Spammed

[Jeff G.]

Is there a way to send the whole batch, it will take me all day to send all these return spams.

Apple, Mail program.

36798[/snapback]

Sorry, not natively. However Program for Mac OS X Mail users combined with one of the latest files on http://www.subsume.com/pub/SpamCop/ may provide you with an unsupported solution.

[turetzsr]

Is there a way to send the whole batch, it will take me all day to send all these return spams.

Sorry, not natively. However Program for Mac OS X Mail users combined with one of the latest files on http://www.subsume.com/pub/SpamCop/ may provide you with an unsupported solution.

36809[/snapback]

...If you don't wish to use the unsupported solution or it doesn't work well for you, just submit those you have the time and inclination to report. Thanks!

[maz]

Did you try the link? Looks like its vanished due to a lack of interest. Any chance of getting it back?

[Jeff G.]

Did you try the link? Looks like its vanished due to a lack of interest. Any chance of getting it back?

36812[/snapback]

Yes, I tried the links I posted, and those they referenced. Both links I posted most recently in this thread work, the last three files exist and are downloadable, and http://www.subsume.com/pub/SpamCop/SpamCop-1.3.2.tar.gz even opens in WinZip. Chances of getting it back are Slim to None, and Slim left town. But seriously, it would take some pretty fleet-footed negotiating and maybe some cash to get support back for Subsume's SpamCop software. I'm sorry to have to tell you that.

[maz]

I reported over 200 today and one from each prior date, and they are still arriving.

[Wazoo]

I don't understand why I can't list email addresses, I only have a few such as forum[at]mercuryexposure.org (IPB), volunteer, help, donor, maz. The spam scripting needs to stop.

36764[/snapback]

Still not explained.

Here's another, btw I don't have any MS on my Apple. They seem to stop around 8am PST.

36767[/snapback]

Still not sure what this meant.

Reporting it blocks me. Blocking aliases then blocks IPB forum mail.

36770[/snapback]

Still waiting for this to be explained.

This is an IPB forum 

This spam is going out as me,

I would be reporting spam on ,

Return-Path: <addrlmuldrow[at]mercuryexposure.org>

36774[/snapback]

The SpamCop.net parser doesn't concern itself with e-mail address, it tries to find the IP address of the source of the spam .... and in reference to your questions on your MailHost configuration, you may be reporting yourself, possibly leading into the blocking you mention (but nothing offered thus far has helped resolve that question / situation ..??

I'm even told spamcop blocked me yesterday.

Can you provide the "you were told" data?

Forum subscriptions get blocked when trying to block email aliases

Not sure at all what you are trying to say here.

when I set up my domain/host, it only keeps the last one I list, shouldn't it keep a record of forum, help, etc.

You are confusing e-mail address with "hosts" .. based on what I think you are asking, there is only the one "host" involved .. and that actually should be the host of the e-mail account you are reporting the spam from, but that is still in question from this side of the screen. Are you reporting the Forum-received spam from a Forum e-mail account? Or are you reading that e-mail from your "home" account and reporting it from there (which could also feed into issues with your MailHost configuration)

I am receiving over 50 bounced spams a day - return address my domain, god knows how many are actually going out.

36789[/snapback]

You are only receiving these "bounce notifications" from ISPs that have chosen to configure their servers to do this .... other simply delete the garbage.

I reported over 200 today and one from each prior date, and they are still arriving.

36823[/snapback]

??? the Parsing & Reporting tool does the reporting, the IP address of the source gets added to the SpamCopDNSBL. If you/your ISP does not use this BL, there is no immediate action to helping stop the flow. In the general scenario of these "forged From: / Reply-To:" types of spam spew, all of these bounce notifications are coming from different ISPs, therefore different IP addresses are involved on each of them, so even getting them added to the SpamCopDNSBL gets into the math behind that listing and the number of folks reporting them through the SpamCop system.

[turetzsr]

I reported over 200 today and one from each prior date, and they are still arriving.

36823[/snapback]

Hi, maz,

...If you already know this, I apologise for mentioning it: reporting to SpamCop does nothing, by itself, to stop spam -- action must be taken by the ISP or MSP through which they are sent to shut down the offending accounts.

[maz]

Still not explained.

Still not sure what this meant.

Still waiting for this to be explained.

The SpamCop.net parser doesn't concern itself with e-mail address, it tries to find the IP address of the source of the spam .... and in reference to your questions on your MailHost configuration, you may be reporting yourself, possibly leading into the blocking you mention (but nothing offered thus far has helped resolve that question / situation ..??

