NetKnow Corporate Blog

=?utf-8?B?bkJ0V1hET3pVSGtqT0RTTXlmVWk1RlltSWJpdFRRdkxOWE8zeWhrWDI3bkhL?=

=?utf-8?B?cFFKZjVnWmdLZnJnTkJFY1c2Nms2YkJSSXg3YldCNnBNTkVVOHNIY0ZVR0Fh?=

=?utf-8?B?VkNWZUJLbU5NZ2txbENCQkRsQW5mTmcydS9MS0pmeFgzbCtScjIwYjNISHJV?=

=?utf-8?B?T2IrSHhDRkdJUVpaUnR6c0NoVFlZMlVneDEvclprcVFqZjBoUWtnUFVJVnRj?=

=?utf-8?B?SE9aNytEZHFxamJaTDRrbklnMkZZSG0xdEYwTjhoOTFBSGhPcllSMEF2QWxO?=

=?utf-8?B?YzRDcHZadmhnWHpGakMwbEVaZnRKSTZ3TFNtVXVLOHZva0VoR25VS08wQkZZ?=

=?utf-8?B?cVRBYlVPZFNsY3U4M0k0UGhjZmFjRncxb3NUVGZrVms4OGlmNG9RL0p1bnVV?=

=?utf-8?Q?IVrk1hwsuQwUif+C3BpXBNgGq?=

X-OriginatorOrg: dld-ascent.com

X-MS-Exchange-CrossTenant-Network-Message-Id: f580e38b-1749-460f-4bd4-08de3cbcd9bf

X-MS-Exchange-CrossTenant-AuthSource: SA0PR07MB7657.namprd07.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Dec 2025 16:04:54.7450

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 26a196c2-e6d5-4e1c-9f42-ef9434a221f8

X-MS-Exchange-CrossTenant-MailboxType: HOSTED

X-MS-Exchange-CrossTenant-UserPrincipalName: qikgg5fcUtWphCMcnmFLhdX3vlID/Ee35NWIs1sLgBFBbF3IQ8yXLFR4uZc19D0GQnRT+Lf6YeKUdi8UOIYnmg==

X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN0PR07MB8894

X-Spam_score: 7.8

X-Spam_score_int: 78

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi Dave, I came across your profile and thought I’d reach

out directly. We recently helped a 50-person business save over $416,000

in 5 years through our benefits program, including free WorkSafe claims management

and locked-in health & dental rates for 6 years, all witho [...]



Content analysis details: (7.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

[52.101.52.133 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.101.52.133 listed in dnsbl.ahbl.org]

[52.101.52.133 listed in dnsbl.ahbl.org]

[52.101.52.133 listed in dnsbl.ahbl.org]

[52.101.52.133 listed in dnsbl.ahbl.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[dnsbl.ahbl.org]

[2603:10b6:806:bb:0:0:0:15 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.101.52.133 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.101.52.133 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.101.52.133 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.101.52.133 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.101.52.133 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.0 ARC_VALID Message has a valid ARC signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.101.52.133 listed in wl.mailspike.net]

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 LOTS_OF_MONEY Huge... sums of money

1.0 MONEY_NOHTML Lots of money in plain text

Subject: {SPAM?} Quick Question - Dave



Hi Dave,=C2=A0



I came across your profile and thought I=E2=80=99d reach out directly.



We recently helped a 50-person business save over $416,000 in 5 years throu=

gh our benefits program, including free WorkSafe claims management and lock=

ed-in health & dental rates for 6 years, all without changing providers.



If you=E2=80=99re open to it, I=E2=80=99d be happy to walk you through how =

it works.=C2=A0



Would you be opposed to a quick 10=E2=80=9315 minute call this week or next=

?



--

Ryan Stanimir

Partner

DLD Financial Group Ltd.

