Jump to content

Blankety-Blank email


rooster
 Share

Recommended Posts

For a couple of weeks I have been receiving emails to one of my accounts that has no Subject, no Sender, no Recipient, and a blank header. The only thing that appears is the date: 12/31/1969 4 p.m.

Could I have done something egregious to an electrical appliance on New Year's Eve in 1969 (don't bother to anwer that part) and it's trying to come back to haunt me? Or is there a rational explanation for this; d'ya think?

Link to comment
Share on other sites

Doesn't qualify as "email" - though it probably has a bcc address with your name on it - even so, supposed to contain a bit more than just 2 items. Have a word with your ISP. I did the the same with mine ages ago. Took no notice, acted all dumb - the "source" of mine actually had a "127.0.0.1" (whatever) routing of some sort as well. I used that to filter and redirect to my postmaster. It eventually stopped.

Link to comment
Share on other sites

even so, supposed to contain a bit more than just 2 items.

Darndest thing: it disappeared from my "Junk" folder just as I went back to take another look.

I'm not sure what you mean by "2 items". It only had the date and nothing more. I guess it was just one of those things. Too bad there was nothing I could actually copy.

It reminds me of a verse my dear old nana told me long ago:

"The other day upon the stair,

I met a man who wasn't there.

He wasn't there again today.

Oh dear I wish he'd go away."

Link to comment
Share on other sites

...I'm not sure what you mean by "2 items". It only had the date and nothing more. ...
Ah, yus zur, but then there's the blind carbon copy address item which you don't get because it's blind but it is there, before it gets delivered, making two - once. [returned after brief holiday] Point is, the server-side, which is the part that counts so far as any inspection before delivery, has two items - or your ISP (at least one server) was distributing them at random to deserving cases - or your ISP was distributing them to all hosted addresses. Since the latter 2 cases seem less probable, I go with the bcc addressing. Plus there must have been more in the source - a "Received by: localhost [127. ...]" was what I used to see. Theories abounded on the strength of (occasionally) reported instances by myself and others in these pages (ailing/compromised server was the most straight-forward one, personal paranoia permitted the possibility of my PC being assimilated by the 'Borg and/or Cybermen) but they came and they went regardless, like the rains. Finally they just went.

But now, for you, the whole thing has "evaporated"? Not on your PC space presumably - in webmail? The ailing server scenario might sort of fit. Wish my ISP provided a good fairy module too. Maybe he does, one would only know when it fell down on the job.

Link to comment
Share on other sites

Ah, yus zur, but then there's the blind carbon copy address item which you don't get because it's blind but it is there, before it gets delivered, making two - once. [returned after brief holiday] Point is, the server-side, which is the part that counts so far as any inspection before delivery, has two items - or your ISP (at least one server) was distributing them at random to deserving cases - or your ISP was distributing them to all hosted addresses. Since the latter 2 cases seem less probable, I go with the bcc addressing. Plus there must have been more in the source - a "Received by: localhost [127. ...]" was what I used to see. Theories abounded on the strength of (occasionally) reported instances by myself and others in these pages (ailing/compromised server was the most straight-forward one, personal paranoia permitted the possibility of my PC being assimilated by the 'Borg and/or Cybermen) but they came and they went regardless, like the rains. Finally they just went.

But now, for you, the whole thing has "evaporated"? Not on your PC space presumably - in webmail? The ailing server scenario might sort of fit. Wish my ISP provided a good fairy module too. Maybe he does, one would only know when it fell down on the job.

Bien sûr, mais there was nothing "Source wise" on my unit; either

Je pense que my ISP is diddling about. I had a cold war with them for 2 months trying to get them to set the Time Zone (DST Offset) correctly on the same server that hosts this email account.. and was not successful in convincing them it was wrong. Fortunately, we went back to PST on the weekend so it doesn't affect me anymore. Imagine how infuriating it was to be getting all emails to one account always stamped an hour ahead of the other accounts run on different servers but all with the same ISP! I even went to the extent to send them composit screen shots a few seconds after getting some of these that included my Windows "Date Time Properties" Settings display, the actual email header and my mail client inbox showing the skewed Time Stamp. Then I sent additional screen shots showing the same info for each of my other accounts showing them to be correct. Made no difference to them... they just kept saying my clock must be set wrong.

