Closed Bug 280347 Opened 20 years ago Closed 18 years ago

thunderbird loading remote images from spam when it should not

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED INVALID
Milestone:
Thunderbird0.2

People

(Reporter: lists, Assigned: mscott)

Details

Attachments

(3 files)

spam sample 3 loading remote images
1.42 KB, text/plain
Details
Spam triggering the misery
47.89 KB, message/rfc822
Details
Asian spam that defeats 'block loading of remote images'. The images show in Thunderbird 1.0, but do NOT show in 1.0.7. It appears that the problem has been fixed in 1.0.7.
15.88 KB, text/plain
Details 
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0
Build Identifier: thunderbird version 1.0 (20041206) on mandrake

preferences are set for thunderbird to not load remote images if sender is not
in my personal address book, and most of the time this works. but spammers found
a way to encode their messages so remote images get loaded. this is a security
problem for me because this can send the spammer information about me, that i
read his emails and when. it's an invasion of my privacy too, so i think it is
critical.

Reproducible: Always




here is a sample email:

MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="--228946900596832"
X-Priority: 3
X-MSMail-Priority: Normal
X-UIDL: A#V"!\BN!!L(l"!glb!!

----228946900596832
Content-Type: text/html;
Content-Transfer-Encoding: base64

PGh0bWw+DQogIDxoZWFkPg0KICA8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LXR5cGUiIGNv
bnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1ldWMta3IiPg0KICAgICAgPHRpdGxlPjwvdGl0
bGU+DQogIDwvaGVhZD4NCiAgPEJPRFk+DQo8RElWPg0KPFRBQkxFIGNlbGxTcGFjaW5nPTAg
Y2VsbFBhZGRpbmc9MCB3aWR0aD0iMTAwJSIgYm9yZGVyPTA+DQogIDxUQk9EWT4NCiAgPFRS
Pg0KICAgIDxURCBjb2xTcGFuPTMgaGVpZ2h0PTEwPjwvVEQ+PC9UUj4NCiAgPFRSPg0KICAg
IDxURCBzdHlsZT0iUEFERElORy1MRUZUOiA0MHB4IiBjb2xTcGFuPTM+PFgtTUVUQSBIVFRQ
LUVRVUlWPSJDb250ZW50LVR5cGUiIA0KICAgICAgQ09OVEVOVD0idGV4dC9odG1sOyBjaGFy
c2V0PWV1Yy1rciI+DQogICAgICA8VEFCTEUgd2lkdGg9IjEwMCUiIGJnQ29sb3I9I2ZmZmZm
ZiBMRUZUTUFSR0lOPSIwIiBUT1BNQVJHSU49IjAiIA0KICAgICAgTUFSR0lOV0lEVEg9IjAi
IE1BUkdJTkhFSUdIVD0iMCI+DQogICAgICAgIDxUQk9EWT4NCiAgICAgICAgPFRSPg0KICAg
ICAgICAgIDxURCB2QWxpZ249dG9wPg0KICAgICAgICAgICAgPENFTlRFUj48QSBocmVmPSJo
dHRwOi8vZnJlZTcuaXZ5cm8ubmV0L3B0MDA1L2luZGV4Lmh0bWwiIA0KICAgICAgICAgICAg
dGFyZ2V0PV9ibGFuaz48Rk9OVCBjb2xvcj1ibHVlIHNpemU9ND7AzLnMwfawoSC6uMDMwfYg
vsrAuyC2p7TCIMWsuK/H2MHWvLy/5DwvRk9OVD4gDQogICAgICAgICAgICA8UD48L1A+DQog
ICAgICAgICAgICA8VEFCTEUgY2VsbFNwYWNpbmc9MCBjZWxsUGFkZGluZz0wIHdpZHRoPTcw
MCBib3JkZXI9MD4NCiAgICAgICAgICAgICAgPFRCT0RZPg0KICAgICAgICAgICAgICA8VFI+
DQogICAgICAgICAgICAgICAgPFREPjxBIGhyZWY9Imh0dHA6Ly9mcmVlNy5pdnlyby5uZXQv
cHQwMDUvaW5kZXguaHRtbCIgDQogICAgICAgICAgICAgICAgICB0YXJnZXQ9X2JsYW5rPjxJ
TUcgaGVpZ2h0PTM1NyBhbHQ9IiIgDQogICAgICAgICAgICAgICAgICBzcmM9Imh0dHA6Ly9m
