Habe eine merkwürdige Rückmeldung vom Mailserver erhalten... Trojaner an Bord?

  • #1
B

bluedan

Mitglied
Themenersteller
Dabei seit
21.06.2002
Beiträge
7
Reaktionspunkte
0
Hallo,

folgendes hat sich zugetragen.
Via ebay stand ich im email Kontakt mit einem Käufer. Er schickte mir eine email, die von seinem MeinEbay aus geschrieben wurde. D.h. ich erhielt eine typische HTML mail mit typischem ebay layout. Ich habe daraufhin den reply button meines email clients (opera) betätigt und somit direkt an ihn zurückgeschrieben (nicht über das ebay webinterface).
Kurz darauf erhielt ich eine failure notice email des mailservers, er könne diverse Adressen nicht erreichen, die allesamt danach aussehen, als habe sich jemand dazwischen geklinkt: teilweise unvollständig und alles Unbekannte.

Ich habe mir in Opera dann mal den kompletten header seiner und meiner mail anzeigen lassen, habe aber nicht auffälliges gefunden. Ein anschließender scan der HD mit NOD32 und Spybot brachte nichts zutage.
Wie kann sowas angehen? Kann mir das jemand erklären? Was muß ich tun?

Unten findet Ihr die mail als Archiv, bitte nicht damit aasen ;)

Danke, Gruß, bluedan (aka Joachim)

PS: kennyontopätcompuserve bin ich

OS WinXP pro 64bit, Browser Opera


Code: 
Return-Path: <>
Received: from lnxc-640.srv.mediaways.net ([62.52.27.42]) by
     mail-store-03.cso.mediaways.net (Netscape Messaging Server 4.15)
     with SMTP id JM74AB00.K1Q for <kennyontop500ätcompuserve.de>;
     Fri, 3 Aug 2007 13:37:23 +0200 
Delivered-To: ätlnxc-640.srv.mediaways.net:kennyontop500ätcompuserve.de
Received: (qmail 25067 invoked for bounce); 3 Aug 2007 11:37:23 -0000
Date: 3 Aug 2007 11:37:23 -0000
From: MAILER-DAEMONätlnxc-640.srv.mediaways.net
To: kennyontop500ätcompuserve.de
Subject: failure notice

Hi. This is the qmail-send program at lnxc-640.srv.mediaways.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<EVRLIYJUANätHOLMAIT.COM>:
Sorry, I couldn't find a mail exchanger or IP address. (#5.4.4)

<EMD122302ätaol.com>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ENGLISHBRASSätAOL.COM>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EMRUNNER55ätAOL.COM>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ESREYCOMätAOL.COM>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ENCOURAGEDHEARTätAOL.COM>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ETIETAätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EVW58ätAOL.COM>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EXOTICDANCERS661ätAOL.COM>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EZCoyoteätaol.com>:
Connected to 64.12.137.89 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EZchipätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ElderAssistantätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Electradonätaol.com>:
Connected to 64.12.137.89 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ELCRUEL_TUPAPIätYAHOO.COM>:
206.190.53.191 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (elcruel_tupapiätyahoo.com) [-5] - mta163.mail.re2.yahoo.com

<ELPOD3R_MALDONADOätHOTMAIL.COM>:
65.54.244.168 does not like recipient.
Remote host said: 550 Requested action not taken: mailbox unavailable
Giving up on 65.54.244.168.

<ELPAPICHULO_MIKIäthotmail.com>:
65.54.244.168 does not like recipient.
Remote host said: 550 Requested action not taken: mailbox unavailable
Giving up on 65.54.244.168.

<Elizaj1369ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ESTRE1998ätHOTMAIL.COM>:
65.54.245.72 does not like recipient.
Remote host said: 550 Requested action not taken: mailbox unavailable
Giving up on 65.54.245.72.

<ElectricVoodoo1ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Elksyouthsoccerätaol.com>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Elou62ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Elsiejasmin7ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EMMETTCSYKESätAOL.COM>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EOM1012ätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EMILEEKYLEätAOL.COM>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EmbroideryEmpätaol.com>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EldonShireyätmicro-loco-motion.com>:
Connected to 205.178.149.7 but sender was rejected.
Remote host said: 553 5.1.8 <abacofishslätabacofishsl.com>... Domain of sender address abacofishslätabacofishsl.com does not exist

<Emcleasingätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ELSOL102ätAOL.COM>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EmersonAlyätaol.com>:
Connected to 64.12.137.89 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EnSGiftsätaol.com>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EmilyF11ätaol.com>:
Connected to 64.12.138.153 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EquiPrint1ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Eric530ätaol.com>:
Connected to 64.12.138.88 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EricJamieginterätAol.Com>:
Connected to 64.12.137.89 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EnchantDätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Ericsradätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Erin3679ätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Equa68ätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Ellen.Verpoortenätmail.com>:
208.36.123.17 does not like recipient.
Remote host said: 550 <abacofishslätabacofishsl.com>: No thank you rejected: Domain not found
Giving up on 208.36.123.17.

