I'm receiving exactly the same spam, my Gmail login isn't mentioned in the TO: field either, although this field contains login slightly similar to mine. I deleted this spam forever so I can not paste it here.

I have been getting the same thing, my email address starts with manic followed by few numbers, the two messages in my spam folder now are to manibustan and manibulls.

One of mine was the same software email but from an msn address and from a Southwestern Bell dsl host. The other one I got is quite a bit different, its about a rolex, and has links to emadnij.info. Here is a paste of the headers

<div class="footnote">X-Gmail-Received: b958a6ed84979deb27884a5b9868d97e3de6a305
Delivered-To: manic12345gmail.com
Received: by 10.38.179.1 with SMTP id b1cs20001rnf;
   Fri, 3 Dec 2004 03:16:14 -0800 (PST)
Received: by 10.11.117.59 with SMTP id p59mr10539cwc;
   Fri, 03 Dec 2004 03:16:00 -0800 (PST)
Return-Path: <awlprtyahoo.com>
Received: from EXCHANGE ([211.146.116.198])
   by mx.gmail.com with SMTP id p77si1516439cwc;
   Fri, 03 Dec 2004 03:16:00 -0800 (PST)
Received-SPF: neutral (gmail.com: 211.146.116.198 is neither permitted nor denied by domain of awlprtyahoo.com)
Received: (qmail 026382 invoked by uid 0876); Fri, 03 Dec 2004 06:12:54 -0500
Distribution: World
Content-Description: torrance cromwellian diaphanous injure belong expertise
Newsgroups: definition deepen dualism electrolyte drought quantum thrifty cranelike ipecac tail conclusive co
Message-ID: <DWNYDWEQPISGCSTERIKH127.0.0.1>
From: "Amanda Felix" <awlprtyahoo.com>
To: manibustangmail.com
Subject: Manibustan Ever wanted a rolex watch?
Date: Fri, 03 Dec 2004 07:15:54 -0400
MIME-Version: 1.0 (sonneteddie elude doria.6)
Content-Type: multipart/alternative;
boundary="--368818036716893027"

----368818036716893027
Content-Type: text/html;
charset="iso-3298-3"
Content-Transfer-Encoding: quoted-printable</div>

Yep same here- lets say the word is 'computer' (it's not) the ones that are getting through are:

compontobrgmail.com
componetgmail.com
componsysgmail.com
componitorgmail.com

I'm not sure what's going on here, but I think it sucks.

My guess is that someone is looking for valid email accounts on the gmail domain.

I got messages like that from previous ISP's alot. I'm sure AOL get's hit with a bunch of them as well.

So long as they don't message back to someone watching that the message was viewed, they are just an annoyance.

Probably someone phishing for credit card numbers by "selling" these things during the holiday season.

I assume these messages are sent To: one user and BCC:ed to many others, including your friend. I assume they combine usernames they've found from other domains with @gmail.com.

May be it gmails spell correction/prediction at work!

The To-Field is completely irrelevant for mail delivery. You are received mail "To: somelistlists.example.com" to your mail account as well, as soon as you subscribe to that mailing list.

Mail is being delivered to the people in the "RCPT TO" command line in the smtp dialog. Some mailers put this information into the header in Received: headers. They will have a "for"-phrase in this case.

Received: from ip (HELO helotext)
   by receiving-system
   for username-from-rcpt-to
   ...

But since the format of Received-lines is not strictly standardized, the for phrase is optional and not found everywhere.

Kristian
http://blog.koehntopp.de

Thanks Kristian. That and another remark would explain it. I guess it's some sort of extended dictionary spam attack against Google, and all those with names found in a dictionary (e.g. "lovesickgmail.com" or "futuremangmail.com") would be receiving it. I also think I understand better now why Gmail didn't allow people to use very short nick names, or just their first name (at least I couldn't use just my first name).

I got the same problem in gmail
i try to send email to the fake adress :
Nothing

If it doesnot work form me could it be a anti – pam hack

google detect spam , does not include the mail into the
storage .

How make an new list :
Change the name!!

I think its a feature not a bug!!!

Thanks

http://www.songeur.com

I got a weird e-mail that didn't appear to be spam. My e-mail address (for example) is firstlastgmail.com. A, as far as I can tell, legitimate (non-spam e-mail) addressed to first.lastgmail.com got sent to me, including a .jpg attachment. I replied back to the sender to explain that I got the e-mail, and if the e-mail he sent was important (which is sort of looked like it was), he should probably send it again. I got a very confused reply back.

