NetKnow Corporate Blog

Roger's Phish Part 2

Roger's Phish Part 1

French language spam from Google Gmail

Employment spam from Yahoo! mail Part 2

Employment spam from Yahoo! mail Part 1

Web/SEO/App Spam from Microsoft Outlook Part 2

Web/SEO/App Spam from Microsoft Outlook Part 1

Business proposal spam from Google Gmail Part 2

Business proposal spam from Google Gmail Part 1

Business proposal spam from Google Gmail Part 2

Business proposal spam from Google Gmail Part 1

Business proposal spam from Google Gmail Part 2

Business proposal spam from Google Gmail Part 1

Friendly Hello Greetings spam from Google Gmail

Business proposal spam from Google Gmail

Posted by Dave Yadallee on Saturday, December 13. 2025

PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv

L0VOIj4NCjxIVE1MIGxhbmc9ZW4+PEhFQUQ+PFRJVExFPlJvZ2VycyBSZXdhcmRzIOKAkyBFbGVj

dHJvbmljcyBSZWRlbXB0aW9uPC9USVRMRT4NCjxNRVRBIGNoYXJzZXQ9VVRGLTg+DQo8TUVUQSBu

YW1lPXZpZXdwb3J0IGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0x

LjAiPg0KPFNUWUxFPg0KICBib2R5IHsNCiAgICBtYXJnaW46IDA7DQogICAgcGFkZGluZzogMDsN

CiAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjZjRmNGY0Ow0KICAgIGZvbnQtZmFtaWx5OiBBcmlhbCwg

SGVsdmV0aWNhLCBzYW5zLXNlcmlmOw0KICAgIGNvbG9yOiAjMzMzMzMzOw0KICB9DQogIC5jb250

YWluZXIgew0KICAgIG1heC13aWR0aDogNDIwcHg7DQogICAgbWFyZ2luOiAyNHB4IGF1dG87DQog

ICAgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsNCiAgICBib3JkZXItcmFkaXVzOiAxMHB4Ow0K

