Hi All:
I have been monitor the catch all account (ie. all the none deliverable internet mail forwarded to the administrator's mailbox)
finding out all kind of interesting thing going on, people trying to find a job somewhere else but accidentally replied to the wrong address, but some of them are legit client trying to deliver important message but failure to spell correctly
recently I notice there is increase number of NDR s in this box, from a normally 3-5 a day to about 50 a day, and some of them are orginiated from SPAM bouncing around, and there is on particular case that concerns us: some sender is trying to send several different email address of our domain but with some crazy aliases like
fasdf32q3245@mycompanydomain.com
asdfa4yd43@mycompanydomain.com
e45ethfw@mycompanydomain.com
w45yhgsf6@mycompanydomain.com
65efgh8u45@mycompanydomain.com
adst5ertghyutt@mycompanydomain.com
some addresses no way close to the real email address, and they come in bunches, are we under email attack here ?
any suggestion on how can we stop this ?
thanks
JCCK2003
below is some of the header recorder in the catch-all Inbound Mail Failure Notification
--- Below this line is a copy of the message.
Return-Path: <rsiz26t@(mycompanydomain).com>
Received: (qmail 1234 invoked from network); 8 Jan 2004 01:13:46 +0900
Received: from mx02.wics.ne.jp (192.168.2.14)
by mail.wics.ne.jp with SMTP; 8 Jan 2004 01:13:46 +0900
Received: (qmail 20185 invoked from network); 8 Jan 2004 01:13:49 +0900
Received: from pool-68-162-152-84.pitt.east.verizon.net (68.162.152.84)
by mx02.wics.ne.jp with SMTP; 8 Jan 2004 01:13:49 +0900
Received: from [28.143.101.211] by pool-68-162-152-84.pitt.east.verizon.net with ESMTP id <755163-54748>; Wed, 07 Jan 2004 22:11:46 +0600
Message-ID: <tw-fg$xf39ye2ey8k7-1se4@7kqd.94u6jigo5>
From: "Mel Lewis" <rsiz26t@(mycompanydomain).com>
Reply-To: "Mel Lewis" <rsiz26t@(mycompanydomain).com>
To: lonato@mail.wics.ne.jp
Subject: Movie lovers - U want this! - reserve
Date: Wed, 07 Jan 04 22:11:46 GMT
X-Mailer: eGroups Message Poster
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=".74B8B7C5EF5B"
X-Priority: 3
X-MSMail-Priority: Normal
Message from geocities.com.
Unable to deliver message to the following address(es).
<linuxer@geocities.com>:
This user doesn't have a geocities.com account (linuxer@geocities.com) [0]
<linuxman@geocities.com>:
This user doesn't have a geocities.com account (linuxman@geocities.com) [0]
<linuxsys@geocities.com>:
This user doesn't have a geocities.com account (linuxsys@geocities.com) [0]
<linville1@geocities.com>:
This user doesn't have a geocities.com account (linville1@geocities.com) [0]
<linville@geocities.com>:
This user doesn't have a geocities.com account (linville@geocities.com) [0]
<linw@geocities.com>:
Sorry your message to linw@geocities.com cannot be delivered. This account has been disabled or discontinued [#103].
