The Retry of the zombies: zipped text spam

Commtouch just identified a new spam technique that spammers have been experimenting with massively over the past 24 hours: spam with a zipped attachment, sometimes password-protected, and the zip contains a text file with a stock promotion. Some facts:
1) Commtouch identified this new type of “Zip spam” yesterday (July 30) at 10 pm GMT, and the outbreak is continuing now.
2) The zip files in some cases cannot be opened by regular winzip or the zip utility built into windows, but can be opened by other compression tools like winrar. This may cause them to bypass some anti-spam content-filters, that cannot open the files in order to scan the content. The fact that the attachments are fairly difficult to open (i.e. you need software that is not standard on most business PCs) decreases the spam response rate considerably. We believe this may be a spammer’s error.
3) The Subjects are randomized, containing words like invitation, alert, notice, unpaid, article, invoice, document; sometimes the subjects are empty. The Body of the email messages is often empty. These are also tricks to bypass content-filters.
4) Most interesting: we have evidence that the zombies sending the spam are behaving very similarly to regular MTAs, including re-trying when they receive a “temp-fail” message. This means that only a true dynamic zombie-detection network (and no mere graylisting) can block these unrelenting messages.