Your mailserver received it from an Orange France IP 217.109.27.97 . Before that you can't really trust the headers. GD
On 02/03/2014 10:33 PM, phrag wrote:
FYI: Just got this to my Tor relay mail address, with a zip file attached extracting to a '.scr' win exe. Curiously routed via a .gov.uk mail relay...
GB03022014.scr: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: dba1e52929f6ca9d1a1bf87e4ff469cf GB2546241.zip MD5: fb1141494829b144b0075035022cfbb9 GB03022014.scr
Samples available on request. Full mail headers attached.
==========
From defeats871@richszabo.com Mon Feb 03 14:06:39 2014 Return-path: defeats871@richszabo.com Received: from [217.109.27.97] (helo=WNACDHPXR) Received: from mail1.bemta14.messagelabs.com by server.justinarcher.net Received: from gateway-102.energis.gsi.gov.uk (HELO mx.hosting-w.gsi.gov.uk) (62.25.106.208) by server-10.tower-205.messagelabs.com X-Env-Sender: gateway.confirmation@gateway.gov.uk
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays