diff --git a/content/spam/2023-11-17-netcup-phishing/index.md b/content/spam/2023-11-17-netcup-phishing/index.md
new file mode 100644
index 0000000..879f90c
--- /dev/null
+++ b/content/spam/2023-11-17-netcup-phishing/index.md
@@ -0,0 +1,399 @@
++++
+title = 'Netcup phishing'
+summary = 'They really think I got my domain from Netcup \*lol\*'
+date = '2023-11-17T16:35:12+0100'
+# lastmod = ''
+# categories = [ 'spam' ]
+# tags = []
+
+# showBreadcrumbs = true
+# showDate = false
+# showReadingTime = false
+# showWordCount = false
+# showPagination = false
+
+# feed_exclude = true
+# site_exclude = true
+
++++
+
+Okay this one is not a "good" one, in terms of a good phishing email, because it
+is obviosly a phishing email since I do not have the mentioned product bought at
+mentioned company. But the fact that I get constantly emailed these made me finally
+post this to the website.
+
+I get them mostly in a pair of two, one to my main domain and one to a subdomain (which
+includes the term `noreply` as part of the domainname).
+
+## The mail body
+
+{{< alert >}}
+Watch out for the link, as you might see, it gets rendered to a `netcup.de` domain
+as HTML, but the source code does look quite a bit different!
+{{< /alert >}}
+
+~~~plain
+Sehr geehrte/r
+
+
+Wir möchten Sie heute freundlich daran erinnern, dass die Domain oe7drt.com
+ Ihrer Firma, mit der dieses E-Mail-Konto verbunden ist, am 17.11.2023 abläuft.
+Als verantwortungsbewusster Anbieter ist es uns ein Anliegen, Ihnen rechtzeitig
+über diese bevorstehende Verlängerung zu informieren.
+
+über den sicheren Link erneuern https://renew.netcup.de
+
+Wir möchten sicherstellen, dass Ihre Online-Präsenz reibungslos läuft und Ihr
+geschäftlicher Erfolg nicht beeinträchtigt wird. Daher empfehlen wir Ihnen
+dringend, die Verlängerung Ihrer Domain vor dem Ablaufdatum zu beantragen.
+Indem Sie Ihre Domain verlängern, stellen Sie sicher, dass Ihre Webseite
+weiterhin erreichbar ist und Ihr E-Mail-Konto aktiv bleibt.
+
+Dein netcup team
+
+---------------------------------------------------------
+
+netcup GmbH
+Managing Directors:
+- Oliver Werner
+- Alexander Windbichler
+Daimlerstr. 25
+D-76185 Karlsruhe
+
+Phone: +49 721 / 7540755 - 0
+Fax: +49 721 / 7540755 - 9
+
+
+Commercial register: HRB 705547, Amtsgericht Mannheim
+
+---------------------------------------------------------
+
+    
+
+2 Attachment(s) (0.9 KB)
+?Download all attachments[SUBMIT] ?Show attachments[SUBMIT]
+?[SUBMIT]
+~~~
+
+## The mail body source (html)
+
+{{< alert "circle-info" >}}
+Note the highlighted line (18). There you have the real link that we mentioned
+above.
