自 2015 年 1 月 12 日起，收到来自三台不同 Windows PC 的空邮件

问题

自 2015 年 1 月 12 日起，未知来源不断发送意外的空电子邮件。

尝试解决问题

• 他们都来自我从事网络/系统支持的公司
• 它们都来自 Windows 7 计算机
• 所有机器都安装了 Outlook
• 电子邮件总是空着
• 这与用户的交互无关。我刚收到电子邮件时就给他们打了好几次电话，他们只是在做浏览等常规操作。有时即使没有人使用电脑，我也会收到这些邮件。
• 所有三台 PC 都于 2015 年 1 月 12 日开始发送这些邮件
• 时间无关（有时我甚至在晚上也会收到邮件）
• 我只在 PC 开启时才接收电子邮件。例如，RobertPC 始终处于开启状态，我只在周末接收来自它的电子邮件（其他电脑都关闭）
• 电子邮件的主题有一定的规律：

WITT - report Helios pocitac-来自WittPC

WITT Lenka report- 来自 Martina PC

WITT - Robert report-来自 RobertPC

但是请注意“WITT Lenka report”中缺少连字符。还请注意“WITT - report Helios pocitac”中的“report”一词位于主题中间，而在其他两个主题中则位于末尾。

这里我贴出了两封邮件的源代码。请注意，我把我的电子邮件地址[email protected]和公司的电子邮件地址都改成了company_mail@their_domain.com。公司名为 WITT，与主题中的名称相关。

Delivered-To: [email protected]
Received: by 10.114.12.67 with SMTP id w3csp5070519ldb;
        Mon, 2 Mar 2015 01:54:37 -0800 (PST)
X-Received: by 10.180.105.131 with SMTP id gm3mr34457493wib.11.1425290075184;
        Mon, 02 Mar 2015 01:54:35 -0800 (PST)
Return-Path: <company_mail@their_domain.com>
Received: from ub.wcontact.cz ([217.11.236.196])
        by mx.google.com with ESMTPS id f20si17829519wiw.11.2015.03.02.01.54.34
        for <[email protected]>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 02 Mar 2015 01:54:35 -0800 (PST)
Received-SPF: none (google.com: company_mail@their_domain.com does not designate permitted sender hosts) client-ip=217.11.236.196;
Authentication-Results: mx.google.com;
       spf=none (google.com: company_mail@their_domain.com does not designate permitted sender hosts) smtp.mail=company_mail@their_domain.com
Received: from Martina (136.67.broadband2.iol.cz [83.208.67.136])
    by ub.wcontact.cz (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id t22C0niI025497
    for <[email protected]>; Mon, 2 Mar 2015 13:00:50 +0100
Thread-Topic: WITT Lenka report
thread-index: AdBUzuF6ZasY+IMSR/WHxYqBQw1VZw==
From: <company_mail@their_domain.com>
To: <[email protected]>
Subject: WITT Lenka report
Date: Mon, 2 Mar 2015 10:54:31 +0100
Message-ID: <CEF9D61743624438AFB64DAEE2A1F904@Martina>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.17609

第二封电子邮件：

Delivered-To: [email protected]
Received: by 10.114.12.67 with SMTP id w3csp5079020ldb;
        Mon, 2 Mar 2015 02:13:46 -0800 (PST)
X-Received: by 10.180.214.99 with SMTP id nz3mr34911628wic.82.1425291226321;
        Mon, 02 Mar 2015 02:13:46 -0800 (PST)
Return-Path: <company_mail@their_domain.com>
Received: from ub.wcontact.cz ([217.11.236.202])
        by mx.google.com with ESMTPS id lc1si21540226wjc.149.2015.03.02.02.13.44
        for <[email protected]>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Mon, 02 Mar 2015 02:13:45 -0800 (PST)
Received-SPF: none (google.com: company_mail@their_domain.com does not designate permitted sender hosts) client-ip=217.11.236.202;
Authentication-Results: mx.google.com;
       spf=none (google.com: company_mail@their_domain.com does not designate permitted sender hosts) smtp.mail=company_mail@their_domain.com
Received: from RobertPC (136.67.broadband2.iol.cz [83.208.67.136])
    by ub.wcontact.cz (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id t22CK1a1025892
    for <[email protected]>; Mon, 2 Mar 2015 13:20:02 +0100
Thread-Topic: WITT - Robert report
thread-index: AdBU0ZFN59bSeq8gS72nD7K9MjemXQ==
From: <company_mail@their_domain.com>
To: <[email protected]>
Subject: WITT - Robert report
Date: Mon, 2 Mar 2015 11:13:47 +0100
Message-ID: <A28D9827680449BB964B51889EE50598@RobertPC>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.17609

问题

什么服务或应用程序正在发送这些电子邮件或如何追踪来源？