shredder01
New Member
Hallo,
ich bekomme zur Zeit bei 2 E-Mail-Postfächern auf meinem Server massenhaft "Rückläufer" also Mail-delivery-failed-Messages von Empfängern an die nie etwas versand wurde.
Anhand der Mailheader bin ich der Meinung, dass mein Server da nichts versendet, sondern jemand "nur" unter falscher Flagge Mail verstreut.
Aber ich würde gerne noch eure Meinung dazu wissen, da ich sowas bisher auch noch nicht hatte.
Hier mal 3 Beispiele:
Sehe ich das richtig? Kann man dagegen was machen (wahrscheinlich nicht, wie ich das so aus ähnlichen Beiträgen hier im Forum herauslese)?
Danke.
ich bekomme zur Zeit bei 2 E-Mail-Postfächern auf meinem Server massenhaft "Rückläufer" also Mail-delivery-failed-Messages von Empfängern an die nie etwas versand wurde.
Anhand der Mailheader bin ich der Meinung, dass mein Server da nichts versendet, sondern jemand "nur" unter falscher Flagge Mail verstreut.
Aber ich würde gerne noch eure Meinung dazu wissen, da ich sowas bisher auch noch nicht hatte.
Hier mal 3 Beispiele:
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
h2167385.stratoserver.net
X-Spam-Level: *
X-Spam-Status: No, score=1.0 required=7.0 tests=FUZZY_SAVINGS autolearn=no
version=3.3.2
X-Original-To: jessica.mustermann@meine-domain.de
Delivered-To: jessica.mustermann@meine-domain.de
X-No-Auth: unauthenticated sender
X-No-Relay: not in my network
Received: from largo.anyservers.com (largo.anyservers.com [75.126.152.226])
by h2167385.stratoserver.net (Postfix) with ESMTPS id 6CC61DC0D41
for <jessica.mustermann@meine-domain.de>; Wed, 1 Oct 2014 17:03:42 +0200 (CEST)
Received: from mailnull by largo.anyservers.com with local (Exim 4.82)
id 1XZLRM-000tc9-Ue
for jessica.mustermann@meine-domain.de; Wed, 01 Oct 2014 10:03:40 -0500
X-Failed-Recipients: e.mehlin@online.de,
e.mehlis@gmx.de,
e.mehmedovic96@web.de,
e.mehmedovik96@web.de,
e.mehnert.1051122qmd013@pebby.de,
e.mehren-illigens@gmx.de,
e.mehrgardt.10508039011@mamail.de,
e.mehrwert@t-online.de,
e.meidke@mms-die-agentur.de,
e.meidl@yahoo.de
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@largo.anyservers.com>
To: jessica.mustermann@meine-domain.de
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1XZLRM-000tc9-Ue@largo.anyservers.com>
Date: Wed, 01 Oct 2014 10:03:40 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - largo.anyservers.com
X-AntiAbuse: Original Domain - pflegedienst-oracura.de
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: largo.anyservers.com: none
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
e.mehlin@online.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehlis@gmx.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehmedovic96@web.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehmedovik96@web.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehnert.1051122qmd013@pebby.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehren-illigens@gmx.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehrgardt.10508039011@mamail.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.mehrwert@t-online.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.meidke@mms-die-agentur.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
e.meidl@yahoo.de
Domain crownplazalahore.com has exceeded the max emails per hour (63/50 (126%)) allowed. Message discarded.
------ This is a copy of the message, including all the headers. ------
------ The body of the message is 117112 characters long; only the first
------ 106496 or so are included here.