J'ai reçu a number of the bcc addressing quirks before, with blank Subject Line and Message Body, but they always has some Source + Header info to work with.

The spooky thing about this is that I remember vividly what I was doing at exactly that time; the time the phantom email was Date/Time Stamped. I don't think she would appreciate being remembered as an "appliance", though; ... "electrical" or otherwise.

Edited by rooster
Link to comment
Share on other sites

...The spooky thing about this is that I remember vividly what I was doing at exactly that time; the time the phantom email was Date/Time Stamped. I don't think she would appreciate being remembered as an "appliance", though; ... "electrical" or otherwise.
In the interests of scientific experimentation you should of course seek to replicate the effect. As a rule of thumb (something to do with probable errors) this should be a minimum of 32 times for the sake of statistical assurance - appreciate this could take some time. Check for hidden webcams if the phenomenon recurs.
Link to comment
Share on other sites

In the interests of scientific experimentation you should of course seek to replicate the effect. As a rule of thumb (something to do with probable errors) this should be a minimum of 32 times for the sake of statistical assurance - appreciate this could take some time. Check for hidden webcams if the phenomenon recurs.

" 32 times" ... Are you kidding? I'm still shaky doing Statistical Error caluculations!

I wouldn't mind replicating the effect though. Or do you mean about the email?

Edited by rooster
Link to comment
Share on other sites

...I wouldn't mind replicating the effect though. Or do you mean about the email?
I thought you were proposing a causal link?

You baulk at 32 times though - aha! Induction (what Conan Doyle incorrectly called deduction) triumphs once more. When you allowed you knew the precise time of activity (and duration uderstood) and moreover reported this to an astonished audience I was faced with deciding whether this was a rare event to require such memorialization or that we were perhaps observing an obsessive personality at work. Being an occasionally kindly person I went with the former which now seems vindicated.

Link to comment
Share on other sites

I thought you were proposing a causal link?

I assure you, "32 times" referred to your proposed sample size, not to anything associated with the "date" of the email.

As far as "this was a rare event to require such memorialization" ...well; if I know what's good for me, I had better remember it. December 31, 1969 (New Year's Eve), 4 p.m. was the very moment I proposed to my wife.

Like I said, "spooky".

But I think we be traipsing in the SC Social ng domain ... visitors to this site have enough reading to do;.. don't ya think?

Link to comment
Share on other sites

As far as "this was a rare event to require such memorialization" ...well; if I know what's good for me, I had better remember it. December 31, 1969 (New Year's Eve), 4 p.m. was the very moment I proposed to my wife.

Like I said, "spooky".

A random coincidence of date/time down to the second is so improbable as to be next to impossible. Something of the order of 1:1-2x109. And it happened repeatedly for weeks? I think "someone" was tipping you off that you had better start saving early for this year's anniversary present.
Link to comment
Share on other sites

... Even considering a 127.0.0.1 loop, I don't see where that date would come into the picture.
Nor do I - must be some way to identify the process that that is doing the deed if it is internal. Nice touch, with the screenshot including local lasses, their supposed orientation, triggers thoughts of all sorts of "fruitless conjecture"! :D
Link to comment
Share on other sites

Nice touch, with the screenshot including local lasses, their supposed orientation, triggers thoughts of all sorts of "fruitless conjecture"! :D

???? I have no idea what that means. Mayhap you have pop-ups enabled or something. Nothing resembling your remark shows up on my FFx Browser.

I got a couple more later in the day yesterday that did have Source Info. I copied them to my ISP and he replied they do not treat of anything to do with spam.