Yes, first.lastgmail.com is a possible official alternative spelling if you signed up for firslastgmail.com. For example you can email me at:

philipp.lenssengmail.com
philipplenssengmail.com
ph.ilipp.lenssengmail.com
philipp.lenssen+publicgmail.com
ph.ilipp.lenssen+publicgmail.com

(And I thought p.lenssengmail.com and philipp.lgmail.com would also work, though I couldn't verify this just now.)

No, p.lenssen[at]gmail.com and philipp.l[at]gmail.com won't work. You can use dot spacing wherever you want in your name and and the plus feature but you have to provide your complete username.

As someone said above these messages are carbon copied to a lot of addresses, that's why they appear to have been sent to another account.

http://rsc112.blogspot.com

I've started getting the same exact thing just recently. I've NEVER given out my gmail address either, I've used Sneakemail instead on *EVERYTHING*. I know that my gmail address was never leaked from a spyware program running on my PC either.

They're sent to different people with an address similar to mine. The first spam I received was sent to Mystikwormgmail.com then others that followed were sent to Mystikwolf1, Mystikwnd, Mystikworm, Mystikwoo, Mystikwon, Mystikraze, etc. In total I've received 20 of these so far, 2 were addressed to me. It's taking "Mystik" and adding whatever to the end of it.

I've been so careful to never give out gmail my address to anyone, whoever is sending out this spam has some bot guessing different addresses and sending out spam. Everything they've sent so far goes directly to my spam folder but it's the first time I've ever received a spam email since I started using Gmail.

If anyone has more information on this or knows if there's a way to stop it email me at p4u281z02sneakemail.com

So far I've seen 3 different messages from the same spammer. The one I received the most was the software email, then I started getting emails about Rolex watches and about Vicodin. This is what my spam folder looks like. I've blurred the two that were addressed to me in order to keep my Gmail address private.

» http://img43.exs.cx/img43/8923/q5vgspam.gif

Good to know that I'm not the only one receiving this kind of spam. I too was very careful in not allowing my full gmail address (without any +aliases) "into the wild." Also, it appears to be the exact same kind of spam. It has either been for drugs (like Vicodon) or for cheap software. We should all sign up for an account on spamcop.net to alert the administrator of the ISP that the spammers are using.

Scott
http://www.illiteratewithdrawal.com

I just signed up with SpamCop.net, I gave them my real Gmail address. First time I give anyone, other than Sneakemail, my real address. I've reported this spammer, everyone else should too.

I'm getting the same thing, and I haven't given away my e-mail adress to anyone. I think it's a gmail thing...
All messages are from *some random word*.ajicccln.info
I've been getting this on my Yahoo account too...

Hello folks. Since December 4, I am receiving SPAM from the infamous "TOP quality software: Special Offer #1" and "Who can resist a 24kt. white gold Rolex watch", like Mystik. I did not post my e-mail address in any public site or anything like that. My username is 6 characters long, how long are your usernames? Like Philipp said before, I think that this is a brute force SPAM against Gmail.

BTW, Philipp, the new look of Google Blogoscoped is awesome! Congrats!

Yannick Mückenhirn ® http://noticiasinteresantes.blogspot.com

Thanks Yannick!

Hi Yannick,
I receive exactly same spam mail as yours twice a day. My username is 8 characters long :|

protesto, when you began receiving SPAM?

Yannick Mückenhirn ® http://noticiasinteresantes.blogspot.com

Is possible to run filters in the Spam folder?

Yannick Mückenhirn ® noticiasinteresantes.blogspot.com

What you're describing is alphabet spam. Software starts by sending a message to agmail.com, and ploughs through millions of combinations to (theoretically) zzzzzzzzzzgmail.com. Those addresses which bounce don't exist, and are deleted from the database; those which don't bounce get targeted again. The speed and scale of the process makes it worthwhile to the spammers, and saves them the need to know any addresses in advance.

Of course, it saves even more time and 'server energy' if the software churns out potential addresses and tests (i.e. uses) them in batches. This explains why the recipient sees several other, similar addresses alongside his/her own in the 'To:' or 'Cc:' fields.

NRT, that is exactly what is happening.

Yannick Mückenhirn ® noticiasinteresantes.blogspot.com

NRT;
and where exactly would these emails get bounced back to?

The "from" address is faked.

Is possible to run filters in the spam folder like Yannick said?

If we can find the real IP address of the email address we can report it.

http://www.njabl.org/remove.html check this out. Remove the spamer Ip address , and kill him.

These spam messages are coming from China, found from the site above.
Gmail should just block these Spam emails on the outside from reaching the SPAm box. They should be Physhing emails.