Deleting 6292 spam emails has a surprisingly calming effect over me. Maybe I’m just in a mood. I deliberately let these spam emails accumulate on the off chance that someone sends me an email and misspells the first half of my email address. Misspelled emails would go to the catch-all, which is where all this spam goes. I monitor these in the old Alpine text-only email to avoid setting off alerts to the spammers by loading single-pixel gifs or other media content hidden in the mails.

6292 Spams

For gits and shiggles I asked ChatGPT to explain the subject line of the last email. Here is what I learned:

As a spam email subject line, this text is doing something very specific and very common.

开住宿 √ 餐饮曝

What it’s trying to do (not what it literally says)

This is deliberately malformed, mixed-signal Chinese used to:

  1. Evade spam filters

    • Mixing symbols (√), uncommon characters (), and truncated phrases

    • Avoiding full grammatical sentences

    • Using industry keywords without context

  2. Signal certain scam categories
    The keywords are chosen because they correlate with:

    • 住宿 (lodging / hotels)

    • 餐饮 (food & beverage / restaurants)
      These are commonly used in:

    • fake business opportunity scams

    • fake supplier / wholesale offers

    • fake licensing or “exposure / promotion” services

    • phishing aimed at small business owners

  3. Create curiosity without clarity
    The subject line is intentionally ambiguous so recipients open the message to “figure it out.”

Why the wording is odd

  • by itself is abnormal in subject lines; it’s shorthand for 曝光 (“exposure,” “visibility,” “promotion”).

  • 开住宿 is incomplete; it implies “open lodging” or “activate accommodation status”, which only makes sense in:

    • admin panels

    • regulatory notices

    • scam messages pretending to be official platforms

Practical takeaway

This subject line strongly indicates:

  • Automated spam

  • Not written for native readability

  • Designed to bypass filters, not communicate

 

You can safely treat this as low-effort Chinese commercial spam and ignore or filter it.

I next fed ChatGPT the complete HTML content of the email, without the headers. The headers contained email addresses of deceased friends who used to have POP3 email accounts @sorabji.com. This may be of interest only to me but here is the content of the email followed by ChatGPT’s assessment:

<HTML><HEAD>
<META content=”text/html; charset=gbk” http-equiv=Content-Type>
<META name=GENERATOR content=”MSHTML 11.00.9600.21615″></HEAD>
<BODY>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>13一06七15五18</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>&nbsp;</P>
<P>328540</P>
<P>&nbsp;</P></BODY></HTML>

This is a classic spam / probe message, and its structure is actually more informative than its content.

What this email actually is

It is not meant to be read by a human.

It is almost certainly one (or more) of the following:

  1. A mailbox-validation probe

  2. A spam-filter evasion test

  3. A dead-drop / signaling email

  4. A failed or intentionally stripped payload

Key indicators and what they mean

1. charset=gbk

  • GBK is a Mainland China character encoding.

  • This aligns with the Chinese subject line you showed earlier.

  • Often used in bulk-mail tooling still running on very old Windows systems.

2. MSHTML 11.00.9600.21615

  • This is Internet Explorer 11’s rendering engine.

  • Strong signal of:

    • very old automation

    • commodity spam kits

    • or malware-adjacent tooling

  • Legitimate senders do not generate email this way anymore.

3. Almost entirely &nbsp;

  • This is deliberate.

  • Purpose:

    • Make the email technically “non-empty”

    • Avoid triggering “blank email” heuristics

    • Push real content far down where scanners may not parse

4. The strange mixed-number line

13一06七15五18

This is intentional obfuscation.

Breakdown:

  • Arabic numerals: 13 06 15 18

  • Chinese numerals mixed in:

    • 一 = 1

    • 七 = 7

    • 五 = 5

This pattern is commonly used to:

  • defeat regex-based spam rules

  • encode a campaign ID, routing code, or sender fingerprint

  • act as a marker for automated replies or later follow-ups

It is not meant to decode to a sentence.

5. The trailing number

328540

This is very likely:

  • a batch ID

  • a recipient hash fragment

  • or a delivery confirmation token

These are commonly used so the spammer can later:

  • correlate bounces

  • identify “live” inboxes

  • target follow-up phishing or scams

Why the email has no message

This is the key point.

What it means in practice

  • Your address was being tested, not marketed to

  • The sender wanted to know:

    • Does this mailbox exist?

    • Does it accept HTML?

    • Does it auto-load content?

    • Does it bounce?

If you open it:

  • That alone can mark your address as “engaged”

  • Especially if images or tracking pixels were present (even if you don’t see them)

Relationship to the subject line

The earlier subject line:

开住宿 √ 餐饮曝

paired with this body strongly suggests:

  • Phase 1: probe with nonsense content

  • Phase 2: later send a real scam only to responsive addresses

This is very common in Chinese commercial spam pipelines.

Bottom line (plain English)

  • This email contains no hidden message

  • It is not encrypted

  • It is not a puzzle

  • It is a technical probe

You did the right thing by inspecting it instead of replying.

Here is what a typical screen from this spam-scrubbing pursuit looked like.

spamspamspam