+{{< /alert >}}
+
+~~~html {hl_lines=18}
+<head>
+ 
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">  
+<meta name="GENERATOR" content="MSHTML 11.00.10570.1001"></head> 
+<body>
+<div class="content-message" dojoattachpoint="contentMsgPane">
+<div class="text msg-view-text" role="text">
+<div class="msg-view-text-cnt" dojoattachpoint="_messageTextCntNode">
+<div class="xam_msg_class">
+<meta content="text/html">    
+<p>Sehr geehrte/r</p>
+<p><br></p>
+<p>Wir möchten Sie heute freundlich daran erinnern, dass die 
+ Domain&nbsp;<strong>oe7drt.com</strong>&nbsp;Ihrer Firma, mit der dieses 
+ E-Mail-Konto  verbunden ist, am <strong>17.11.2023</strong> abläuft. Als  
+ verantwortungsbewusster Anbieter ist es uns ein Anliegen, Ihnen rechtzeitig  
+über  diese bevorstehende Verlängerung zu informieren.</p>
+<p>über den sicheren Link erneuern <a href="https://elettrogi.it/" target="_blank" rel="noopener noreferrer"><strong>https://renew.<em style="color: rgb(0, 0, 0); font-style: inherit; background-color: rgb(255, 255, 102);">netcup</em>.de</strong></a></p>
+<p>Wir möchten sicherstellen, dass Ihre Online-Präsenz reibungslos läuft und Ihr 
+ geschäftlicher Erfolg nicht beeinträchtigt wird. Daher empfehlen wir Ihnen  
+ dringend, die Verlängerung Ihrer Domain vor dem Ablaufdatum zu beantragen.  
+Indem  Sie Ihre Domain verlängern, stellen Sie sicher, dass Ihre Webseite  
+weiterhin  erreichbar ist und Ihr E-Mail-Konto aktiv bleibt.</p>
+<p>Dein <em style="color: rgb(0, 0, 0); font-style: inherit; background-color: rgb(255, 255, 102);">netcup</em> 
+team</p>
+<p>---------------------------------------------------------</p>
+<p><em style="color: rgb(0, 0, 0); font-style: inherit; background-color: rgb(255, 255, 102);">netcup</em> 
+GmbH<br>Managing Directors:<br>- Oliver Werner<br>- Alexander  
+ Windbichler<br>Daimlerstr. 25<br>D-76185 Karlsruhe</p>
+<p>Phone: +49 721 / 7540755 - 0<br>Fax: +49 721 / 7540755 - 9</p>
+<p><br></p>
+<p>Commercial register: HRB 705547, Amtsgericht Mannheim </p>
+<p>---------------------------------------------------------    
+<br></p></div></div>&nbsp;&nbsp;&nbsp;&nbsp;	
+<div class="msg-view-quoted-message-button removed" dojoattachpoint="_showQuotedNode"><br></div></div>
+<div class="attachments-area-container dijitContentPane collapsed removed all-deleted" id="uiLogic_webmail__view_AttachmentsArea_0" role="group" dir="ltr" dojotype="uiLogic.webmail._view.AttachmentsArea" widgetid="uiLogic_webmail__view_AttachmentsArea_0" region="bottom">
+<div>
+<div class="box" role="attachments-area">
+<div class="attachments-download-warp" role="attachments-download-warp" style="display: none;">
+<div class="view-attachments-info" role="attachments-info">2 Attachment(s) (0.9 
+ KB)</div><span class="dijit dijitReset dijitInline attachments-download dijitButton" widgetid="dijit_form_Button_42"><span class="dijitReset dijitInline dijitButtonNode" dojoattachevent="ondijitclick:_onButtonClick"><span tabindex="0" class="dijitReset dijitStretch dijitButtonContents" id="dijit_form_Button_42" role="button" aria-labelledby="dijit_form_Button_42_label" style="opacity: 0; user-select: none;" dojoattachpoint="titleNode,focusNode" wairole="button" waistate="labelledby-dijit_form_Button_42_label"><span class="dijitReset dijitInline dijitIcon" dojoattachpoint="iconNode"></span><span class="dijitReset dijitToggleButtonIconChar">?</span><span class="dijitReset dijitInline dijitButtonText" id="dijit_form_Button_42_label" dojoattachpoint="containerNode">Download all 
+ attachments</span></span></span><input class="dijitOffScreen" type="button" dojoattachpoint="valueNode"></span>
+			  <span class="dijit dijitReset dijitInline attachments-show dijitButton" widgetid="dijit_form_Button_44"><span class="dijitReset dijitInline dijitButtonNode" dojoattachevent="ondijitclick:_onButtonClick"><span tabindex="0" class="dijitReset dijitStretch dijitButtonContents" id="dijit_form_Button_44" role="button" aria-labelledby="dijit_form_Button_44_label" style="opacity: 0; user-select: none;" dojoattachpoint="titleNode,focusNode" wairole="button" waistate="labelledby-dijit_form_Button_44_label"><span class="dijitReset dijitInline dijitIcon" dojoattachpoint="iconNode"></span><span class="dijitReset dijitToggleButtonIconChar">?</span><span class="dijitReset dijitInline dijitButtonText" id="dijit_form_Button_44_label" dojoattachpoint="containerNode">Show 
+ attachments</span></span></span><input class="dijitOffScreen" type="button" dojoattachpoint="valueNode"></span>
+			  
+<div class="back-panel removed"><span class="dijit dijitReset dijitInline attachments-toggle view-landscape-button viewNextIcon dijitButton" widgetid="dijit_form_Button_43"><span class="dijitReset dijitInline dijitButtonNode" dojoattachevent="ondijitclick:_onButtonClick"><span tabindex="0" title="Hide" class="dijitReset dijitStretch dijitButtonContents" id="dijit_form_Button_43" role="button" aria-labelledby="dijit_form_Button_43_label" style="user-select: none;" dojoattachpoint="titleNode,focusNode" wairole="button" waistate="labelledby-dijit_form_Button_43_label"><span class="dijitReset dijitInline dijitIcon" dojoattachpoint="iconNode"></span><span class="dijitReset dijitToggleButtonIconChar">?</span><span class="dijitReset dijitInline dijitButtonText" id="dijit_form_Button_43_label" dojoattachpoint="containerNode"></span></span></span><input class="dijitOffScreen" type="button" dojoattachpoint="valueNode"></span>
+			  </div></div>
+<div class="box" role="attachments"></div></div></div></div></div>
+</body>
+~~~
+
+## The mail source
+
+~~~plain
+Return-Path: <postmaster@onedk.net>
+Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
+	 by sloti44n20 (Cyrus 3.9.0-alpha0-1108-g3a29173c6d-fm-20231031.005-g3a29173c) with LMTPA;
+	 Fri, 17 Nov 2023 08:04:12 -0500
+X-Cyrus-Session-Id: sloti44n20-1700226252-3181116-2-9777549396983539035
+X-Sieve: CMU Sieve 3.0
+X-Spam-known-sender: no
+X-Spam-sender-reputation: 0 (email; noauth)
+X-Spam-score: 14.5
+X-Spam-hits: BAYES_99 3.5, BAYES_999 1.2, DCC_CHECK 1.1, DCC_REPUT_90_94 0.6,
+  FSL_BULK_SIG 1.593, HTML_MESSAGE 0.001, HTML_MIME_NO_HTML_TAG 0.377,
+  HTTPS_HTTP_MISMATCH 0.1, ME_NOAUTH 0.01, ME_SC_NH -0.001,
+  ME_SENDERREP_DENY 4, ME_VADEPHISHING 2, MIME_HTML_ONLY 0.1,
+  SPF_HELO_NONE 0.001, SPF_NONE 0.001, T_SCC_BODY_TEXT_LINE -0.01,
+  LANGUAGES de, BAYES_USED user, SA_VERSION 3.4.6
+X-Backscatter: NotFound1
+X-Backscatter-Hosts: 
+X-Spam-source: IP='37.120.188.231', Host='v2202311112809242991.luckysrv.de', Country='DE',
+  FromHeader='net', MailFrom='net'
+X-Spam-charsets: html='windows-1252'
+X-Resolved-to: dominic@...
+X-Delivered-to: dominic@noreply....