Can you provide the "you were told" data?

My host kionic said the block will be removed in 24hrs last night.

Not sure at all what you are trying to say here.

You are confusing e-mail address with "hosts" .. based on what I think you are asking, there is only the one "host" involved .. and that actually should be the host of the e-mail account you are reporting the spam from, but that is still in question from this side of the screen.  Are you reporting the Forum-received spam from a Forum e-mail account?  Or are you reading that e-mail from your "home" account and reporting it from there (which could also feed into issues with your MailHost configuration)

I have no idea if it has anything to do with the forum. As it was pointed out, anyone could have hacked the reply.

You are only receiving these "bounce notifications" from ISPs that have chosen to configure their servers to do this .... other simply delete the garbage.

True, so is it a site attack.

??? the Parsing & Reporting tool does the reporting, the IP address of the source gets added to the SpamCopDNSBL.  If you/your ISP does not use this BL, there is no immediate action to helping stop the flow.  In the general scenario of these "forged From: / Reply-To:" types of spam spew, all of these bounce notifications are coming from different ISPs, therefore different IP addresses are involved on each of them, so even getting them added to the SpamCopDNSBL gets into the math behind that listing and the number of folks reporting them through the SpamCop system.

Obviously difficult to track down all over the place, but if I'm getting the majority returned, wouldn't it be an endpoint to locate the start, considering they are almost one a minute.

I've seen email group tracking with diagrams showing the flow of conversation and who's most prominent. Following our domain would be easy this is producing more than we do and we are in the reply on each one to track.

[Jeff G.]

One thing that hasn't been mentioned here is that when a spammer uses an instance of IPB to email a victim, the resulting email message is incompatible with SpamCop Reporting, and attempts to Report it through SpamCop would get that IPB instance's Admin in trouble with its ISP. The email recipient should report the message to that IPB instance's Admin, and the Admin can then use the webserver logs of the HTTP Post (with IP Address, Date, Time (to the second or fraction), and Timezone) to send a Manual Report to the spammer's ISP. The same is true for a posted inappropriate message, which (at least here) doesn't have Time (to the second or fraction), only Time (to the minute).

[dbiel]

My host kionic said the block will be removed in 24hrs last night.

36829[/snapback]

We still have no idea of what is actually being blocked. We need to know the IP address and your relationship to that address.

I have no idea if it has anything to do with the forum. As it was pointed out, anyone could have hacked the reply.

What forum are you talking about? This SpamCop forum or some other forum that you have some relationship with?

True, so is it a site attack.

No, it is simply lots of different individuals/ISP that are bouncing spam back to your address that just happens to be forged in the spam message they are receiving

Obviously difficult to track down all over the place, but if I'm getting the majority returned, wouldn't it be an endpoint to locate the start, considering they are almost one a minute.

Have no idea what you mean by "getting the majority returned" to me this implies that you are the one that sent the messages that are coming back which raises the questions, did you send them, did they go to valid addresses? and why are they being returned (please post the entire returned message with full headers) Note: the previous may not apply since I am not sure I understand what is being said in the first place.

I've seen email group tracking with diagrams showing the flow of conversation and who's most prominent. Following our domain would be easy this is producing more than we do and we are in the reply on each one to track.

Sorry, I can not make any sense out of this quote, could you try rewording it?

[Wazoo]

My host kionic said the block will be removed in 24hrs last night.

The only IP offered in the Topic was 206.123.100.22, which has been identified as "not" being listed, so there is still the question of exactly what is being "blocked" .. and as 206.123.100.22 tracks back to KC Quest, LLC or Colo4Dallas LP, I'm not going to spend more time trying to figure out who kionic might be ....

I have no idea if it has anything to do with the forum. As it was pointed out, anyone could have hacked the reply.

I'm sorry, this response was in reply to some commentary made about your MailHost configuration .. I'm having a hard time tying your response to that subject.

True, so is it a site attack.

As stated in the FAQs already pointed to (and many other posts in this Forum) ... probably not .. it's just your turn as the victim, more than likely.

Obviously difficult to track down all over the place, but if I'm getting the majority returned, wouldn't it be an endpoint to locate the start, considering they are almost one a minute.

