I got this in my inbox today, I believe it to be real, however I'll post the headers below. The reason I think it may be real is that there is some person out there named Carol Pollock who for some reason and some how is using the email address of [EMAIL PROTECTED] How, I haven't the faintest clue. Here are the headers:
X-Spam-Virus: No X-Spam-Seen: Tokens 204 X-Spam-New: Tokens 293 X-Spam-Remote: Host localhost.localdomain X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on cpollock.localdomain X-Spam-Hammy: Tokens 56 X-Spam-Status: No, score=-105.3 required=5.0 tests=BAYES_00,HTML_MESSAGE, SPF_FAIL,SPF_HELO_PASS,USER_IN_WHITELIST autolearn=disabled version=3.1.7 X-Spam-Spammy: Tokens 5 X-Spam-Pyzor: Reported 0 times. X-Spam-Token: Summary Tokens: new, 89; hammy, 56; neutral, 143; spammy, 5. X-Spam-DCC: CollegeOfNewCaledonia cpollock 1189; Body=1 Fuz1=1 Fuz2=1 X-Spam-Untrusted: Relays [ ip=216.35.62.79 rdns=arm79.bigfootinteractive.com helo=bigfootinteractive.com by=mx-bracke.atl.sa.earthlink.net ident= envfrom= intl=0 id=1gQWIB30u3Nl34i6 auth= ] X-Spam-Level: X-Spam-RBL: Results <dns:email.capitalone.com?type=MX> [20 arm.bigfootinteractive.com.] <dns:email.capitalone.com> [206.132.3.45] Status: U Return-Path: <[EMAIL PROTECTED]> Received: from pop.earthlink.net [209.86.93.201] by localhost with POP3 (fetchmail-6.2.5) for [EMAIL PROTECTED] (single-drop); Sun, 03 Dec 2006 13:11:30 -0600 (CST) Received: from bigfootinteractive.com ([216.35.62.79]) by mx-bracke.atl.sa.earthlink.net (EarthLink SMTP Server) with SMTP id 1gQWIB30u3Nl34i6 for <[EMAIL PROTECTED]>; Sun, 3 Dec 2006 14:09:41 -0500 (EST) Reply-To: Capital One <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> X-BFI: TBTH0562119F1CA6AC909D05A5EBC0 Date: Sun, 03 Dec 2006 14:09:41 EST From: Capital One <[EMAIL PROTECTED]> Subject: Welcome to Capital One No Hassle Rewards To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="ABCD-TBTH0562119F1CA6AC909D05A5EBC0-EFGH" X-ELNK-Info: sbv=0; sbrc=.0; sbf=00; sbw=000; X-SenderIP: 216.35.62.79 X-ASN: ASN-3561 X-CIDR: 216.32.0.0/14 X-UID: 24237 X-Length: 11032 [EMAIL PROTECTED] chris]$ nslookup 216.35.62.79 Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: 79.62.35.216.in-addr.arpa canonical name = 79.0/25.62.35.216.in-addr.arpa. 79.0/25.62.35.216.in-addr.arpa name = arm79.bigfootinteractive.com. I could of course throw this into my spam folder and report it with the rest or I could just delete it, however I'm curious as to whether its an actual message from them or not. It has a valid certificate issued by VeriSign OU = www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign OU = VeriSign International Server CA - Class 3 OU = VeriSign, Inc. O = VeriSign Trust Network 02/12/2006 18:00:00 (02/13/2006 00:00:00 GMT) 02/13/2007 17:59:59 (02/13/2007 23:59:59 GMT) I'm going to assume that its a vaild message and that she's again using my email address and that I'm getting some of her mail. This happened with Circuit City last month and I 'tried' talking to them about this but since their support apparently has been outsourced I got nowhere, the same as when I tried to talk to Earthlink about it. -- Chris
pgpZyj3tcyIjB.pgp
Description: PGP signature
