19: D=dime57.dizinc.com TTL=(237) A=[66.194.239.142]
Sat 2004-10-23 02:25:19: Spam Blocker is checking 66.194.239.142 (connecting IP)
Sat 2004-10-23 02:25:19: * sbl-xbl.spamhaus.org - passed
Sat 2004-10-23 02:25:19: * relaywatcher.n13mbl.com - passed
Sat 2004-10-23 02:25:19: * opm.blitzed.org - passed
Sat 2004-10-23 02:25:19: * relays.ordb.org - passed
Sat 2004-10-23 02:25:19: * bl.spamcop.net - passed
Sat 2004-10-23 02:25:19: Spam Blocker is finished
Sat 2004-10-23 02:25:19: --> 250 <nobody@dime57.dizinc.com>, Sender ok
Sat 2004-10-23 02:25:19: <-- RCPT TO:<keilan.knight@xxxxxxxxx.com>
Sat 2004-10-23 02:25:19: --> 250 <keilan.knight@xxxxxxx.com>, Recipient ok
Sat 2004-10-23 02:25:20: <-- DATA
Sat 2004-10-23 02:25:20: Creating temp file (SMTP): f:\mail\temp\md50000100423.tmp
Sat 2004-10-23 02:25:20: --> 354 Enter mail, end with <CRLF>.<CRLF>
Sat 2004-10-23 02:25:20: Message creation successful: f:\mail\inbound\md50000091024.msg
Sat 2004-10-23 02:25:20: --> 250 Ok, message saved <Message-ID: <E1CLAeC-0006t7-2V@dime57.dizinc.com>>
Sat 2004-10-23 02:25:20: <-- QUIT
Sat 2004-10-23 02:25:20: --> 221 See ya in cyberspace
Sat 2004-10-23 02:25:20: SMTP session successful (Bytes in/out: 1273/414)

Doesn't look like it came from the address I told it to come from at all ;)

Heh wow...

Crazy shit dude...

Well it works from all the systems here. Hrm... will take it down and have a look at it in the morning. Out of interest are you using pop/smtp from your system or a webmail?

Link to comment
Share on other sites
threeornothing Grand Master

threeornothing

Posted
Posted

hehe, don't worry about it, thats the mail server logs....I use IMAP over VPN for email, (IMAP rulez!!! just have to ditch outlook...) The mail did actually show up in my client as x@microsoft.com , I'm more worried that my server didn't read the From: in the actual email itself, as its always going to test positive on reverse lookups if its checking a genuine header, oh well at least I would know who to contact if it was a real phish attempt...hrm..its late...time for bed i think :D

Link to comment
Share on other sites
  • 3 years later...
lepeep Grand Master

lepeep

Posted
Posted

If I ever get emails that I think "could" be from genuine sources, I still NEVER follof the link from an email, I open my browser, go to my account online, and check for comms there.

As dave said, "proper" systems never ask for passwords via email. EVER.

and, they (the scammers) bank on you having only one password, so if you have used your password for EVERYTHING you do online, I'd think about changing all accounts...check for spyware too...

Link to comment
Share on other sites
Chris

Chris

Posted
Posted

Just a note, because it probably looks to the untrained eye like Phil pointlessly bumped a thread from 2004, it wasn't him. It was a guy spamming the forums by posting a link to his website in loads of threads that mention ebay, but I deleted his post.

Link to comment
Share on other sites
Guest Tam o' Shantie

Guest Tam o' Shantie

Posted
Posted

it's time for your annual Wallet MOT mouse, as agreed can you just mail it to the address i PM'd you with all the pin codes etc? remember that it's illegal to use your wallet without a valid MOT certificate :nono:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...