Ein Phänomen, was ich schon länger beobachte: rotzt Timo und die Russenmafia stärker rum, kommt kaum Mugu-Spam. Haben die Russen und Timo sich beruhigt, schlagen die Mugus wieder zu. Summa summarum bleibt der tägliche Spameingang gleich. Evtl. ein Indiz dafür, dass die Botnet-Kapazitäten halt doch nicht unbegrenzt sind.
header:
01: Received: from bouvier.getmail.no ([84.210.184.8]) by mx-ha.gmx.net
02: (mxgmx113)
03: with ESMTP (Nemesis) ID: [ID filtered]
04: Oct 2014 xx:xx:xx +0200
05: Received: from localhost (localhost [127.0.0.1])
06: by bouvier.getmail.no (Postfix) with ESMTP ID: [ID filtered]
07: for xxxxx; Mon, 13 Oct 2014 xx:xx:xx +0200 (CEST)
08: Received: from bouvier.getmail.no ([127.0.0.1])
09: by localhost (bouvier.get.c.bitbit.net [127.0.0.1]) (amavisd-new, port
10: 10032)
11: with ESMTP ID: [ID filtered]
12: Mon, 13 Oct 2014 xx:xx:xx +0200 (CEST)
13: Received: from localhost (localhost [127.0.0.1])
14: by bouvier.getmail.no (Postfix) with ESMTP ID: [ID filtered]
15: for xxxxx; Mon, 13 Oct 2014 xx:xx:xx +0200 (CEST)
16: Received: from bouvier.getmail.no ([127.0.0.1])
17: by localhost (bouvier.get.c.bitbit.net [127.0.0.1]) (amavisd-new, port
18: 10026)
19: with ESMTP ID: [ID filtered]
20: Mon, 13 Oct 2014 xx:xx:xx +0200 (CEST)
21: Received: from confirm.interbizmarketinginfo.com
22: (cas2.websitehostserver.net [209.15.212.60])
23: by bouvier.getmail.no (Postfix) with ESMTPA ID: [ID filtered]
24: for xxxxx; Mon, 13 Oct 2014 xx:xx:xx +0200 (CEST)
man merke sich: IP 209.15.212.60
wieder mal der Sternchen-Mugu:
header:
01: Received: from phpstaging.saavicam.com ([50.56.56.106]) by mx-ha.gmx.net
02: (mxgmx008) with ESMTPS (Nemesis) ID: [ID filtered]
03: Received: from [209.64.62.34] (port=12470 helo=User) by phpstaging.saavicam.com
04: with esmtpa (Exim 4.82)
05: (envelope-from <info [at] chase.org>) ID: [ID filtered]
Zitat:
*FROM THE JP MORGAN CHASE BANK*
*UNCLAIMED ASSET/ASSETS RE-UNITED,*
*USA INTERNATIONAL REMITTANCE DEPARTMENT.*......
header:
01: Received: from bouvier.getmail.no ([84.210.184.8]) by mx-ha.gmx.net
02: (mxgmx109)
03: with ESMTP (Nemesis) ID: [ID filtered]
04: Oct 2014 xx:xx:xx +0200
05: Received: from localhost (localhost [127.0.0.1])
06: by bouvier.getmail.no (Postfix) with ESMTP ID: [ID filtered]
07: for xxxxx; Wed, 15 Oct 2014 xx:xx:xx +0200 (CEST)
08: Received: from bouvier.getmail.no ([127.0.0.1])
09: by localhost (bouvier.get.c.bitbit.net [127.0.0.1]) (amavisd-new, port
10: 10032)
11: with ESMTP ID: [ID filtered]
12: Wed, 15 Oct 2014 xx:xx:xx +0200 (CEST)
13: Received: from localhost (localhost [127.0.0.1])
14: by bouvier.getmail.no (Postfix) with ESMTP ID: [ID filtered]
15: for xxxxx; Wed, 15 Oct 2014 xx:xx:xx +0200 (CEST)
16: Received: from bouvier.getmail.no ([127.0.0.1])
17: by localhost (bouvier.get.c.bitbit.net [127.0.0.1]) (amavisd-new, port
18: 10026)
19: with ESMTP ID: [ID filtered]
20: Wed, 15 Oct 2014 xx:xx:xx +0200 (CEST)
21: Received: from emailtools.interbizmarketinginfo.com
22: (cas2.websitehostserver.net [209.15.212.60])
23: by bouvier.getmail.no (Postfix) with ESMTPA ID: [ID filtered]
24: for xxxxx; Wed, 15 Oct 2014 xx:xx:xx +0200 (CEST)
IP 209.15.212.60