The Mystery of the Right-Wing German Spam

yep. i've gotten 15 messages so far. provided an opportunity for my partner to rehearse her college german also :)

yes, i've gotten mayb 200 unwanted emails in German in the last 20 hours.

Yes, I'm receiving lots of German spam about 20 in total thus far but I'm sure more is to come. I use Yahoo and I hope they implement something to stop the spam.

I have received over 900 of these emails on my work account in the last 24 hours. This is terrible!

Yes. I have been receiving messages in German complaining about the firebombing of Dresden in 1945 and how the Allied commanders were never charged with war crimes.

We have blocked close to 3000 since making rule changes to our work Spam Filter yesterday

Nope. Not a single one. I've read about this on the GMail boards, but I can truthfully say that I got no German right wing spam.

got well over 60 emails to my corporate account

o yeah... i send those emails...Deutschland Uber Alles!!!

i got about 200 in the past 2 days... just started on Saturday around 5:30PM for me... :( hope our network does something to fix it soon!

Isnt it interesting that we are getting spamed about Dresden while the US and UK are fighting a war that not many agree with? I think whoever is behind this has deeper intentions than just bugging us over the weekend.

I've had hundreds, and upon closer examination they aren't sent directly to me. They are sent to obscure addresses such as X-mailer@sbcglobal.net, server@sbcglobal.net, and they are only coming through when I check my mail using Outlook express.

I have a comcast email address and I have been receiving about 20 a day since Friday night. I tried replying to a few of them to tell them to remove me from their mailing address but the return delivery was unacceted.

I have a comcast email address and I have been receiving about 20 a day since Friday night. I tried replying to a few of them to tell them to remove me from their mailing address but the return delivery was unacceted.

I staff a help desk for a small ebook biz that does a pretty good business. There were 330 when I logged on this morning, and they kept coming all day until I logged off about 6 hours laters, at a rate of 20 an hour. I'm no techie so I don't know how it works, but it appeared to have attached itself to one of our customer's email address because two of them ended up associated with one of their tickets. I'd sure like to understand how it works and if it can be halted somehow. Another blocker? Forgive me if I don't leave my email address!

SpamAssassin Rule:
http://mailscanner.prolocation.net/german.cf

As seen here: http://article.gmane.org/gmane.mail.spam.spamassassin.general/67203

I have been getting hit both as a "source" and as a target - Gmail is starting to get the idea.

I have, however identified one source.

I would like to take this opportunity to those who have "recieved" it from me to say: it is not me!

At least 100 here so far, not counting the ones that didn't make it through the spam filters.

Thanks for the german.cf!!!!!

I work at a German publication (not right wing) whose website was apparently also linked in some of these spam emails, for reasons we still don't really understand. Anyone who has received these emails, is there a link to Spiegel Online? We're suffering under a mountain of spam as well as potentially very bad PR.

mine had mike myers dressed in a black leotard, dancing strangely.

We got 52 every ten minutes to our work email. First thing this morning that meant about 20,000 emails mostly sent through to the admin account but also loads to sales@..., manager@...etc.

They are still coming through as well.

And guess who gets the blame... the IT manager :(

Yep. Got it at home and then at work. Just started my new job, so was concerned since no one should have this email address yet.. Thanks for techlogging it. Now I know and knowing is half the battle.

I have gotten over 200 the last coupld of days. It seems that our Spam Filter is going to need a little tweaking

> SpamAssassin Rule:
> http://mailscanner.prolocation.net/german.cf

A better way to filter off those, if you can, is to look at the "To: " field. In the case of this Sober spam, it contains a non-existing address in your domain. You can use it to filter out this spam.

The german.cf rule is dangerous as it can filter legitimates email that have the same subject (e.g. Tuerkei in die EU).

3000 spams - wasting an hour trying to get rid of it all

I had 22 this morning.

I thought the worm was actually someone in my German department, because I didn't get any right-wing German sites, but Communist and other left-leaning German sites.

My admin/info mail box for my organization got a couple thousand over the weekend. Most were not addressed to admin or info, but to random names/words@myorganization.org. It was very time consuming to deal with and I have revamped my spam filtering as a result.

I've gotten thousands of those buggers through the email addresses set up for my website. Not even the filters I set up were working and after a while my addresses was starting to appear in both the to and from fields! I gave up and disabled those email addresses for now.

Scott Lamb: Many of the ones I received linked to Spiegel Online. Way too many to count, in fact.