+X-Mail-from: postmaster@onedk.net
+Received: from mx4 ([10.202.2.203])
+  by compute1.internal (LMTPProxy); Fri, 17 Nov 2023 08:04:12 -0500
+Received: from mx4.messagingengine.com (localhost [127.0.0.1])
+	by mailmx.nyi.internal (Postfix) with ESMTP id 7FA301F20122
+	for <dominic@noreply....>; Fri, 17 Nov 2023 08:04:11 -0500 (EST)
+Received: from mailmx.nyi.internal (localhost [127.0.0.1])
+    by mx4.messagingengine.com (Authentication Milter) with ESMTP
+    id 17A016E9B26.8E0F31F2037D;
+    Fri, 17 Nov 2023 08:04:11 -0500
+ARC-Seal: i=1; a=rsa-sha256; cv=none; d=messagingengine.com; s=fm1; t=
+    1700226251; b=LpZ7c6e8oXo/abJ3c3SIgseAfYAwmkcgCE9cMryacWzUPDXywM
+    2Bu+k0NpXZJaKcrAdOyuejBwIiFyqSq+TK/glo0Hk6DmC7TE8yw0HlddNInKUJ53
+    Fc/rTiqmgPpJXrUwryrmEZ4jJTcR+GIoUtXEIweftEhongl3cZvcVXf0gaE0Zxcg
+    Za3pbOgZ8xEBJADOyvCNPeZOAaNvNF5C19ylzywj0UO6lDX7v58OVI0GKyqdIMH9
+    i0kvloD/B/CDHnT6jHWav2C35s5NKnHX+SuNQ4/CPOG7uuRiC3+S2G4pTwP542Cq
+    Pu87hi1GKiH5VuM8m92JH9nwb70r5fB+fRCQ==
+ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
+    messagingengine.com; h=mime-version:from:reply-to:to:subject
+    :content-type:content-transfer-encoding:date:message-id; s=fm1;
+    t=1700226251; bh=NbXSTJaTKSRZgsx8I0IN3ukxEcOTFS+VrpzkYzr/Un8=; b=
+    lmluPcXbKIM06qPoH+sQ2YXHJlP5FQFfF/R43bgajaKkZ3mO5x7uGQA0BFsF+c1M
+    qwrJG7rG6hxW8aKmnlNyRIskwVt393qYEnCk29qDK4qVcG/34wlYG1J1jpMqPXXm
+    1oJx1wYrpvelG3ADuTXHXJcleupCGdCIwlo9y9InuAjKOMGjLW8zxCKVv2DvRQ8r
+    o8CNKpGY6iLcBctsE40CuXNHvNaxH9jsnXTqhhI6WJjugPek7JAof4JRSJDvVJX6
+    aZ7pl4xOsHH0psrC2u+kUUUiIvjFNoU+MBbsK0aG/ezThetyaYwkjQPuD0ZNgU5H
+    t5gJ0HdrTFSeQUft9LQlEg==
+ARC-Authentication-Results: i=1; mx4.messagingengine.com;
+    x-csa=none;
+    x-me-sender=none;
+    x-ptr=pass smtp.helo=v2202311112809242991.luckysrv.de
+    policy.ptr=v2202311112809242991.luckysrv.de;
+    bimi=skipped (DMARC did not pass);
+    arc=none (no signatures found);
+    dkim=invalid (public key: not available, unknown key sha256)
+    header.d=onedk.net header.i=@onedk.net header.b=tKBKfGAz
+    header.a=unknown-sha256 header.s=dkim;
+    dmarc=none policy.published-domain-policy=none
+    policy.applied-disposition=none policy.evaluated-disposition=none
+    (p=none,d=none,d.eval=none) policy.policy-from=p
+    header.from=onedk.net;
+    iprev=pass smtp.remote-ip=37.120.188.231
+    (v2202311112809242991.luckysrv.de);
+    spf=none smtp.mailfrom=postmaster@onedk.net
+    smtp.helo=v2202311112809242991.luckysrv.de
+X-ME-Authentication-Results: mx4.messagingengine.com;
+    x-aligned-from=pass (Address match);
+    x-return-mx=pass header.domain=onedk.net policy.is_org=yes
+      (MX Records found: mx-biz.mail.am0.yahoodns.net,mx-biz.mail.am0.yahoodns.net);
+    x-return-mx=pass smtp.domain=onedk.net policy.is_org=yes
+      (MX Records found: mx-biz.mail.am0.yahoodns.net,mx-biz.mail.am0.yahoodns.net);
+    x-tls=pass smtp.version=TLSv1.3 smtp.cipher=TLS_AES_256_GCM_SHA384