<linwb@geocities.com>:
This user doesn't have a geocities.com account (linwb@geocities.com) [0]
<linwei@geocities.com>:
This user doesn't have a geocities.com account (linwei@geocities.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 81.128.159.253
Return-Path: <zbvazzh31@(mycompanydomain).com>
Received: from 81.128.159.253 (HELO host81-128-159-253.in-addr.btopenworld.com) (81.128.159.253)
by mta151.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 07:44:00 -0800
Received: from [218.167.83.118] by host81-128-159-253.in-addr.btopenworld.com with ESMTP id <214490-66368>; Wed, 07 Jan 2004 08:35:57 -0700
Message-ID: <6xwop2--$a7w-bv-789h58b@4983f.ro5>
From: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
Reply-To: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
To: linuxer@geocities.com
Subject: Get all New movies - Free - bissau
Date: Wed, 07 Jan 04 08:35:57 GMT
X-Mailer: The Bat! (v1.52f) Business
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal
--FA.2.81DEB.A3D143F_C
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
load@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<load@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <load@anglianet.co.uk>... User unknown
lmitchell@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<lmitchell@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <lmitchell@anglianet.co.uk>... User unknown
lisa@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<lisa@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <lisa@anglianet.co.uk>... User unknown
linehan@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<linehan@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <linehan@anglianet.co.uk>... User unknown
------ This is a copy of the message, including all the headers. ------
Return-path: <g85tocscgy@(mycompanydomain).com>
Received: from dt080n3e.tampabay.rr.com ([24.92.19.62])
by smtp.keme.net with smtp (Exim 4.14)
id 1AeFng-0006k1-F8; Wed, 07 Jan 2004 15:40:52 +0000
Received: from [231.192.21.148] by dt080n3e.tampabay.rr.com with ESMTP id 65187538; Wed, 07 Jan 2004 12:38:49 -0300
Message-ID: <k9-7x6-r-15$g$v@vvou4w21>
From: "Dianna Block" <g85tocscgy@(mycompanydomain).com>
Reply-To: "Dianna Block" <g85tocscgy@(mycompanydomain).com>
To: linehan@anglianet.co.uk
Subject: Get all New movies - Free - kowloon
Date: Wed, 07 Jan 04 12:38:49 GMT
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal
--FA.2.81DEB.A3D143F_C
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
Message from rocketmail.com.
Unable to deliver message to the following address(es).
<l285thefuz@rocketmail.com>:
This user doesn't have a rocketmail.com account (l285thefuz@rocketmail.com) [0]
<l2863sok@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2863sok@rocketmail.com) [0]
<l2864@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2864@rocketmail.com) [0]
<l2865@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2865@rocketmail.com) [0]
<l2870@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2870@rocketmail.com) [0]
<l2892@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2892@rocketmail.com) [0]
<l28@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28@rocketmail.com) [0]
<l28j26@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28j26@rocketmail.com) [0]
<l28m@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28m@rocketmail.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 213.143.83.162
Return-Path: <3mxqzvnb@(mycompanydomain).com>
Received: from 213.143.83.162 (HELO AGENT) (213.143.83.162)
by mta115.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 05:23:04 -0800
Received: from [107.32.186.130] by AGENT id mGCwxjqS1edd for <l285thefuz@rocketmail.com>; Wed, 07 Jan 2004 12:18:01 -0100
Message-ID: <80u9mn1q7dsg7-9-b9uwv96$7m8u8l@dew31byl>
From: "Dorothea Douglas" <3mxqzvnb@(mycompanydomain).com>
Reply-To: "Dorothea Douglas" <3mxqzvnb@(mycompanydomain).com>
To: l285thefuz@rocketmail.com
Subject: Digital Cable Filter - Free Movies - abnormal
Date: Wed, 07 Jan 04 12:18:01 GMT
X-Mailer: Microsoft Outlook, Build 10.0.2627
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="7_A2..EF_ED8_4AE6732F_3."
X-Priority: 3
X-MSMail-Priority: Normal
Hi. This is the qmail-send program at smtp1.mail.osogrande.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<louissa@technet.nm.net>:
Sorry, no mailbox here by that name. (#5.1.1)
<luettgen@technet.nm.net>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <4xdblnmfhe@(mycompanydomain).com>
Received: (qmail 957 invoked from network); 7 Jan 2004 16:23:57 -0000
Received: from h227.12.55.139.ip.alltel.net (139.55.12.227)
by smtp1.mail.osogrande.com with SMTP; 7 Jan 2004 16:23:57 -0000
Received: from (HELO pp6dl) [95.189.69.27] by h227.12.55.139.ip.alltel.net with SMTP; Wed, 07 Jan 2004 19:23:54 +0300
Message-ID: <vu0bee551xr$4-x61@7ac.tne>
From: "Deandre Sierra" <4xdblnmfhe@(mycompanydomain).com>
Reply-To: "Deandre Sierra" <4xdblnmfhe@(mycompanydomain).com>
To: louissa@technet.nm.net
Subject: How about new movies every week free - admitted
Date: Wed, 07 Jan 04 19:23:54 GMT
X-Mailer: QUALCOMM Windows Eudora Version 5.1
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="F_1.AAF66..6A.9"
X-Priority: 3
X-MSMail-Priority: Normal
--F_1.AAF66..6A.9
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
<html>
Message from geocities.com.
