After going through the Blogs Mailing List I come upon some interesting users. It is obvious to those who have signed up that there is no Captcha[1,2] so spammers go through.
The URL field of one of the latest entries had the following: https://bugzilla.andrew.cmu.edu/attachment.cgi?id=831
We can see clearly that this is a University system and a bug reporting system (bugzilla), to be more specific.
The file attached goes along the lines:
“Phentermine diet pills diet pills
As Phentermine diet pills is an older drug, no new efficacy trials have been conducted. The one notable excep…”
So the spammers are now storing their spam messages on University systems. The immediate purpose eludes me. If it was something else, like a MP3, I would understand but SPAM messages?
University Administrators tune in your outgoing filters to keywords associated with SPAM content (e.g., diet pills, via*ra, etc.). Since these files do not create much network traffic and are hard to trace.