I go so wrapped up with my ISP dude I neglected to Report it to SC.

I'll lob you a screenshot of what I sent to him by PM so you can take a boo. If you find anything useful, I can mung it all and append it back here.

It's not like I was asking for the equation for "The Theory of Everything". All I wanted to know is; how did that Date/Time get to appear in my Inbox when I could find no reference to it in the email header? It has to get injected somehow by some agent.

If my ISP is somehow grabbing forged handoff info from the Open Proxy it got it from, and scrubbing it off the header without telling me; I want to know why.

Link to comment
Share on other sites

???? I have no idea what that means. Mayhap you have pop-ups enabled or something. Nothing resembling your remark shows up on my FFx Browser.
You are right again, now shows an animated thing on a totally different theme - thought the other stuff was part of the screen shot and a subtle Roosterly touch.
It's not like I was asking for the equation for "The Theory of Everything". All I wanted to know is; how did that Date/Time get to appear in my Inbox when I could find no reference to it in the email header? It has to get injected somehow by some agent.
I couldn't argue with your position on that.
Link to comment
Share on other sites

There seems to be an awful lot of 'arty' talk here about nothing very much that I personally am able to understand.

However I am also suffering from this phenomenon - specifically in that I have began to receive maybe a dozen or more times a day, emails that are in essence entirely blank. That is to say, they contain no from field, no to field, no headers - and bluntly put are the weirdest damn email messages (or non messages) I have ever seen.

Has anyone got any clues what (from a practical perpespective) might be causing these?

Link to comment
Share on other sites

Has anyone got any clues what (from a practical perpespective) might be causing these?

Posting IP addresses are different, but .... I re-read all the posts here and nowhere do I see the actual mention of the ISP involved. What are the odds you two folks are talking about the same ISP?

Link to comment
Share on other sites

Posting IP addresses are different, but .... I re-read all the posts here and nowhere do I see the actual mention of the ISP involved. What are the odds you two folks are talking about the same ISP?

I don't know. But the word "snowball's" comes to mind.

My dudes' shingle says DCCNET.

Link to comment
Share on other sites

Thanks for not providing FQDNs ...????

ns2.dccnet.com reports the following MX records:

Preference Host Name IP Address

10 mx.dccnet.com 24.207.1.250

Telnet 24.207.1.250 25

220 mx4.dccnet.com (DCCNet ESMTP Email Cluster)

ns1.easynet.co.uk reports the following MX records:

Preference Host Name IP Address

5 mail.ukonline.co.uk 212.135.6.8

Telnet 212.135.6.8 25

220 store10.mail.uk.easynet.net ESMTP Exim 4.32 Thu, 09 Nov 2006 10:25:45 +0000

OK, not the same ISP, assumedly not the same incoming software involved ..... two things (possibly) ruled out

Link to comment
Share on other sites

Thanks for not providing FQDNs ...????

Oops, sorry... But I am no networking expert - and no spam aficionado to boot, so to be honest I am not even certain what that is?

Anyway, just to be clear, I have ran all the usual virus, malware, spyware and other scans - and all have come up clean.

So the source doesn't appear to be local.

Link to comment
Share on other sites

This phenomenon of receiving completely blank emails preceeded a flurry of stock promo boiler plate, all bcc'd to me and addressed to other canonical names with the same ISP.

What I find striking is that these are about equally divided between 2 of my 3 accounts, (not the default account) both of which have user names that would be a bit of a stretch for a standard dictionary attack.

(Even as I write this, one just came in to my default account, so perhaps it's going to start there, too.)

They are all from "Open Relays" and so far I don't see a pattern to "senders" IPs; not unusual if the 'promoter(s) are tied in to a bot net.

http://www.spamcop.net/sc?id=z1130750868z0...1a2a0ffba71983z

http://www.spamcop.net/sc?id=z1130733825zf...5365c7a4970789z

It's way past my bed time; I'll take a deeper look at them later on tomorrow afternoon.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...