36829[/snapback]

That would depend on the parse results of what you submitted ... if parsing the actual bounce, one would go with that the ISP that did the bouncing was the target for the report .. yet your words are pointed at tracking down the source of the "original" spam ... and that gets into the construct of the bounce notification, and that's just the starting point.

One thing that hasn't been mentioned here is that when a spammer uses an instance of IPB to email a victim, the resulting email message is incompatible with SpamCop Reporting, and attempts to Report it through SpamCop would get that IPB instance's Admin in trouble with its ISP. 

36831[/snapback]

It's been so long since I patched that code, I forgot all about that truth .., (though again, not sure what and how the spam in question is being reported .. more unanswered questions) ... some of my (and others') bug reports were allegedly handled as part of the 2.1.x upgrade, but this was basically inserting the missing data into the headers. You're right in that "full" headers and tracking is not part of the IPB Forum e-mail output. Thanks for pointing out the obvious here ...

and pointing out that some attempted research here was impacted by yet another "unscheduled outage" of the parsing & reporting system ....

[maz]

I honestly think that the more I discuss this on the forum the more spam I'm getting returned, could there be a connection.

Yes I think we already covered the fact that I also have IPB forum on my site. But no one has said that they can find a problem with kc/kionic same thing, we are doing our own blocking.

It is simple to block all the spam without effecting my site, simply allow my emails: maz, forum, help, volunteer, donor. you know where.

All the spam abuse is from different names other than these.

My only problem with blocking it, is that it blocks my forum from handling mail. So maybe this is a question for forum mail subscriptions. I really don't know much about mail, but I think we've pointed out a number of concerns that someone more knowledgeable should consider sharing.

Regards,

maz

[dbiel]

I am afraid that I am still lost as to what you are actually looking for and what help you are asking for.

1) SpamCop does not block any mail from anyone or to anyone.

2) SpamCop does maintain at BL that is IP based which some IP's and individuals do use to block mail

It is simple to block all the spam without effecting my site, simply allow my emails: maz, forum, help, volunteer, donor. you know where.

I have no idea what you are trying to say. It is the IP address of the mail server that is used to send the mail that might be listed in the SpamCop BL. It seems to me that you are talking about inbound mail from multiple sites. "maz, forum, help, volunteer, donor" what is this suppose to represent. They are not email addresses, they are not domain names. Do you mean "help[at]yourdomain.com"?

Edit: going back to your first post

Still having problems today, I don't understand why I can't list email addresses, I only have a few such as forum[at]mercuryexposure.org (IPB), volunteer, help, donor, maz. The spam scripting needs to stop.

it would appear that the email addresses you are talking about are "volunteer[at]mercuryexposure.org" etc. But still not clear if you are talking about outbound or inbound mail

If you are talking about inbound mail be blocked, then you need to talk to the admin of your mail server. If it is outbound mail you are talking about, then we need to know the IP address of the mail server you are using to send mail to give you any idea as to what is happening.

maybe this is a question for forum mail subscriptions

Again, no idea what this is, and also does forum = your forum or the SpamCop forum?

Please try to be very specific with your questions since there appears to be a very serious lack of communication and understanding between you and us. It could be that we can not see the obvious, but until we do see it, we can not be of any help to you.

[dbiel]

I think that I might just now be begining to understand some of the issues which seem to be compounding so will try to list them in an attempt to deal with them.

1) maz is receiving a lot of bounced spam that is being sent to a forged return mail address (one of maz's addresses) common problem. maz is a victim. Not much of anything that can be done about it but pray that it stops.

2) maz is reporting these bouces using a spamcop reporting address but claims that it is causing her mail server to get listed. (not sure if I am right on this one)

Simple fix, stop reporting them. Better fix be sure that your mailhost configueration is correct and you are not reporting yourself.

3) Remember that reporting without filtering will have not do anything to reduce the amount of bounced mail you receive. Even filtering may not help much at reducing the amount of bounced mail recieved unless you can find a common item to filter on.

The spam scripting needs to stop

seems to be a request to spammer to stop using any replyto address that belongs to Maz. Good luck with that. Spammers do not listen to us. They do what they want.

You may want to reread FAQ Entry: Why am I getting all these bounces and Why Am I Blocked? FAQ, Please read before posting as these seem to addres most of the issues being raised.

Good luck maz

If you have any specific questions that have not been answered, please restate them and we will try our best to help.

[Jeff G.]

Just to reiterate:

I'm not a guy

36781[/snapback]

Edit by dbiel: genger corrected in previous post. Thanks Jeff for bringing it to my attention.

