Re: Attention Mukade
Michael Cash wrote:
> On Tue, 15 Jun 2004 23:56:53 +0900, Rodney Webster
> <rgw_news001@knot.mine.nu> brought down from the Mount tablets
> inscribed:
>
>
>>In article <p5htc05n1elp1qq4a5ogmos2msegr4ko5f@4ax.com>,
>>Michael Cash <buggeroff@fake.com> wrote:
>>
>>
>>>Stop sending me viruses already, would you please? Three is more than
>>>enough. Thanks.
>>
>>Nowadays viruses usually get email addresses of the computer they
>>infect, and then send email to one with the headers forged so that it
>>looks like the message came from one of the other email addresses found.
>>
>>So it is more than likely that a third person, who has both your and
>>Mukade's email on their computer, is the person infected.
>>
>>If you send me the full headers from the email you received I can try
>>and work out whose computer it is really from.
>
>
> Return-Path: <mukade@gaijin.co.jp>
> Delivered-To: mikecash@sunfield.ne.jp
> Received: (qmail 21714 invoked from network); 15 Jun 2004 05:37:46
> +0900
> Received: from dsl-213-023-204-226.arcor-ip.net (HELO telecafe01.com)
> (213.23.204.226)
> by s-field2.sunfield.ne.jp with SMTP; 15 Jun 2004 05:37:46 +0900
> Date: Mon, 14 Jun 2004 22:52:58 +0100
> To: "Mikecash" <mikecash@sunfield.ne.jp>
> From: "Mukade" <mukade@gaijin.co.jp>
> Subject: Encrypted document
> Message-ID: <slhfxskzarxgkvatzrc@sunfield.ne.jp>
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="--------rbggtqnmowytbfwhxkox"
>
It's a German DSL line: complain to abuse(a)arcor.ip.de. You should also
have a talk with Sunfield. It looks like a dynamically assigned DSL line
to me, and Sunfield shouldn't be accepting mail directly from such
mailservers. 99% of them are viral payloads.
KWW
(details follow)
inetnum: 213.23.192.0 - 213.23.223.255
netname: ARCOR-DSL-NET4
descr: Arcor AG & Co
descr: Alfred-Herrhausen-Allee 1
descr: D-65760 Eschborn
descr: Germany
country: DE
admin-c: ANOC1-RIPE
tech-c: ANOC1-RIPE
status: ASSIGNED PA
notify: ip-registry(a)arcor.net
mnt-by: ARCOR-MNT
changed: ip-registry(a)arcor.net 20030623
source: RIPE
route: 213.23.128.0/17
descr: Mannesmann Arcor Telecommunications AG & Co
descr: Germany
origin: AS3209
notify: ip-registry(a)arcor.net
mnt-by: ARCOR-MNT
changed: ip-registry(a)arcor.net 20030509
source: RIPE
role: Mannesmann Arcor Network Operation Center
address: Arcor AG & Co.KG
address: Department TBN
address: Otto-Volger-Str. 19
address: D-65843 Sulzbach/Ts.
address: Germany
phone: +49 6196 523 0864
e-mail: noc(a)adm.arcor.net
trouble: Security issues mailto:abuse(a)arcor-ip.de
trouble: Information http://www.arcor.net
trouble: Peering contact mailto:peering(a)adm.arcor.net
trouble: Operational issues mailto:noc(a)adm.arcor.net
trouble: Address assignment mailto:ip-registry(a)arcor.net
admin-c: PN667-RIPE
admin-c: SM9000-RIPE
admin-c: JS19072-RIPE
admin-c: DH6636-RIPE
admin-c: AR9338-RIPE
admin-c: TK11590-RIPE
admin-c: RH12597-RIPE
admin-c: MW877-RIPE
tech-c: NH15-RIPE
nic-hdl: ANOC1-RIPE
notify: ip-registry(a)arcor.net
mnt-by: ARCOR-MNT
changed: ip-registry(a)arcor.net 20011213
changed: ip-registry(a)arcor.net 20020926
changed: ip-registry(a)arcor.net 20030620
changed: ip-registry(a)arcor.net 20031223
changed: ip-registry(a)arcor.net 20040504
source: RIPE
Fnews-brouse 1.9(20180406) -- by Mizuno, MWE <mwe@ccsf.jp>
GnuPG Key ID = ECC8A735
GnuPG Key fingerprint = 9BE6 B9E9 55A5 A499 CD51 946E 9BDC 7870 ECC8 A735