Da war doch noch was...., zum zweiten:
gecracktes SquirelMail aus IN, NIC India hat immer noch den Hosenlatz auf:
header:
01: Received: from vastu3.nic.in (smtpgw.nic.in [164.100.17.13])
02: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: for xxxxx; Thu, 26 Nov 2009 xx:xx:xx +0100 (CET)
04: Received: from vastu3.nic.in (localhost.localdomain [127.0.0.1])
05: by vastu3.nic.in (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
06: for xxxxx; Tue, 24 Nov 2009 xx:xx:xx +0530
07: Received: from ori.nic.in (ori.nic.in [164.100.140.2])by vastu3.nic.in
08: (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
09: +0530
10: Received: from mail.ori.nic.in (ori.nic.in [10.172.0.2])by ori.nic.in
11: (8.13.1/8.13.1) with SMTP ID: [ID filtered]
12: Received: from 115.133.222.194 (NIC authenticated user sunderga)
13: by mail.ori.nic.in with HTTP; Tue, 24 Nov 2009 xx:xx:xx +0530 (IST)
header:
01: Received: from vastu3.nic.in (smtpgw.nic.in [164.100.17.13])
02: by deliver.uni-koblenz.de (Postfix) with ESMTP ID: [ID filtered]
03: for xxxxx; Thu, 26 Nov 2009 xx:xx:xx +0100 (CET)
04: Received: from vastu3.nic.in (localhost.localdomain [127.0.0.1])
05: by vastu3.nic.in (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
06: for xxxxx; Tue, 24 Nov 2009 xx:xx:xx +0530
07: Received: from ori.nic.in (ori.nic.in [164.100.140.2])by vastu3.nic.in
08: (8.12.10/8.12.10) with ESMTP ID: [ID filtered]
09: +0530
10: Received: from mail.ori.nic.in (ori.nic.in [10.172.0.2])by ori.nic.in
11: (8.13.1/8.13.1) with SMTP ID: [ID filtered]
12: Received: from 115.133.222.194 (NIC authenticated user sunderga)
13: by mail.ori.nic.in with HTTP; Tue, 24 Nov 2009 xx:xx:xx +0530 (IST)
Da konnte wohl jemand den Proxy von Apache nicht richtig konfigurieren:
header:
01: Received: from unknown (EHLO westchesterlibraries.org) [199.97.121.28]
02: by mx0.gmx.net (mx112) with SMTP; 27 Nov 2009 xx:xx:xx +0100
03: Received: by westchesterlibraries.org (Postfix, from userID: [ID filtered]
04: ID: [ID filtered]
header:
01: Received: from c2beaomr03.btconnect.com (c2beaomr03.btconnect.com
02: [213.123.26.181])
03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: for xxxxx; Fri, 27 Nov 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([211.153.33.12])
06: by c2beaomr03.btconnect.com
07: with ESMTP ID: [ID filtered]
08: Fri, 27 Nov 2009 xx:xx:xx GMT
IP: 211.153.33.12 ---> YanQing committee network
header:
01: Received: from mx03.bigwww.com (unknown [222.208.183.233])
02: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: for xxxxx; Sat, 28 Nov 2009 xx:xx:xx +0100 (CET)
04: Received: from User (unknown [41.217.65.3])
05: by mx03.bigwww.com (Postfix) with ESMTPA ID: [ID filtered]
06: Sat, 28 Nov 2009 xx:xx:xx +0800 (CST)
IP: 41.217.65.3 ---> ZOOM Mobile Nigeria Ltd.
Muguphon: +234 70-250-48121 ---> Visafone Communications Ltd., Nigeria
wohl derselbe Mugu:
header:
01: Received: from mx03.bigwww.com (unknown [222.208.183.233])
02: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: for xxxxx; Sat, 28 Nov 2009 xx:xx:xx +0100 (CET)
04: Received: from User (unknown [41.217.65.4])
05: by mx03.bigwww.com (Postfix) with ESMTPA ID: [ID filtered]
06: Sat, 28 Nov 2009 xx:xx:xx +0800 (CST)
IP: 41.217.65.4
die Amsterdam-Konnektion benutzt ausgerechnet einen gecrackten Spam- Und Viren-Filter-Server....
