Jump to content

What the hell is that ?


PierJes

Recommended Posts

Posted
De :  john[at]spamcop.net

To: Pierjes <pierjes[at]spamcop.net>

Envoyer :  21 mars 2004 12:30:01

Cc :  recipient list not shown:

 

Received: from c60.cesmail.net ([216.154.195.49]) by mc1-f39.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Sun, 21 Mar 2004 09:30:02 -0800

Received: from unknown (HELO blade4.cesmail.net) (192.168.1.214) by c60.cesmail.net with SMTP; 21 Mar 2004 12:30:01 -0500

Received: (qmail 31058 invoked by uid 1010); 21 Mar 2004 17:30:01 -0000

Received: (qmail 30999 invoked from network); 21 Mar 2004 17:30:00 -0000

Received: from unknown (192.168.1.213) by blade4.cesmail.net with QMQP; 21 Mar 2004 17:30:00 -0000

Received: from cable-212.76.233.111.coditel.net (HELO localhost) (212.76.233.111) by blade3.cesmail.net with SMTP; 21 Mar 2004 17:29:56 -0000

X-Message-Info: JGTYoYF78jEjCajuLPxFf+DIwvSTPGpJ

Message-ID: <20040321173001.31057.qmail[at]blade4.cesmail.net>

Delivered-To: spamcop-net-pierjes[at]spamcop.net

X-Mail-Format-Warning: Bad RFC2822 header formatting in ------------CB7EDDDC00162C3 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit

X-spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on blade4

X-spam-Level: ***

X-spam-Status: hits=3.7 tests=DATE_MISSING,LARGE_HEX,UPPERCASE_50_75 version=2.63

X-SpamCop-Checked: 192.168.1.213 212.76.233.111

Return-Path: john[at]spamcop.net

X-OriginalArrivalTime: 21 Mar 2004 17:30:02.0394 (UTC) FILETIME=[245867A0:01C40F6A]

Will meet tonight as we agreed, because on Wednesday I don't think I'll

make it,

so don't be late. And yes, by the way here is the file you asked for.

It's all written there. See you.

oofofsof

I keep getting those messages.

It's obvious it's a virus but it seems to come "genuinely" from the spamcop system.

I can't track the origin of the mail as there are no complete headers on this e-mail.

Am I missing something here ? :unsure:

Posted

I can't figure out what you used to copy / paste this in, but yes, there are problems with what you posted. Quick glance says that the source was 212.76.233.111 ... and the first problem is parsing would prbably have started with the blank line up at the top of the alleged headers. if this is what you actually tried to parse.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...