This is incredibly bizarre. Today I’ve started getting spam which is clearly coming from zombies and using fake return addresses and forged headers, but the content is a plaintext message encouraging hurricane relief donations and linking to the legitimate Red Cross and FEMA websites. There’s one further link, to arc.convio.net, but the ISC reports that the site is legit.

It literally looks like some spammer decided to encourage donations to the relief effort, picked an organization he figured most people would recognize, and plugged the message into his usual spam software.

I can’t decide what to do about them! On one hand, they’re spam. They’re unsolicited, they’re using spammer techniques, and they’re clearly not associated with the Red Cross. And we’ve always said the issue is “consent, not content.” But if the ISC is right, they’re not trying to pull a fast one like the scams and spyware installers that are leeching off of the catastrophe.

I keep thinking I should train the filter on them anyway, just like I would add political or religious spam, or an everyday charity that decided to start spamming for donations… but for some reason I just can’t bring myself to do it.