cmVlOC5pdnlyby5uZXQvaW1hZ2VzL2JpYV8wMS5qcGciIHdpZHRoPTcwMCANCiAgICAgICAg
ICAgICAgICAgIGJvcmRlcj0wPjwvQT48L1REPjwvVFI+DQogICAgICAgICAgICAgIDxUUj4N
CiAgICAgICAgICAgICAgICA8VEQ+PEEgaHJlZj0iaHR0cDovL2ZyZWU3Lml2eXJvLm5ldC9w
dDAwNS9pbmRleC5odG1sIiANCiAgICAgICAgICAgICAgICAgIHRhcmdldD1fYmxhbms+PElN
RyBoZWlnaHQ9MzQyIGFsdD0iIiANCiAgICAgICAgICAgICAgICAgIHNyYz0iaHR0cDovL2Zy
ZWU4Lml2eXJvLm5ldC9pbWFnZXMvYmlhXzAyLmpwZyIgd2lkdGg9NzAwIA0KICAgICAgICAg
ICAgICAgICAgYm9yZGVyPTA+PC9BPjwvVEQ+PC9UUj4NCiAgICAgICAgICAgICAgPFRSPg0K
ICAgICAgICAgICAgICAgIDxURD48QSBocmVmPSJodHRwOi8vZnJlZTcuaXZ5cm8ubmV0L3B0
MDA1L2luZGV4Lmh0bWwiIA0KICAgICAgICAgICAgICAgICAgdGFyZ2V0PV9ibGFuaz48SU1H
IGhlaWdodD0zMDEgYWx0PSIiIA0KICAgICAgICAgICAgICAgICAgc3JjPSJodHRwOi8vZnJl
ZTguaXZ5cm8ubmV0L2ltYWdlcy9iaWFfMDMuanBnIiB3aWR0aD03MDAgDQogICAgICAgICAg
ICAgICAgICBib3JkZXI9MD48L0E+PC9URD48L1RSPg0KICAgICAgICAgICAgICA8VFI+DQog
ICAgICAgICAgICAgICAgPFREPg0KICAgICAgICAgICAgICAgICAgPEZPUk0gYWN0aW9uPWh0
dHA6Ly9mcmVlNy5pdnlyby5uZXQvcmVqZWN0MS9SZWplY3RNYWlsLnBocCANCiAgICAgICAg
ICAgICAgICAgIG1ldGhvZD1wb3N0IHRhcmdldD1ibGFuaz48SU5QVVQgdHlwZT1oaWRkZW4g
DQogICAgICAgICAgICAgICAgICB2YWx1ZT1CODU2MTEyN2EzYWRiNzNmOTRjZTNhZmY1MzEx
ZmVjMGIgDQogICAgICAgICAgICAgICAgICBuYW1lPVNFUlZJQ0VfQ09ERT48QlI+PElOUFVU
IHNpemU9MzAgdmFsdWU9IiAiIA0KICAgICAgICAgICAgICAgICAgbmFtZT11c2VyX2VtYWls
PiA8SU5QVVQgdHlwZT1pbWFnZSANCiAgICAgICAgICAgICAgICAgIHNyYz0iaHR0cDovL2Zy
ZWU3Lml2eXJvLm5ldC9yZWplY3QxL2RlbnkuZ2lmIj4gufbGsMC7IMWsuK/Hz73DuOkgDQog
ICAgICAgICAgICAgICAgICC89r3FsMW6zsOzuK6woSDAzLfnvu4gwf20z7TZLjxCUj4oSWYg
eW91IGRvbqOndCB3YW50IHRvIHJlY2VpdmUgdGhpcyBtYWlsIA0KICAgICAgICAgICAgICAg
ICAgYW55bW9yZSwgY2xpY2sgaGVyZSANCiAgICAgICAgICAgIFtEZW55XSk8L0ZPUk0+PC9U
RD48L1RSPjwvVEJPRFk+PC9UQUJMRT48L0E+PC9DRU5URVI+PC9URD48L1RSPjwvVEJPRFk+
PC9UQUJMRT48L1REPjwvVFI+PC9UQk9EWT48L1RBQkxFPjwvRElWPg0KICA8L0JPRFk+DQo8
L2h0bWw+DQo=
----228946900596832--
here is another sample.
The same bug appears in Mozilla Seamonkey Mail as well.
I see it too.  It appears that images sent along in the email via base64
encoding sneak by the Junk mail functionality that normally doesn't display
them.  It also appears to disable the "Show Images" functionality as well.
this bug is a security breach.
my private email address gets revealed/confirmed to dictionary-attackers this way, 
as the url of these spam messages contain an identifier.
and it is happening almost daily now.
what can we do to have this bug fixed in thunderbird 1.1 ?
Summary: thunderbird loading remote image from spam when it should not → thunderbird loading remote images from spam when it should not
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:
Firefox:     http://www.mozilla.org/projects/firefox/
Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html
Seamonkey:   http://www.mozilla.org/projects/seamonkey/

