He (Theymos) suggests in that thread that the GMX address may have expired and been re registered, but there's no evidence to suggest that that's possible. I've had many GMX addresses over the years and don't think it is.
GMX is a total shitshow. In the aftermath of the
satoshin@gmx.com hack, it was determined that GMX allowed/allows you to grab most accounts by merely brute-forcing the birthday -- this is the method that was probably used. Once that incident grabbed headlines, GMX disabled the account
for a while, but someone
was able to hack or register it again later. It's probably passed through several hands since then, nobody able to hold onto it for long because GMX is so full of holes.
Never use GMX.The P2Pfoundation account is already well-known to be hacked: it posted the "Your dox, passwords and IP addresses are being sold on the darknet" thing a while ago, though that post is now deleted. I kinda suspect that
CSW doesn't actually control it, though, and is just trying to play along with "nour" like the idiot conman he is.