Soeben bei mir aufgeschlagen, zum wiederholten Mal der selbe Inhalt.

header:
01: Return-Path: <root [at] s001.puredns.nl>
02: X-Flags: 1000
03: Delivered-To: GMX delivery to poor [at] spamvictim.tld <---- SpamRam ---->
04: Received: (qmail invoked by alias); 12 Sep 2005 xx:xx:xx -0000
05: Received: from unknown (EHLO s001.puredns.nl) [213.201.235.51]
06: by mx0.gmx.net (mx054) with SMTP; 12 Sep 2005 xx:xx:xx +0200
07: Received: from root by s001.puredns.nl with local (Exim 4.44)
08: ID: [ID filtered]
09: for poor [at] spamvictim.tld; Mon, 12 Sep 2005 xx:xx:xx +0200
10: From: service [at] paypal.com
11: Reply-To: service [at] paypal.com
12: MIME-Version: 1.0 Content-Type: text/html\r\n
13: Content-Type: text/html Content-Transfer-Encoding: 8bit\r\n
14: Subject: PayPal Account Suspension Notice - PayPal Account Limited
15: Message-ID: [ID filtered]
16: Date: Mon, 12 Sep 2005 xx:xx:xx +0200
17: X-AntiAbuse: This header was added to track abuse, please include it with any abuse
18: report
19: X-AntiAbuse: Primary Hostname - s001.puredns.nl
20: X-AntiAbuse: Original Domain - gmx.net
21: X-AntiAbuse: Originator/Caller UID/GID: [UID filtered]
22: X-AntiAbuse: Sender Address Domain - s001.puredns.nl
23: To: poor [at] spamvictim.tld <---- SpamRam ---->
24: X-GMX-Antivirus: -1 (not scanned, may not use virus scanner)
25: X-GMX-Antispam: 0 (Mail was not recognized as spam)
26: X-GMX-UID: [UID filtered]
Zeile 17 oben finde ich besonders interessant!

<html>
<head>
<STYLE type=text/css>
#message .dummy {}
#message, #message TD {font-family: verdana,arial,helvetica,sans-serif;font-size: 12px;color: #000000;}
#message LI {line-height: 120%;}
.
.
.
#message .pp_smaller {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;color: #000000;}
</STYLE>

<title>PayPal - Account Access Limited</title>
</head>
<xbody>
<table width="600" cellspacing="0" cellpadding="0" border="0" align="center">
<tr><td><A target="_blank" href="https://www.paypal.com/" >
<IMG src="http://www.paypal.com/images/paypal_logo.gif" width=117 height=35 alt="PayPal" border="0" vspace=10></A>
</td></tr></table>
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr><td background="http://www.paypal.com/images/bg_clk.gif" width=100%>
<img src="http://www.paypal.com/images/pixel.gif" height="29" width="1" border="0"></td></tr>
<tr><td><img src="http://www.paypal.com/images/pixel.gif" height="10" width="1" border="0"></td></tr>
</table>

<table width="600" cellpadding=0 cellspacing=0 border=0 align=center>
<tr valign=top>
<td width=5><img src="http://www.paypal.com/images/pixel.gif" width=5 height=1></td>
<td width="100%" class="pptext" align="left">
<table width="100%" cellspacing="0" cellpadding="0" border="0" align="center">
<tr><td>
<br><br>
Dear xxxxx@gmx.net <---- SpamRam ---->
,

<br><br>
We recently reviewed your account, and suspect that your PayPal account may<br>
have been accessed by an unauthorized third party. Protecting the security<br>
of your account and of the PayPal network is our primary concern.<br>
Therefore, as a prevention measure, we have temporarely limited access to<br>
sensitive PayPal account features.<br>
Please click on the link below to confirm your information:<br><p>
<[SPAMLINK siehe unten !/SPAMLINK] >https://www.paypal.com/cgi-bin/webscr?cmd=_login-run</a><br>
<br>

For more information about how to protect your account, please visit<br>
PayPal's Security Center, accessible via the "Security Center" link located<br>
at the bottom of each page of the PayPal website. <br>
<br>
We apologize for any inconvenience this may cause, and appreciate your<br>
assistance in helping us maintain the integrity of the entire PayPal<br>
system. Thank you for your prompt attention to this matter.<br>
<br>
<br><br>

Sincerely,

<br><br>

The PayPal Fraud Management Team
<br>
</td><tr>
<td><br><img src="http://www.paypal.com/images/dot_row_long.gif" width=590 height=5></td>
</tr>
<tr>
<td class="pp_footer">
Please do not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log in to your PayPal account and choose the
"Help" link in the header of any page.<br>

Copyright &copy; 2005 PayPal, Inc. All rights reserved. Designated trademarks and brands are the property of their respective owners.

</td>
</tr>
</table>

</td>
</tr>
</table>
</xbody>
</html>
whois:<a href="http://www.pharm21.com/https/www.paypal.com/secure/ssl/paypal/trusted/resolution_center/confirm/index.php">

Habe bereits an PayPal gemeldet und von PayPal in der Antwort das Folgende erhalten:
After review, we can confirm that the email you received was not sent by
PayPal. Any website which may be linked to this email is not authorized
or used by PayPal.

Our fraud prevention team is working to disable any website linked to
this email.
Naja, hoffen wir, dass sie Erfolg haben!