+      smtp.bits=256/256;
+    x-vs=phishing score=607 state=101
+Authentication-Results: mx4.messagingengine.com;
+    x-csa=none;
+    x-me-sender=none;
+    x-ptr=pass smtp.helo=v2202311112809242991.luckysrv.de
+      policy.ptr=v2202311112809242991.luckysrv.de
+Authentication-Results: mx4.messagingengine.com;
+    bimi=skipped (DMARC did not pass)
+Authentication-Results: mx4.messagingengine.com;
+    arc=none (no signatures found)
+Authentication-Results: mx4.messagingengine.com;
+    dkim=invalid (public key: not available, unknown key sha256)
+      header.d=onedk.net header.i=@onedk.net header.b=tKBKfGAz
+      header.a=unknown-sha256 header.s=dkim;
+    dmarc=none policy.published-domain-policy=none
+      policy.applied-disposition=none policy.evaluated-disposition=none
+      (p=none,d=none,d.eval=none) policy.policy-from=p
+      header.from=onedk.net;
+    iprev=pass smtp.remote-ip=37.120.188.231
+      (v2202311112809242991.luckysrv.de);
+    spf=none smtp.mailfrom=postmaster@onedk.net
+      smtp.helo=v2202311112809242991.luckysrv.de
+X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgedvkedrudegtddggeejucetufdoteggodetrfdotf
+    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu
+    rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucgorfhhihhshhhinhhgqd
+    fkkffrucdliedtjedmnecujfgurhepggfhrhfvufgtgffofffksehhqhertdertdehnecu
+    hfhrohhmpedfpfgvthgtuhhpucfimhgsjfdfuceophhoshhtmhgrshhtvghrsehonhgvug
+    hkrdhnvghtqeenucggtffrrghtthgvrhhnpeffffdufeffudeiieelueeghfeiteffhfdt
+    hffhveeigffgfeefheelteejkeeuudenucffohhmrghinhepvghlvghtthhrohhgihdrih
+    htpdhnvghttghuphdruggvnecukfhppeefjedruddvtddrudekkedrvdefudenucfrhhhi
+    shhhihhnghdqkffkrfephhhtthhpshemsddsvghlvghtthhrohhgihdrihhtnecuvehluh
+    hsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepfeejrdduvddtrddukeekrddv
+    fedupdhhvghlohepvhdvvddtvdefudduudduvdektdelvdegvdelledurdhluhgtkhihsh
+    hrvhdruggvpdhmrghilhhfrhhomhepoehpohhsthhmrghsthgvrhesohhnvggukhdrnhgv
+    theqpdhnsggprhgtphhtthhopedupdhrtghpthhtohepoeguohhmihhnihgtsehnohhrvg
+    hplhihrdhovgejughrthdrtghomheq
+X-ME-VSScore: 607
+X-ME-VSCategory: phishing
+X-ME-CSA: none
+Received-SPF: none
+    (onedk.net: No applicable sender policy available)
+    receiver=mx4.messagingengine.com;
+    identity=mailfrom;
+    envelope-from="postmaster@onedk.net";
+    helo=v2202311112809242991.luckysrv.de;
+    client-ip=37.120.188.231
+Received: from v2202311112809242991.luckysrv.de (v2202311112809242991.luckysrv.de [37.120.188.231])
+	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
+	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
+	(No client certificate requested)
+	by mx4.messagingengine.com (Postfix) with ESMTPS id 8E0F31F2037D
+	for <dominic@noreply....>; Fri, 17 Nov 2023 08:03:44 -0500 (EST)
+Received: from v2202311112809242991.luckysrv.de (localhost [127.0.0.1])