604.681.7185 (ext.3)







If you would no longer like to receive emails from me, please reply with =

=E2=80=9Cno thanks=E2=80=9D

=C2=A0

Hi Manager=EF=BC=8C

"color:#000000">Nice day. This is Bill Sun from Tianjin Tianfei High Tech Valv=

e Co,.Ltd. We are motorized valves manufacturer with over 20 years in Tianjin =

City. We have 5 production centers in China. And motorized valves is one of ou=

r hot-selling product. Here are 2 production line combine with mini valves and=

industry valves. Glad to know your side may have such kind related demands.
span>

/11/2025/12/Motorized-Valves-1.jpg" _src=3D"https://www.motorisevanne.com/wp-c=

ontent/uploads/sites/11/2025/12/Motorized-Valves-1.jpg"/>

2" cellspacing=3D"0" cellpadding=3D"0" data-mce-style=3D"border-collapse: coll=

apse; width: 723px; border-color: #000000;" data-mce-selected=3D"1" style=3D"c=

olor: rgb(0, 0, 0);font-family: Verdana, Arial, Helvetica, sans-serif;font-siz=

e: 12px;text-wrap-mode: wrap;width: 723px;border-color: rgb(0, 0, 0)"><=

tr data-mce-style=3D"height: 19px;" style=3D"height: 19px">
tyle=3D"height: 20px;" style=3D"height: 20px">
d height=3D"20" data-mce-style=3D"border-color: #000000; background-color: #ff=

f5f5; width: 719px;" data-mce-selected=3D"1" style=3D"margin: 8px;background-c=

olor: rgb(255, 245, 245);border-color: rgb(0, 0, 0);width: 719px">
"font-size:16px">3. International logistics leading companies have long cooper=

ation time and offer big discounts
t: 20px;" style=3D"height: 20px"><=

/tr>
yle=3D"height: 20px;" style=3D"height: 20px">
ce-style=3D"height: 20px;" style=3D"height: 20px">

ata-mce-style=3D"border-color: #000000; background-color: #fff5f5; text-align:= center; width: 719px;" data-mce-selected=3D"1" style=3D"margin: 8px;backgroun= d-color: rgb(255, 245, 245);border-color: rgb(0, 0, 0);text-align: center;widt= h: 719px"> ht: 21px;font-size:18px">Why Choose Us

=3D"border-color: #000000; background-color: #fff5f5; width: 719px;" data-mce-= selected=3D"1" style=3D"margin: 8px;background-color: rgb(255, 245, 245);borde= r-color: rgb(0, 0, 0);width: 719px">1. Large Pr= oduction Capacity. Each day over units completed ready out of factory.<= /td>

t=3D"20" data-mce-style=3D"border-color: #000000; background-color: #fff5f5; w= idth: 719px;" data-mce-selected=3D"1" style=3D"margin: 8px;background-color: r= gb(255, 245, 245);border-color: rgb(0, 0, 0);width: 719px"> -size:16px">2. Directly Factory Sell. No middleman earn the price difference.<= /span>

lor: #000000; background-color: #fff5f5; width: 719px;" data-mce-selected=3D"1= " style=3D"margin: 8px;background-color: rgb(255, 245, 245);border-color: rgb(= 0, 0, 0);width: 719px">4. The production line h= as strict control and we regards product quality as the lifeline.

20" data-mce-style=3D"border-color: #000000; background-color: #fff5f5; width:= 719px;" data-mce-selected=3D"1" style=3D"margin: 8px;background-color: rgb(25= 5, 245, 245);border-color: rgb(0, 0, 0);width: 719px"> :16px">5. The products are widely sold in domestic and abroad, with a wide ran= ge of applications and large market demanding.

