I'm probably not alone in receiving a shedload of spam with the subject "hello" and the only content of "how are you?" A quick look at my spam filters shows hundreds of these with a small number getting through, presumably because filters are having a hard time blocking on this little data.
It's hard to be sure exactly what it is, but it reminds me the the mystery "podmena traffica test" spam from last year that appeared to be a widescale enumeration of mail systems that allowed spoofing, and those that blocked it. So, this could well be something similar.. an enumeration attempt to see which mailboxes DON'T reject a tiny, simple message like this, and then to use that data in the future to target those mailboxes.
"OK", you may be asking.. "why would you do that if you have the almost unlimited computing power of a botnet at your hands? Why would you need to be selective in your spamming when it does cost you anything?"
One good reason to attack only valid mailboxes with spam and not go for a scattergun "directory harvesting" attack is that mail spam filters specifically look for directory harvesting attacks and then block them and use the data to identify the characteristics of the spam attack. By acting more stealthily, it might be possible to avoid detection for longer and get a higher deliverability rate for spam.
Well, that's a theory anyway.. the best that I can come up with. Any ideas?
Added: here's another idea - the spammer could be looking for vulnerable mail servers to exploit later, this is a data collection phase to be followed by something evil. Or it could just be a weird prank, of couse.