What is this board about?

[bad_brain]

Well, it is not about "how to send mass emails" or "how to create fake login screens"....that's simply against our ethics. so don't even think about asking for such stuff, we will call you a lamer and you will not get any useful answer at all.
we just want to have a little fun with spammers/phishers...fool them, annoy them, fight a little back. this is also a place where you can post outstanding hilarious spam mails you received for example.
have fun!

[DNR]

Always supply the full headers of the email

Delivered-To: xxxxx@gmail.com
Received: by 10.86.33.7 with SMTP id g7cs137999fgg;
Tue, 6 May 2008 04:45:49 -0700 (PDT)
Received: by 10.67.29.20 with SMTP id g20mr5928167ugj.54.1210074348818;
Tue, 06 May 2008 04:45:48 -0700 (PDT)
Return-Path: <www-apache@moka.net>
Received: from pix.moka.net (pix.moka.net [212.18.63.17])
by mx.google.com with ESMTP id i6si656570gve.4.2008.05.06.04.45.48;
Tue, 06 May 2008 04:45:48 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of www-apache@moka.net designates 212.18.63.17 as permitted sender) client-ip=212.18.63.17;
Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of www-apache@moka.net designates 212.18.63.17 as permitted sender) smtp.mail=www-apache@moka.net
Received: from localhost (localhost.moka.net [127.0.0.1])
by pix.moka.net (Postfix) with ESMTP id 69099742744
for <xxxxxxx@gmail.com>; Tue, 6 May 2008 13:45:43 +0200 (CEST)
X-Quarantine-ID: <uexyYUscaUFi>
X-Virus-Scanned: by amavisd-new at pix.moka.net
X-Amavis-Alert: BAD HEADER, Improper use of control character (char 0D hex):
From: Mike Balusa <mike.balusa.c@gmail.com>\r\n
Received: from pix.moka.net ([127.0.0.1])
by localhost (pix.moka.net [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id uexyYUscaUFi for <xxxxxxx@gmail.com>;
Tue, 6 May 2008 13:45:40 +0200 (CEST)
Received: by pix.moka.net (Postfix, from userid 80)
id DAAAF74458F; Tue, 6 May 2008 13:19:44 +0200 (CEST)
To: gwickmiller@gmail.com
Subject: My Dear
From: Mike Balusa <mike.balusa.c@gmail.com>
Reply-To: mike.balusa.c@gmail.com
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
Message-Id: <20080506112844.DAAAF74458F@pix.moka.net>
Date: Tue, 6 May 2008 13:19:44 +0200 (CEST)


My, Dear, I did not forgot your past effort by trying to help me, now I want to tell you that I have succeeded in getting those funds transferred under the cooperation of a new partner from Hong Kong. Now am in Hong Kong.

Contact my friend in London England because I have left the whole instruction to him on your behalf and instruct him where to send the sum of US$800.000.00 without any further delay for your Compensation.
Remember that the ($800.000.00) is in Draft, not cash, so you need to send to him your full Information where the Draft will be posted/delivered. I appreciated your efforts at that time very much. So feel free to get in touched with my friend His name is BECK ADAMS Email: beck2adams@gmail.com or Tell: +00447031871322

NB: note: bellow is the required information's you will send to my friend:-
(1) Your full names
(2) Your house address or office
(3) Your direct telephone number with fax if any.

Thanks
Mike Balusa

You can XXX out your email addy or IP where applicatable..

Then you can include your response if any you made toward the sender, or someone else can enter the thread and reply to the sender.
This is mostly for education of examples of phishing emails and such..

Education of tracing emails and profiling spam servers or exploited mail servers:

From the email header you got the IP of the sender so you want to dig up nfo on the IP..

Received: from pix.moka.net (pix.moka.net 212.18.63.17)

________________________________

05/10/08 00:59:08 dig pix.moka.net @ DNS1.KESON.NET
Dig pix.moka.net@DNS1.KESON.NET (193.2.216.145) ...
Authoritative Answer
Query for pix.moka.net type=255 class=1
pix.moka.net A (Address) 212.18.63.17
moka.net NS (Nameserver) dns1.keson.net
moka.net NS (Nameserver) ns1.moka.net
ns1.moka.net A (Address) 212.18.63.17
dns1.keson.net A (Address) 193.2.216.145
_______________________________
Domain name: moka.net



Registrant Contact:

NA

igor mocnik (igor.mo@siol.net)

+386.38641387485

Fax: NA

pirjevceva 2

nova gorica, slovenia 5000

SI



Administrative Contact:

NA

igor mocnik (igor.mo@siol.net)

+386.38641387485

Fax: NA

pirjevceva 2

nova gorica, slovenia 5000

SI



Technical Contact:

NA

igor mocnik (igor.mo@siol.net)

+386.38641387485

Fax: NA

pirjevceva 2

nova gorica, slovenia 5000

SI



Status: Active



Name Servers:

dns1.keson.net

ns1.moka.net



Creation date: 27 Jan 1999 00:00:00

Expiration date: 27 Jan 2009 00:00:00
__________________________________
keson.net

Registrant:

Andrej Breznik

Not Applicable

Maribor 2000

Slovenia



Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)

Domain Name: KESON.NET

Created on: 10-Jan-02

Expires on: 10-Jan-09

Last Updated on: 26-Dec-06



Administrative Contact:

Breznik, Andrej hostmaster@keson.net

Not Applicable

Maribor 2000

Slovenia

+386 Not Applicable Fax --



Technical Contact:

Breznik, Andrej hostmaster@keson.net

Not Applicable

Maribor 2000

Slovenia

+386 Not Applicable Fax --



Domain servers in listed order:

DNS1.KESON.NET

DNS2.KESON.NET

NS1.MOKA.NET

__________________________________

DNR