See Screenshot here:
http://outpost.sprinzing.org/ThunderbirdZeigtSpamBilder

What a Bugger!. I can even play around with TB and it still shows the "smut".
Attachment #199570 - Attachment description: Asian spam that defeats 'block loading of remote images' → Asian spam that defeats 'block loading of remote images'. The images show in Thunderbird 1.0, but do NOT show in 1.0.7. It appears that the problem has been fixed in 1.0.7.
the 'Asian spam' test case is still loading images with version 1.5 Beta 2
(20051008)
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8b5) Gecko/20051008
Thunderbird/1.4.1 Mnenhy/0.7.2.0 ID:2005100806
This is a significant problem both for intentional spammers as outlined above, as well as for the completely repeatable condition where SpamAssassin includes the original (spam) message as an attachment. Confirmed in version 1.0.7 (20050923)

http://forums.mozillazine.org/viewtopic.php?p=1843427#1843427

Identifies other cases where this is an issue.

Strongly suggest raising severity to CRITICAL as it is a major deficiency in a security-related feature.

Strongly suggest making this a CONFIRMED bug.
(In reply to comment #0)
> User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
> Gecko/20041107 Firefox/1.0
> Build Identifier: thunderbird version 1.0 (20041206) on mandrake
> 
> preferences are set for thunderbird to not load remote images if sender is not
> in my personal address book, and most of the time this works. but spammers
> found
> a way to encode their messages so remote images get loaded. this is a security
> problem for me because this can send the spammer information about me, that i
> read his emails and when. it's an invasion of my privacy too, so i think it is
> critical.
> 
> Reproducible: Always
> 
> 
> 
> 
> here is a sample email:
> 
> MIME-Version: 1.0
> Content-Type: multipart/alternative;
>         boundary="--228946900596832"
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-UIDL: A#V"!\BN!!L(l"!glb!!
> 
> ----228946900596832
> Content-Type: text/html;
> Content-Transfer-Encoding: base64
> 
> PGh0bWw+DQogIDxoZWFkPg0KICA8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LXR5cGUiIGNv
> bnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1ldWMta3IiPg0KICAgICAgPHRpdGxlPjwvdGl0
> bGU+DQogIDwvaGVhZD4NCiAgPEJPRFk+DQo8RElWPg0KPFRBQkxFIGNlbGxTcGFjaW5nPTAg
> Y2VsbFBhZGRpbmc9MCB3aWR0aD0iMTAwJSIgYm9yZGVyPTA+DQogIDxUQk9EWT4NCiAgPFRS
> Pg0KICAgIDxURCBjb2xTcGFuPTMgaGVpZ2h0PTEwPjwvVEQ+PC9UUj4NCiAgPFRSPg0KICAg
> IDxURCBzdHlsZT0iUEFERElORy1MRUZUOiA0MHB4IiBjb2xTcGFuPTM+PFgtTUVUQSBIVFRQ
> LUVRVUlWPSJDb250ZW50LVR5cGUiIA0KICAgICAgQ09OVEVOVD0idGV4dC9odG1sOyBjaGFy
> c2V0PWV1Yy1rciI+DQogICAgICA8VEFCTEUgd2lkdGg9IjEwMCUiIGJnQ29sb3I9I2ZmZmZm