ICAgIG92ZXJmbG93OiBoaWRkZW47DQogICAgYm94LXNoYWRvdzogMCA2cHggMTZweCByZ2JhKDAs

MCwwLDAuMSk7DQogIH0NCiAgLmhlYWRlciB7DQogICAgYmFja2dyb3VuZC1jb2xvcjogI2QwMDIx

YjsgLyogUm9nZXJzIFJlZCAqLw0KICAgIHBhZGRpbmc6IDE2cHg7DQogICAgZGlzcGxheTogZmxl

eDsNCiAgICBhbGlnbi1pdGVtczogY2VudGVyOw0KICAgIGp1c3RpZnktY29udGVudDogc3BhY2Ut

YmV0d2VlbjsNCiAgfQ0KICAuaGVhZGVyIGltZyB7DQogICAgaGVpZ2h0OiAyOHB4Ow0KICB9DQog

IC5oZWFkZXIgLmljb25zIHsNCiAgICBjb2xvcjogI2ZmZmZmZjsNCiAgICBmb250LXNpemU6IDE4

cHg7DQogIH0NCiAgLmhlcm8gew0KICAgIGJhY2tncm91bmQ6IGxpbmVhci1ncmFkaWVudCgxODBk

ZWcsICMwMDAwMDAsICMxYTFhMWEpOw0KICAgIGNvbG9yOiAjZmZmZmZmOw0KICAgIHRleHQtYWxp

Z246IGNlbnRlcjsNCiAgICBwYWRkaW5nOiAyNnB4IDIwcHg7DQogIH0NCiAgLmhlcm8gaDEgew0K

ICAgIG1hcmdpbjogMCAwIDhweDsNCiAgICBmb250LXNpemU6IDIwcHg7DQogIH0NCiAgLmhlcm8g

cCB7DQogICAgbWFyZ2luOiAwOw0KICAgIGZvbnQtc2l6ZTogMTRweDsNCiAgICBvcGFjaXR5OiAw

Ljk7DQogIH0NCiAgLmNvbnRlbnQgew0KICAgIHBhZGRpbmc6IDIycHg7DQogIH0NCiAgLnNlY3Rp

b24tdGl0bGUgew0KICAgIGZvbnQtc2l6ZTogMThweDsNCiAgICBmb250LXdlaWdodDogYm9sZDsN

CiAgICBtYXJnaW4tYm90dG9tOiAxMnB4Ow0KICB9DQogIC5mZWF0dXJlcyB7DQogICAgbGlzdC1z

dHlsZTogbm9uZTsNCiAgICBwYWRkaW5nOiAwOw0KICAgIG1hcmdpbjogMCAwIDE4cHg7DQogICAg

Zm9udC1zaXplOiAxNHB4Ow0KICB9DQogIC5mZWF0dXJlcyBsaSB7DQogICAgbWFyZ2luLWJvdHRv

bTogOHB4Ow0KICAgIHBhZGRpbmctbGVmdDogMjBweDsNCiAgICBwb3NpdGlvbjogcmVsYXRpdmU7

DQogIH0NCiAgLmZlYXR1cmVzIGxpOmJlZm9yZSB7DQogICAgY29udGVudDogJ+KAoic7DQogICAg

cG9zaXRpb246IGFic29sdXRlOw0KICAgIGxlZnQ6IDA7DQogICAgY29sb3I6ICNkMDAyMWI7DQog

ICAgZm9udC13ZWlnaHQ6IGJvbGQ7DQogIH0NCiAgLmhpZ2hsaWdodCB7DQogICAgYmFja2dyb3Vu

ZC1jb2xvcjogI2ZmZjNmMzsNCiAgICBib3JkZXItbGVmdDogNHB4IHNvbGlkICNkMDAyMWI7DQog

ICAgcGFkZGluZzogMTJweDsNCiAgICBmb250LXNpemU6IDE0cHg7DQogICAgbWFyZ2luLWJvdHRv

bTogMThweDsNCiAgfQ0KICAuaW5wdXQtZ3JvdXAgew0KICAgIG1hcmdpbi1ib3R0b206IDE0cHg7

DQogIH0NCiAgLmlucHV0LWdyb3VwIGlucHV0IHsNCiAgICB3aWR0aDogMTAwJTsNCiAgICBwYWRk

aW5nOiAxMnB4Ow0KICAgIGZvbnQtc2l6ZTogMTRweDsNCiAgICBib3JkZXI6IDFweCBzb2xpZCAj

Y2NjY2NjOw0KICAgIGJvcmRlci1yYWRpdXM6IDZweDsNCiAgfQ0KICAuYnRuIHsNCiAgICBkaXNw

bGF5OiBibG9jazsNCiAgICB3aWR0aDogMTAwJTsNCiAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjZDAw

MjFiOw0KICAgIGNvbG9yOiAjZmZmZmZmOw0KICAgIHRleHQtYWxpZ246IGNlbnRlcjsNCiAgICBw

YWRkaW5nOiAxNHB4IDA7DQogICAgZm9udC1zaXplOiAxNnB4Ow0KICAgIGZvbnQtd2VpZ2h0OiBi

b2xkOw0KICAgIHRleHQtZGVjb3JhdGlvbjogbm9uZTsNCiAgICBib3JkZXItcmFkaXVzOiA2cHg7

DQogIH0NCiAgLm5vdGUgew0KICAgIGZvbnQtc2l6ZTogMTJweDsNCiAgICBjb2xvcjogIzY2NjY2

NjsNCiAgICBtYXJnaW4tdG9wOiAxNHB4Ow0KICAgIHRleHQtYWxpZ246IGNlbnRlcjsNCiAgfQ0K

ICAuZm9vdGVyIHsNCiAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjZjBmMGYwOw0KICAgIHBhZGRpbmc6

