.

[ingrownpocket]

.

[BurtW]

No.

[John (John K.)]

LOL. Theymos sounds like my Nigerian prince promising me my own island!

[Jan]

LOL. Theymos sounds like my Nigerian prince promising me my own island!

Hey you got the same donation address as me. Must be a coincidence related to the bad random generator on Android

[John (John K.)]

PS: Can you post the entire email header here (taking out your email addy if you want)

LOL. Theymos sounds like my Nigerian prince promising me my own island!

Hey you got the same donation address as me. Must be a coincidence related to the bad random generator on Android

What?

[pedrog]

I haven't receive it (yet), people who receive this email have their email address made public? Any reports of a database compromised or BitcoinTalk?

[nimda]

Simple address spoof; not legitimate.

Also the forum is drowning in BTC right now.

[theymos]

No, I didn't send that.

[qwk]

That's one of the reasons why I'd not recommend making your email address public on a web forum.
IT just makes you an easy target for SCAM-SPAM.

CONTRIBUTOR BENEFITS
- 0.1+ BTC = Donors crown before nick (everywhere your username is shown)

A Donator's crown would suit me nice, though

And while I'm dreaming, I'd like to have a pony.

[theymos]

Surprisingly, no one tried actually replying to the email. If they had, they would have reached me. (This is not a good way of contacting me, though -- I may disable theymos@bitcointalk.org in the future.)

[escrow.ms]

If it's a mass mail, someone should send 0.00000001 without fees to that address with a warning note like "IT'S A SCAM" and this thread's link.

[vgo]

I've received in Gmail.

[escrow.ms]

I've received in Gmail.

Because your email is on your profile.

[vgo]

I've received in Gmail.

Because your email is on your profile.

Obvious.

[Anduck]

PS: Can you post the entire email header here (taking out your email addy if you want)

LOL. Theymos sounds like my Nigerian prince promising me my own island!

Hey you got the same donation address as me. Must be a coincidence related to the bad random generator on Android

What?

I'm afraid you missed a joke...

[Mike Hearn]

There's a simple way to shut down this kind of phish: implement DKIM and DMARC.

Firstly, you make sure all mail being sent by bitcointalk.org is DKIM signed. It just boils down to configuring your SMTP server and DNS, more or less. Then all mail is cryptographically signed automatically.

Secondly, add another DNS TXT record that specifies a DMARC policy:

http://www.dmarc.org/overview.html

That tells mail engines that understand the protocol that bitcointalk.org should only be sending DKIM signed mail. You can also request reporting. Once you have that configured, compliant mail systems (like gmail and yahoo mail) can be told to automatically spamfolder any forged mail and mail a copy back to you, so you find out about phishing attempts immediately.

[WuLabsWuTecH]

I didn't realize we could contact theymos by email! (not that I would ever have occasion to)

[HeroC]

I wish donator stats were that cheap. 

[Raize]

Received: from wl23-f168.wedos.net (wl23-f168.wedos.net. [2a02:2b88:1:4::27])
        by mx.google.com with ESMTPS id t9si28084548eeo.35.2013.08.12.08.32.26
        for <info@carloslago.com>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Mon, 12 Aug 2013 08:32:26 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of w32382@wedos.net designates 2a02:2b88:1:4::27 as permitted sender) client-ip=2a02:2b88:1:4::27;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of w32382@wedos.net designates 2a02:2b88:1:4::27 as permitted sender) smtp.mail=w32382@wedos.net

Why is Google accepting a random IPv6 address as a legitimate sender for @bitcointalk.org when the spf record for bitcointalk.org only designates its MX servers (presumably IPv4 addresses) as valid?

Bitcointalk.org SPF:

v=spf1 mx a ~all

For what its worth, I didn't receive this email and I've checked my spam folders to verify.

Maybe this is an argument for going back to doing a hard fail using "-all" instead of the soft fail on "~all".

It's weird Google doesn't even consider this email the least bit suspicious though. It just says "spf-pass" like there's nothing wrong, using wedos.net as the authenticating domain even though the Reply-To: and From: are clearly from a domain NOT associated with wedos.net.

[John (John K.)]

PS: Can you post the entire email header here (taking out your email addy if you want)

LOL. Theymos sounds like my Nigerian prince promising me my own island!

Hey you got the same donation address as me. Must be a coincidence related to the bad random generator on Android

What?

I'm afraid you missed a joke...

Oops, was too tired when I posted this.