"border-color: #000000; background-color: #fff5f5; width: 719px;" data-mce-sel= ected=3D"1" style=3D"margin: 8px;background-color: rgb(255, 245, 245);border-c= olor: rgb(0, 0, 0);width: 719px"> f;" style=3D"line-height: 18px;font-size:16px;;color:#00b0f0">6. -style=3D"mso-spacerun: yes;" style=3D"line-height: 18px;">  style=3D"line-height: 18px;">Accept label, color, voltage, wire customization = to meet various customization needs

tyle=3D"border-color: #000000; background-color: #fff5f5; width: 719px;" data-= mce-selected=3D"1" style=3D"margin: 8px;background-color: rgb(255, 245, 245);b= order-color: rgb(0, 0, 0);width: 719px">7. MOQ = 1, can relieve financial pressure, also can ship goods to your final user. an>

Once your side m=

eet such kind needs, feel free let me know.

#000000">Regards,

Bill Sun
p>

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 16 Dec 2025 07:38:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVWB6-00000000OC7-2DF9

for dave@doctor.nl2k.ab.ca;

Tue, 16 Dec 2025 07:37:28 -0700

Resent-From: The Doctor

Resent-Date: Tue, 16 Dec 2025 07:37:28 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out196-31.us.a.dm.aliyun.com ([47.90.196.31]:28881)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVQjQ-00000000ESz-0y73

for root@nk.ca;

Tue, 16 Dec 2025 01:48:41 -0700

X-AliDM-RcptTo: cm9vdEBuay5jYQ==

Feedback-ID: default:vip@vip0.motorizedvalves.ltd:alibabak_WebBatch:306498

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=vip0.motorizedvalves.ltd; s=aliyun-cn-hangzhou;

t=1765874809; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=cFcpJSmnh4HuC9sPhXttbO8bI/nu780QSl5zKOTQBbY=;

b=I/YVjjtcX6AQGFD3jgMV7s9/zJBXQP6eZju35Z65vI96RkOUodkYVBvLJUJ2ckuzgKKm3oa4iJnNGTB+tZTTfWaOaeumZ6WtxMKAsx7SFejXcy/W19yWn9Or/nppUYYj2gCKAoUjuub/DQa1jn36knEMkH/TRSOHVBUqzdG2lYE=

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=dm-fbl.aliyuncs.com; s=feedback;

t=1765874809; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=cFcpJSmnh4HuC9sPhXttbO8bI/nu780QSl5zKOTQBbY=;

b=fZqYnTmUWQzMOxBlEF/IjYOhyzKO3EKmcdh+oUh9J5FfL0FX4z5hLzvwHGCaaIFX6a24pt+C1BpVFcZMb4P+voqtpFqAuoV5L4oPXQBk0NvUNdblt+jtTfr6LAqjyGht3puaW8403a5NhJb2W5AFQB/+Ft6rj+iGz6vKSk0qcFM=

Received: from chitu-hsf(mailfrom:vip@vip0.motorizedvalves.ltd fp:ma_600000253265311017 cluster:AY35D)

by smtp.aliyun-inc.com(127.0.0.1);

Tue, 16 Dec 2025 16:43:58 +0800

Date: Tue, 16 Dec 2025 16:43:58 +0800

From: "Bill Sun"

To:

Reply-To:

Message-ID:

Subject: =?UTF-8?B?T0VNIE1vdG9yaXplZCBWYWx2ZXMgRmFjdG9yeQ==?=

X-Priority: 3

MIME-Version: 1.0

X-EnvId: 600000253265311018

X-AliDM-Settings: eyJPdXRib3VuZElwIjp7IklwTGlzdCI6W10sIklwUG9vbElkIjoiIn0sIlVuc3Vic2NyaWJlIjp7IkZpbHRlckxldmVsIjoiZGVmYXVsdCIsIkxpbmtUeXBlIjoiZGVmYXVsdCJ9LCJWZXJzaW9uIjoiMS4wIn0=

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 9.9

X-Spam_score_int: 99

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi Manager， Nice day. This is Bill Sun from Tianjin Tianfei

High Tech Valve Co,.Ltd. We are motorized valves manufacturer with over 20

years in Tianjin City. We have 5 production centers in China. And motorized

v [...]



