Fun Stuff > CHATTER
Okay I am truly confused now
nekowafer:
I responded and got a confused message back from the person who actually owns that email.
And that is awesome, Masterpiece. Did anyone else get anything?
Someone is being a super nice troll apparently <3
Masterpiece:
I looked through the header. I found references to a "mail.fakemailer.nl".
(click to show/hide)
--- Code: ---x-store-info:fHNTDlzCF8Nxw6HwcfGQy+S7Ax/lqLSmNphQ3OF+T9E=
Authentication-Results: hotmail.com; spf=temperror (sender IP is 46.21.172.149) [email protected]; dkim=none header.d=outlook.com; x-hmca=none [email protected]
X-SID-PRA: [email protected]
X-AUTH-Result: NONE
X-SID-Result: NONE
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 5cuOr7VrmjDnolvGJzLggrtg0b7uw+oWD+eFuzLFp8RlYpVM3+ln4Sl1OxGRJqJCEQHcimG4KJSAFxjT1ePFM51J2PJWDiGJeh/LT8ZLsdZPMGYbErRuGLKqW+rmba3s+3c9JWRlKSYUwQyw97CKLmUS/bbyamE9qn1A07+p4F4=
Received: from vserver52.axc.nl ([46.21.172.149]) by BAY0-MC2-F14.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Mon, 15 Jul 2013 23:34:05 -0700
Received: from vserver52.axc.nl ([46.21.172.149] helo=mail.fakemailer.nl)
by vserver52.axc.nl with esmtpa (Exim 4.76)
(envelope-from <[email protected]>)
id 1Uyypp-0003WF-A3
for <myemailgoeshere>; Tue, 16 Jul 2013 08:34:05 +0200
Date: Tue, 16 Jul 2013 08:34:05 +0200
To: <myemailgoeshere>
From: Dale <[email protected]>
Reply-To: Dale <[email protected]>
Subject: []_[]
Message-ID: <[email protected]>
X-Priority: 3
X-Mailer: PHPMailer 5.2.1 (http://code.google.com/a/apache-extras.org/p/phpmailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_42ed96af945a70ae8c5dee663c91ed76"
Return-Path: [email protected]
X-OriginalArrivalTime: 16 Jul 2013 06:34:06.0236 (UTC) FILETIME=[786445C0:01CE81EE]
--b1_42ed96af945a70ae8c5dee663c91ed76
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Daaaaaaaaaaaaang
--b1_42ed96af945a70ae8c5dee663c91ed76
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Daaaaaaaaaaaaang
--b1_42ed96af945a70ae8c5dee663c91ed76--
--- End code ---
(click to show/hide)
--- Code: ---x-store-info:fHNTDlzCF8Nxw6HwcfGQy+S7Ax/lqLSmNphQ3OF+T9E=
Authentication-Results: hotmail.com; spf=temperror (sender IP is 46.21.172.149) [email protected]; dkim=none header.d=gmail.com; x-hmca=none [email protected]
X-SID-PRA: [email protected]
X-AUTH-Result: NONE
X-SID-Result: NONE
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTE7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: 5cuOr7VrmjAC2LpYre8Qz/B42WNdbxfGUi19knWLin2RkNJuI+Zycu/qBnlnwbpnSwpG0WF+YYQSa5SkWgpWgFJce1x1Q4JDJeiqSjt1mflolG8cFhVPJUEUW4io5oSrAU1yCgvlTQf3ToGmosQayforPbmiqAnnS+0JvlESxUE=
Received: from vserver52.axc.nl ([46.21.172.149]) by BAY0-MC1-F17.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
Mon, 15 Jul 2013 19:28:50 -0700
Received: from vserver52.axc.nl ([46.21.172.149] helo=mail.fakemailer.nl)
by vserver52.axc.nl with esmtpa (Exim 4.76)
(envelope-from <[email protected]>)
id 1Uyv0T-0005Li-3G
for <myemailgoeshere> Tue, 16 Jul 2013 04:28:49 +0200
Date: Tue, 16 Jul 2013 04:28:48 +0200
To: <myemailgoeshere>
From: Hannelore Ellicott-Chatham <[email protected]>
Reply-To: Hannelore Ellicott-Chatham <[email protected]>
Subject: Are you aware
Message-ID: <[email protected]>
X-Priority: 3
X-Mailer: PHPMailer 5.2.1 (http://code.google.com/a/apache-extras.org/p/phpmailer/)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_c78b120cb5fa2df59d2fc2aa33ff4c49"
Return-Path: [email protected]
X-OriginalArrivalTime: 16 Jul 2013 02:28:50.0789 (UTC) FILETIME=[354D4150:01CE81CC]
--b1_c78b120cb5fa2df59d2fc2aa33ff4c49
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Are you aware how messy your room is? Clean it up mister.
--b1_c78b120cb5fa2df59d2fc2aa33ff4c49
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Are you aware how messy your room is? Clean it up mister.
--b1_c78b120cb5fa2df59d2fc2aa33ff4c49--
--- End code ---
ankhtahr:
So if I see that right somebody who has access to fakemail.nl has sent the messages. The mail server of mail.fakemail.nl (which is registered and hosted at the Dutch provider "Tele2") has given these messages into the hotmail server, saying that these were received for Masterpiece's address, from the spoofed "from" address. I've seen this done much better though.
I wonder how the sender managed to deliver the mail into the hotmail.com server.
Masterpiece:
Or the gmail address.
ankhtahr:
nah, the second one was also delivered directly into the hotmail server. It just had gmail as envelope address.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version