[Wazoo]

I honestly think that the more I discuss this on the forum the more spam I'm getting returned, could there be a connection.

Doubtful. More likely the results of yet another nasty worm/virus in the wild, another sober varient .... As you've not offered up any/enough specific details here for anyone to offer any specific help, it's hard to see how a spammer has tracked you down from your posts here ....

Yes I think we already covered the fact that I also have IPB forum on my site. But no one has said that they can find a problem with kc/kionic same thing, we are doing our own blocking.

I don't recall seeing anyone saying anything like that. Thus far, there is no one besides you with a clue as to what IP address(es) is(are) involved. You've only mentioned one, that is not listed, and not even sure what it represents. For some folks, an IPB Forum "is" the site .. for others the Forum is just an additional bit ... you've not given a clue as to what your scenario might be.

It is simple to block all the spam without effecting my site, simply allow my emails: maz, forum, help, volunteer, donor. you know where.

Just as the server is still in question, the "web-site" is still in question, there is no one here that's going to try to guess at how you are (trying) to block any incoming e-mail. You've not said whether you're running your own mail server or not ...

All the spam abuse is from different names other than these.

One could guess that what you mean is that you are using a mode of accepting any and all e-mail, rather than only accepting valid e-mail addresses, normally called a "catch-all" account. Most hosting services also include the suggestion not to do this, but then turn around and only allow a certain number of e-mail addresses per hosted account ... a bit of a trade-off for some ... yet again, there's no one here that can guess at what your site is about ....

My only problem with blocking it, is that it blocks my forum from handling mail. So maybe this is a question for forum mail subscriptions. I really don't know much about mail, but I think we've pointed out a number of concerns that someone more knowledgeable should consider sharing.

36860[/snapback]

Yes, you've stated some concerns. but .... there's no data to work with for anyone here. Setting up your incoming e-mail to only allow "authorized" accounts doesn't seem to follow "blocks my forum from handling mail" ....????

[Wazoo]

Based on data plucked from the IPB support forum, Maz appears to be the top poster (possibly Admin?) on http://mercuryexposure.org/forum/ .... An attempt at a GET on mercuryexposure.org results in a 302 error, page moved to "the forum" .. so there is not a separate web-site apparently ... the Forum is the site ....

http://www.senderbase.org/?searchBy=ipaddr...=206.123.100.22 shows Colo4Dallas LP as "controlling" 1705 Domains ... 13 servers seen as outputting e-mail ... however, the only IP address offered up thus far isn't in that list ... but strangely, there are some traffic data existing ...

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day ......... 0.0 .. -100%

Last 30 days ... 1.5 .... 69%

Average ......... 1.2

Could one make the leap that it was passing traffic a bit ago, but the "problem" e-mail server has been relocated? (not making a lot of sense, as the web site is sitting at that IP now) ... Going with the non-profit tag on the web-site, I'm going with the Forum is using a shared server, possibly using one of the 13 identified mail servers, but .... not sure why I'm trying to do all the detective work ... questions have been (repeatedly) asked .. answers are needed.

[Wazoo]

IPB upgraded from 2.0.3 to 2.1.3 - I could not upgrade since June.

Can I get the url if I need a patch?

36805[/snapback]

Responded to with additional links at http://forums.invisionpower.com/index.php?showtopic=199522

I find your blaming Yahoo groups a bit confusing though.

[Farelf]

.... not sure why I'm trying to do all the detective work ... questions have been (repeatedly) asked .. answers are needed.

36881[/snapback]

While you're "on a roll", http://www.dnsreport.com/tools/dnsreport.c...uryexposure.org says, in part,

WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). This probably won't cause any harm, but is a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server.

mercuryexposure.org claims to be host server012.kionic.com [but that host is at 206.123.101.26, not 206.123.100.22].

and http://www.senderbase.org/search?searchString=206.123.101.26 says

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day 3.1 568%

Last 30 days 3.0 578%

Average 2.1

Ouch ... but not currently listed. Just a few more pieces to fit together ... Bit like dreaming you had a dream in which you understood it all - then you woke up.

[agsteele]

Bit like dreaming you had a dream in which you understood it all - then you woke up.

36888[/snapback]

I've tried both asleep and awake and am still confused...