IDE4cHg7DQogICAgZm9udC1zaXplOiAxMnB4Ow0KICAgIGNvbG9yOiAjNTU1NTU1Ow0KICAgIHRl

eHQtYWxpZ246IGNlbnRlcjsNCiAgfQ0KICAuZm9vdGVyIGEgew0KICAgIGNvbG9yOiAjNTU1NTU1

Ow0KICAgIHRleHQtZGVjb3JhdGlvbjogbm9uZTsNCiAgICBtYXJnaW46IDAgNnB4Ow0KICB9DQo8

L1NUWUxFPg0KDQo8TUVUQSBuYW1lPUdFTkVSQVRPUiBjb250ZW50PSJNU0hUTUwgMTEuMDAuMTA1

NzAuMTAwMSI+PC9IRUFEPg0KPEJPRFk+DQo8RElWIGNsYXNzPWNvbnRhaW5lcj4NCjxESVYgY2xh

c3M9aGVhZGVyPg0KPERJViANCnN0eWxlPSJXSURUSDogMTAwJTsgRElTUExBWTogZmxleDsgYWxp

Z24taXRlbXM6IGNlbnRlcjsganVzdGlmeS1jb250ZW50OiBjZW50ZXIiPjxBIA0KaHJlZj0iaHR0

cHM6Ly9qd290ci5uZXQvcm9nZXJzLmNvbS8iPjxTUEFOIA0Kc3R5bGU9IkZPTlQtU0laRTogMTZw

eDsgRk9OVC1XRUlHSFQ6IGJvbGQ7IENPTE9SOiAjZmZmZmZmOyBMRVRURVItU1BBQ0lORzogMnB4

Ij5ST0dFUlM8L1NQQU4+IA0KPC9BPjwvRElWPjwvRElWPjwvRElWPg0KPERJViBjbGFzcz1oZXJv

Pg0KPEgxPjxGT05UIGNvbG9yPXJlZD5Sb2dlcnMgUmV3YXJkczwvRk9OVD48L0gxPg0KPFA+PEZP

TlQgY29sb3I9cmVkPlJlZGVlbSBZb3VyIFBvaW50cyBmb3IgdGhlIExhdGVzdCANCkVsZWN0cm9u

aWNzPC9GT05UPjwvUD48L0RJVj4NCjxESVYgY2xhc3M9Y29udGVudD4NCjxESVYgY2xhc3M9c2Vj

dGlvbi10aXRsZT5FbGVjdHJvbmljcyBSZWRlbXB0aW9uIEV2ZW50PC9ESVY+DQo8VUwgY2xhc3M9

ZmVhdHVyZXM+DQogIDxMST5TbWFydHBob25lcywgdGFibGV0cyBhbmQgd2VhcmFibGUgZGV2aWNl

cyANCiAgPExJPkhlYWRwaG9uZXMsIHNwZWFrZXJzIGFuZCBhY2Nlc3NvcmllcyANCiAgPExJPlNl

bGVjdGVkIGl0ZW1zIHdpdGggcmVkdWNlZCBwb2ludCByZXF1aXJlbWVudHMgDQogIDxMST5BdmFp

bGFibGUgZXhjbHVzaXZlbHkgZm9yIFJvZ2VycyBjdXN0b21lcnMgaW4gQ2FuYWRhIDwvTEk+PC9V

TD4NCjxESVYgY2xhc3M9aGlnaGxpZ2h0PkxpbWl0ZWQtdGltZSBvZmZlcjogUmVkZWVtIHlvdXIg

Um9nZXJzIHBvaW50cyB0b2RheSBhbmQgDQplbmpveSBleGNsdXNpdmUgc2F2aW5ncyBvbiBwb3B1

bGFyIGVsZWN0cm9uaWNzLiA8L0RJVj4NCjxESVYgY2xhc3M9c2VjdGlvbi10aXRsZT5DaGVjayBZ

b3VyIEF2YWlsYWJsZSBQb2ludHM8L0RJVj4NCjxESVYgY2xhc3M9aW5wdXQtZ3JvdXA+Jm5ic3A7

PC9ESVY+PEEgY2xhc3M9YnRuIA0KaHJlZj0iaHR0cHM6Ly9qd290ci5uZXQvcm9nZXJzLmNvbS8i

PlF1ZXJ5PC9BPiANCjxESVYgY2xhc3M9bm90ZT5PZmZlcnMgYXJlIHN1YmplY3QgdG8gYXZhaWxh

YmlsaXR5LiBUZXJtcyBhbmQgY29uZGl0aW9ucyBhcHBseS4gDQo8L0RJVj48L0RJVj4NCjxESVYg

Y2xhc3M9Zm9vdGVyPg0KPERJVj48QSBocmVmPSIjIj5BYm91dCBSb2dlcnM8L0E+IHwgPEEgaHJl

Zj0iIyI+UHJpdmFjeTwvQT4gfCA8QSBocmVmPSIjIj5UZXJtcyANCiZhbXA7IENvbmRpdGlvbnM8

L0E+IDwvRElWPg0KPERJViBzdHlsZT0iTUFSR0lOLVRPUDogOHB4Ij7CqSAyMDI1IFJvZ2VycyBD

b21tdW5pY2F0aW9ucy4gQWxsIHJpZ2h0cyByZXNlcnZlZC4gDQo8L0RJVj48L0RJVj4NCjxESVY+

PC9ESVY+PC9CT0RZPjwvSFRNTD4NCg==

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 13 Dec 2025 06:43:04 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUPtO-00000000E46-3QY2

for dave@doctor.nl2k.ab.ca;