Content analysis details: (9.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

[47.90.196.31 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[47.90.196.31 listed in dnsbl.ahbl.org]

[47.90.196.31 listed in dnsbl.ahbl.org]

[47.90.196.31 listed in dnsbl.ahbl.org]

[47.90.196.31 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[47.90.196.31 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[47.90.196.31 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[47.90.196.31 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[47.90.196.31 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[47.90.196.31 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.3 OFFER_2 BODY: Offers you Something (2)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} =?UTF-8?B?T0VNIE1vdG9yaXplZCBWYWx2ZXMgRmFjdG9yeQ==?=

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

[52.102.146.43 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[52.102.146.43 listed in dnsbl.ahbl.org]

[52.102.146.43 listed in dnsbl.ahbl.org]

[52.102.146.43 listed in dnsbl.ahbl.org]

[52.102.146.43 listed in dnsbl.ahbl.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:10b6:a03:f4:cafe:0:0:10 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.102.146.43 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

0.0 AXB_X_FF_SEZ_S Forefront sez this is spam

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.102.146.43 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.0 MR_DIFF_MID No description available.

1.0 FORGED_SPF_HELO No description available.

Subject: {SPAM?} Fwd: Thank You for Being a Cabela's Customer: Free Gift

[2603:10b6:208:238:cafe:0:0:ec listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

[52.102.146.17 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.102.146.17 listed in dnsbl.ahbl.org]

[52.102.146.17 listed in dnsbl.ahbl.org]

[52.102.146.17 listed in dnsbl.ahbl.org]

[52.102.146.17 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:0:0:0:7 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:238:cafe:0:0:ec listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.102.146.17 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.102.146.17 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.102.146.17 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.102.146.17 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.102.146.17 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.102.146.17 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.102.146.17 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.102.146.17 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[52.102.146.17 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.102.146.17 listed in bl.score.senderscore.com]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

0.0 AXB_X_FF_SEZ_S Forefront sez this is spam

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.0 MR_DIFF_MID No description available.

1.0 FORGED_SPF_HELO No description available.

Subject: {SPAM?} Fwd: Thank You for Being a Cabela's Customer: Free Gift

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

[52.102.128.43 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.102.128.43 listed in dnsbl.ahbl.org]

[52.102.128.43 listed in dnsbl.ahbl.org]

[52.102.128.43 listed in dnsbl.ahbl.org]

[52.102.128.43 listed in dnsbl.ahbl.org]

[51.158.238.185 listed in dnsbl.ahbl.org]

[51.158.238.185 listed in dnsbl.ahbl.org]

[51.158.238.185 listed in dnsbl.ahbl.org]

[51.158.238.185 listed in dnsbl.ahbl.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:cafe:0:0:dc listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:118:0:0:0:14 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.102.128.43 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.102.128.43 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.102.128.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.102.128.43 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.102.128.43 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

0.0 AXB_X_FF_SEZ_S Forefront sez this is spam

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.102.128.43 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.0 FORGED_SPF_HELO No description available.

1.0 MR_DIFF_MID No description available.

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

Subject: {SPAM?} Fwd: Your Input Needed: Earn a Free Yeti Outdoor Bundle

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 15 Dec 2025 22:09:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVNIb-000000004ab-2voJ

for dave@doctor.nl2k.ab.ca;

Mon, 15 Dec 2025 22:08:37 -0700

Resent-From: The Doctor

Resent-Date: Mon, 15 Dec 2025 22:08:37 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from web6.fvds.ru ([83.136.232.195]:51586)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVC7J-000000006Gr-2amF

for doctor@netknow.ca;

Mon, 15 Dec 2025 10:12:21 -0700

Received: from hotlider by web6.fvds.ru with local (Exim 4.92)

(envelope-from )

id 1vVC6Z-000mbV-3V

for doctor@netknow.ca; Mon, 15 Dec 2025 20:11:27 +0300

To: doctor@netknow.ca

Subject: InMail: You have 11 messages on hold 12/15/2025 08:11:27 pm.