Unable to deliver message to the following address(es).
<linuxer@geocities.com>:
This user doesn't have a geocities.com account (linuxer@geocities.com) [0]
<linuxman@geocities.com>:
This user doesn't have a geocities.com account (linuxman@geocities.com) [0]
<linuxsys@geocities.com>:
This user doesn't have a geocities.com account (linuxsys@geocities.com) [0]
<linville1@geocities.com>:
This user doesn't have a geocities.com account (linville1@geocities.com) [0]
<linville@geocities.com>:
This user doesn't have a geocities.com account (linville@geocities.com) [0]
<linw@geocities.com>:
Sorry your message to linw@geocities.com cannot be delivered. This account has been disabled or discontinued [#103].
<linwb@geocities.com>:
This user doesn't have a geocities.com account (linwb@geocities.com) [0]
<linwei@geocities.com>:
This user doesn't have a geocities.com account (linwei@geocities.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 81.128.159.253
Return-Path: <zbvazzh31@(mycompanydomain).com>
Received: from 81.128.159.253 (HELO host81-128-159-253.in-addr.btopenworld.com) (81.128.159.253)
by mta151.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 07:44:00 -0800
Received: from [218.167.83.118] by host81-128-159-253.in-addr.btopenworld.com with ESMTP id <214490-66368>; Wed, 07 Jan 2004 08:35:57 -0700
Message-ID: <6xwop2--$a7w-bv-789h58b@4983f.ro5>
From: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
Reply-To: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
To: linuxer@geocities.com
Subject: Get all New movies - Free - bissau
Date: Wed, 07 Jan 04 08:35:57 GMT
X-Mailer: The Bat! (v1.52f) Business
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal
I have been monitor the catch all account (ie. all the none deliverable internet mail forwarded to the administrator's mailbox)
finding out all kind of interesting thing going on, people trying to find a job somewhere else but accidentally replied to the wrong address, but some of them are legit client trying to deliver important message but failure to spell correctly
recently I notice there is increase number of NDR s in this box, from a normally 3-5 a day to about 50 a day, and some of them are orginiated from SPAM bouncing around, and there is on particular case that concerns us: some sender is trying to send several different email address of our domain but with some crazy aliases like
fasdf32q3245@mycompanydomain.com
asdfa4yd43@mycompanydomain.com
e45ethfw@mycompanydomain.com
w45yhgsf6@mycompanydomain.com
65efgh8u45@mycompanydomain.com
adst5ertghyutt@mycompanydomain.com
some addresses no way close to the real email address, and they come in bunches, are we under email attack here ?
any suggestion on how can we stop this ?
thanks
JCCK2003
below is some of the header recorder in the catch-all Inbound Mail Failure Notification
--- Below this line is a copy of the message.
Return-Path: <rsiz26t@(mycompanydomain).com>
Received: (qmail 1234 invoked from network); 8 Jan 2004 01:13:46 +0900
Received: from mx02.wics.ne.jp (192.168.2.14)
by mail.wics.ne.jp with SMTP; 8 Jan 2004 01:13:46 +0900
Received: (qmail 20185 invoked from network); 8 Jan 2004 01:13:49 +0900
Received: from pool-68-162-152-84.pitt.east.verizon.net (68.162.152.84)
by mx02.wics.ne.jp with SMTP; 8 Jan 2004 01:13:49 +0900
Received: from [28.143.101.211] by pool-68-162-152-84.pitt.east.verizon.net with ESMTP id <755163-54748>; Wed, 07 Jan 2004 22:11:46 +0600
Message-ID: <tw-fg$xf39ye2ey8k7-1se4@7kqd.94u6jigo5>
From: "Mel Lewis" <rsiz26t@(mycompanydomain).com>
Reply-To: "Mel Lewis" <rsiz26t@(mycompanydomain).com>
To: lonato@mail.wics.ne.jp
Subject: Movie lovers - U want this! - reserve
Date: Wed, 07 Jan 04 22:11:46 GMT
X-Mailer: eGroups Message Poster
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=".74B8B7C5EF5B"
X-Priority: 3
X-MSMail-Priority: Normal
Message from geocities.com.