Sat, 13 Dec 2025 06:42:38 -0700

Resent-From: The Doctor

Resent-Date: Sat, 13 Dec 2025 06:42:38 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.347518.net ([160.251.175.47]:46262)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUO9B-0000000089d-3jmt

for doctor@nl2k.ab.ca;

Sat, 13 Dec 2025 04:50:58 -0700

Authentication-Results: mail.347518.net;

auth=pass (login)

Message-ID:

From: Rogers

To:

Subject: Rogers Rewards: Turn Your Points into Top Tech

Date: Sat, 13 Dec 2025 19:49:54 +0800

X-Priority: 3

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: base64

Received: from localhost (Unknown [127.0.0.1])

by mail.347518.net (Haraka) with ESMTPSA id 17259823-C88C-4B2D-83A0-CD6668C577B3.1

envelope-from

tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (authenticated bits=0);

Sat, 13 Dec 2025 19:49:56 +0800

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=347518.net;

h=Content-Transfer-Encoding: Content-Type: MIME-Version: Date: Subject:

To: From: Message-ID; q=dns/txt; s=s20251213147; t=1765626597;

bh=6kjB/OXINSxw5gDMb+M8xlGWMNhc+DV93FDl8SOzNQE=;

b=OxGSIzfbJAaukrImi/GY608rqSV/iWAzezd/ORCqRGBEwQ/MHFv4FIx+1nOIAn8UKadQh/WUf

K+NUFAgQKp8TDvym3qy2ZbVqMlbK4TQcLH9875udZqgdNehx6E2JD9ZOwdKjXQCkC5do2tW9UKz

Ufwr+2edLPwoc22s2umHMXQ=

X-Spam_score: 8.4

X-Spam_score_int: 84

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Rogers Rewards â€“ Electronics Redemption ROGERS

Content analysis details: (8.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[160.251.175.47 listed in dnsbl.ahbl.org]

[160.251.175.47 listed in dnsbl.ahbl.org]

[160.251.175.47 listed in dnsbl.ahbl.org]

[160.251.175.47 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[160.251.175.47 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[160.251.175.47 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[160.251.175.47 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[160.251.175.47 listed in dnsbl.ahbl.org]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: jwotr.net]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: jwotr.net]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: jwotr.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.3 OFFER_2 BODY: Offers you Something (2)

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[160.251.175.47 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[160.251.175.47 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[160.251.175.47 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[160.251.175.47 listed in bl.score.senderscore.com]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

[160.251.175.47 listed in will-spam-for-food.eu.org]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay

2.0 MIXED_HREF_CASE Has href in mixed case

Subject: {SPAM?} Rogers Rewards: Turn Your Points into Top Tech

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 13 Dec 2025 06:43:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUPtF-00000000E3w-2esi

for dave@doctor.nl2k.ab.ca;

Sat, 13 Dec 2025 06:42:29 -0700

Resent-From: The Doctor

Resent-Date: Sat, 13 Dec 2025 06:42:29 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-wm1-f46.google.com ([209.85.128.46]:59795)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUNve-000000007Lx-3LdQ

for doctor@doctor.nl2k.ab.ca;