Date: Mon, 15 Dec 2025 20:11:27 +0300

From: =?UTF-8?B?QWRtaW5pc3RyYXRvciDinKo=?=

Message-ID: <8106416f46e0dfc7193515579b10341b@hotlider.ru>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_8106416f46e0dfc7193515579b10341b"

Content-Transfer-Encoding: 8bit

X-Spam_score: 8.8

X-Spam_score_int: 88

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: e�-�A�l�e�r�t Ti�ck�e�t N�o�tiϲ�

(#33511398550537980147742) Message Restriction P�o�r�t�a�l



Content analysis details: (8.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: ec46.ru/62.109.1.44]

0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS

blocklist

[URI: ec46.ru/62.109.1.44]

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

2.3 MANGLED_LOW BODY: mangled low

0.0 T_MXG_EMAIL_FRAG BODY: URI with email in fragment

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} InMail: You have 11 messages on hold 12/15/2025 08:11:27 pm.



This is a multi-part message in MIME format.



--b1_8106416f46e0dfc7193515579b10341b

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

























e­-­A­l­e­r­t Ti­ck­e­t N­o­tiϲå (#33511398550537980147742)



Message Restriction P­o­r­t­a­l



11 nåw måssàgås hàvå båån put on hold from gåtting to your doctor@netknow.ca inbox .



Uså thå T­A­B bål­o­w t­o rålåàså thåm to your inbox.















Release Messages



Thanks,



Administrator.Legal Disclaimer: This e-mail message and any attachments

may contain legally privileged, confidential or proprietary

information. If you are not the intended recipient(s), or the employee

or agent responsible for delivery of this message to the intended

recipient(s), you are hereby notified that any dissemination,

distribution or copying of this e-mail message is strictly prohibited.

If you have received this message in error, please immediately notify

the sender and delete this e-mail message

from your computer.









--b1_8106416f46e0dfc7193515579b10341b

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

e­-­A­l­e­r­t Ti­ck­e­t N­o­tiϲå (#4463642824358856110)

Message Restriction P­o­r­t­a­l

11 nåw måssàgås hàvå båån put on hold from gåtting to your doctor@netknow.ca inbox .

Uså thå T­A­B bål­o­w t­o rålåàså thåm to your inbox.

Release Messages

Thanks,

Administrator. Legal Disclaimer: This e-mail message and any attachments may contain legally privileged, confidential or proprietary information. If you are not the intended recipient(s), or the employee or agent responsible for delivery of this message to the intended recipient(s), you are hereby notified that any dissemination, distribution or copying of this e-mail message is strictly prohibited. If you have received this message in error, please immediately notify the sender and delete this e-mail message from your computer.

--b1_8106416f46e0dfc7193515579b10341b--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 15 Dec 2025 22:09:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVNIW-000000004aP-24Sz

for dave@doctor.nl2k.ab.ca;

Mon, 15 Dec 2025 22:08:32 -0700

Resent-From: The Doctor

Resent-Date: Mon, 15 Dec 2025 22:08:32 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from web6.fvds.ru ([83.136.232.195]:42010)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vVC6g-000000006CU-0b5j

for www@nl2k.ab.ca;

Mon, 15 Dec 2025 10:11:42 -0700

Received: from hotlider by web6.fvds.ru with local (Exim 4.92)

(envelope-from )

id 1vVC5u-000kYH-8w

for www@nl2k.ab.ca; Mon, 15 Dec 2025 20:10:46 +0300

To: www@nl2k.ab.ca

Subject: InMail: You have 11 messages on hold 12/15/2025 08:10:46 pm.