> ZiBMRUZUTUFSR0lOPSIwIiBUT1BNQVJHSU49IjAiIA0KICAgICAgTUFSR0lOV0lEVEg9IjAi
> IE1BUkdJTkhFSUdIVD0iMCI+DQogICAgICAgIDxUQk9EWT4NCiAgICAgICAgPFRSPg0KICAg
> ICAgICAgIDxURCB2QWxpZ249dG9wPg0KICAgICAgICAgICAgPENFTlRFUj48QSBocmVmPSJo
> dHRwOi8vZnJlZTcuaXZ5cm8ubmV0L3B0MDA1L2luZGV4Lmh0bWwiIA0KICAgICAgICAgICAg
> dGFyZ2V0PV9ibGFuaz48Rk9OVCBjb2xvcj1ibHVlIHNpemU9ND7AzLnMwfawoSC6uMDMwfYg
> vsrAuyC2p7TCIMWsuK/H2MHWvLy/5DwvRk9OVD4gDQogICAgICAgICAgICA8UD48L1A+DQog
> ICAgICAgICAgICA8VEFCTEUgY2VsbFNwYWNpbmc9MCBjZWxsUGFkZGluZz0wIHdpZHRoPTcw
> MCBib3JkZXI9MD4NCiAgICAgICAgICAgICAgPFRCT0RZPg0KICAgICAgICAgICAgICA8VFI+
> DQogICAgICAgICAgICAgICAgPFREPjxBIGhyZWY9Imh0dHA6Ly9mcmVlNy5pdnlyby5uZXQv
> cHQwMDUvaW5kZXguaHRtbCIgDQogICAgICAgICAgICAgICAgICB0YXJnZXQ9X2JsYW5rPjxJ
> TUcgaGVpZ2h0PTM1NyBhbHQ9IiIgDQogICAgICAgICAgICAgICAgICBzcmM9Imh0dHA6Ly9m
> cmVlOC5pdnlyby5uZXQvaW1hZ2VzL2JpYV8wMS5qcGciIHdpZHRoPTcwMCANCiAgICAgICAg
> ICAgICAgICAgIGJvcmRlcj0wPjwvQT48L1REPjwvVFI+DQogICAgICAgICAgICAgIDxUUj4N
> CiAgICAgICAgICAgICAgICA8VEQ+PEEgaHJlZj0iaHR0cDovL2ZyZWU3Lml2eXJvLm5ldC9w
> dDAwNS9pbmRleC5odG1sIiANCiAgICAgICAgICAgICAgICAgIHRhcmdldD1fYmxhbms+PElN
> RyBoZWlnaHQ9MzQyIGFsdD0iIiANCiAgICAgICAgICAgICAgICAgIHNyYz0iaHR0cDovL2Zy
> ZWU4Lml2eXJvLm5ldC9pbWFnZXMvYmlhXzAyLmpwZyIgd2lkdGg9NzAwIA0KICAgICAgICAg
> ICAgICAgICAgYm9yZGVyPTA+PC9BPjwvVEQ+PC9UUj4NCiAgICAgICAgICAgICAgPFRSPg0K
> ICAgICAgICAgICAgICAgIDxURD48QSBocmVmPSJodHRwOi8vZnJlZTcuaXZ5cm8ubmV0L3B0
> MDA1L2luZGV4Lmh0bWwiIA0KICAgICAgICAgICAgICAgICAgdGFyZ2V0PV9ibGFuaz48SU1H
> IGhlaWdodD0zMDEgYWx0PSIiIA0KICAgICAgICAgICAgICAgICAgc3JjPSJodHRwOi8vZnJl
> ZTguaXZ5cm8ubmV0L2ltYWdlcy9iaWFfMDMuanBnIiB3aWR0aD03MDAgDQogICAgICAgICAg
> ICAgICAgICBib3JkZXI9MD48L0E+PC9URD48L1RSPg0KICAgICAgICAgICAgICA8VFI+DQog
> ICAgICAgICAgICAgICAgPFREPg0KICAgICAgICAgICAgICAgICAgPEZPUk0gYWN0aW9uPWh0
> dHA6Ly9mcmVlNy5pdnlyby5uZXQvcmVqZWN0MS9SZWplY3RNYWlsLnBocCANCiAgICAgICAg
> ICAgICAgICAgIG1ldGhvZD1wb3N0IHRhcmdldD1ibGFuaz48SU5QVVQgdHlwZT1oaWRkZW4g
> DQogICAgICAgICAgICAgICAgICB2YWx1ZT1CODU2MTEyN2EzYWRiNzNmOTRjZTNhZmY1MzEx
> ZmVjMGIgDQogICAgICAgICAgICAgICAgICBuYW1lPVNFUlZJQ0VfQ09ERT48QlI+PElOUFVU
> IHNpemU9MzAgdmFsdWU9IiAiIA0KICAgICAgICAgICAgICAgICAgbmFtZT11c2VyX2VtYWls
> PiA8SU5QVVQgdHlwZT1pbWFnZSANCiAgICAgICAgICAgICAgICAgIHNyYz0iaHR0cDovL2Zy
> ZWU3Lml2eXJvLm5ldC9yZWplY3QxL2RlbnkuZ2lmIj4gufbGsMC7IMWsuK/Hz73DuOkgDQog
> ICAgICAgICAgICAgICAgICC89r3FsMW6zsOzuK6woSDAzLfnvu4gwf20z7TZLjxCUj4oSWYg
> eW91IGRvbqOndCB3YW50IHRvIHJlY2VpdmUgdGhpcyBtYWlsIA0KICAgICAgICAgICAgICAg
> ICAgYW55bW9yZSwgY2xpY2sgaGVyZSANCiAgICAgICAgICAgIFtEZW55XSk8L0ZPUk0+PC9U
> RD48L1RSPjwvVEJPRFk+PC9UQUJMRT48L0E+PC9DRU5URVI+PC9URD48L1RSPjwvVEJPRFk+
> PC9UQUJMRT48L1REPjwvVFI+PC9UQk9EWT48L1RBQkxFPjwvRElWPg0KICA8L0JPRFk+DQo8
> L2h0bWw+DQo=
> ----228946900596832--
> 

