On Sat, Oct 2, 2010 at 3:10 AM, pranav2905@yahoo.co.in wrote:
Spam detection software, running on the system "web.space-kerala.org", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details.
Content preview: Dear GNU/Linux,
This is awesome! So now, they are targeting mailing lists? So they can get the email id - passwords in bulk.
<p> It has come to our attention that your account has been flagged due to excessive login attempts from the Republic of El Salvador. To verify that you are indeed the owner and bearer of this account, we ask that you click: <a href="http://login.yahoo.com.yahooservicemembers.com/">http://login.yahoo.com</a> to authenticate your account's security. <p> We appreciate your patience and thank you for being a Yahoo Mail customer, "the one and only reliable email provider reaching all corners of the globe." <p> Yahoo Account Management<br> Yahoo! Inc.<br> 701 First Avenue<br> Sunnyvale, CA 94089<br> Tel: (408) 349-3300<br> Fax: (408) 349-3301 [...]
Well, this is a phishing[0] attempt.
Whois result of the domain 'yahooservicemembers.com' Registrant : Gregory Panzo (gpanzos@yahoo.com)
The service is hosted in Hong Kong.
The phishing page is not so impressive. You can give it a look, and put some *fake* credentials. Be sure, you are not giving the correct username-password.
And it will redirect you to actual http://login.yahoo.com.
<...snip...>
Content analysis details: (6.6 points, 5.0 required)
pts rule name description
1.0 NO_REAL_NAME From: does not include a real name 2.2 INVALID_DATE Invalid Date: header (not RFC 2822) 0.5 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date 0.1 SPOOF_OURI URI: URI has items in odd places 2.5 SPOOF_COM2COM URI: URI contains ".com" in middle and end -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% [score: 0.0000] 0.0 HTML_MESSAGE BODY: HTML included in message 1.4 HTML_10_20 BODY: Message is 10% to 20% HTML 2.2 INVALID_MSGID Message-Id is not valid, according to RFC 2822 -0.5 AWL AWL: From: address is in the auto white-list
<...snip...>
BTW, what is this?
Can you post the mail headers? And, sender of this mail has joined the mailing list?
[0]http://en.wikipedia.org/wiki/Phishing