<EStrict2ätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ETBIGENUMBER1ätAOL.COM>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<ESTA56ätAOL.COM>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EMINEM68518ätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<Erikaätyahoo.com>:
216.39.53.1 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (erikaätyahoo.com) [-5] - mta373.mail.re4.yahoo.com

<EPCätnorthwestern.edu>:
129.105.16.48 does not like recipient.
Remote host said: 550 <EPCätnorthwestern.edu>: Recipient address rejected: User unknown in virtual alias table
Giving up on 129.105.16.48.

<EmailFrankSongsätaol.com>:
Connected to 64.12.137.184 but sender was rejected.
Remote host said: 550 REQUESTED ACTION NOT TAKEN: DNS FAILURE

<EMILTHEBIGätYAHOO.COM>:
209.191.88.247 failed after I sent the message.
Remote host said: 554 delivery error: dd This user doesn't have a yahoo.com account (emilthebigätyahoo.com) [-5] - mta296.mail.mud.yahoo.com

<ELewalski88ätyahoo.com>:
68.142.202.247 failed after I sent the message.
Remote host said: 554 delivery error: dd Sorry your message to elewalski88ätyahoo.com cannot be delivered. This account has been disabled or discontinued [#102]. - mta185.mail.mud.yahoo.com

--- Below this line is a copy of the message.

Return-Path: <kennyontop500ätcompuserve.de>
Received: (qmail 25007 invoked by uid 501); 3 Aug 2007 11:37:22 -0000
X-Authenticated-Sender: kennyontop500
Received: from 85.176.101.20 ([85.176.101.20])
 by compuserve.de ([10.228.3.104])
 with ESMTP via TCP; 03 Aug 2007 11:37:22 -0000
Date: Fri, 03 Aug 2007 13:38:19 +0200
To: =?iso-8859-15?Q?Michael_G=F6mmel?= <Sector-Effectorätfreenet.de>
Subject: =?iso-8859-15?Q?CANTON_klopft_an_Deine_T=FCr=21?=
From: Joachim Vosberg <kennyontop500ätcompuserve.de>
Content-Type: multipart/mixed; boundary=----------09ezRUIC4phacvMCDvJbsS
MIME-Version: 1.0
References: <337908772.1185643000309.JavaMail.SYSTEMätsj-v3conta36> <op.twb9gzuygv164pätsmtp.compuserve.de> <46AF8144.70102ätFreenet.de>
Message-ID: <op.twhel5b8gv164pätsmtp.compuserve.de>
In-Reply-To: <46AF8144.70102ätFreenet.de>
User-Agent: Opera Mail/9.22 (Win32)

------------09ezRUIC4phacvMCDvJbsS
Content-Type: text/plain; format=flowed; delsp=yes; charset=iso-8859-15
Content-Transfer-Encoding: 8bit

Hey Michael,

Es ist vollbracht. Die Boxen habe ich gestern früh vor der Arbeit (um halb 
sieben) zur Post gebracht. Habe mir mit der Verpackung echt was einfallen 
lassen, auch wenn es wüst aussieht. Wenn Du die Verpackung an den 
Kopfseiten geschickt aufschneidest (keine Sorge, es ist Styropor darunter) 
und die Box im Liegen herausziehst, kannst Du den maßgeschneiderten 
Karton vielleicht wieder für Transportzwecke nutzen.
Ich hoffe, sie gefallen Dir.

Die Identcodes für die Paketverfolgung lauten 21.106 597.717 6 und 21.106 
597.718 2 (ANHANG!)

Ach so, noch was. Die beiden Boxenkabel haben eine geringe 
unterschiedliche Dicke, was für die Klangentfaltung zu Hause völlig 
unerheblich ist. Falls es Dich doch stört, kannst Du sie auch halbieren. 
Sie sind lang genug (ca. 5m).

Viel Spaß, und schönes WE,
Gruß, Joachim

 Am Tue, 31 Jul 2007 20:36:52 +0200 hat Michael Gömmel 
<Sector-EffectorätFreenet.de> geschrieben:

> Hallo Joachim,
>
> danke dass du dir die viele Mühe gemacht hast. Kein Problem wenn die 
> Boxen erst am Donnerstag rausgehen, ich freu mich schon drauf.
>
>
> Grüsse,
> Michael
>
>
> __________ NOD32 2430 (20070731) Information __________
>
> Diese E-Mail wurde vom NOD32 antivirus system geprüft
> [url]http://www.nod32.com[/url]
>
>



__________ NOD32 2435 (20070803) Information __________

Diese E-Mail wurde vom NOD32 antivirus system geprüft
[url]http://www.nod32.com[/url]
 
Thema:

Habe eine merkwürdige Rückmeldung vom Mailserver erhalten... Trojaner an Bord?

ANGEBOTE & SPONSOREN

Neueste Themen

Statistik des Forums

Themen
113.840
Beiträge
707.963
Mitglieder
51.494
Neuestes Mitglied
Flensburg45
Oben