+	by v2202311112809242991.luckysrv.de (Postfix) with ESMTP id 4SWxs61BzJz48xN
+	for <dominic@noreply....>; Fri, 17 Nov 2023 14:02:50 +0100 (CET)
+Authentication-Results: v2202311112809242991.luckysrv.de (amavis); dkim=pass
+ reason="pass (just generated, assumed good)" header.d=onedk.net
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=onedk.net; h=
+	message-id:date:x-mailer:content-transfer-encoding:content-type
+	:subject:to:reply-to:from:mime-version; s=dkim; t=1700226169; x=
+	1702818170; bh=mEPVMchXmulep+z6c+qm5ufujgLqwDgvxHEmacERCZA=; b=t
+	KBKfGAzEtvWgwvWrD7w1wNLn5Ljp4RgfY5dBV+Y2EzCWLZVYJeih0lqaRU27jL61
+	ILRSW9WRbAu2tgr1M0wdQwOHQ4Dp7i3ps7AQJn4BpvFbTwR1b524Hs4t52xKMecy
+	Zf/X+yRzlRPVTO5mi0sPK0tmAEvN+TBmcsldK9RKgwIr8qUFau99OBBZlDoYUMRV
+	wMZOoJ3ccaPC5dooc/sDd+MbQSaGKH1Ubum0Ld9VtdOHlWHFs+tpujzYC/L/kxLl
+	4k/BSYsGw4IUurCbPZnoR5TIBuAV2hy4caZMtFELmeOG7ZuQjvr8wMJUNhwflzeQ
+	OUiV2kgjdZsHb3mtnjzHg==
+X-Virus-Scanned: Debian amavis at v2202311112809242991.luckysrv.de
+Received: from v2202311112809242991.luckysrv.de ([127.0.0.1])
+ by v2202311112809242991.luckysrv.de (v2202311112809242991.luckysrv.de [127.0.0.1]) (amavis, port 10024)
+ with ESMTP id nPsir9OSICbE for <dominic@noreply....>;
+ Fri, 17 Nov 2023 14:02:49 +0100 (CET)
+Received: from vmi1464682 (localhost [IPv6:::1])
+	by v2202311112809242991.luckysrv.de (Postfix) with ESMTPS id 4SWxs55N6sz48x5
+	for <dominic@noreply....>; Fri, 17 Nov 2023 14:02:49 +0100 (CET)
+MIME-Version: 1.0
+From: "Netcup GmbH" <postmaster@onedk.net>
+Reply-To: postmaster@onedk.net
+To: dominic@noreply....
+Subject: Deaktivierung des E-Mail-Postfachs aufgrund des Ablaufs der Domain oe7drt.com
+Content-Type: text/html; charset="windows-1252"
+Content-Transfer-Encoding: quoted-printable
+X-Mailer: Smart_Send_4_4_2
+Date: Fri, 17 Nov 2023 14:02:49 +0100
+Message-ID: <5196428650656248899676@vmi1464682>
+
+<head>=0A =0A<meta http-equiv=3D"Content-Type" content=3D"text/html; charse=
+t=3Dwindows-1252">  =0A<meta name=3D"GENERATOR" content=3D"MSHTML 11.00.105=
+70.1001"></head> =0A<body>=0A<div class=3D"content-message" dojoattachpoint=
+=3D"contentMsgPane">=0A<div class=3D"text msg-view-text" role=3D"text">=0A<=
+div class=3D"msg-view-text-cnt" dojoattachpoint=3D"_messageTextCntNode">=0A=
+<div class=3D"xam_msg_class">=0A<meta content=3D"text/html">    =0A<p>Sehr =
+geehrte/r</p>=0A<p><br></p>=0A<p>Wir m=F6chten Sie heute freundlich daran e=
+rinnern, dass die =0A Domain&nbsp;<strong>oe7drt.com</strong>&nbsp;Ihrer Fi=
+rma, mit der dieses =0A E-Mail-Konto  verbunden ist, am <strong>17.11.2023<=
+/strong> abl=E4uft. Als  =0A verantwortungsbewusster Anbieter ist es uns ei=
+n Anliegen, Ihnen rechtzeitig  =0A=FCber  diese bevorstehende Verl=E4ngerun=
+g zu informieren.</p>=0A<p>=FCber den sicheren Link erneuern <a href=3D"htt=
+ps://elettrogi.it/" target=3D"_blank" rel=3D"noopener noreferrer"><strong>h=
+ttps://renew.<em style=3D"color: rgb(0, 0, 0); font-style: inherit; backgro=
