X-PHP-Script: gtucampus.com/uploads/resume/kam.php for 18.104.22.168
which tells me this scammer used a PHP script called kam.php uploaded to a website that is an ecollege called Gujarat Technical University. Source of the email is Malaysia. If you google kam.php, you will see other computers that have had this php file uploaded to, so all this tells you is the scammer is using hijacked computers to send their email out (which is typical).
Here is the full email:
From: Mr Eric Acis [email@example.com]
I am interested in placing an order and i would like to know the following.
-If you accept credit card and
-If you ship internationally
I certainly appreciate a prompt reply from you.
Didn't even sign his name. Short and simple until he gets a reply and then the Looong Story will come out he either works or lives in one place and is moving (lately it is to Australia) and he has a third party shipper handling his move and he'll send a check or pay by credit card immediately, please send him your website and list of products so he can choose (which doesn't even make sense, but this is their templated formula of the scam usually).