Carl Johnstone wrote:
> Looks like somebody has managed to subscribe one of the PayPal support
> email addresses to the list...

No - a zombie somewhere sent an email with 'from' address, 'to' address, a subject
line from the modperl list and with the message "my google alert sent
this to me...." and a possibly disguised link (there's no rhyme or
reason to spam links sometimes).

Paypal's ever helpful customer services then replied to the forged
'from' - - saying "sorry you didn't supply
enough information".

Nothing to do with the modperl list except that an email address,
subject and a link were harvested from someone's PC by malware or one of
the public archives by a spider. I run a small ISP and we see this a
lot - you should hear the words people say when they're told spam might
use their email address but be nothing to do with them!