My admin/info mail box for my organization got a couple thousand over the weekend. Most were not addressed to admin or info, but to random names/words@myorganization.org. It was very time consuming to deal with and I have revamped my spam filtering as a result.

Yes, I've gotten dozens of these stupid e-mails on my work e-mail address and a few on my personal so far. It sucks!

Yes, I got them too...not even a computer "guru" but still wound up with them anyway...got about 100 of them but none in the last couple of hours...I too tweaked my spam filter on Yahoo.

i am a listserv manager, i got 1,500 german spams today and 500 yesterday. since we use lotus notes, i used rules to block these. but i am still getting leakers with new german keywords.

hope this peaks soon...

I got an unsolicited email directing me to a German propaganda website. I wish I were dead.

SpamAssassin Rule:
http://mailscanner.prolocation.net/german.cf

WORKS!

I have a local.cf in my
etc/mail/spamassassin dir
I dropped the german.cf in there and it dod not seem to work. what types of things should I be looking at?

I only had one! It came in on Sunday. From reading how many everybody else had hit them, I would say our IT guy rocks. I work in sales so I send out a lot of emails to clients also.

I was concerned initially since I had visited the website for a neo-nazi type group based in Kansas who is supposed to picket our high school's graduation ceremony with hate based "religious" messages. After visiting their site I started getting this crap. Furthermore, neither Norton or Microsoft's Ad Aware type software detected anything amiss with my machine.

Here at the biggest Ivy school, with a supposedly good spam filter, other students' email addresses are appearing in the "From" box of the almost 100 messages I've recieved, even though the students don't have anything to do with it. And all with the same xenophobic, rascist, preserve-German-blood sort of message. At first I thought they were sent to me because I'm a German Lit major...but it's worldwide! Does anyone know if it is technically possible to find out who's responsible?

I've gotten about 500 so far

YEP me too. And No sprechenzie Deutsch! (Sp?)
Maybe a half dozen in the last 2 days. I don't open them, I spam them to AOL right away!

I also added alot of the German words to the AOL spam filter list so hopefully fewer emails will come through. Unless they try the Viagra trick where they spell one of the words wrong..oh well.

It's like Hitler has been reincarnated as annoying email.

I saw that many of you have replied to the spam to tell them to take you off the mailing list. This is not wise. These are spammers that are not afraid of the law and a reply will only worsen the situation. They will then have an email address they know is live which they can spam to their hears content.

All of our clients who run GFI's anti spam product have been un-affected because the GFI product has the option to only accept mail written in a particular language/keyboard set.

Just thought I would toss that out there .. you can get a free trial from them to get you over the hump at least.

Springtime for Hitler and Germany, Winter for Polan and France....

My mdaemon server is handling these well so far, not of the domain match the source IP, so they are being dropped.

It's no coincidence that the german spam is coming from the same machines that flooded us with viruses last week...

Not only have I been receiving them, (about 60), I am also receiving mail daemon alerts about them. Does that mean my system is affected? It is only happening in y Yahoo account.

Yep, getting it here. Only in my yahoo acct.
Have averaged around 20-30 a day.

Have received a couple of thousand of them through the tmobile system. Have spent several hours setting up filters to block them to no avail. Hopefully, this too shall pass...:)

i simply filtered all mail containing http:// NEAR .de

simple./ the chance of receiving a legitimate email with a link to a german site is pretty slim. and if it ever happens i can manually let it through.

Easy

It looks like we do need to bomb Dresden, again.

deutschspam uber alles

i was on my way to change my email address (and blame a friend for going to some random site while here on the weekend ) when i read about the worm on rogersyahoo news. really freaking frustrating.

Hey Todd, your a complete imbecile.

hey david, you're is a contraction. meaning you are. your is a possessive pronoun. for gods sake man, i'm an accountant. don't throw stones at glass houses.

I am getting about 1 message every 5 min through my schools exchange system. It has cloged the network and is making my work on the server verry anoying.. Alot of timed out mysql querries.

Hey lil, if you are going to correct someone's grammar, you should at least get your's right. By using the shift key, you can start your sentences with a capital letter.

On topic....about 20 since Sunday at noon.

Since Friday or Saturday, I have received about 500 of these message each day.

David is a hambone.

Got about six of them in the past 48 hours or so. I guess I'm one of the lucky ones...

I got probably 50 German-mails a day, for the last 4~5days. I can't understand German-language. So, I don't know what's the sender's intention.
Eric---Singapore.