Sat, 13 Dec 2025 04:37:00 -0700

Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-47118259fd8so20443825e9.3

for ; Sat, 13 Dec 2025 03:36:05 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1765625758; x=1766230558; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=dtbUJEv/gsEyiAbI4S+iqzz5a9Yev5VKBvDxuCKxqww=;

b=mZjwtAJhQWCbdNZcdXf5xyMKHXfwuscWPC5Pfp5qa4fB5kwBgJ7AAnulXA1mVy2z5O

MuwPb6siTRTvu0cAXzHAeO6mLvaVyzKwA+gHqZb+BNE9beD/DH3KTgSMeN5PeWqE4jcg

PoMicOWRaApqCf+y0ajp9Vuj6zo+BpjvCfKGMVa0Pn46EZZiuxbt/+KiaeIiTdlGXYUG

q1vuDOJmdqozQ6S5k00azvU37S0P3lpFxGeLEwu4UolrOQLDBiu9PSfT5WoRsohukVk2

9Bh9tUahbBzKFa4FWh/C1cOBmYr1AnoC14D3oYB7ZwXsXLyuEODMkQVK0gCdM4SFL+KY

er+g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765625758; x=1766230558;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=dtbUJEv/gsEyiAbI4S+iqzz5a9Yev5VKBvDxuCKxqww=;

b=vEwi83R0+QKA94k+sFvfczB1qwhtP59sSkAET9kv/KtMUO4TWYe6m5uLAiiMwM1xa8

0/I2ylNxe6uoYUyd7NwZGl+bgOKqNM4jx/au+sMnyy+NloyhplIxQ2POBbwIeqkQf7oB

aIhPC1hVw1gSXnyFIbPJ/u5qbhpQwxh/Mu3wsON9g4SdllMti35pOwynm02+VUxA5lP9

BN/CkcbEGfomUzyOsIzva/Dweog4z4LL5INs2yU05xqiRTNZ+X3JZu8SAvKUoFpu/jk8

UHAEvIzBIjLLzZiCd6xh49v3H/fxtjM7hPIhbOCnSu/rwnpCU8le1Pu0gVUWDNEoYkcr

a3dA==

X-Forwarded-Encrypted: i=1; AJvYcCUQQvfUU/5ABXI7auRgFpEHde9wu3Sv1EXyEKtUD3d1/y/90lheiNWYGYpJsI4nLYv9luKlmmc=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyhcHeiYhqBJhOrOajJUIotYFPAZqS5CSXc4X7vWkL9mlfTcwx/

FkerTB3hQFuO+bUjAUmGpJiGgtUsB0uRWFqeRwFAociYUHXi/VwrlB6NnuqR/SlyORhQcfdyeUc

fRJOrHyg4SYD1tteOb/pFgcW3UhaiMew=

X-Gm-Gg: AY/fxX6IrGll+ifk/qM2eYUgIzZvuY7EPsQxuGVvUBsuJSwFzlWTh+Lfic0KI76mOmb

2z7dWMqKVsfxzlUdAh+UUy1WANr6fyQHKLNEZsCqpwtNknquP1AF1dsz2XVKALhEdqG0rjIRTsi

DjPJOn23JTM+4vflqgwDznjy4tp5HIDVkIp8OHYOzib5jauxMU0FvZBulsbCQxKjbR3vCOYDHHn

EuDW7RFO/ZCZiVKcqHbk9aqFkfmfg4L+cq9gtsRvx4TKzLRdE9UckmB7a0M7PAmr3S0DdVIzOLx

ZCOIDwo1MbHTjr5TOp6CyO4fRiAgfyBrTOw9j0iBuD7eyOdHALV0JmdTnGzjfJ5fxV95aE27WKy

5UpoLT+fTIgxTsscLW7I73redzEYB0mI2

X-Google-Smtp-Source: AGHT+IGl47EUJUyk708IF3DB6iRu6qfXhQNo/H9hg3VW2+Z88MhR3wmRH5EjFrR6CwyVYMy/+0n3toQrUKrqu9bILKI=

X-Received: by 2002:a05:600c:6994:b0:477:79f8:da9d with SMTP id

5b1f17b1804b1-47a8f906dbcmr43619355e9.24.1765625757963; Sat, 13 Dec 2025

03:35:57 -0800 (PST)

MIME-Version: 1.0

From: morelle morelle

Date: Sat, 13 Dec 2025 11:33:49 +0000

X-Gm-Features: AQt7F2rShYHJjL-0ztG3CG3azF5CgNqygM0_1M6qzZhshve91R6rd2ApoHcIer0

Message-ID:

Subject:

To: morelle morelle

Content-Type: multipart/alternative; boundary="0000000000001c1bed0645d3c859"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 6.1

X-Spam_score_int: 61

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Bonjour. Comment allez-vous ? Bonjour.