header:
01: Received: from ironport2.cable.net.co (ironport2.cable.net.co
02: [200.118.2.78])
03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: for xxxxx; Sat, 28 Nov 2009 xx:xx:xx +0100 (CET)
05: X-IronPort-AV: E=Sophos;i="4.47,305,1257138000";
06: d="doc'32?scan'32,208,32";a="174214497"
07: Received: from hefesto.cable.net.co ([200.118.2.58])
08: by ironport2.cable.net.co with ESMTP; 28 Nov 2009 xx:xx:xx -0500
09: Received: from User ([87.210.30.254])
10: by hefesto.cable.net.co (Sun Java System Messaging Server 6.2-7.06
11: (built Oct
12: 6 2006)) with ESMTPA ID: [ID filtered]
13: xxxxx; Sat, 28 Nov 2009 xx:xx:xx -0500 (COT)
IP: 87.210.30.254 ---> ip254-30-210-87.adsl2.static.versatel.nl
Muguphon: +31-641-232-991 ---> T-Mobile Netherlands B.V.
Mugufax: +31-847-367-971 ---> J2 Global (Netherlands) B.V./Jump
gecrackter Server in CH:
header:
01: Received: from mail.cmm.ch
02: (gw.ptr-80-238-195-98.customer.ch.netstream.com [80.238.195.98])
03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: for xxxxx; Sat, 28 Nov 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([77.98.124.99])
06: by mail.cmm.ch (IceWarp 9.4.0) with ASMTP ID: [ID filtered]
07: Sat, 28 Nov 2009 xx:xx:xx +0100
IP: 77.98.124.99 ---> 77-98-124-99.cable.ubr08.wolv.blueyonder.co.uk
header:
01: Received: from commodorehomes.com (host-64-179-44-132.ind.choiceone.net
02: [64.179.44.132])
03: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: for xxxxx; Sat, 28 Nov 2009 xx:xx:xx +0100 (CET)
05: Received: from [81.91.238.59] (account info HELO User)
06: by commodorehomes.com (CommuniGate Pro SMTP 5.2.14)
07: with ESMTPA ID: [ID filtered]
IP: 81.91.238.59 --> Glo Mobile BENIN
Muguphon: +229 98823733 ---> Benin
header:
01: Received: from server.trustme.info (HELO server.trustme.info)
02: [209.160.33.51]
03: by mx0.gmx.net (mx012) with SMTP; 29 Nov 2009 xx:xx:xx +0100
04: Received: from nvyzyzle (137.141.237.252)
05: by server.trustme.info; Sat, 28 Nov 2009 xx:xx:xx -0800
header:
01: Received: from server.trustme.info (server.trustme.info [209.160.33.51])
02: by mx.kundenserver.de (node=mxeu3) with ESMTP (Nemesis)
03: ID: [ID filtered]
04: xx:xx:xx +0100
05: Received: from ocxfkw (62.203.72.27)
06: by server.trustme.info; Sat, 28 Nov 2009 xx:xx:xx -0800
header:
01: Received: from server.trustme.info (HELO server.trustme.info)
02: [209.160.33.51]
03: by mx0.gmx.net (mx070) with SMTP; 29 Nov 2009 xx:xx:xx +0100
04: Received: from bqw (68.91.127.220)
05: by server.trustme.info; Sat, 28 Nov 2009 xx:xx:xx -0800
header:
01: Received: from mail.tcm.pa.gov.br (ns2.tcm.pa.gov.br [200.242.199.80])
02: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: for xxxxx; Sun, 29 Nov 2009 xx:xx:xx +0100 (CET)
04: Received: from localhost (localhost [127.0.0.1])
05: by mail.tcm.pa.gov.br (Postfix) with ESMTP ID: [ID filtered]
06: Sat, 28 Nov 2009 xx:xx:xx -0300 (BRT)
07: Received: from mail.tcm.pa.gov.br ([127.0.0.1])
08: by localhost (web.tcm.pa.gov.br [127.0.0.1]) (amavisd-new, port 10024)
09: with ESMTP ID: [ID filtered]
10: Received: from User (unknown [77.104.239.1])
11: by mail.tcm.pa.gov.br (Postfix) with ESMTPA ID: [ID filtered]
12: Sat, 28 Nov 2009 xx:xx:xx -0300 (BRT)
IP: 77.104.239.1 ---> minaretnet.cz
header:
01: Received: from mail.willfly.org (unknown [222.73.17.50])
02: (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: (No client certificate requested)
04: by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: for xxxxx; Sun, 29 Nov 2009 xx:xx:xx +0100 (CET)
06: Received: from User (colorc5.lnk.telstra.net [165.228.100.208])
07: by mail.willfly.org (Postfix) with ESMTP ID: [ID filtered]
08: Sun, 29 Nov 2009 xx:xx:xx +0800 (CST)
- kjz