(In reply to comment #9)
> This is a significant problem both for intentional spammers as outlined above,
> as well as for the completely repeatable condition where SpamAssassin includes
> the original (spam) message as an attachment. Confirmed in version 1.0.7
> (20050923)
> 
> http://forums.mozillazine.org/viewtopic.php?p=1843427#1843427
> 
> Identifies other cases where this is an issue.
> 
> Strongly suggest raising severity to CRITICAL as it is a major deficiency in a
> security-related feature.
> 
> Strongly suggest making this a CONFIRMED bug.
> 

(In reply to comment #9)
> This is a significant problem both for intentional spammers as outlined above,
> as well as for the completely repeatable condition where SpamAssassin includes
> the original (spam) message as an attachment. Confirmed in version 1.0.7
> (20050923)
> 
> http://forums.mozillazine.org/viewtopic.php?p=1843427#1843427
> 
> Identifies other cases where this is an issue.
> 
> Strongly suggest raising severity to CRITICAL as it is a major deficiency in a
> security-related feature.
> 
> Strongly suggest making this a CONFIRMED bug.
> 

I have a similar problem : Trying to forward a mail wich has blocked remote images cause the images to appear... This is a security breach.
> I have a similar problem : Trying to forward a mail wich has blocked remote
> images cause the images to appear...

Do not *ever* add a "similar problem" to an existing bug and expect it to get fixed, it will generally get completely missed. It might get fixed if it's got exactly the same cause, in which case it would have gotten fixed whether or not you added it to the bug 

Instead file a NEW bug. You may then wish to add a comment to the old bug like "I have a similar problem: Trying to forward a mail which has blocked remote images cause the images to appear... I have filed this as bug XXXXX"

Almost the same, except now something is much more likely to happen with your variant.

(speaking of noise, don't clutter things up by copying gobs of text from previous comments. We've all got the bug RIGHT HERE, it's not email. A simple reference like "in comment 2 bob said..." will work, or a small quote as a context reminder)
Thunderbird blocks *remote* images to prevent "web bugs" -- where fetching the image tells the spammer you've read it and they now know a live address. (they can encode your address in the URI of the image they request... they don't even have to serve up an image, they just need to collect the server logs).

The purpose of the feature is not to hide images, it's to block remote loads for privacy purposes. In-line images do not have these privacy issues and are shown (I wish the button said "Load Images" rather than "Show Images" :-( )

If you want to hide images you can change the View menu "Message Body As" setting to Simple Html or Plain Text and no images will be shown. Also I believe Thunderbird does not show even in-line images in mail it considers Junk, but of course the problem here is that *you* think this message is Spam but Thunderbird hasn't learned that yet.
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
Target Milestone: --- → Thunderbird0.2
This bug has returned! I am using Icedove 38.7.0 on Debian 8.3.

