Check out this email....[Fwd: The next big thing for websites]

Wade Smart wade at wadesmart.com
Mon Aug 20 00:26:17 UTC 2007 

08192007 1918 GMT-6 DST

Ok. I must be a bit stupid because, Im looking at the source of this 
email and there is no code here. It was sent as a plain text email. And 
if I click the link and it went to a website then it would have to 
access my local host account - which I have localhost blocked via 
firewall. And on top of that, if I type in the url in my address bar, it 
still brings up my own localhost account.

Im not seeing how this really works. Now I could see that it would work 
that way if it was a html email and it had php embedded but, as it is 
now, if I type in the url it actually brings up my computer. Now, 
granted, its not online and its only my localhost account. But even 
after clearing my cookies and cache it still comes up.

When it brings up the Index of / for my localhost account it says in the 
footer:
"Apache/2.2.3 (Ubuntu) PHP/5.2.1 Server at ulwebnet.com Port 80"
If I type in localhost its says that same except at localhost.
That to me says trouble.

wade



John Dangler wrote:
> 
> 
> -----Original Message-----
> From: ubuntu-users-bounces at lists.ubuntu.com on behalf of Mark Kelly
> Sent: Sun 8/19/2007 7:43 PM
> To: Ubuntu user technical support,  not for general discussions
> Subject: Re: Check out this email....[Fwd: The next big thing for websites]
>  
> Hi.
> 
> On Sunday 19 August 2007 23:50, musicman wrote:
>> Yeah, I got the same result
>>
>> ouch
>>
>>
>> What is it doing?
> 
> A redirect to http://localhost/ basically.
> 
> For example if you are using php:
> 
> <?php
> header('Location: http://localhost/');
> ?>
> 
> in a file will do what you see from that site. It should be a trivial trick 
> in any web language. It will work even behind a perfectly secure firewall, 
> as packets for localhost will not leave your machine. The remote site is 
> not accessing your machine.
> 
> They are probably doing it (a) because they think it's funny, and more 
> importantly (b) to see how successful their spam is and collect IP 
> addresses. You might also want to clear your cookies out. 
> 
> Every time you click on something like this you are encouraging the 
> spammers, as they can see that not only are they getting through, but 
> someone is still willing to click links in spam emails. My advice is that 
> if you are genuinely interested in a link in an email, google the domain 
> or product name to see what's there, rather than click on it directly; if 
> the product is for real it should be obvious enough.
> 
> Don't use the unsubscribe either, you'll just end up confirming your 
> address is live and making it worth sending even more spam to.
> 
> HTH
> 
> Mark
> 
> (insert finger in mouth - ala fish hook - pull) ...
> 
> 
>

More information about the ubuntu-users mailing list