I have been getting these longer then what you are indicating. I have a program called mailwasher, I have the free version. I see it coming into the mailwasher and just delete it off the server. I can't bounce it because it has no return address anywhere for it to return to!

I also have avg, but I was getting these before avg, so I don't think they are related to that program.

Not sure if I have helped in any way, but just letting you know I do get them as well.

Just another spammer-in-training trying to figure out their software.

>>Just another spammer-in-training trying to figure out their software.

yes indeed,

i also particularily like the ones that come in with a title:
%TITLE_HERE
and in the body of the message
%INSERT_NAME

or some such.

If it's a spammer in training, how is it that it gets to me at all when it doesn't even have a "To" line? A message at least needs that much to go anywhere, or so you'd think, but these don't even have that much.

With standard SMTP and POP3, the TO header contents don't have anything to do with who actually gets the email.

There are a lot of hand-shaking messages exchanged, but in a nutshell:

- The sending SMTP server connects to the receiving/routing SMTP server
- The sender tells the receiving server that it has a message for "username@domain.com"
- The receiver checks to see if it should accept the email. If it decides not to accept it, then it ends the connection. Otherwise...
- The receiver says "Ok, send the message"
- The sender sends the email message, including the TO, FROM, and other headers.
- The receiver puts the email in the inbox of the person that the sender said the message was for. It never even looks at the message headers. (exception is that it would normally add a "Received" header to the top of the header section to note where and when the message came from)

Of course, that is with standard SMTP. Anti-virus scanning and spam prevention is then retro-fitted into that flow.

As for the TO header not matching the actual recipient, keep in mind that many legitimate emails are sent to an email list. Only the name of the email list shows in the TO header. For this reason, it is next to impossible to verify the TO header against the actual recipient.

Maybe I'm not saying what I mean - either that or misunderstanding the concepts involved. There simply is no TO header at all. Viewing the message, the "To" line is blank. Entirely. Not even a single space. Looking at the message headers shows only what I quoted before. I can't tell that the message is to anyone, period. Surely spamming hasn't become that advanced - or has it?

Maybe I'm not saying what I mean - either that or misunderstanding the concepts involved. There simply is no TO header at all. Viewing the message, the "To" line is blank. Entirely. Not even a single space. Looking at the message headers shows only what I quoted before. I can't tell that the message is to anyone, period. Surely spamming hasn't become that advanced - or has it?

Right. You are looking at the message that is sent AFTER the sender told your email server that this message was for you. Your email server never looks at the message, which in this case is completely blank, and simply puts it into your inbox. The receiving server does not inspect the email to determine where it goes. It relies on the sending server to tell it where it is supposed to go.

Exactly what transpired to generate a specific blank message is anyone's guess. My guess is that most of them are the result of a spammer verifying their email list, or a spammer that doesn't know what they are doing.

Just to elaborate on the SMTP portion a little more:
An SMTP server uses an envelope and message system. The TO, FROM, DATE, etc. headers are in the message. The envelope is never seen by the recipient. The envelope indicates the email address(es) of the ultimate recipients. Depending upon the server's implementation, an email sent to multiple users might result in an envelope for every recipient, or it may result in an envelope for each domain, or it may result in only one envelope. The envelope might be written out as a physical file, or it could simply reside in the server's memory.

When the server wants to send a message to another server, it will look at the envelope information and connect to the indicated email server. If, following the steps I listed before, the receiver agrees to receive the message, the sender sends the message. The message might be complete jibberish. Or empty. The receiving server might inspect the message to check for correct structure. Or it may not.

The point is, the envelope information is used for actually routing the message and for the handshaking that goes on. The message is what gets put into your inbox.

The spammers software is going through the handshaking motions, but it is not sending a valid message. Unless you can look at the SMTP log file, all you have to go on is what is in the message. In your case there is nothing in the message.

Okay, got it. Thanks for the clarification on this. It's pretty annoying to get messages that are entirely empty, but then I guess I'd rather deal with that than some of the "other" stuff that comes in! ;)

I was getting these for a long time too, but lately it has increased to about one per 2-3 days. The total amount of spam is around the same.

I think spammers are up to something. Maybe it's some kind of trick to dilute the the real spam. Or to throw off the spam filtering systems...

Ive been receiving these for a while, at least I now know what they are.