Return-path: <jessica.mustermann@meine-domain.de>
Received: from [78.6.97.234] (port=54219 helo=fxgxgrpxscxsrp)
by largo.anyservers.com with esmtpa (Exim 4.82)
(envelope-from <jessica.mustermann@meine-domain.de>)
id 1XZLRH-000sZe-FQ; Wed, 01 Oct 2014 10:03:40 -0500
Message-ID: <BFBA0C5F5480AC9F43460FB5116CE7D6@dlpjxea>
From: "Isabelle" <jessica.mustermann@meine-domain.de>
To: <e.mehlin@online.de>,
<e.mehlis@gmx.de>,
<e.mehmedovic96@web.de>,
<e.mehmedovik96@web.de>,
<e.mehnert.1051122qmd013@pebby.de>,
<e.mehren-illigens@gmx.de>,
<e.mehrgardt.10508039011@mamail.de>,
<e.mehrwert@t-online.de>,
<e.meidke@mms-die-agentur.de>,
<e.meidl@yahoo.de>
Subject: Foto
Date: Wed, 1 Oct 2014 19:01:12 +0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_1733_01CFDDAA.11527870"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
h2167385.stratoserver.net
X-Spam-Level: *
X-Spam-Status: No, score=1.7 required=7.0 tests=RCVD_IN_BL_SPAMCOP_NET,
URI_NOVOWEL autolearn=no version=3.3.2
X-Original-To: jessica.mustermann@meine-domain.de
Delivered-To: jessica.mustermann@meine-domain.de
X-No-Auth: unauthenticated sender
X-No-Relay: not in my network
Received: from vsmtpvtin3.tin.it (vsmtpvtin3.tin.it [212.216.176.241])
by h2167385.stratoserver.net (Postfix) with ESMTP id 45E5CDC0D4A
for <jessica.mustermann@meine-domain.de>; Wed, 1 Oct 2014 17:04:25 +0200 (CEST)
Received: by vsmtpvtin3.tin.it (8.6.060.43) id 5412F8E800B73B66 for jessica.mustermann@meine-domain.de; Wed, 1 Oct 2014 17:04:25 +0200
From: Mail Delivery Service <postmaster@tin.it>
Subject: Delivery Status Notification
To: jessica.mustermann@meine-domain.de
Date: Wed, 1 Oct 2014 17:04:25 +0200
Message-ID: <5412F8E800B73B58@vsmtpvtin3.tin.it>
X-CP-Transaction-ID: 5412F8E800B6AB4B
X-CP-For: dixit@web.de
MIME-Version: 1.0
Content-Type: Multipart/Report; report-type=delivery-status; boundary="========/5412F8E800B6AB4B/vsmtpvtin3.tin.it"
X-Antispam: clean, score=30
X-Antivirus: avast! (VPS 141001-0, 01.10.2014), Inbound message
X-Antivirus-Status: Clean
This multi-part MIME message contains a Delivery Status Notification.
If you can see this text, your mail client may not be able to understand MIME
formatted messages or DSNs (see RFC 2045 through 2049 for general MIME
information and RFC 1891 through 1894 for DSN specific information).
--========/5412F8E800B6AB4B/vsmtpvtin3.tin.it
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
- These recipients of your message have been processed by the mail server:
dixitwfdo@furthmueller.de; Failed; 4.4.7 (delivery time expired)
dixitnn@web.de; Failed; 4.4.7 (delivery time expired)
dixit@web.de; Failed; 4.4.7 (delivery time expired)
--========/5412F8E800B6AB4B/vsmtpvtin3.tin.it
Content-Type: Message/Delivery-Status
Reporting-MTA: dns; vsmtpvtin3.tin.it
Received-from-MTA: dns; jgvmxzuvm (94.89.221.100)
Arrival-Date: Wed, 1 Oct 2014 16:04:10 +0200
Final-Recipient: rfc822; dixitwfdo@furthmueller.de
Action: Failed
Status: 4.4.7 (delivery time expired)
Final-Recipient: rfc822; dixitnn@web.de
Action: Failed
Status: 4.4.7 (delivery time expired)
Final-Recipient: rfc822; dixit@web.de
Action: Failed
Status: 4.4.7 (delivery time expired)
--========/5412F8E800B6AB4B/vsmtpvtin3.tin.it
Content-Type: Text/RFC822-headers
Return-Path: <jessica.mustermann@meine-domain.de>
Received: from jgvmxzuvm (94.89.221.100) by vsmtpvtin3.tin.it (8.6.060.43) (authenticated as bruno.osio@tin.it)
id 5412F8E800B6AB4B; Wed, 1 Oct 2014 16:04:10 +0200
Message-ID: <1217A1F2F92D0132EEEBA218BCD9510A@yelt>
From: "Paula" <jessica.mustermann@meine-domain.de>
To: <dixiu@guy.de>,
<dixitycyz@verlag-kern.de>,
<dixitwfdo@furthmueller.de>,