Unable to deliver message to the following address(es).
<linuxer@geocities.com>:
This user doesn't have a geocities.com account (linuxer@geocities.com) [0]
<linuxman@geocities.com>:
This user doesn't have a geocities.com account (linuxman@geocities.com) [0]
<linuxsys@geocities.com>:
This user doesn't have a geocities.com account (linuxsys@geocities.com) [0]
<linville1@geocities.com>:
This user doesn't have a geocities.com account (linville1@geocities.com) [0]
<linville@geocities.com>:
This user doesn't have a geocities.com account (linville@geocities.com) [0]
<linw@geocities.com>:
Sorry your message to linw@geocities.com cannot be delivered. This account has been disabled or discontinued [#103].
<linwb@geocities.com>:
This user doesn't have a geocities.com account (linwb@geocities.com) [0]
<linwei@geocities.com>:
This user doesn't have a geocities.com account (linwei@geocities.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 81.128.159.253
Return-Path: <zbvazzh31@(mycompanydomain).com>
Received: from 81.128.159.253 (HELO host81-128-159-253.in-addr.btopenworld.com) (81.128.159.253)
by mta151.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 07:44:00 -0800
Received: from [218.167.83.118] by host81-128-159-253.in-addr.btopenworld.com with ESMTP id <214490-66368>; Wed, 07 Jan 2004 08:35:57 -0700
Message-ID: <6xwop2--$a7w-bv-789h58b@4983f.ro5>
From: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
Reply-To: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
To: linuxer@geocities.com
Subject: Get all New movies - Free - bissau
Date: Wed, 07 Jan 04 08:35:57 GMT
X-Mailer: The Bat! (v1.52f) Business
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal
--FA.2.81DEB.A3D143F_C
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
load@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<load@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <load@anglianet.co.uk>... User unknown
lmitchell@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<lmitchell@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <lmitchell@anglianet.co.uk>... User unknown
lisa@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<lisa@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <lisa@anglianet.co.uk>... User unknown
linehan@anglianet.co.uk
SMTP error from remote mailer after RCPT TO:<linehan@anglianet.co.uk>:
host mail.anglianet.co.uk [62.121.0.10]: 550 5.1.1 <linehan@anglianet.co.uk>... User unknown
------ This is a copy of the message, including all the headers. ------
Return-path: <g85tocscgy@(mycompanydomain).com>
Received: from dt080n3e.tampabay.rr.com ([24.92.19.62])
by smtp.keme.net with smtp (Exim 4.14)
id 1AeFng-0006k1-F8; Wed, 07 Jan 2004 15:40:52 +0000
Received: from [231.192.21.148] by dt080n3e.tampabay.rr.com with ESMTP id 65187538; Wed, 07 Jan 2004 12:38:49 -0300
Message-ID: <k9-7x6-r-15$g$v@vvou4w21>
From: "Dianna Block" <g85tocscgy@(mycompanydomain).com>
Reply-To: "Dianna Block" <g85tocscgy@(mycompanydomain).com>
To: linehan@anglianet.co.uk
Subject: Get all New movies - Free - kowloon
Date: Wed, 07 Jan 04 12:38:49 GMT
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal
--FA.2.81DEB.A3D143F_C
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
Message from rocketmail.com.
Unable to deliver message to the following address(es).
<l285thefuz@rocketmail.com>:
This user doesn't have a rocketmail.com account (l285thefuz@rocketmail.com) [0]
<l2863sok@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2863sok@rocketmail.com) [0]
<l2864@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2864@rocketmail.com) [0]
<l2865@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2865@rocketmail.com) [0]
<l2870@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2870@rocketmail.com) [0]
<l2892@rocketmail.com>:
This user doesn't have a rocketmail.com account (l2892@rocketmail.com) [0]
<l28@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28@rocketmail.com) [0]
<l28j26@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28j26@rocketmail.com) [0]
<l28m@rocketmail.com>:
This user doesn't have a rocketmail.com account (l28m@rocketmail.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 213.143.83.162
Return-Path: <3mxqzvnb@(mycompanydomain).com>
Received: from 213.143.83.162 (HELO AGENT) (213.143.83.162)
by mta115.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 05:23:04 -0800
Received: from [107.32.186.130] by AGENT id mGCwxjqS1edd for <l285thefuz@rocketmail.com>; Wed, 07 Jan 2004 12:18:01 -0100
Message-ID: <80u9mn1q7dsg7-9-b9uwv96$7m8u8l@dew31byl>
From: "Dorothea Douglas" <3mxqzvnb@(mycompanydomain).com>
Reply-To: "Dorothea Douglas" <3mxqzvnb@(mycompanydomain).com>
To: l285thefuz@rocketmail.com
Subject: Digital Cable Filter - Free Movies - abnormal
Date: Wed, 07 Jan 04 12:18:01 GMT
X-Mailer: Microsoft Outlook, Build 10.0.2627
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="7_A2..EF_ED8_4AE6732F_3."