Andrew

[Farelf]

Okay, lets try this (continuing the illusion of relevance), a chain of supposition interspaced with a few facts.

maz owns/operates the admirable mercuryexposure.org which consists of a website (which is a formum) and an email facility which handles the forum pm and thread subscriptions and other stuff. mercuryexposure assists and comforts those afflicted with what used to be called "Hatter's disease" (mercury poisoning), I presume both directly and via their carers. I mention this to indicate the worthiness of resolving maz's still cryptic problem.

Mercuryexposure.org is hosted by Kionic Inc as Kionic.com, which is owned by Colo4Dallas LP. Spammers are spoofing mercuryexposure email addresses and maz uses her SpamCop reporting account to report the resultant clueless bounces. At the same time, maz's "subsciption service" for the mercuryexposure forum may or may not be being reported by others from time to time as subscription services are prone to be.

Mercuryexposure.org (as set up by Kionic) thinks it hosts server012.kionic.com on 206.123.100.22 but actually server012.kionic.com is at IP address 206.123.101.26 so far as the outside world is concerned:

Kionic.com

206.123.101.16  server002.kionic.com 

206.123.101.25  server010.kionic.com 

206.123.101.26  server012.kionic.com

206.123.100.109  server011.kionic.com

Email is detected from 206.123.100.22 but it appears to be minimal, even if unexplained.

Several of Kionic.com's servers are showing signs of unusual activity, including server012.kionic.com, and may well be listed in the SCBL, and others, at various times. When and if that occurs, any SpamCop reports go to abuse[at]colo4dallas.com. If and when server012.kionic.com is listed on any blocklist the resultant blocking may affect maz's email facilities, either/both with regard to inwards and outwards emails to remote addressees. If Kionic.com uses BLs responding to the situation (blocks itself - is this likely?), the problem would be far more severe for maz. If maz uses the SCBL then she can't receive her own mail which could be a problem with some mail-handling configurations - but I can't see that as a likely cause of her distress.

Anyhow, maz lately perceives problems with inwards and/or ourwards mail to/from mercuryexposure email addresses (mostly the forum notifications = "from"). maz initially suspects her SpamCop reporting of the spoofed mercuryexposure email addresses is causing her problems (which additionally confuses her if she realizes the stuff would need to be coming from her server IP address as well as using using mercuryexposure email addresses for that to occur). She doesn't know at that point that she is sharing server012.kionic.com. Then she starts to wonder about the "subscription service".

My brain hurts. What needs correction in that picture, maz? We can hopefully move on from there.

[maz]

So many questions??? Looks like you've done some detective work, but I'm not the one with the problem, the problem is with those doing the Joe Job.

I believe that the change in DNS was another incident when AOL changed their policy about stopping spammers, at the time it was blocking a lot of people, we got that fixed but where someone reported spam, we were unable to undo it, hence we moved out of the target.

We are for non-violent social change, no advertising and don't sell anything. I began on Geocities many moons ago, and never wanted to see another banner.

Our users are not familiar with forums, many come from yahoo groups, they reply to emails instead of the forum, they want to unsubscribe without having to look for it. I tend to agree, the unsubscribe button should be on the email. I did that but we upgraded again, and there is still no unsubscribe.

The site is a large database, it was being forwarded to the forum because of the forum upgrade and the integration, site publishing and login is not complete with this version of the forum. The site is now working but login and publishing is not.

Some of our science associates have been hacked so I'm good at keeping an eye on things.

If mail was blocked completely then I wouldn't be able to track what's happening.

Mail slowed down to a trickle late yesterday probably for a number of reasons.

7 x 10:06 am; 4 x 10:27 am. I checked those. Sent an email to the headquaters and got this reply back:

The received from header points to vopm1.ktis.net (ip 69.27.200.50). I can confirm this company has purchased our email server software, but further contacts should be with the postmaster of that domain directly. I cannot provide customer information without a sub-peona.

In fact, since this domain name (www.ktis.net) is an ISP, he may only be able to provide information about the end-user who did to a law enforcement person.

I do have a complaint with Marin County Supervisors disposal of sludge in a public place. That's where I overheard the term Joe Job; embarrasingly asked a friend if they knew what it meant.

I asked for industrial hygeine to clean up, it is 6 months now, I am diagnosed with cancer.

Considering they oversee health, hygeine, mental health, the web and disposal of sludge, they have used every resource available to them to frame me as something I'm not.

Reminds me of Genesis - The trick of the tale.

[agsteele]

but I'm not the one with the problem, the problem is with those doing the Joe Job.

36938[/snapback]

Indeed, I think we'd all agree - but you have to suffer the consequences and that's what we've been trying to address. If, indeed, a joe-job is the cause as we suspected early on then the only practical solution is to wait out the storm. Sorry not to be able to offer anything more.

I believe that the change in DNS was another incident when AOL changed their policy about stopping spammers, at the time it was blocking a lot of people, we got that fixed but where someone reported spam, we were unable to undo it, hence we moved out of the target.

36938[/snapback]

You also mention a number of other probably unrelated issues. I surely hope you'll find some relief from all these things which seem to have piled up at the same time.

I do have a complaint with Marin County Supervisors disposal of sludge in a public place. That's where I overheard the term Joe Job; embarrasingly asked a friend if they knew what it meant.

I asked for industrial hygeine to clean up, it is 6 months now, I am diagnosed with cancer.

36938[/snapback]

I am sorry to hear this and hope your doctors will have wisdom in providing the best treatment.

Andrew

[dbiel]

Mas, at this point is seems that all of your questions that we can possibly help with seem to have been answered or are no longer considered important as your last post seems to be question free. If not, please restate them and included the additional information needed (previously requested) to address them.

Our crystal balls are getting cloudy.

We wish you success in all areas of your envolvement.

[maz]

Good morning campers

Thank you for understanding.

Does this help?

From:  postmaster[at]ulm.de

Subject: Unzustellbar: [*spam-TAG*] 3: ALL MAJOR DESIGNER REPLICA //ATCHES !    Save $38

Date: November 30, 2005 6:28:22 AM PST

To:  jpocas[at]mercuryexposure.org

Received: from me3 by server012.kionic.com with local-bsmtp (Exim 4.54 (FreeBSD)) id 1EhSwq-000Gzb-87 for help[at]mercuryexposure.org; Wed, 30 Nov 2005 08:28:40 -0600

Received: from [195.243.22.149] (helo=i1rrzssmtp06v.rz-as.de) by server012.kionic.com with esmtp (Exim 4.54 (FreeBSD)) id 1EhSwp-000GzO-Qf for jpocas[at]mercuryexposure.org; Wed, 30 Nov 2005 08:28:40 -0600

Received: from i1rrzssmtp01v.rz-as.de (unknown [10.190.20.28]) by i1rrzssmtp06v.rz-as.de (Postfix) with ESMTP id 4D648C1F0F0 for <jpocas[at]mercuryexposure.org>; Wed, 30 Nov 2005 15:28:32 +0100 (CET)

Received: from localhost (unknown [127.0.0.1]) by i1rrzssmtp01v.rz-as.de (Postfix) with ESMTP id DD157412579 for <jpocas[at]mercuryexposure.org>; Wed, 30 Nov 2005 15:24:32 +0100 (CET)

Received: from i1rrzssmtp01v.rz-as.de ([10.190.20.28]) by localhost (i1rrzssmtp01v [10.190.20.28]) (amavisd-new, port 10024) with ESMTP id 15734-01 for <jpocas[at]mercuryexposure.org>; Wed, 30 Nov 2005 15:24:31 +0100 (CET)

Received: from R1RRZ370EX.dmz1.rzrt.kvnbw.de (unknown [10.190.20.22]) by i1rrzssmtp01v.rz-as.de (Postfix) with ESMTP id BF5C2412657 for <jpocas[at]mercuryexposure.org>; Wed, 30 Nov 2005 15:24:29 +0100 (CET)

Received: from sus00018.stadtulm.de (10.201.127.1 [10.201.127.1]) by R1RRZ370EX.dmz1.rzrt.kvnbw.de with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2657.72) id XKYA5726; Wed, 30 Nov 2005 15:28:29 +0100

Received: by SUS00018 with Internet Mail Service (5.5.2653.19) id <X7RB9QMC>; Wed, 30 Nov 2005 15:28:22 +0100

X-spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on  server012.kionic.com

X-spam-Level:

X-spam-Status: No, score=0.0 required=3.0 tests=none autolearn=unavailable  version=3.1.0

Message-Id: <EB6574FC585AD51184130002A55CCB15089EA332[at]SUS00018>

X-Sybari-Trust: aa2c6ad3 44d92b5d d6dde6e1 00000105

Mime-Version: 1.0

X-Mailer: Internet Mail Service (5.5.2653.19)

X-Ms-Embedded-Report:

Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01C5F5BA.514EE7D8"

X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at rz-as.de