Idiot spammer trying to use my domain as a reply-to address. Interesting things to note about this bounce message. This looks like some sort of mess up on the spammer’s part since the headers are riddled with html tags and spaces in the email addresses, which is probably due in part to whatever email harvester program the spammer was using.
There is a a lot of fake information in the header. For example, the X-Originating-IP: [02.721.783.4] is not a true IP address. While usually IP addresses are denoted in square brackets, the IP address and other information in the X- headers in this case are not valid. The originating IP is really 126.96.36.199, an IP address from Bezeqint, an Israeli ISP. This address that looks like some sort of static cable based IP address. In other words, probably a PC on a botnet.
Good job spammer! (Not really.)
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
(generated from email@example.com)
retry timeout exceeded
—— This is a copy of the message, including all the headers. ——
Return-path: webmaster @cleverhack.com
Received: from [188.8.131.52] (helo=bzq-88-154-224-126.red.bezeqint.net)
by server.serversite2.com with smtp (Exim 4.63)
(envelope-from webmaster @cleverhack.com)
for firstname.lastname@example.org; Thu, 26 Apr 2007 14:53:38 -0400
Received: (qmail 5303 by uid 305); Thu, 26 Apr 2007 09:53:24 +0200
To: webmaster @clevelandwebmedia.co.uk
Subject: All Investors Message 2127335568591326
From: Investor Elma webmaster @clevelandwebmedia.co.uk
[tags] email headers, spam, spammer, spammers must die [/tags]