Deception,

"Hey lil, if you are going to correct someone's grammar, you should at least get your's right."

That was a joke, right?

Hey lil, is saying that you are an accountant and correcting my grammer suppose to excuse you from being a racist and hostile to foreigners?. To say something like "We need to bomb Dresden again" is pretty low and is kind of like saying "We need to crash a couple more jets into NY" seriously (man!), these kind sayings show no character at all . Hey Stacey are you an accountant to?
Gruß aus Deutschland (for everyone who can't read German "Greetings from Germany")

I'm averaging almost 3,000 a day. It doesn't start until after 7am and is over by 4pm (central time).

Thanks to Dulantha Peiris for:http://mailscanner.prolocation.net/german.cf
I copied the subjects into my rules in Outlook 2000 and no more German Spam ! I also sent the link to my isp (frontiernet) and they are going to add the list to their mailserver so none of their clients get the unwanted mail

Totally, I get at least 300 daily, over several e-mail addresses on different domains.

Someone tell these damn nazis to leave us alone!!

OK, it is clear everybody is getting this spam (Sober virus) but how do we block them? I use Outlook Express. I've spoken with a teir 2 tech at Yahoo and his suggections did nothing. I have ran the "Sober virus" from Norton Antivirus update several times and that didn't do the trick.

So, let's hear from all you "Computer Guru's" on how to end the misery.......and may God bless you

OK...now I am at 15 and I just keep going to AOL block and type in each German word. But I don't know how effective it is. Everyday I get one or two more, with new words.

I've received 90 today alone!

Instructions for blocking this in Outlook Express:
1. Download the list of subject headings from:
http://mailscanner.prolocation.net/german.cf
2. Open Outlook Express and click on "Tools", then on "Message Rules", and "Mail". A box will open for creation/modification of message rules. Click "New". In the top box check "Where the subject contains specific words", and in the second box check "Do not Download it from the server". Click on the highlighted link "contains specific words" in the third box, and a new box opens. Copy and paste each of the subject headers previously downloaded into the appropriate field, and click "Add" after you paste each one. When all have been included, click "Okay", and then again "Okay". That's you done... no more spam (not with these subject headers, anyway).

How do you block all these german emails through Microsoft Office Outlook. It has totally taken over my work email and several others. PLEASE HELP!!

For Outlook - similar process to Outlook Express. On the "Tools" menu select "Rules Wizard". Click "New". Highlight "Check messages when they arrive" and click "Next". Check "with specific words in the subject" and click the "Specific words" link in the lower box. Go through the process of adding each header - except you will have to type it in (Outlook doesn't allow pasting).Click "Okay" and "Next". Check "permanently delete it" and click "Finish". Voila.

If you can copy it (ctrl+c) or right click>copy and no right click>paste just use ctrl+v to paste it when adding the subjects in Outlook.

Germans pis me of anyway, never mind having to see their language in use in my clents mailboxes, proper pissin me off. cus of the same senario in that they are all different theres no direct way of stopping em. I use GFI Mailessentials which is a killer spamkiller (inlike the wack mcafee released one) - it does everything but block the germans.

Someone find the culprits.

wes (http://wab.co.za) actually wants your spam!!

Hmm, since I rarely use email and few people know my gmail address I have never received spam at my gmail account, but my old Yahoo account is probably full of it. At least it blocks spam accurately.

drug zyban order zyban online http://bazaranet.iranseek.com/zyban/zyban_indicaciones.html zyban snort zyban sr tablets http://bazaranet.iranseek.com/zyban/anti_drug_smoking_zyban.html and .... web site zyban zyban prices http://bazaranet.iranseek.com/zyban/zyban_helping_quit_smoking.html zyban ban uk zyban prescription http://bazaranet.iranseek.com/zyban/generic_zyban.html buy canada zyban by canada in mail zyban http://bazaranet.iranseek.com/zyban/quitting_smoking_zyban.html .Thanks.

yes.this is my site http://shumaher.hollyvalance.tk/carisoprodol/carisoprodol_discription_and_image.html Thanks.

yes.this is my site http://shumaher.hollyvalance.tk/carisoprodol/carisoprodol_c_o_d_.html Thanks.

phentermine http://home.tiscali.cz:8080/phenterminecool/ ; Thanks!

Hello! Great blog! if you have an interest I can welcome you to my page! low rate credit card http://low-rate-credit-card.buy-cheap-pharmacy.com/low-rate-credit-card Respect to author! You are real genius!