X-Priority: 3
X-MSMail-Priority: Normal
Hi. This is the qmail-send program at smtp1.mail.osogrande.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<louissa@technet.nm.net>:
Sorry, no mailbox here by that name. (#5.1.1)
<luettgen@technet.nm.net>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <4xdblnmfhe@(mycompanydomain).com>
Received: (qmail 957 invoked from network); 7 Jan 2004 16:23:57 -0000
Received: from h227.12.55.139.ip.alltel.net (139.55.12.227)
by smtp1.mail.osogrande.com with SMTP; 7 Jan 2004 16:23:57 -0000
Received: from (HELO pp6dl) [95.189.69.27] by h227.12.55.139.ip.alltel.net with SMTP; Wed, 07 Jan 2004 19:23:54 +0300
Message-ID: <vu0bee551xr$4-x61@7ac.tne>
From: "Deandre Sierra" <4xdblnmfhe@(mycompanydomain).com>
Reply-To: "Deandre Sierra" <4xdblnmfhe@(mycompanydomain).com>
To: louissa@technet.nm.net
Subject: How about new movies every week free - admitted
Date: Wed, 07 Jan 04 19:23:54 GMT
X-Mailer: QUALCOMM Windows Eudora Version 5.1
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="F_1.AAF66..6A.9"
X-Priority: 3
X-MSMail-Priority: Normal
--F_1.AAF66..6A.9
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
<html>
Message from geocities.com.
Unable to deliver message to the following address(es).
<linuxer@geocities.com>:
This user doesn't have a geocities.com account (linuxer@geocities.com) [0]
<linuxman@geocities.com>:
This user doesn't have a geocities.com account (linuxman@geocities.com) [0]
<linuxsys@geocities.com>:
This user doesn't have a geocities.com account (linuxsys@geocities.com) [0]
<linville1@geocities.com>:
This user doesn't have a geocities.com account (linville1@geocities.com) [0]
<linville@geocities.com>:
This user doesn't have a geocities.com account (linville@geocities.com) [0]
<linw@geocities.com>:
Sorry your message to linw@geocities.com cannot be delivered. This account has been disabled or discontinued [#103].
<linwb@geocities.com>:
This user doesn't have a geocities.com account (linwb@geocities.com) [0]
<linwei@geocities.com>:
This user doesn't have a geocities.com account (linwei@geocities.com) [0]
--- Original message follows.
X-YahooFilteredBulk: 81.128.159.253
Return-Path: <zbvazzh31@(mycompanydomain).com>
Received: from 81.128.159.253 (HELO host81-128-159-253.in-addr.btopenworld.com) (81.128.159.253)
by mta151.mail.scd.yahoo.com with SMTP; Wed, 07 Jan 2004 07:44:00 -0800
Received: from [218.167.83.118] by host81-128-159-253.in-addr.btopenworld.com with ESMTP id <214490-66368>; Wed, 07 Jan 2004 08:35:57 -0700
Message-ID: <6xwop2--$a7w-bv-789h58b@4983f.ro5>
From: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
Reply-To: "Gilda Hawk" <zbvazzh31@(mycompanydomain).com>
To: linuxer@geocities.com
Subject: Get all New movies - Free - bissau
Date: Wed, 07 Jan 04 08:35:57 GMT
X-Mailer: The Bat! (v1.52f) Business
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="FA.2.81DEB.A3D143F_C"
X-Priority: 3
X-MSMail-Priority: Normal