Mugu Dubletten

Druckbare Version

40 Beiträge dieses Themas auf einer Seite anzeigen

Aber nicht genug, sondern noch:

ad 1 vom taiwanesischen Frickelserver:

header:

01: Received: from dataexpress.com.tw (60-250-42-53.HINET-IP.hinet.net
02: [60.250.42.53])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Fri, 18 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [41.211.232.162])
06: 	by dataexpress.com.tw (Postfix) with ESMTP ID: [ID filtered]
07: 	Fri, 18 Dec 2009 xx:xx:xx +0800 (CST)

IP: 41.211.232.162 ---> oregun-ck.oregunck.com/Direct-on-PC Limited, Nigeria

Mugufax: +44 871 263 6731 ---> Call Sciences Limited, UK/YAC

header:

01: Received: from aphhk.com (unknown [211.148.137.201])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Sat, 19 Dec 2009 xx:xx:xx +0100 (CET)
06: Received: (qmail 3324 invoked by UID: [UID filtered]
07: Received: by simscan 1.2.0 ppID: [ID filtered]
08:          scanners: attach: 1.2.0
09: Received: from unknown (HELO User) (backup [at] 41.211.227.249)
10:   by 0 with ESMTPA; 18 Dec 2009 xx:xx:xx -0000

IP: 41.211.227.249 ---> Direct-on-PC Limited, Nigeria

gecrackter Uni-Account:

header:

01: Received: from smtp.stanford.edu (smtp4.Stanford.EDU [171.67.219.84])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Sat, 19 Dec 2009 xx:xx:xx +0100 (CET)
06: Received: from smtp.stanford.edu (localhost.localdomain [127.0.0.1])
07: 	by localhost (Postfix) with SMTP ID: [ID filtered]
08: 	Sat, 19 Dec 2009 xx:xx:xx -0800 (PST)
09: Received: from zm04.stanford.edu (zm04.Stanford.EDU [171.67.219.154])
10: 	by smtp.stanford.edu (Postfix) with ESMTP ID: [ID filtered]
11: 	Sat, 19 Dec 2009 xx:xx:xx -0800 (PST)

X-Originating-IP: [75.109.190.56] ---> c75-109-190-56.mtplcmta01.mnpltx.tl.dh.suddenlink.net

header:

01: Received: from mx4.hotmail.com (exchng-72.wn45.reliablehosting.com
02: [216.131.102.72])
03: 	by mx.kundenserver.de (node=mxbap4) with ESMTP (Nemesis)
04: 	ID: [ID filtered]
05: xx:xx:xx +0100

Muguphon: +44-774-899-2079 ---> Vodafone Ltd., UK

Mugufax: +44-207-526-2226 ---> Cable & Wireless (Energis), UK

header:

01: Received: from mail.passagemaker.com (mail.passagemaker.com [173.8.2.34])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Sun, 20 Dec 2009 xx:xx:xx +0100 (CET)
06: Received: from User ([41.217.65.4])
07: 	(authenticated user christine [at] passagemaker.com)
08: 	by mail.passagemaker.com (Kerio MailServer 6.7.2);
09: 	Sat, 19 Dec 2009 xx:xx:xx -0500

IP: 41.217.65.4 ---> ZOOM Mobile Nigeria Ltd.

header:

01: Received: from asmtpout024.mac.com (asmtpout024.mac.com [17.148.16.99])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun, 20 Dec 2009 xx:xx:xx +0100 (CET)
04: MIME-version: 1.0
05: Content-type: multipart/mixed;
06: boundary="Boundary_(ID_/6HSZ2+f+Frs3kax8aKr9g)"
07: Received: from spool003.mac.com ([10.150.69.53])
08:  by asmtp024.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01
09: (built Dec
10:  16 2008; 32bit)) with ESMTP ID: [ID filtered]
11:  xxxxx; Sat, 19 Dec 2009 xx:xx:xx -0800 (PST)
12: Received: from webmail020 ([10.13.128.20])
13:  by spool003.mac.com (Sun Java(tm) System Messaging Server 6.3-8.01
14: (built Dec
15:  16 2008; 32bit)) with ESMTP ID: [ID filtered]
16:  19 Dec 2009 xx:xx:xx -0800 (PST)

Wie war das noch mal mit Bellnexxia?

header:

01: Received: from toroondcbque03-srv.bellnexxia.net
02: (toroondcbque03.bellnexxia.net [207.236.237.49])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Sun, 20 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([85.170.159.150])
06:           by toroondcbauth02-srv.bellnexxia.net
07:           (InterMail vM.8.00.01.00 201-2244-105-20090324) with ESMTP
08:           id
09: <20091218060132.FROU12061.toroondcbauth02-srv.bellnexxia.net [at] User>;
10:           Fri, 18 Dec 2009 xx:xx:xx -0500

IP: 85.170.159.150 ---> 5-170-159-150.rev.numericable.fr

header:

01: Received: from mail.lloyddaniel.com (ftp.lloyddaniel.com [205.136.92.109])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun, 20 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User [82.128.34.30] by mail.lloyddaniel.com with ESMTP
05:   (SMTPD-9.21) ID: [ID filtered]

IP: 82.128.34.30 ---> Multilinks Telecommunications Limited, Nigeria

Muguphon: +447045781942 ---> Open Telecom International Ltd., UK

header:

01: Received: from PRESTIGETR.prestigetransilvania.ro (unknown [83.103.137.118])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun, 20 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User ([41.202.16.116]) by prestigetransilvania.ro with
05: MailEnable ESMTP; Thu, 17 Dec 2009 xx:xx:xx +0200

IP: 41.202.16.116 ---> dhcp16116.myzipnet.com, Ghana

Muguphon: +233205141684 ---> ONETouch, Ghana/Vodafone

- kjz

Fröhliche Mugu-Bescherung:

header:

01: Received: from jingrui.hk (unknown [61.143.101.72])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User [41.138.179.153] by jingrui.hk with ESMTP
05:   (SMTPD-8.22) ID: [ID filtered]

IP: 41.138.179.153 ---> Visafone Communications Limited, Nigeria

Muguphon: +447024027864 ---> Magrathea Telecommunications Limited, UK

Mugufax: +447006045403 ---> Call Sciences Limited, UK/Yac

Und wieder Bellnexxia über Spamcast-Zombie, die bekommen ihr Leck nicht dicht:

header:

01: Received: from toroondcbauth01-srv.bellnexxia.net
02: (toroondcbauth01.bellnexxia.net [207.236.237.43])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([98.219.183.253])
06:           by toroondcbauth01-srv.bellnexxia.net
07:           (InterMail vM.8.00.01.00 201-2244-105-20090324) with ESMTP
08:           id
09: <20091221110746.EFQT18636.toroondcbauth01-srv.bellnexxia.net [at] User>;
10:           Mon, 21 Dec 2009 xx:xx:xx -0500

IP: 98.219.183.253 ---> c-98-219-183-253.hsd1.pa.comcast.net

auch hier ein Dauer-Leck in Taiwan:

header:

01: Received: from dataexpress.com.tw (60-250-42-53.HINET-IP.hinet.net
02: [60.250.42.53])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [41.211.229.88])
06: 	by dataexpress.com.tw (Postfix) with ESMTP ID: [ID filtered]
07: 	Mon, 21 Dec 2009 xx:xx:xx +0800 (CST)

IP: 41.211.229.88 ---> 88.229.211.41.client88.directonpc.net, Nigeria

Muguphon: +44 871 263 6731 ---> Call Sciences Limited, UK/Yac

Bellnexxia via China-Zombie:

header:

01: Received: from toroondcbmts04-srv.bellnexxia.net
02: (toroondcbmts04.bellnexxia.net [207.236.237.38])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Tue, 22 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([60.211.25.22]) by toroondcbauth02-srv.bellnexxia.net
06:           (InterMail vM.8.00.01.00 201-2244-105-20090324) with ESMTP
07:           id
08: <20091221045402.GYLX29583.toroondcbauth02-srv.bellnexxia.net [at] User>;
09:           Sun, 20 Dec 2009 xx:xx:xx -0500

IP: 60.211.25.22 ---> China Unicom Shandong

header:

01: Received: from rdlscientific.com (81-86-12-78.dsl.pipex.com [81.86.12.78])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User ([62.135.93.225] RDNS failed) by rdlscientific.com
05: with Microsoft SMTPSVC(6.0.3790.3959);
06: 	 Mon, 21 Dec 2009 xx:xx:xx +0000

IP: 62.135.93.225 ---> LINK, EG

Muguphon: +20116618850 ---> Etisalat, EG

auch hier ein Dauer-Mugu:

header:

01: Received: from ozhmx0.ozhosting.com (ozhmx0.ozhosting.com [203.30.164.223])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User (unknown [125.46.73.45])
05: 	by ozhmx0.ozhosting.com (Postfix) with ESMTP
06: 	ID: [ID filtered]

IP: 125.46.73.45 ---> hn.kd.ny.adsl/China Unicom Henan

Muguphon: +233205141684 ---> ONETouch, Ghana/Vodafone

header:

01: Received: from mwasala.ahad-ahad.com (EHLO mwasala.ahad-ahad.com)
02: [63.223.110.144]
03:   by mx0.gmx.net (mx110) with SMTP; 23 Dec 2009 xx:xx:xx +0100
04: Received: from [92.63.15.98] (helo=User)
05: 	by mwasala.ahad-ahad.com with esmtpa (Exim 4.69)
06: 	(envelope-from <elizaberg1954 [at] gmail.com>)
07: 	ID: [ID filtered]

- kjz

Die Weihnachtsmugus:

die Taiwan-Kiste:

header:

01: Received: from dataexpress.com.tw (60-250-42-53.HINET-IP.hinet.net
02: [60.250.42.53])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [41.211.229.88])
06: 	by dataexpress.com.tw (Postfix) with ESMTP ID: [ID filtered]
07: 	Mon, 21 Dec 2009 xx:xx:xx +0800 (CST)

IP: 41.211.229.88 ---> 88.229.211.41.client88.directonpc.net, Nigeria

Muguphon: +44 871 263 6731 ---> Call Sciences Limited/Yac

die Madrid-Konnektion:

header:

01: Received: from ns2.etime.co.za (unknown [196.25.216.138])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Mon, 21 Dec 2009 xx:xx:xx +0100 (CET)
06: Received: from User (unknown [77.211.204.34])
07: 	by ns2.etime.co.za (Postfix) with ESMTP ID: [ID filtered]
08: 	Thu, 17 Dec 2009 xx:xx:xx +0200 (SAST)

IP: 77.211.204.34 ---> VODAFONE_SPAIN_NETWORK

abgekübelt über China-Zombie:

header:

01: Received: from ozhmx0.ozhosting.com (ozhmx0.ozhosting.com [203.30.164.223])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxxx; Tue, 22 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User (unknown [125.46.73.45])
05: 	by ozhmx0.ozhosting.com (Postfix) with ESMTP
06: 	ID: [ID filtered]

IP: 125.46.73.45 ---> hn.kd.ny.adsl/China Unicom Henan

Muguphon: +233205141684 ---> ONETouch, Ghana/Vodafone

header:

01: Received: from hm1481-5.locaweb.com.br (hm1481-5.locaweb.com.br
02: [201.76.49.127])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from localhost (189.126.112.72) by hm1481-5.locaweb.com.br
06: (PowerMTA(TM) v3.5r13) ID: [ID filtered]
07: Thu, 24 Dec 2009 xx:xx:xx -0200 (envelope-from
08: <johnsheade57 [at] vilania.com.br>)
09: X-LW-Scanned: by Locaweb Mail Filter at locaweb.com.br
10: Received: from hm2076.locaweb.com.br ([127.0.0.1])
11: 	by localhost (hm2076.locaweb.com.br [127.0.0.1]) (amavisd-new, port 10024)
12: 	with LMTP ID: [ID filtered]
13: Received: from hm401.locaweb.com.br (unknown [10.1.10.37])
14: 	by hm2076.locaweb.com.br (Postfix) with SMTP ID: [ID filtered]
15: 	Thu, 24 Dec 2009 xx:xx:xx -0200 (BRST)
16: Received: from unknown (HELO User) (rafael [at] vilania.com.br@41.217.65.4)
17:   by hm401.locaweb.com.br with SMTP; 24 Dec 2009 xx:xx:xx -0000

IP: 41.217.65.4 ---> ZOOM Mobile Nigeria Ltd.

Muguphon: +44 871 504 9889 ---> Magrathea Telecommunications Limited, UK

header:

01: Received: from mastercontractors.net
02: (static-71-241-56-86.nrflva.east.verizon.net [71.241.56.86])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([82.128.70.51]) by mastercontractors.net with
06: Microsoft SMTPSVC(6.0.3790.3959);
07: 	 Wed, 23 Dec 2009 xx:xx:xx -0500

header:

01: Received: from mastercontractors.net
02: (static-71-241-56-86.nrflva.east.verizon.net [71.241.56.86])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User ([82.128.70.24]) by mastercontractors.net with
06: Microsoft SMTPSVC(6.0.3790.3959);
07: 	 Thu, 24 Dec 2009 xx:xx:xx -0500

IP: 82.128.70.51 ---> Multilinks Telecommunications Limited, Nigeria

Muguphon: + 44 70457 35768 ---> Open Telecom International Ltd., UK

die Madrid-Konnektion:

header:

01: Received: from IMPaqm3.telefonica.net (impaqm3.telefonica.net
02: [213.4.129.23])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from IMPmailhost2.adm.correo ([10.20.102.39])
06: 	by IMPaqm3.telefonica.net with bizsmtp
07: 	ID: [ID filtered]
08: Received: from User ([81.34.178.216])
09: 	by IMPmailhost2.adm.correo with BIZ IMP
10: 	ID: [ID filtered]

IP: 81.34.178.216 ---> 216.Red-81-34-178.dynamicIP.rima-tde.net

- kjz

Leider kehrt auch zur Weihnacht keine Ruhe ein:

header:

01: Received: from mail.m-rinternationalhosting.com (unknown [208.106.153.92])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from ml82.128.20.112.multilinks.com [82.128.20.112] by
05: mail.m-rinternationalhosting.com with SMTP;
06:    Tue, 22 Dec 2009 xx:xx:xx +0100

IP: 82.128.20.112 ---> Multilinks, Nigeria

per Zombie:

header:

01: Received: from rubidio.sol3.it (web.fastgate.it [84.33.51.13])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Fri, 25 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from localhost (rubidio.local [127.0.0.1])
05: 	by rubidio.sol3.it (Postfix) with ESMTP ID: [ID filtered]
06: 	Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
07: Received: from rubidio.sol3.it ([127.0.0.1])
08: 	by localhost (rubidio.sol3.it.sol3.it [127.0.0.1]) (amavisd-new, port
09: 10024)
10: 	with ESMTP ID: [ID filtered]
11: Received: from User (channelf.5460.net [61.137.93.80])
12: 	by rubidio.sol3.it (Postfix) with ESMTP ID: [ID filtered]
13: 	Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)

IP: 61.137.93.80 ---> CHINANET Hunan

Muguphon: +2347061930084 ---> MTN Nigeria Communications Ltd

header:

01: Received: from mail.xiami.com (unknown [221.12.127.14])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User (unknown [211.142.24.122])
05: 	by mail.xiami.com (Postfix) with ESMTP ID: [ID filtered]
06: 	Thu, 24 Dec 2009 xx:xx:xx +0800 (CST)

Muguphon: +233-243-564-564 ---> MTN, Ghana

gecracktes Horde:

header:

01: Received: from smtpgate4.pacific.net.sg (smtpgate4.pacific.net.sg
02: [203.120.68.34])
03: 	by xxxxx (Postfix) with SMTP ID: [ID filtered]
04: 	for xxxxx; Thu, 24 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: (qmail 11068 invoked from network); 24 Dec 2009 xx:xx:xx -0000
06: Received: from wm3.pacific.net.sg (HELO localhost) (lcloh [at] 192.169.41.133)
07:   by smtpgate4.pacific.net.sg with ESMTPA; 24 Dec 2009 xx:xx:xx -0000
08: Received: from 172.16.0.221 (172.16.0.221 [172.16.0.221]) by
09: 	wm3.web.pacific.net.sg (Horde MIME library) with HTTP; Fri, 25 Dec 2009
10: 	xx:xx:xx +0800

Muguphon: +2347033057569 ---> MTN Nigeria Communications Ltd.

- kjz

Noch im alten Jahr:

die Kühltruhe leckt:

header:

01: Received: from dns.refrigerant.com.tw (60-249-196-178.HINET-IP.hinet.net
02: [60.249.196.178])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon, 28 Dec 2009 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [82.128.32.178])
06: 	by dns.refrigerant.com.tw (Postfix) with ESMTP
07: 	ID: [ID filtered]

IP: 82.128.32.178 ---> Multilinks Telecommunications Limited, Nigeria

die Madrid-Konnektion:

header:

01: Received: from 66-197-149-208.hostnoc.net.149.197.66.in-addr.arpa (EHLO
02: server-1.hostsos.com) [66.197.149.208]
03:   by mx0.gmx.net (mx034) with SMTP; 29 Dec 2009 xx:xx:xx +0100
04: Received: from [77.211.67.185] (helo=User)
05: 	by server-1.hostsos.com with esmtpa (Exim 4.69)
06: 	(envelope-from <ramon.jason1950 [at] gmail.com>)
07: 	ID: [ID filtered]

IP: 77.211.67.185 ---> VODAFONE_SPAIN_NETWORK

Muguphon: +34 634 140 773 ---> Vodafone Espana

header:

01: Received: from wjhqmw1.wicaksana.co.ID: [ID filtered]
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Wed, 30 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from User ([82.128.32.89]) by wjhqmw1.wicaksana.co.ID: [ID filtered]
05: Microsoft SMTPSVC(6.0.3790.3959);
06: 	 Wed, 30 Dec 2009 xx:xx:xx +0700

IP: 82.128.32.89 ---> Multilinks Telecommunications Limited, Nigeria

gecracktes Horde:

header:

01: Received: from mail.loze.net (mx2.loze.net [194.63.136.6])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Wed, 30 Dec 2009 xx:xx:xx +0100 (CET)
04: Received: from localhost (localhost [127.0.0.1])
05: 	by mail.loze.net (Postfix) with ESMTP ID: [ID filtered]
06: 	Wed, 30 Dec 2009 xx:xx:xx +0200 (EET)
07: X-Virus-Scanned: amavisd-new at mail.valerii.com
08: Received: from mail.loze.net ([127.0.0.1])
09: 	by localhost (mail.loze.net [127.0.0.1]) (amavisd-new, port 10024)
10: 	with ESMTP ID: [ID filtered]
11: Received: by mail.loze.net (Postfix, from userID: [ID filtered]
12: 	ID: [ID filtered]
13: Received: from 41.216.44.207 ([41.216.44.207]) by mail.loze.net (Horde MIME
14: 	library) with HTTP; Wed, 30 Dec 2009 xx:xx:xx +0200

IP: 41.216.44.207 ---> Benin Telecoms SA

Muguphon: +229-966-663-50 ---> Benin

- kjz

Und im Neuen geht's weiter:

header:

01: Received: from nameservices.net (EHLO officefurnitureman.com)
02: [216.117.138.216]
03:   by mx0.gmx.net (mx108) with SMTP; 01 Jan 2010 xx:xx:xx +0100
04: Received: from User [82.128.21.188] by officefurnitureman.com with ESMTP
05:   (SMTPD32-8.05) ID: [ID filtered]

IP: 82.128.21.188 ---> ml82.128.21.188.multilinks.com, Nigeria

header:

01: Received: from rubidio.sol3.it (web.fastgate.it [84.33.51.13])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sat,  2 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from localhost (rubidio.local [127.0.0.1])
05: 	by rubidio.sol3.it (Postfix) with ESMTP ID: [ID filtered]
06: 	Sat,  2 Jan 2010 xx:xx:xx +0100 (CET)
07: Received: from rubidio.sol3.it ([127.0.0.1])
08: 	by localhost (rubidio.sol3.it.sol3.it [127.0.0.1]) (amavisd-new, port
09: 10024)
10: 	with ESMTP ID: [ID filtered]
11: Received: from User (unknown [82.128.86.37])
12: 	by rubidio.sol3.it (Postfix) with ESMTP ID: [ID filtered]
13: 	Sat,  2 Jan 2010 xx:xx:xx +0100 (CET)

IP: 82.128.86.37 ---> Multilinks Telecommunications Limited, Nigeria

header:

01: Received: from qwebsites.com (qwebsites.com [75.125.18.18])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Fri,  1 Jan 2010 xx:xx:xx +0100 (CET)
06: Received: (qmail 3441 invoked by UID: [UID filtered]
07: Received: from  by server04.q-surf.com (envelope-from
08: <catherinehoover [at] sbcglobal.net>, UID: [UID filtered]
09:  (clamdscan: 0.95.3/10246. spamassassin: 3.2.5. perlscan: 2.08st.
10:  Clear:RC:1(127.0.0.1):.
11:  Processed in 0.017778 secs); 01 Jan 2010 xx:xx:xx -0000

die Madrid-Konnektion:

header:

01: Received: from ffcm-mailserver.favellefavco.com.my
02: (ffcm-mailserver.favellefavco.com.my [124.82.167.98])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Sat,  2 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from User ([213.37.214.129] unverified) by
06: ffcm-mailserver.favellefavco.com.my with Microsoft SMTPSVC(5.0.2195.6713);
07: 	 Sun, 3 Jan 2010 xx:xx:xx +0800

IP: 213.37.214.129 ---> 213.37.214.129.dyn.user.ono.com, ES

über China-Zombie:

header:

01: Received: from mail.mceodoherty.ie (EHLO mceodoherty.ie) [83.70.118.15]
02:   by mx0.gmx.net (mx042) with SMTP; 02 Jan 2010 xx:xx:xx +0100
03: Received: from User ([60.208.119.2] RDNS failed) by mceodoherty.ie with
04: Microsoft SMTPSVC(6.0.3790.3959);
05: 	 Sat, 26 Dec 2009 xx:xx:xx +0000

IP: 60.208.119.2 ---> JINAN xinyu Net Bar

header:

01: Received: from themar20.lnk.telstra.net (EHLO
02: wombat.mariaislandwalk.com.au) [165.228.181.155]
03:   by mx0.gmx.net (mx103) with SMTP; 03 Jan 2010 xx:xx:xx +0100
04: Received: from User ([165.228.2.249]) by wombat.mariaislandwalk.com.au
05: with Microsoft SMTPSVC(6.0.3790.3959);
06: 	 Wed, 30 Dec 2009 xx:xx:xx +1100

die Amsterdam-Konnektion:

header:

01: Received: from mail.maxnet.ua (mail.maxnet.ua [79.171.120.18])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun,  3 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from localhost (mail.maxnet.ua [79.171.120.18])
05: 	by mail.maxnet.ua (Postfix) with ESMTP ID: [ID filtered]
06: 	Sat,  2 Jan 2010 xx:xx:xx +0200 (EET)
07: X-Virus-Scanned: amavisd-new at maxnet.ua
08: Received: from mail.maxnet.ua ([79.171.120.18])
09: 	by localhost (mail.maxnet.ua [79.171.120.18]) (amavisd-new, port 10024)
10: 	with LMTP ID: [ID filtered]
11: Received: from User (a90019.upc-a.chello.nl [62.163.90.19])
12: 	by mail.maxnet.ua (Postfix) with ESMTPA ID: [ID filtered]
13: 	Sat,  2 Jan 2010 xx:xx:xx +0200 (EET)

Muguphon: +31 621 632 518 ---> Vodafone Libertel B.V., NL

Mugufax: +31 84 733 1775 ---> J2 Global (Netherlands) B.V.

header:

01: Received: from smtp28.orange.fr (smtp28.orange.fr [80.12.242.99])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun,  3 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from me-wanadoo.net (localhost [127.0.0.1])
05: 	by mwinf2802.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
06: 	Sun,  3 Jan 2010 xx:xx:xx +0100 (CET)
07: Received: from me-wanadoo.net (localhost [127.0.0.1])
08: 	by mwinf2802.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
09: 	Sun,  3 Jan 2010 xx:xx:xx +0100 (CET)
10: Received: from User (LSt-Amand-152-31-18-235.w193-253.abo.wanadoo.fr
11: [193.253.221.235])
12: 	by mwinf2802.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
13: 	Sun,  3 Jan 2010 xx:xx:xx +0100 (CET)

- kjz

Weiteres von den Mugus:

header:

01: Received: from wjhqmw1.wicaksana.co.ID: [ID filtered]
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from User ([82.128.35.179]) by wjhqmw1.wicaksana.co.ID: [ID filtered]
05: Microsoft SMTPSVC(6.0.3790.3959);
06: 	 Mon, 4 Jan 2010 xx:xx:xx +0700

IP: 82.128.35.179 ---> Multilinks Telecommunications Limited, Nigeria

Muguphon: +2347092367810 ---> Multilinks Telecommunications Ltd., Nigeria

header:

01: Received: from postmail.alexa-soft.com (mail.alexa-soft.com [213.8.129.83])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from User ([89.238.165.138] RDNS failed) by
05: postmail.alexa-soft.com with Microsoft SMTPSVC(6.0.3790.3959);
06: 	 Mon, 4 Jan 2010 xx:xx:xx +0200

header:

01: Received: from domino.intermax-ag.com (mail.imaxclub.com [195.39.8.139])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Tue,  5 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from User ([82.128.32.100])
05:           by domino.intermax-ag.com (Lotus Domino Release 8.5FP1)
06:           with ESMTP ID: [ID filtered]
07:           Tue, 5 Jan 2010 xx:xx:xx +0100

IP: 82.128.32.100 --> Multilinks Telecommunications Limited, Nigeria

header:

01: Received: from imsantv23.netvigator.com (imsantv23.netvigator.com
02: [210.87.247.11])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Tue,  5 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from imsantv36.netvigator.com (imsantv36b.netvigator.com
06: [210.87.247.29])
07: 	by imsantv23.netvigator.com (8.14.2/8.14.2) with ESMTP ID: [ID filtered]
08: 	for xxxxx; Tue, 5 Jan 2010 xx:xx:xx +0800
09: Received: from [210.87.253.68] ([210.87.253.68:59610]
10: helo=imsantv61.netvigator.com)
11: 	by imsantv36 (envelope-from <info [at] fbi.org>)
12: 	(ecelerity 2.2.2.40 r(29895/29896)) with ESMTP
13: 	ID: [ID filtered]
14: Received: from mail.icm.com.hk (n220246006218.netvigator.com
15: [220.246.6.218])
16: 	by imsantv61.netvigator.com (8.14.3/8.14.3) with ESMTP ID: [ID filtered]
17: 	Tue, 5 Jan 2010 xx:xx:xx +0800
18: Received: from User ([59.154.25.30]) by mail.icm.com.hk with Microsoft
19: SMTPSVC(6.0.3790.3959);
20: 	 Tue, 5 Jan 2010 xx:xx:xx +0800

Muguphon: +2348137537045 ---> Nigeria

header:

01: Received: from servidor1.mittalriopreto.com.br (servidor1.ciadoaco.net
02: [189.20.219.154])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [41.217.65.4])
06: 	by servidor1.mittalriopreto.com.br (Postfix) with ESMTP ID: [ID filtered]
07: 	Mon,  4 Jan 2010 xx:xx:xx -0200 (BRST)

IP: 41.217.65.4 ---> ZOOM Mobile Nigeria Ltd.

- kjz

Und aus der anderen Wundertüte hätten wir noch:

header:

01: Received: from servidor1.mittalriopreto.com.br (servidor1.ciadoaco.net
02: [189.20.219.154])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from User (unknown [41.217.65.4])
06: 	by servidor1.mittalriopreto.com.br (Postfix) with ESMTP ID: [ID filtered]
07: 	Mon,  4 Jan 2010 xx:xx:xx -0200 (BRST)

IP: 41.217.65.4 ---> ZOOM Mobile Nigeria Ltd.

header:

01: Received: from mail.silverstonetek.com.tw (mail.silverstonetek.com.tw
02: [59.124.100.55])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from silverstonetek.com.tw (mail.silverstonetek.com.tw
06: [127.0.0.1])
07: 	by mail.silverstonetek.com.tw (Postfix) with ESMTP ID: [ID filtered]
08: 	Tue,  5 Jan 2010 xx:xx:xx +0800 (CST)

header:

01: Received: from mail.silverstonetek.com.tw (mail.silverstonetek.com.tw
02: [59.124.100.55])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from silverstonetek.com.tw (mail.silverstonetek.com.tw
06: [127.0.0.1])
07: 	by mail.silverstonetek.com.tw (Postfix) with ESMTP ID: [ID filtered]
08: 	Tue,  5 Jan 2010 xx:xx:xx +0800 (CST)

gecracktes Horde:

header:

01: Received: from smtpgate4.pacific.net.sg (smtpgate4.pacific.net.sg
02: [203.120.68.34])
03: 	by xxxxx (Postfix) with SMTP ID: [ID filtered]
04: 	for xxxxx; Mon,  4 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: (qmail 8934 invoked from network); 4 Jan 2010 xx:xx:xx -0000
06: Received: from wm4.pacific.net.sg (HELO localhost) (yuon [at] 203.120.90.134)
07:   by smtpgate4.pacific.net.sg with ESMTPA; 4 Jan 2010 xx:xx:xx -0000
08: Received: from 217.175.73.5 ([217.175.73.5]) by wm4.web.pacific.net.sg
09: 	(Horde MIME library) with HTTP; Tue, 05 Jan 2010 xx:xx:xx +0800

IP: 217.175.73.5 ---> Arqiva Communications Ltd., UK

- kjz

Die Mugu-Parade, Teil 1:

Spamcast-Zombie in Florida:

header:

01: Received: from mta03.eastlink.ca (smtpout.eastlink.ca [24.222.0.30])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Thu,  7 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from ip05.eastlink.ca ([unknown] [24.222.39.68])
05:  by mta03.eastlink.ca (Sun Java(tm) System Messaging Server 7.3-11.01 64bit
06:  (built Sep  1 2009)) with ESMTP id
07: <0KVW007SX7PI0020 [at] mta03.eastlink.ca>; Thu,
08:  07 Jan 2010 xx:xx:xx -0400 (AST)
09: Received: from me02.eastlink.ca (HELO eastlink.ca) ([24.224.136.25])
10:  by ip05.eastlink.ca with ESMTP; Thu, 07 Jan 2010 xx:xx:xx -0400
11: Received: from [76.18.8.63] by me02.eastlink.ca (mshttpd); Thu,
12:  07 Jan 2010 xx:xx:xx +0100

IP: 24.224.136.25 ---> c-76-18-8-63.hsd1.fl.comcast.net

die Amsterdam-Konnektion:

header:

01: Received: from vhost1.tyc.edu.tw (relay2.tyc.edu.tw [163.28.50.24])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sat,  9 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from User (d126141.upc-d.chello.nl [213.46.126.141])
05: 	by vhost1.tyc.edu.tw (Postfix) with ESMTP ID: [ID filtered]
06: 	Wed,  6 Jan 2010 xx:xx:xx +0800 (CST)

Muguphon: +31- 645 141 466 ---> Telfort B.V., NL

Mugufax: +31- 847 323 886 ---> J2 Global (Netherlands) B.V.

header:

01: Received: from universe.uohyd.ernet.in (EHLO universe1.uohyd.ernet.in)
02: [202.41.85.90]
03:   by mx0.gmx.net (mx013) with SMTP; 09 Jan 2010 xx:xx:xx +0100
04: X-IronPort-Anti-Spam-Filtered: true
05: X-IronPort-Anti-Spam-Result:
06: AtX/AHWTR0usEAEL/2dsb2JhbAAIQnSIWIUkCwEIijmBBIEqExCGBKYVCIp1giIFEQcIgWgE
07: Subject: [SPAM] URGENT REPLY  !!!!!!
08: X-IronPort-AV: E=Sophos;i="4.49,246,1262543400";
09:    d="scan'208";a="123765"
10: Received: from unknown (HELO node1.uohyd.ernet.in) ([172.16.1.11])
11:   by universe1.uohyd.ernet.in with ESMTP; 09 Jan 2010 xx:xx:xx +0530
12: MIME-version: 1.0
13: Content-transfer-encoding: 7BIT
14: Content-type: text/plain; CHARSET=US-ASCII
15: Received: from User ([unknown] [82.128.23.123])
16:  by node1.uohyd.ernet.in (Sun Java(tm) System Messaging Server 7.3-11.01
17: 64bit
18:  (built Sep  1 2009)) with ESMTPA id
19: <0KVY006D4PN5LPY0 [at] node1.uohyd.ernet.in>;
20:  Sat, 09 Jan 2010 xx:xx:xx +0530 (IST)

IP: 82.128.23.123 ---> Multilinks Telecommunications Limited, Nigeria

gecrackter Orange-Account via Spamadoo:

header:

01: Received: from smtp20.orange.fr (smtp20.orange.fr [80.12.242.26])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sat,  9 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from me-wanadoo.net (localhost [127.0.0.1])
05: 	by mwinf2028.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
06: 	Sat,  9 Jan 2010 xx:xx:xx +0100 (CET)
07: Received: from me-wanadoo.net (localhost [127.0.0.1])
08: 	by mwinf2028.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
09: 	Sat,  9 Jan 2010 xx:xx:xx +0100 (CET)
10: Received: from User (LRouen-151-72-19-84.w80-13.abo.wanadoo.fr
11: [80.13.178.84])
12: 	by mwinf2028.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
13: 	Sat,  9 Jan 2010 xx:xx:xx +0100 (CET)

header:

01: Received: from smtp20.orange.fr (smtp20.orange.fr [193.252.22.31])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: from me-wanadoo.net (localhost [127.0.0.1])
05: 	by mwinf2021.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
06: 	Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
07: Received: from me-wanadoo.net (localhost [127.0.0.1])
08: 	by mwinf2021.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
09: 	Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
10: Received: from User (LRouen-151-72-19-84.w80-13.abo.wanadoo.fr
11: [80.13.178.84])
12: 	by mwinf2021.orange.fr (SMTP Server) with ESMTP ID: [ID filtered]
13: 	Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)

hier hat man Horde bei der Uni Ulm gecrackt:

header:

01: Received: from mail.uni-ulm.de (mail.uni-ulm.de [134.60.1.11])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
06: Received: from poseidon.rz.uni-ulm.de (localhost [127.0.0.1])
07: 	by smtp.uni-ulm.de (8.14.3/8.14.2) with ESMTP ID: [ID filtered]
08: 	Sun, 10 Jan 2010 xx:xx:xx +0100 (MET)
09: Received: (from cyrus [at] localhost)
10: 	by poseidon.rz.uni-ulm.de (8.14.3/8.14.2/Submit) ID: [ID filtered]
11: 	Sun, 10 Jan 2010 xx:xx:xx +0100 (MET)
12: Received: from 41.138.180.15 ([41.138.180.15]) by imap.uni-ulm.de (Horde
13: 	MIME library) with HTTP; Sun, 10 Jan 2010 xx:xx:xx +0100

IP: 41.138.180.15 ---> Visafone Communications Limited, Nigeria

Muguphon: +2347032957777 ---> MTN Nigeria Communications Ltd.

über China-Zombie:

header:

01: Received: from dns.okumura.to (218-228-196-207.eonet.ne.jp
02: [218.228.196.207])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from localhost (localhost [127.0.0.1])
06: 	by dns.okumura.to (Postfix) with ESMTP ID: [ID filtered]
07: 	Mon, 11 Jan 2010 xx:xx:xx +0900 (JST)
08: X-Quarantine-ID: [ID filtered]
09: X-Virus-Scanned: amavisd-new at okumura.to
10: Received: from dns.okumura.to ([127.0.0.1])
11: 	by localhost (dns.okumura.to [127.0.0.1]) (amavisd-new, port 10024)
12: 	with ESMTP ID: [ID filtered]
13: Received: from User (unknown [218.25.59.156])
14: 	by dns.okumura.to (Postfix) with ESMTP ID: [ID filtered]
15: 	Mon, 11 Jan 2010 xx:xx:xx +0900 (JST)

IP: 218.25.59.156 ---> China Unicom Liaoning

header:

01: Received: from ns11.wistee.fr (dns-ns11.wistee.fr [94.124.84.11])
02: 	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
03: 	(No client certificate requested)
04: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
05: 	for xxxxx; Sun, 10 Jan 2010 xx:xx:xx +0100 (CET)
06: Received: from vfbb233239.4u.com.gh ([41.218.233.239] helo=User)
07: 	by ns11.wistee.fr with esmtpa (Exim 4.67)
08: 	(envelope-from <imfor_555 [at] sify.com>)
09: 	ID: [ID filtered]

- kjz

Die Mugu-Parade, Teil 2:

header:

01: Received: from mail1.rbj.com (EHLO mail.rbj.com) [65.60.124.151]
02:   by mx0.gmx.net (mx079) with SMTP; 07 Jan 2010 xx:xx:xx +0100
03: Received: from User ([66.197.202.107] RDNS failed) by mail.rbj.com with
04: Microsoft SMTPSVC(6.0.3790.3959);
05: 	 Thu, 7 Jan 2010 xx:xx:xx -0800

IP: 66.197.202.107 ---> 66-197-202-107.hostnoc.net

header:

01: Received: from hartronserver.hartron.cc (hartronserver.hartron.cc
02: [203.92.44.78])
03: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
04: 	for xxxxx; Thu,  7 Jan 2010 xx:xx:xx +0100 (CET)
05: Received: from localhost (unknown [127.0.0.1])
06: 	by hartronserver.hartron.cc (Postfix) with ESMTP ID: [ID filtered]
07: 	Thu,  7 Jan 2010 xx:xx:xx +0000 (UTC)
08: Received: from hartronserver.hartron.cc ([127.0.0.1])
09:  by localhost (hartronserver.hartron.cc [127.0.0.1]) (amavisd-new, port
10: 10024)
11:  with ESMTP ID: [ID filtered]
12: Received: from User (unknown [82.128.81.242])
13: 	by hartronserver.hartron.cc (Postfix) with ESMTP ID: [ID filtered]
14: 	Fri,  8 Jan 2010 xx:xx:xx +0530 (IST)

IP: 82.128.81.242 ---> Multilinks Telecommunications Limited, Nigeria

Tja, würde jemand mal bei Multilinks den Stecker ziehen, hätte sich die Hälfte allen Mugu-Spams schlagartig erledigt.... Mal wieder ein Beweis für meine Signatur.

header:

01: Received: from mail4.onnetsecure.net (unknown [207.154.30.253])
02: 	by xxxxx (Postfix) with ESMTP ID: [ID filtered]
03: 	for xxxxx; Thu,  7 Jan 2010 xx:xx:xx +0100 (CET)
04: Received: (qmail 30802 invoked by UID: [UID filtered]
05: Received: from unknown (HELO User) (bcordell [at] cordellcom.com@82.128.70.145)
06:   by mail4.onnetsecure.net with ESMTPAM; 7 Jan 2010 xx:xx:xx -0500
07: X-Originating-IP: 82.128.70.145

IP: 82.128.70.145 ---> Multilinks Telecommunications Limited, Nigeria

- kjz

40 Beiträge dieses Themas auf einer Seite anzeigen