+und-color: rgb(255, 255, 102);">netcup</em>.de</strong></a></p>=0A<p>Wir m=
+=F6chten sicherstellen, dass Ihre Online-Pr=E4senz reibungslos l=E4uft und =
+Ihr =0A gesch=E4ftlicher Erfolg nicht beeintr=E4chtigt wird. Daher empfehle=
+n wir Ihnen  =0A dringend, die Verl=E4ngerung Ihrer Domain vor dem Ablaufda=
+tum zu beantragen.  =0AIndem  Sie Ihre Domain verl=E4ngern, stellen Sie sic=
+her, dass Ihre Webseite  =0Aweiterhin  erreichbar ist und Ihr E-Mail-Konto =
+aktiv bleibt.</p>=0A<p>Dein <em style=3D"color: rgb(0, 0, 0); font-style: i=
+nherit; background-color: rgb(255, 255, 102);">netcup</em> =0Ateam</p>=0A<p=
+>---------------------------------------------------------</p>=0A<p><em sty=
+le=3D"color: rgb(0, 0, 0); font-style: inherit; background-color: rgb(255, =
+255, 102);">netcup</em> =0AGmbH<br>Managing Directors:<br>- Oliver Werner<b=
+r>- Alexander  =0A Windbichler<br>Daimlerstr. 25<br>D-76185 Karlsruhe</p>=
+=0A<p>Phone: +49 721 / 7540755 - 0<br>Fax: +49 721 / 7540755 - 9</p>=0A<p><=
+br></p>=0A<p>Commercial register: HRB 705547, Amtsgericht Mannheim </p>=0A<=
+p>---------------------------------------------------------    =0A<br></p><=
+/div></div>&nbsp;&nbsp;&nbsp;&nbsp;	=0A<div class=3D"msg-view-quoted-messag=
+e-button removed" dojoattachpoint=3D"_showQuotedNode"><br></div></div>=0A<d=
+iv class=3D"attachments-area-container dijitContentPane collapsed removed a=
+ll-deleted" id=3D"uiLogic_webmail__view_AttachmentsArea_0" role=3D"group" d=
+ir=3D"ltr" dojotype=3D"uiLogic.webmail._view.AttachmentsArea" widgetid=3D"u=
+iLogic_webmail__view_AttachmentsArea_0" region=3D"bottom">=0A<div>=0A<div c=
+lass=3D"box" role=3D"attachments-area">=0A<div class=3D"attachments-downloa=
+d-warp" role=3D"attachments-download-warp" style=3D"display: none;">=0A<div=
+ class=3D"view-attachments-info" role=3D"attachments-info">2 Attachment(s) =
+(0.9 =0A KB)</div><span class=3D"dijit dijitReset dijitInline attachments-d=
+ownload dijitButton" widgetid=3D"dijit_form_Button_42"><span class=3D"dijit=
+Reset dijitInline dijitButtonNode" dojoattachevent=3D"ondijitclick:_onButto=
+nClick"><span tabindex=3D"0" class=3D"dijitReset dijitStretch dijitButtonCo=
+ntents" id=3D"dijit_form_Button_42" role=3D"button" aria-labelledby=3D"diji=
+t_form_Button_42_label" style=3D"opacity: 0; user-select: none;" dojoattach=
+point=3D"titleNode,focusNode" wairole=3D"button" waistate=3D"labelledby-dij=
+it_form_Button_42_label"><span class=3D"dijitReset dijitInline dijitIcon" d=
+ojoattachpoint=3D"iconNode"></span><span class=3D"dijitReset dijitToggleBut=
+tonIconChar">=3F</span><span class=3D"dijitReset dijitInline dijitButtonTex=
+t" id=3D"dijit_form_Button_42_label" dojoattachpoint=3D"containerNode">Down=
+load all =0A attachments</span></span></span><input class=3D"dijitOffScreen=
+" type=3D"button" dojoattachpoint=3D"valueNode"></span>=0A			  <span class=
+=3D"dijit dijitReset dijitInline attachments-show dijitButton" widgetid=3D"=
