<br>On 1/18/06, <b class="gmail_sendername">Arrakistor</b> <<a href="mailto:arrakistor@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">arrakistor@gmail.com</a>> wrote:<div><span class="gmail_quote">
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hello Tor User,<br><br>If
there are html references to remote files inside, this would be a way
to track you, because it would leave your IP in the access logs via
your mail program.<br></blockquote></div><br>
Yes, that would certainly be possible in principle but i) both spams are
plain-text only, and ii) it is already easy to find the IP address of
my tor server based on the contact address (just scan through all few hundred known
tor servers, conveniently listed e.g. at <a href="http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sorbw=1&addr=1">http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sorbw=1&addr=1</a> ).<br>
<br>
I am not at all worried, which is just as well given the amount of
other spam I get :-) I am, however, puzzled as to why anyone would
bother to go into a non-trivial amount of effort to decipher the email
address, only to then use it to send a meaningless one-word
message. I suppose an explanation might be that the process of
harvesting mildly obfuscated email addresses from the web has been
automated and the resulting email addresses were then used by an
utterly incompetent spammer. Another possibility might be that the
spammer had a list of harvested emails not all of which were
necessarily converted correctly from whatever form of obfuscation was
used. It would then make sense for them to try to filter out invalid
addresses before selling the list on, although it is unclear why they
would use a one-word message rather than a real spam that they could
have been paid for. I suspect I will never know.<br>
<br>