Dear user of Ntlworld.com,
Some of our clients complained about the spam (negative e-mail content) outgoing from your e-mail account. Probably, you have been infected by a proxy-relay trojan server. In order to keep your computer safe, follow the instructions.
For further details see the attach.
The Ntlworld.com team http://www.ntlworld.com
Needless to say "the attach" is a .pif file called morinfo, presumably a virus payload of some sort. That or Ntlworld technical support are TRULY stupid, because there is no way I'm opening an attachment of that sort.
Here's the full header, for anyone who's interested or wants to take a crack at tracing the source. I've replaced the usual HTML brackets with curly brackets in what follows and deleted my address:
Received: from dispatch ([188.8.131.52]) by mta03-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
Thu, 4 Mar 2004 15:54:43 +0000
Date: Thu, 04 Mar 2004 08:56:56 -0700
Subject: Warning about your e-mail account.
Content-Type: text/plain; charset="us-ascii"