Friday, March 20, 2015

Alert: Email with no sender, no subject, no body, that is it appears completely empty.

I heard today on the internet people receiving emails that were completely empty. I'm pleased to say I just received one so I've been able to review the email. However I'm sure the pleasure is going to come with some pain down the track.

In your email client (web mail, Mac mail client, Outlook in my case) the email appears to be completely empty. So relax, it's not your mail client. The following is all the email consists of. This is known as the email headers.

Return-path: <dqpjo(at)bluebellgroup.com>
Envelope-to: sales at onlineconnections.com.au
Delivery-date: Fri, 20 Mar 2015 03:48:53 -0500
Received: from [117.253.172.255] (port=39084 helo=static.203.138.40.188.clients.your-server.de)
 by with smtp (Exim 4.82)
 (envelope-from <jdqpjo(at)bluebellgroup.com<>)
 id 1YYsbr-00012D-0I
 for sales at onlineconnections.com.au; Fri, 20 Mar 2015 03:48:53 -0500
Message-ID: <5 p="">
NOTE: The @ symbol has been changed to (at) to avoid live links. After the 5 are three more characters [10.

Whilst you may jump to conclusions with regards to the mail server (.de being Germany) and the .com domain, these are fake. The only real piece of useful information is the IP address 117.253.172.255 which lets us know this email came from the ISP BSNL in India.

That's really all that can be determined. There's no hidden text or graphics in the email body as I've seen a person mention. The email contains no body content.

So why would anyone send such messages. I don't really know. I saw someone suggest it is to verify email addresses are valid so the sender can ensure they're providing a database of current email addresses. This is possible but it's not really necessary to actually send emails to check an email address, or at least it wasn't when I checked a few years ago. Perhaps things have changed.

If I were to guess I'd suspect this is a malformed email. I've seen malformed scam/spam emails in the past, but not one that had this effect.

The bottom line is this particular email should simply be deleted. You can't stop people from sending emails to you, or determining if your email address is valid and live. You could of course use some form of spam tool/filter on your end, but this email is little more than a quick delete and move on.

The pain down the track. Perhaps more spam, but I'm used to that, so nothing we aren't already handling.

Kelvin Eldridge
www.OnlineConnections.com.au
Call 0415 910 703 for IT support.

UPDATE

I stand corrected. There is a body to the email which is the following.

MIME-Version: 1.0 Content-Type: text/plain;
     charset="iso-8859-1"
Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 15.0 Thread-Index: AdBi6rFJIDn4g2UCRtyJPvWUk7P/kQ== X-OlkEid: 00000000B90EFA456EEF1F48A930E7FFCC2C3F840700C3B68E10F77511CEB4CD00AA00BBB6E600000000000B00001298AEAE1536E54C8B9551F5D9A1369E0000000019E200004DB0B20D60D74D4CAED04885369C5C8B
         

I've not seen this before but this is more concerning. It looks like an SMS message contained in an email. I'm not able to determine what this may do. Definitely delete this email without pressing on anything else.

Checking the internet this sounds like a truncated message. It may be the anti-virus software used by the mail provider is doing this. I don't know what if anything they use.

I suppose for the moment this one will have to remain a mystery. Again the safest thing to do is to delete the email.

No comments:

Post a Comment