+dijit_form_Button_44"><span class=3D"dijitReset dijitInline dijitButtonNode=
+" dojoattachevent=3D"ondijitclick:_onButtonClick"><span tabindex=3D"0" clas=
+s=3D"dijitReset dijitStretch dijitButtonContents" id=3D"dijit_form_Button_4=
+4" role=3D"button" aria-labelledby=3D"dijit_form_Button_44_label" style=3D"=
+opacity: 0; user-select: none;" dojoattachpoint=3D"titleNode,focusNode" wai=
+role=3D"button" waistate=3D"labelledby-dijit_form_Button_44_label"><span cl=
+ass=3D"dijitReset dijitInline dijitIcon" dojoattachpoint=3D"iconNode"></spa=
+n><span class=3D"dijitReset dijitToggleButtonIconChar">=3F</span><span clas=
+s=3D"dijitReset dijitInline dijitButtonText" id=3D"dijit_form_Button_44_lab=
+el" dojoattachpoint=3D"containerNode">Show =0A attachments</span></span></s=
+pan><input class=3D"dijitOffScreen" type=3D"button" dojoattachpoint=3D"valu=
+eNode"></span>=0A			  =0A<div class=3D"back-panel removed"><span class=3D"d=
+ijit dijitReset dijitInline attachments-toggle view-landscape-button viewNe=
+xtIcon dijitButton" widgetid=3D"dijit_form_Button_43"><span class=3D"dijitR=
+eset dijitInline dijitButtonNode" dojoattachevent=3D"ondijitclick:_onButton=
+Click"><span tabindex=3D"0" title=3D"Hide" class=3D"dijitReset dijitStretch=
+ dijitButtonContents" id=3D"dijit_form_Button_43" role=3D"button" aria-labe=
+lledby=3D"dijit_form_Button_43_label" style=3D"user-select: none;" dojoatta=
+chpoint=3D"titleNode,focusNode" wairole=3D"button" waistate=3D"labelledby-d=
+ijit_form_Button_43_label"><span class=3D"dijitReset dijitInline dijitIcon"=
+ dojoattachpoint=3D"iconNode"></span><span class=3D"dijitReset dijitToggleB=
+uttonIconChar">=3F</span><span class=3D"dijitReset dijitInline dijitButtonT=
+ext" id=3D"dijit_form_Button_43_label" dojoattachpoint=3D"containerNode"></=
+span></span></span><input class=3D"dijitOffScreen" type=3D"button" dojoatta=
+chpoint=3D"valueNode"></span>=0A			  </div></div>=0A<div class=3D"box" role=
+=3D"attachments"></div></div></div></div></div>=0A</body>
+~~~
+
+{{< alert "bug" >}}
+Please ignore the :date: signs in the sourcecode above, the content ist
+"emojified" and I have currently no idea how to turn this off...
+{{< /alert >}}
+
+## Why is this email invalid?
+
+First of all, the sending host is not a Netcup GmbH server, it's hostname
+is `v2202311112809242991.luckysrv.de`. This makes the mail suspicious, but the
+main criteria why this email is no valid in no way: my domain `oe7drt.com` is
+not managed at Netcup at all. There is just an A and AAAA (and others) record
+that points to a root server at Netcup.
+
+I thought I might share this one as well, because I get about 6-8 emails per day
+about my "netcup domain". The fun thing is, one of the domain has a _noreply_ in
+the domain name; I use this for several git repositories (like Github does). And
+to eliminate any kind of misinterpretation: the domain includes **noreply** --
+not **nodeliver**.
+