Content analysis details: (6.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

[209.85.128.46 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.46 listed in dnsbl.ahbl.org]

[209.85.128.46 listed in dnsbl.ahbl.org]

[209.85.128.46 listed in dnsbl.ahbl.org]

[209.85.128.46 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.46 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.46 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[morelletendre2014(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[morelletendre2014(at)gmail.com]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.46 listed in list.dnswl.org]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.2 FROM_IN_TO_AND_SUBJ From address is in To and Subject

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.46 listed in wl.mailspike.net]

Subject: {SPAM?}

--0000000000001c1bed0645d3c859

Content-Type: text/plain; charset="UTF-8"

Bonjour.

Comment allez-vous ?

--0000000000001c1bed0645d3c859

Content-Type: text/html; charset="UTF-8"

Bonjour.

Comment allez-vous ?

--0000000000001c1bed0645d3c859--

Posted by Dave Yadallee on Saturday, December 13. 2025

------=_Part_294819_1214789710.1765621513173

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

=3D"font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px=

;">

rmal">Hello,

I Am Chirag=

Saiya, Age 42 (April

1983 Born), From Mumbai - India.

n>

style=3D"color:#7030A0">I Am A Full

Time Professional Philosopher - Spiritual Speaker & Writer.
n>

style=3D"color:#7030A0">

style=3D"color:#7030A0">I Am

Globally Popular But People Do Not Pay Me "MONEY" For My NOBLE WORK!=

style=3D"color:#7030A0">

style=3D"color:#7030A0">So I Am Now

Thinking Of Doing Parallel Similar Work For Regular Fix "INCOME" As I

Dream To Buy My Own House.

=

style=3D"color:#C00000">I Have

Pass-Port. I Know 5 Languages : English, Hindi, Gujarati, Marathi & Kut=

chi.

I Am Single & I Am Flexible To Work Around The World.

style=3D"color:#C00000">

Preferably =

I Am Looking For

Opportunity To Work As Professor / Teacher / Tutor / Coach / Counselor /

Trainer Etc. i.e. An Educator.

n>

style=3D"color:#C00000">I Can Teach =E2=80=9CTHEORY=E2=80=9D

Including Philosophy & Psychology To Any Level Any-Where Including To =

=E2=80=98PhD=E2=80=99

+ =E2=80=98Re-Search=E2=80=99 Students Etc.

style=3D"color:#C00000">

I Have Work=

ed As Professor Of =E2=80=9CEthics

& Communication=E2=80=9D Subject For =E2=80=98Inter C.A. Students At Ma=

hesh Tutorials=E2=80=99.

n>

style=3D"color:#C00000">I Can Also Work

With NGO Etc. Into Charity & Philanthropy Social-Work e.g. CSR As Salar=

ied

Employee / Paid Volunteer Etc.

style=3D"color:#C00000">

style=3D"color:#C00000">I Can Write

Movie / Serial Dialogues & Songs / Advertisements + Do P.R. &

Networking Etc.

style=3D"color:#C00000">

style=3D"color:#C00000">I Can Even Do

Crime Investigation & Prevention + Behavioral Planning / Facilitator To=

o Etc.

Mind Or Brain Work.

style=3D"color:#C00000">

style=3D"color:#C00000">I Can Play

Any Managerial / Leadership / Administrative / Marketing / Psychological Ro=

les

Etc...!!

=

style=3D"color:#002060">Please

Consider My Request Sincerely & Kindly Try To HELP. I Can MEET To Talk.=

style=3D"color:#002060">

style=3D"color:#002060">I Have

Attached My Profile. Plz Share This e-Mail With All & Oblige + Bless.
span>

style=3D"color:#002060">

Just To Add=

, I Have C.A.

(Chartered Accountant i.e. Say Like CPA - USA) Degree & Before Becoming

Philosopher I Have Done Job At ICICI Bank But I Do Not Like Numbers Because=

I

Love Words!

n>

Below Is My=

Work Website:

chiragsaiya" rel=3D"nofollow" target=3D"_blank">https://sites.google.com/si=

te/chiragsaiya

Thank You.
n>

Best Wishes.
pan>

Chirag Saiya

W-App / Mobile: +919819210230

E-Mail ID:
gsaiya@gmail.com" rel=3D"nofollow" target=3D"_blank">chiragsaiya@gmail.com<=

/a>

Address:

B - 6, Nrusinha Ashish,

Goshala Road,

Mulund (West),

Mumbai - 400080,

Maharashtra - India.