Here is a sample message source code:

Return-path: <romano@romanovendas.com.br>
Envelope-to: [MYEMAIL]
Delivery-date: Wed, 23 Mar 2016 17:51:41 -0500
Received: from mxgw2.sili.com.br ([200.170.82.212]:54351 helo=mxgw.sili.com.br)
	by br594.hostgator.com.br with esmtp (Exim 4.86_1)
	(envelope-from <romano@romanovendas.com.br>)
	id 1aircp-0004h9-1e
	for ; Wed, 23 Mar 2016 17:51:41 -0500
Received: from mail.sili.com.br ([200.170.82.150])
        by mxgw.sili.com.br (IceWarp 11.4.0.1 x64) with ESMTP id 201603231951025040;
        Wed, 23 Mar 2016 19:51:02 -0300
Received: from PC-WR.romanovendas.com.br ([187.37.180.172])
        by mail.sili.com.br (MailServer) with ASMTP id 201603231950382215;
        Wed, 23 Mar 2016 19:50:38 -0300
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Wed, 23 Mar 2016 19:45:03 -0300
To: romano@romanovendas.com.br
From: Romano <romano@romanovendas.com.br>
Subject: =?iso-8859-1?Q?REVISTAS_PENTHOUSE_E_GIB=CDS_ER=D3TICOS_!?=
Mime-Version: 1.0
Content-Type: multipart/related;
	type="multipart/alternative";
	boundary="=====================_8804228==.REL"
X-Antivirus: avast! (VPS 160323-2, 23/03/2016), Outbound message
X-Antivirus-Status: Not-Tested
Message-ID: <cc5ebcc76e6a0efdb6a91be4d63468c9@romanovendas.com.br>
X-Sender: <romano@romanovendas.com.br>
X-Auth: romano@romanovendas.com.br

--=====================_8804228==.REL
Content-Type: multipart/alternative;
	boundary="=====================_8804228==.ALT"

--=====================_8804228==.ALT
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: quoted-printable

75000 VENDIDAS! E AGORA S=C3O DUAS AS OFERTAS ESPECIAIS !
S=D3 PARA ATACADISTAS, DISTRIBUIDORES E REVENDEDORES !
Emacs!


Emacs!

Emacs!

Emacs!

Emacs!

[]

[]

[]

[]


AS COLET=C2NEAS DE GIB=CDS ER=D3TICOS CHEGARAM! R$ 1,89 CADA!
PRE=C7OS DE CAPA: R$ 5,90 A R$ 6,90 ! MUITAS CAPAS E TODAS
COM 3 A 5 REVISTAS ENCADERNADAS E MEDIA DE 200 P=C1GINAS !
Emacs!

Emacs!

Emacs!

Emacs!


Emacs!


(ATEN=C7=C3O: ESTE E-MAIL =C9 DESTINADO A EMPRESAS QUE=20
TRABALHAM COM MATERIAL ER=D3TICO LEGAL)
(SE VOCE N=C3O PERTENCE A ESSE RAMO, P/FAVOR=20
PERDOE-NOS E RETORNE, QUE ELIMINAREMOS SEU ENDERE=C7O)
(OS E-MAILS FORAM COLHIDOS ATRAV=C9S DE PROGRAMAS=20
DE PESQUISAS NA INTERNET E VIA GOOGLE-BUSCA)

MUNDO DA CULTURA BRASIL PUBLICA=C7=D5ES LTDA -=20
ACESS=D3RIOS ESCOLARES, LIVROS E REVISTAS
ATENDEMOS  ATACADISTAS,  DISTRIBUIDORES,  SEBOS,=20
SUPERMERCADOS  E  OUTROS RAMOS
FONES: 011 - 38051200 / 38546272 / 981830362 FA=C7A=20
SEU PEDIDO GANHE DINHEIRO AGORA





--=====================_8804228==.ALT
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html>
<body>
<font face=3D"Showcard Gothic" size=3D5 color=3D"#008000"><b><u>75000 VENDID=
AS!
E AGORA S=C3O DUAS AS OFERTAS ESPECIAIS !</u> <br>
S=D3 PARA ATACADISTAS, DISTRIBUIDORES E REVENDEDORES !<br>
</b></font>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.14"=
 width=3D819 height=3D512 alt=3D"Emacs!">
</b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <br>
<font face=3D"Showcard Gothic" size=3D4 color=3D"#FF0000">
&nbsp;<img=
 src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.15"=
 width=3D200 height=3D253 alt=3D"Emacs!">
 <img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.16"=
 width=3D206 height=3D253 alt=3D"Emacs!">
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.17"=
 width=3D201 height=3D250 alt=3D"Emacs!">
 <img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.18"=
 width=3D187 height=3D253 alt=3D"Emacs!"><br>
</font>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.19"=
 width=3D185 height=3D253 alt=3D"[]">
&nbsp;&nbsp;&nbsp;&nbsp; <font color=3D"#0000FF">&nbsp;
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.20"=
 width=3D200 height=3D253 alt=3D"[]">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.21"=
 width=3D191 height=3D253 alt=3D"[]">
 <img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.22"=
 width=3D187 height=3D253 alt=3D"[]">&nbsp;
<br><br>
</font><font face=3D"Comic Sans MS" size=3D4 color=3D"#0000FF"><b>AS COLET=
=C2NEAS
DE GIB=CDS ER=D3TICOS CHEGARAM!
</font><font face=3D"Comic Sans MS" size=3D4 color=3D"#FF0000"><u>R$ 1,89
CADA!</u></font><font face=3D"Comic Sans MS" size=3D4 color=3D"#0000FF">=
 <br>
<u>PRE=C7OS DE CAPA: R$ 5,90 A R$ 6,90 !</u> MUITAS CAPAS E TODAS <br>
COM 3 A 5 REVISTAS ENCADERNADAS E <u>MEDIA DE 200 P=C1GINAS !<br>
</u></b></font>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.23"=
 width=3D613 height=3D454 alt=3D"Emacs!">
</u></b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <br>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.24"=
 width=3D610 height=3D454 alt=3D"Emacs!">
&nbsp;&nbsp;&nbsp;&nbsp; <br>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.25"=
 width=3D608 height=3D454 alt=3D"Emacs!">
&nbsp; <br>
<img src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.26"=
 width=3D613 height=3D454 alt=3D"Emacs!">
&nbsp;<br>
&nbsp;<img=
 src=3D"cid:7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.27"=
 width=3D598 height=3D454 alt=3D"Emacs!">
 <br><br>
<font size=3D2><b><i>(ATEN=C7=C3O: ESTE E-MAIL =C9 DESTINADO A EMPRESAS QUE
TRABALHAM COM MATERIAL ER=D3TICO LEGAL)<br>
(SE VOCE N=C3O PERTENCE A ESSE RAMO, P/FAVOR PERDOE-NOS E RETORNE, QUE
ELIMINAREMOS SEU ENDERE=C7O)<br>
(OS E-MAILS FORAM COLHIDOS ATRAV=C9S DE PROGRAMAS DE PESQUISAS NA INTERNET
E VIA GOOGLE-BUSCA)<br>
</i></font><x-sigsep><p></x-sigsep>
<font face=3D"Tempus Sans ITC" size=3D1 color=3D"#0000FF">MUNDO DA CULTURA
BRASIL PUBLICA=C7=D5ES LTDA - ACESS=D3RIOS ESCOLARES, LIVROS E REVISTAS<br>
ATENDEMOS&nbsp; ATACADISTAS,&nbsp; DISTRIBUIDORES,&nbsp; SEBOS,&nbsp;
SUPERMERCADOS&nbsp; E&nbsp; OUTROS RAMOS <br>
FONES: 011 - 38051200 / 38546272 / 981830362 FA=C7A SEU PEDIDO GANHE
DINHEIRO AGORA <br><br>
<br><br>
<br>
</font></b></body>
</html>

--=====================_8804228==.ALT--

--=====================_8804228==.REL
Content-Type: image/jpeg; name="84d7e9.jpg";
 x-mac-type="4A504547"; x-mac-creator="4A565752"
Content-ID: <7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.14>
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="84d7e9.jpg"

/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAIAAzMDASIA
AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3
...
--=====================_8804228==.REL
Content-Type: image/jpeg; name="84d7f9.jpg";
 x-mac-type="4A504547"; x-mac-creator="4A565752"
Content-ID: <7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.15>
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="84d7f9.jpg"

/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAD9AMgDASIA
AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBk...
--=====================_8804228==.REL
Content-Type: image/jpeg; name="84d808.jpg";
 x-mac-type="4A504547"; x-mac-creator="4A565752"
Content-ID: <7.1.0.9.0.20160323194442.04fb7160@romanovendas.com.br.16>
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="84d808.jpg"

/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/2wBDAQEBAQEBAQEBAQEBAQEBAQEBAQEB
AQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQH/wAARCAD9AM4DASIA
AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEI...

--=====================_8804228==.REL--
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: