Uas der Serie 'Mugu der Woche':
header:
01: Received: from federal.interfacehosting.com (EHLO
02: federal.interfacehosting.com) [74.200.216.162]
03: by mx0.gmx.net (mx068) with SMTP; 08 Oct 2012 xx:xx:xx +0200
04: Received: from [216.161.162.34] (port=49702 helo=gary)
05: by federal.interfacehosting.com with esmtpa (Exim 4.77)
06: (envelope-from <info.tim [at] msn.com>)
07: ID: [ID filtered]
header:
01: Received: from federal.interfacehosting.com (EHLO
02: federal.interfacehosting.com) [74.200.216.162]
03: by mx0.gmx.net (mx005) with SMTP; 08 Oct 2012 xx:xx:xx +0200
04: Received: from [216.161.162.34] (port=49702 helo=gary)
05: by federal.interfacehosting.com with esmtpa (Exim 4.77)
06: (envelope-from <info.tim [at] msn.com>)
07: ID: [ID filtered]
IP: 216.161.162.34 ---> Qwest Communications
Muguphon: +44 2828290063 ---> FleXtel Limited, UK
per brute force:
header:
01: Received: from wchdc1.willowick.local (226.131.106.207.in-addr.arpa
02: [207.106.131.226])
03: by mx.kundenserver.de (node=mxeu5) with ESMTP (Nemesis)
04: ID: [ID filtered]
05: xx:xx:xx +0200
06: Received: from User ([211.44.250.208]) by wchdc1.willowick.local with
07: Microsoft SMTPSVC(6.0.3790.4675);
08: Tue, 9 Oct 2012 xx:xx:xx -0400
header:
01: Received: from 226.131.106.207.in-addr.arpa (EHLO
02: wchdc1.willowick.local) [207.106.131.226]
03: by mx0.gmx.net (mx003) with SMTP; 10 Oct 2012 xx:xx:xx +0200
04: Received: from User ([211.44.250.208]) by wchdc1.willowick.local with
05: Microsoft SMTPSVC(6.0.3790.4675);
06: Tue, 9 Oct 2012 xx:xx:xx -0400
header:
01: Received: from 226.131.106.207.in-addr.arpa (EHLO
02: wchdc1.willowick.local) [207.106.131.226]
03: by mx0.gmx.net (mx006) with SMTP; 10 Oct 2012 xx:xx:xx +0200
04: Received: from User ([211.44.250.208]) by wchdc1.willowick.local with
05: Microsoft SMTPSVC(6.0.3790.4675);
06: Tue, 9 Oct 2012 xx:xx:xx -0400
IP: 211.44.250.208 ---> SK Broadband Co Ltd., Korea
auch GMail ist evil:
header:
01: Received: from mail-yh0-f67.google.com (mail-yh0-f67.google.com
02: [209.85.213.67])
03: (using TLSv1 with cipher RC4-SHA (128/128 bits))
04: (No client certificate requested)
05: by xxxxx (Postfix) with ESMTPS ID: [ID filtered]
06: for xxxxx; Wed, 10 Oct 2012 xx:xx:xx +0200 (CEST)
07: Received: by mail-yh0-f67.google.com with SMTP ID: [ID filtered]
08: for xxxxx; Wed, 10 Oct 2012 xx:xx:xx -0700 (PDT)
09: Received: by 10.236.131.69 with SMTP ID: [ID filtered]
10: Wed, 10 Oct 2012 xx:xx:xx -0700 (PDT)
11: Received: by 10.146.104.19 with HTTP; Wed, 10 Oct 2012 xx:xx:xx -0700 (PDT)
der Yahoo/ATT-Mugu:
header:
01: Received: from [216.172.135.20] by web185006.mail.gq1.yahoo.com via
02: HTTP; Thu, 11 Oct 2012 xx:xx:xx PDT
header:
01: Received: from [216.172.135.20] by web185005.mail.gq1.yahoo.com via
02: HTTP; Thu, 11 Oct 2012 xx:xx:xx PDT
IP: 216.172.135.20 ---> egihosting.com
header:
01: Received: from lucky.cirtexhosting.com (EHLO lucky.cirtexhosting.com)
02: [67.159.44.86]
03: by mx0.gmx.net (mx078) with SMTP; 12 Oct 2012 xx:xx:xx +0200
04: Received: from [41.211.194.140] (port=20287 helo=User)
05: by lucky.cirtexhosting.com with esmtpa (Exim 4.80)
06: (envelope-from <speeddelivery1 [at] inmail.sk>)
07: ID: [ID filtered]
IP: 41.211.194.140 ---> 140.194.211.41.client1.directonpc.net, Nigeria