Spam von/from blocksignal.de?

Seit September 2003 wurde meine Domain blocksignal.de mehr­fach als Ab­sen­der von Spam/UCE (un­ver­lang­te kom­mer­ziel­le Mail) miß­braucht. Ich bin nicht Ab­sen­der die­ser Mails, die Ver­sen­der ha­ben die Ab­sen­de­adres­sen ge­fälscht, sie exi­stie­ren nicht! Der Ser­ver, auf dem mei­ne Sei­te ge­ho­stet wird, wur­de da­bei auch nicht als Re­lay miß­braucht, was je­der mit et­was Kennt­nis der Ab­läu­fe un­schwer an­hand der IP-Adres­sen fest­stel­len kann. Un­ten ein Aus­schnitt aus ei­ner Mail, die ein AOL-Ser­ver we­gen un­gül­ti­ger Em­pfän­ger­adres­sen an mich „zu­rück“ ge­schickt hat. Da­rin kann man se­hen, wo die ori­gi­na­le Mail ein­ge­lie­fert wurde, als was sich der Sen­der aus­ge­ge­ben hat und wel­che Domain tat­säch­lich (kann auch ge­fälscht sein) zur IP-Num­mer des Ab­sen­ders re­gi­striert ist. Die ori­gi­na­le Mail wur­de an eine grö­ße­re An­zahl Em­pfän­ger ver­schickt, von de­nen zwei Adres­sen nicht exi­stie­ren und zwei an­de­re die Mails von die­sem Ab­sen­der – also von „mir“ – nicht mehr ak­zep­tie­ren. Letz­te­res kann eben dar­an lie­gen, daß schon ein­mal der­ar­ti­ger Spam dort an­kam. Gül­ti­ge Adres­sen habe ich durch <------@aol.com> un­kennt­lich ge­macht, ge­lösch­te Ab­schnit­te mit [...] ge­kenn­zeich­net.

My domain blocksignal.de was abused several times since september 2003 as a sender of spam (UCE). I am not sender of this spam, the real senders falsify the from addresses. These does not exist! The server, hostet my page is not abused as relay for this spam, which can examine everyone with something knowledge easily with the IP numbers. To example see this mail, which became sent "back" to me because of invalid address. You can see where the original mail was supplied in, as the computer of the sender called itself and which domain (that can be also falsified) to senders IP number is registered. The original mail was sent away to a larger number of receivers, of these two addresses do not exist and two other do not accept mails of this sender – of "me" – to no more. That can be evenly because of the fact that already once such spam arrived there. I have made valid addresses unrecognizable with <------@aol.com>, deleted parts marked by [...]. 


[...]
X-Envelope-To: <leiladexwvcustvjy@blocksignal.de>
Received: from mail.blocksignal.de [62.67.218.26]
by localhost with POP3 (fetchmail-6.2.1)
for steffen@localhost (single-drop); Mon, 15 Mar 2004 15:50:20 +0100 (CET)
Received: from omr-m10.mx.aol.com (omr-m10.mx.aol.com [64.12.138.22])
by can12.de (8.12.10/8.11.6) with ESMTP id [...]
for <leiladexwvcustvjy@blocksignal.de>; Mon, 15 Mar 2004 02:30:48 +0100
Received: from  str-d04.mail.aol.com (str-d04.mail.aol.com [172.18.149.4])
by omr-m10.mx.aol.com (v97.10) with ESMTP id RELAYIN6-7405507453a6;
Sun, 14 Mar 2004 20:30:45 -0500
Received: from localhost (localhost)
by str-d04.mail.aol.com (8.8.8/8.8.8/AOL-5.0.0)
with internal id UAJ29692;
Sun, 14 Mar 2004 20:30:45 -0500 (EST)
Date: Sun, 14 Mar 2004 20:30:45 -0500 (EST)
From: Mail Delivery Subsystem <MAILER-DAEMON@aol.com>
Message-Id: <200403150130.UAJ29692@str-d04.mail.aol.com>
To: <Leiladexwvcustvjy@blocksignal.de>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="UAJ29692.1079314245/str-d04.mail.aol.com"
Subject: Returned mail: User unknown
Auto-Submitted: auto-generated (failure)
X-AOL-IP: 172.18.149.4
X-UIDL: j20"!60U"!8:_!!/b*#!
X-Mozilla-Status: 8001
X-Mozilla-Status2: 00000000

This is a MIME-encapsulated message

--UAJ29692.1079314245/str-d04.mail.aol.com

The original message was received at Sun, 14 Mar 2004 20:20:45 -0500 (EST)
from rly-yh05.mail.aol.com [172.18.180.69]


*** ATTENTION ***

Your e-mail is being returned to you because there was a problem with its
delivery.  The address which was undeliverable is listed in the section
labeled: "----- The following addresses had permanent fatal errors -----".

The reason your mail is being returned to you is listed in the section
labeled: "----- Transcript of Session Follows -----".

The line beginning with "<<<" describes the specific reason your e-mail could
not be delivered.  The next line contains a second error message which is a
general translation for other e-mail servers.

Please direct further questions regarding this message to your e-mail
administrator.

--AOL Postmaster



----- The following addresses had permanent fatal errors -----
<gorddygecko@aol.com>
<------@aol.com>
<goofyhr@aol.com>
<------@aol.com>

----- Transcript of session follows -----
... while talking to airmail-03.mail.aol.com.:
>>> RCPT To:<------@aol.com>
<<< 550 goofnstinker IS NOT ACCEPTING MAIL FROM THIS SENDER
550 <------@aol.com>... User unknown
>>> RCPT To:<goofyhr@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <goofyhr@aol.com>... User unknown
>>> RCPT To:<------@aol.com>
<<< 550 goony12 IS NOT ACCEPTING MAIL FROM THIS SENDER
550 <------@aol.com>... User unknown
>>> RCPT To:<gorddygecko@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <gorddygecko@aol.com>... User unknown

--UAJ29692.1079314245/str-d04.mail.aol.com
Content-Type: message/delivery-status

Reporting-MTA: dns; str-d04.mail.aol.com
Arrival-Date: Sun, 14 Mar 2004 20:20:45 -0500 (EST)

Final-Recipient: RFC822; gorddygecko@aol.com
Action: failed
Status: 5.1.1
Remote-MTA: DNS; airmail-03.mail.aol.com
Diagnostic-Code: SMTP; 550 MAILBOX NOT FOUND
Last-Attempt-Date: Sun, 14 Mar 2004 20:30:43 -0500 (EST)

[...]

--UAJ29692.1079314245/str-d04.mail.aol.com
Content-Type: text/rfc822-headers

Received: from  rly-yh05.mx.aol.com (rly-yh05.mail.aol.com [172.18.180.69])
by str-d04.mail.aol.com (v92.16) with ESMTP id RELAYIN6-7405504ed3d4;
Sun, 14 Mar 2004 20:20:45 1900
Received: from  vivvpj (cable243a181.usuarios.retecal.es [212.183.243.181])
by rly-yh05.mx.aol.com (v98.5) with ESMTP id MAILRELAYINYH52-2c84055043120b;
Sun, 14 Mar 2004 20:20:08 -0500
To: "Windy Ttisupport" <------@aol.com>,
"Nenita Spannbauer" <------@aol.com>,
"Yulanda Tapp" <------@aol.com>,
"Tami O'Kelly" <------@aol.com>,
"Ronda Senyildiz" <------@aol.com>,
"Danika Giamatteo" <goofyhr@aol.com>,
"Lavern Dunningham" <------@aol.com>,
"Verlie Truesdale" <------@aol.com>,
"Ronnie Mccauley" <------@aol.com>,
"Nanci Farren" <------@aol.com>,
"Magda Minthorne" <------@aol.com>,
"Amira Pewitt" <------@aol.com>,
"Charlott Highet" <------@aol.com>, "Brittni Myer" <------@aol.com>,
"Julissa Chamsi" <------@aol.com>,
"Lena Balanger" <------@aol.com>,
"Shaunda Balkenhol" <gorddygecko@aol.com>,
"Lona Hacker" <------@aol.com>,
"Keeley Bartkowska" <------@aol.com>,
"Louella Bilanski" <------@aol.com>
From: Valrie <Leiladexwvcustvjy@blocksignal.de>
Reply-To: <Leiladexwvcustvjy@blocksignal.de>
Subject: Stocks with littl3 risk in 04
Date: Mon, 15 Mar 2004 01:22:48 -0500
Message-Id: <tgsjygktuixnf@blocksignal.de>
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="bsougbwscunfs_1079331797"
X-AOL-IP: 212.183.243.181
X-AOL-SCOLL-SCORE: 0:XXX:XX
X-AOL-SCOLL-URL_COUNT: 0
X-AOL-SDI: PROFILE

--UAJ29692.1079314245/str-d04.mail.aol.com--

Mehr zum Thema Spam / More

Letzte Änderung am 20.3.2004
© Steffen Buhr