Hmmm… I found mine in the trash can after some further searching. You’re right, it looks like a plaintext mail, so no chance to hide anything in the linl.
My mailer did flag it as suspicious, but now that I look deeper into the headers that seems just to be the case because you use your own mail server that’s not on any of the standard whitelists.
Aaaaah…
Hmmm… well, if he went to the “link above”… that probably means the spyware/adware/malware link was inside the PM he received on the board, and not inside the mail at all!
I found it suspicious since I received that PM notification but there was no PM… the later was probably just because at that point, the spamming user was already deleted along with all his PMs?
So, to sum it up: the email seemed to be a perfectly legit notification of a PM (Private Message) received here on the board.
The contents of the private message is something completely different – it could have come from ANY member of this board, including spambots (which are well known to target phpBB since its the most widely spread free forum software).
This is still a good argument to always update phpBB though, since these automated PMs wouldn’t be possible if the spambot would stay outside because he can’t automatically sign up.