<dixitthc@gburek.de>,
<dixitnn@web.de>,
<dixitnn@tzv.fal.de>,
<dixitkcf@freimannapotheke.de>,
<dixithvd@russian-hiphop.de>,
<dixit@web.de>,
<dixit@spenerhaus.de>
Subject: Foto
Date: Wed, 1 Oct 2014 18:01:47 +0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_021C_01CFDDA1.C44EDE90"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 14.0.8117.416
X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8117.416
Return-Path: <MAILER-DAEMON>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
h2167385.stratoserver.net
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=7.0 tests=HTML_MESSAGE autolearn=ham
version=3.3.2
X-Original-To: jessica.mustermann@meine-domain.de
Delivered-To: jessica.mustermann@meine-domain.de
X-No-Auth: unauthenticated sender
X-No-Relay: not in my network
Received: from mail.aviahajek.cz (mail.aviahajek.cz [213.108.160.81])
by h2167385.stratoserver.net (Postfix) with ESMTP id C3B32DC100A
for <jessica.mustermann@meine-domain.de>; Wed, 1 Oct 2014 17:49:56 +0200 (CEST)
From: postmaster@ivecohajek.cz
To: jessica.mustermann@meine-domain.de
Date: Wed, 1 Oct 2014 17:50:34 +0200
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_01CFD357A6B043BE0000BB14mail.aviahajek.c"
X-DSNContext: 7ce717b1 - 1194 - 00000002 - 00000000
Message-ID: <hfhOeG1vz000058cb@mail.aviahajek.cz>
Subject: *** VIRUS ***Delivery Status Notification (Failure)
X-Antispam: spam, score=90
X-Antivirus: avast! (VPS 141001-0, 01.10.2014), Inbound message
X-Antivirus-Status: Infected
X-Attachment: PartNo_2#3102729419|>photo.zip#3742644433|>photo.scr Virus: Win32:Malware-gen Deleted
This is a MIME-formatted message.
Portions of this message may be unreadable without a MIME-capable mail program.
--9B095B5ADSN=_01CFD357A6B043BE0000BB14mail.aviahajek.c
Content-Type: text/plain; charset=unicode-1-1-utf-7
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
frank.liesner@arcor.de
--9B095B5ADSN=_01CFD357A6B043BE0000BB14mail.aviahajek.c
Content-Type: message/delivery-status
Reporting-MTA: dns;mail.aviahajek.cz
Received-From-MTA: dns;fdftc
Arrival-Date: Wed, 1 Oct 2014 17:50:32 +0200
Final-Recipient: rfc822;frank.liesner@arcor.de
Action: failed
Status: 5.7.1
Diagnostic-Code: smtp;554 5.7.1 Service unavailable; Client host [213.108.160.81] blocked using ix.dnsbl.manitu.net; Your e-mail service was detected by mx.selfip.biz (NiX Spam) as spamming at Wed, 01 Oct 2014 15:59:15 +0200. Your admin should visit http://www.dnsbl.manitu.net/lookup.php?value=213.108.160.81
--9B095B5ADSN=_01CFD357A6B043BE0000BB14mail.aviahajek.c
Content-Type: message/rfc822
Received: from fdftc ([95.89.39.184]) by mail.aviahajek.cz with Microsoft SMTPSVC(6.0.3790.4675);
Wed, 1 Oct 2014 17:50:32 +0200
Message-ID: <4B4EF8ABA074586BB7B2FB41E5FDA41B@lyxun>
From: "Victoria" <jessica.mustermann@meine-domain.de>
To: <frank.liersch@cancom.de>,
<frank.lierz@hegele.de>,
<frank.lies@t-online.de>,
<frank.lieschewski@w.tomson.de>,
<frank.lieschewski@wtomson.de>,
<frank.liesen@gmx.de>,
<frank.liesen@web.de>,
<frank.liesner@arcor.de>,
<frank.liess@gag-ludwigshafen.de>,
<frank.lif@t-online.de>
Subject: Foto
Date: Wed, 1 Oct 2014 19:47:32 +0400
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_1569_01CFDDB0.8A6214E0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail 15.4.3538.513
X-MimeOLE: Produced By Microsoft MimeOLE V15.4.3538.513
Return-Path: jessica.mustermann@meine-domain.de
X-OriginalArrivalTime: 01 Oct 2014 15:50:33.0183 (UTC) FILETIME=[6F2596F0:01CFDD8F]
Sehe ich das richtig? Kann man dagegen was machen (wahrscheinlich nicht, wie ich das so aus ähnlichen Beiträgen hier im Forum herauslese)?
Danke.
