Way OT: Blank emails without headers

BiL Castine bil.castine at gmail.com
Sun Jan 1 17:14:07 PST 2006 

further investigation of the very sparse header block on one of these 
messages revealed an IP 83.33.238.29 which gave inconclusive but 
interesting results when plugged into DNSstuff.com's spam database 
lookup tool:
http://www.dnsstuff.com/tools/ip4r.ch?ip=83.33.238.29

a whois lookup on the same IP yeilded:
http://www.dnsstuff.com/tools/whois.ch?ip=83.33.238.29
which is part of the IP pool for a Spanish ISP

another blank mail i found in my junk mailbox was linked to IP 
86.144.24.216, which is part of the pool owned by british telecom 
broadband

a third, 151.198.133.136, linked to a verizon DSL client in New Jersey

given these results, i would guess that these are spawned by infected 
PCs and a means of pinging other infected computers. tho in my case 
all 3 messages were sent to my mac.com address. seeing as how each 
message came to the same mailbox. either my mac.com email address is 
listed in some kind of database, or mac.com isn't filtering these out 
at the server level.

i cant see any imfo encoded in the header that  would be useful to 
anyone or anything, tho i suppose there could be something in 
non-printing characters that i haven't discovered yet...

-b.


At 4:54 PM -0500 1/1/06, BiL Castine wrote:
>chuck,
>
>i have no answers to your questions, but i get tons of them too.
>
>-b.
>
>At 1:15 PM -0800 1/1/06, Chuck Coleman wrote:
>>Forgive me for being so far OT but I have asked this question to 
>>many others and no one seems to be able to give me a satisfactory 
>>answer.
>>
>>I have been getting emails lately and with ever increasing 
>>frequency that have no subject, body, date, attachments and no 
>>headers. I can't track these back to anyone as there is no data to 
>>track.
>>
>>Where do these come from and how do they get to me if there is no address?
>>
>>Being the paranoid type I am sure that there is some devious reason 
>>that I am getting these. I figure it is a way to check for good 
>>emails and that is all I can conclude.
>>
>>There are no web bugs attached so they can't use it to verify that 
>>it has been read.
>>
>>Chuck

More information about the XTensionlist mailing list