Date: Mon, 15 Dec 2025 20:10:46 +0300

From: =?UTF-8?B?QWRtaW5pc3RyYXRvciDinKo=?=

Message-ID: <0aee53b17cb0a1d5b505994c82c80cea@hotlider.ru>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="b1_0aee53b17cb0a1d5b505994c82c80cea"

Content-Transfer-Encoding: 8bit

X-Spam_score: 8.8

X-Spam_score_int: 88

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: e�-�A�l�e�r�t Ti�ck�e�t N�o�tiϲ�

(#55561601618125061157221) Message Restriction P�o�r�t�a�l



Content analysis details: (8.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

[83.136.232.195 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

[83.136.232.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[83.136.232.195 listed in dnsbl.ahbl.org]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: ec46.ru/62.109.1.44]

0.1 URIBL_CSS_A Contains URL's A record listed in the Spamhaus CSS

blocklist

[URI: ec46.ru/62.109.1.44]

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

2.3 MANGLED_LOW BODY: mangled low

0.0 T_MXG_EMAIL_FRAG BODY: URI with email in fragment

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} InMail: You have 11 messages on hold 12/15/2025 08:10:46 pm.



This is a multi-part message in MIME format.



--b1_0aee53b17cb0a1d5b505994c82c80cea

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

























e­-­A­l­e­r­t Ti­ck­e­t N­o­tiϲå (#55561601618125061157221)



Message Restriction P­o­r­t­a­l



11 nåw måssàgås hàvå båån put on hold from gåtting to your www@nl2k.ab.ca inbox .



Uså thå T­A­B bål­o­w t­o rålåàså thåm to your inbox.















Release Messages



Thanks,



Administrator.Legal Disclaimer: This e-mail message and any attachments

may contain legally privileged, confidential or proprietary

information. If you are not the intended recipient(s), or the employee

or agent responsible for delivery of this message to the intended

recipient(s), you are hereby notified that any dissemination,

distribution or copying of this e-mail message is strictly prohibited.

If you have received this message in error, please immediately notify

the sender and delete this e-mail message

from your computer.









--b1_0aee53b17cb0a1d5b505994c82c80cea

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit

e­-­A­l­e­r­t Ti­ck­e­t N­o­tiϲå (#297528221767615560037452)

Message Restriction P­o­r­t­a­l

11 nåw måssàgås hàvå båån put on hold from gåtting to your www@nl2k.ab.ca inbox .

Uså thå T­A­B bål­o­w t­o rålåàså thåm to your inbox.

Release Messages

Thanks,

Administrator. Legal Disclaimer: This e-mail message and any attachments may contain legally privileged, confidential or proprietary information. If you are not the intended recipient(s), or the employee or agent responsible for delivery of this message to the intended recipient(s), you are hereby notified that any dissemination, distribution or copying of this e-mail message is strictly prohibited. If you have received this message in error, please immediately notify the sender and delete this e-mail message from your computer.

--b1_0aee53b17cb0a1d5b505994c82c80cea--

Content analysis details: (9.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[51.158.242.221 listed in will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

[52.102.139.20 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[51.158.242.221 listed in dnsbl.ahbl.org]

[52.102.139.20 listed in dnsbl.ahbl.org]

[52.102.139.20 listed in dnsbl.ahbl.org]

[52.102.139.20 listed in dnsbl.ahbl.org]

[52.102.139.20 listed in dnsbl.ahbl.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:cafe:0:0:a2 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:10b6:208:91:0:0:0:12 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[51.158.242.221 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 ARC_SIGNED Message has a ARC signature

0.0 ARC_VALID Message has a valid ARC signature

0.0 AXB_X_FF_SEZ_S Forefront sez this is spam

0.0 FROM_LOCAL_DIGITS From: localpart has long digit sequence

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.102.139.20 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.102.139.20 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.0 FORGED_SPF_HELO No description available.

1.0 MR_DIFF_MID No description available.

Subject: {SPAM?} Fwd: Your Chance to Get a Free Yeti Outdoor Bundle