Home page logo
/

funsec logo funsec mailing list archives

Re: Mailer Software that inserts "X-NSCC" header?
From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 27 Jun 2013 00:02:15 -0400

Thanks Rich.

But none of them show X-NSCC, curiously.  If you'd like to forward the
message in question (with full headers of course) off-list, I can try
to correlate it against my full spam archives and see if perhaps any
clues turn up as to who's using it, what for, why, and so on.
Spam to follow in case you need the sample in your database.

The company is Network Solutions. I was wondering who they were
outsourcing to, but it appears they do it in-house.

I'm actually involved in litigation with them. We are on the docket
for November. They've been spamming me since the 1990s. I've been
through various unsubscribe options, including opting-out when a
customer, through support, executive support, BBB complaints, and FTC
complaints. After I filed the lawsuit against them, they responded by
sending me another seven pieces of junk mail over two months.

Jeff

On Tue, Jun 25, 2013 at 5:54 AM, Rich Kulawiec <rsk () gsp org> wrote:
On Sun, Jun 23, 2013 at 10:16:45PM -0400, Jeffrey Walton wrote:
Would anyone know what mailer or company is used when "X-NSCC" headers
are present in SPAM?

a) Inserting headers into the canned meat products of the Hormel Corporation
would be a very neat trick.  Perhaps you meant "spam"?

(In an age of gratuitous litigation, Hormel has been surprisingly sanguine
about our co-opting of the term "spam".  I think the least we can do, as
a professional courtesy, is to use it properly.  "Spam", the slang term
for unsolicited bulk email, is *never* capitalized-in-full because it is not
an acronym and because it's not "SPAM"...which comes in a can.)

b) X-headers in email are nonstandard and may be inserted at any
point by any piece of software.  One of the (many) problems with that
is that there's no way to know *which* point was responsible for them --
well, absent secondary evidence.  There's also no way to know if any
subsequent point removed or modified any -- because even though it's not
a good idea to do so, some mail systems do so anyway.  Annnnd just to
make things interesting, some mail systems insert them incorrectly
(for example: no space after the colon) and some mail systems use the
same X-header for different purposes.  Oh yes, and then there are
gratuitous case/spelling differences.

A quick check of my "recent spam" collection (to various spamtraps
and such) shows 542 different X-headers. *sigh*

But none of them show X-NSCC, curiously.  If you'd like to forward the
message in question (with full headers of course) off-list, I can try
to correlate it against my full spam archives and see if perhaps any
clues turn up as to who's using it, what for, why, and so on.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]