とりあえず、fromが、aol.comなので、超怪しいですし、GmailはSPAMに入れているので大丈夫なのですが、見てみました。
添付されているRTFファイルを、弊社の画像化してくれる防人というプロダクトを通して安全に画像化して中身を見てみる(ステマ)
メールのヘッダとかは以下
Delivered-To: ripjyr@gmail.com
Received: by 10.231.149.133 with SMTP id t5csp127876ibv;
Tue, 19 Feb 2013 00:05:27 -0800 (PST)
X-Received: by 10.236.144.33 with SMTP id m21mr26633068yhj.26.1361261127650;
Tue, 19 Feb 2013 00:05:27 -0800 (PST)
Return-Path: <fbiwatdccgov@aol.com>
Received: from nm33.bullet.mail.ne1.yahoo.com (nm33.bullet.mail.ne1.yahoo.com. [98.138.229.26])
by mx.google.com with ESMTPS id x69si25140680yhd.133.2013.02.19.00.05.26
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Tue, 19 Feb 2013 00:05:27 -0800 (PST)
Received-SPF: neutral (google.com: 98.138.229.26 is neither permitted nor denied by domain of fbiwatdccgov@aol.com) client-ip=98.138.229.26;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 98.138.229.26 is neither permitted nor denied by domain of fbiwatdccgov@aol.com) smtp.mail=fbiwatdccgov@aol.com
Received: from [98.138.226.180] by nm33.bullet.mail.ne1.yahoo.com with NNFMP; 19 Feb 2013 08:05:25 -0000
Received: from [98.138.84.37] by tm15.bullet.mail.ne1.yahoo.com with NNFMP; 19 Feb 2013 08:05:25 -0000
Received: from [127.0.0.1] by smtp105.mail.ne1.yahoo.com with NNFMP; 19 Feb 2013 08:05:25 -0000
X-Yahoo-Newman-Id: 619779.70961.bm@smtp105.mail.ne1.yahoo.com
Message-ID: <619779.70961.bm@smtp105.mail.ne1.yahoo.com>
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: l2adi5wVM1k3tV8VchDknh5NoCST.LvE6ixXvVgUulIrjgX
ml5yaNGzVQeUR02pQxly7pU8s2Qup8js3rh7.bNrcbeJtbQfu7yCGZbxOL7c
qBKUDF3zsuokybCTy5MD0kXNtFwlyAIkbDdww0jm4u66FPCoTtcjJ9Mb5oXe
6VrSMbn5KjYLpt5iBU.cTmUnqxG0hNIsnNN6LBKVQu2gFYGuFf5gn2uCXRdr
oDJYBAZSON8EnsK37xN4u5TUotAfKGzpZzrpFj_LBIV2J6rdGJtLGSSbkNau
haaP_VedPl9K9jl1p3SxLKEzoBY0VtLuen5_PzYO2dmNx0I98m80CXVi0qMp
uP1ffigdWMqUwYyEPENmQtHJr1omW3pwMM31gnJEVLGEPUHPkQD1pTjYsUv_
VbQJ7Y.a_TVRuRMmlAYW_iHsPY.NAfHQpBUwE_C2paYc8hH4d3fPWh03xD9g
fP2B9max5IuT6l_GHorSpQtyOPHrwc3f8RPBCjWxGHg--
X-Yahoo-SMTP: YgOF3fSswBADAH9mKRdHcY_kbRhwd5JpsQl39Cc-
Received: from User (fbiwatdccgov@72.8.156.1 with login)
by smtp105.mail.ne1.yahoo.com with SMTP; 19 Feb 2013 00:05:25 -0800 PST
Reply-To: <infounit991@e-mail.ua>
From: "FBI Investigation Unit"<fbiwatdccgov@aol.com>
Subject: FBI Official Notice, View Attachment To Read Notice For More Details.
Date: Tue, 19 Feb 2013 09:05:17 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_00DC_01C2A9A6.4AD16B86"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
This is a multi-part message in MIME format.
------=_NextPart_000_00DC_01C2A9A6.4AD16B86
Content-Type: text/plain;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
------=_NextPart_000_00DC_01C2A9A6.4AD16B86
Content-Type: application/octet-stream;
name="FBI Official Alert.rtf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="FBI Official Alert.rtf"
e1xydGYxXGFkZWZsYW5nMTAyNVxhbnNpXGFuc2ljcGcxMjUyXHVjMVxhZGVm
ZjMxNTA3XGRlZmYwXHN0c2hmZGJjaDMxNTA1XHN0c2hmbG9jaDMxNTA2XHN0
c2hmaGljaDMxNTA2XHN0c2hmYmkwXGRlZmxhbmcxMDMzXGRlZmxhbmdmZTEw
MzNcdGhlbWVsYW5nMTAzM1x0aGVtZWxhbmdmZTBcdGhlbWVsYW5nY3Mwe1xm
b250dGJse1xmMFxmYmlkaSBcZnJvbWFuXGZjaGFyc2V0MFxmcHJxMntcKlxw
YW5vc2UgMDIwMjA2MDMwNTA0MDUwMjAzMDR9VGltZXMgTmV3IFJvbWFuO317
XGYzNFxmYmlkaSBcZnJvbWFuXGZjaGFyc2V0MFxmcHJxMntcKlxwYW5vc2Ug
<SNIP>
MDAwMDAwMDAwMDAwZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmMDAwMDAwMDAw
MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwDQowMDAw
MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MTA1MDAwMDAwMDAwMDAwfX0=
------=_NextPart_000_00DC_01C2A9A6.4AD16B86--