PS:

--[if !supportLists]-->
amily:Symbol;mso-bidi-font-family:Symbol">=C2=B7
just: none; font-stretch: normal; font-size: 7pt; line-height: normal; font=

-family: Times New Roman;">

This e-Mail Drafting Will Help You To Evaluate =

My

Expertise & Sincerity + Transparency In Expression!

erif;mso-ascii-theme-font:minor-latin;mso-fareast-font-family:Times New Rom=

an;mso-fareast-theme-font:minor-fareast;mso-hansi-theme-font:minor-latin;ms=

o-bidi-font-family:Times New Roman;mso-bidi-theme-font:minor-bidi;mso-ansi-=

language:EN-US;mso-fareast-language:EN-US;mso-bidi-language:AR-SA">NAMASTE<=

/span>

------=_Part_294819_1214789710.1765621513173--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 13 Dec 2025 06:43:04 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUPsz-00000000E3b-24hB

for dave@doctor.nl2k.ab.ca;

Sat, 13 Dec 2025 06:42:13 -0700

Resent-From: The Doctor

Resent-Date: Sat, 13 Dec 2025 06:42:13 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic303-21.consmr.mail.sg3.yahoo.com ([106.10.242.38]:37574)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUMpI-000000003gd-3Gnl

for root@nk.ca;

Sat, 13 Dec 2025 03:26:24 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1765621517; bh=kIIa74UsGJBzaOAFmwE9YcGrJfCcqPGOpXlWRGHGnWQ=; h=Date:From:Subject:References:From:Subject:Reply-To; b=PyddXWbpvsf69YIOVrIU91prERkHpUaTm3vRf+/aObrN62d52AiJgW6HnLKkQSu+51nMaVF1LvmXhR1dFsXgmlt29nL3xWv3sqUi8GfBdDtnaJUqGdu8lhQ31WMawDS/NkXRFbmv6oZffzD0llZ3yt+bk/LFSUNcac3RVrHejcBx9YQPukGlhPIUAhuBgK9k3RTAE68N9+UhmoDPKiTtnM1up/Q03ti3pxNOHBloL+B2FtiSADyNN2JrDGXQWRX7PTXATarzHnZ+bx6u6Ru6tjRKN9uuCuqqy2W6iol2Xbihu40NevNBwIer/+otxYM3IjElSawZ4B78UExvkHx/Cw==

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1765621517; bh=sl8RUgM6aUBc8UYRYT/ry7h1NX2SB59mvHYSVr0Oezx=; h=X-Sonic-MF:Date:From:Subject:From:Subject; b=kJ9XxvcToOOezU22aWp9Epzsk83uXUY1XJ8mx0bf/dTKrrWzGqCmlRwxy/fnyVfihSPvtaY/NY2J3xloKxj2mhcmzpaEIoFOAdiNbJbQwRLpM++yEs4Ssd31ut20reBlyvuuvKnANSZDB0fVo0sldqV1qLUxPOQnVdZg6zLm+LGP4prrxkPJbr5HBKZs+1QWVfbIsfnG2qMt5m8ynQknqjV6XVpvWG7SCl2P0+DUGjLsKiIcCMvgcc4yqI+XWjf7Jcs668/Ipj+/IbfCq8LwwEJ0XhTXfXBGPxrOo0iv6ax4E6czCg++WWXF2A285nyJ7pvnfXWRGvR9HF/KDGeyNg==

X-YMail-OSG: TLRL0fEVM1lDSgH.g_BJVOcypRfUXh4TUPkyUR0KbuouqncdKiH2UEj5O.TDnmm

kJUTbKlJ_caV6KPdCtearYIJpWQoLDvbUAOYc.rjmcdXssIP.s63HTBbrEnDkoAJtJPQCCzwh23L

pEClbsNJyDq2MPkibbv.q1A.cVlKE_gTwz2HnAowcHZvBUzZPZOs9Zu2GxcPtGZ_a.AidyKjBmxh

8CqcLFio0aKLWrpA9k2Vfp8fkZqDk_uV.bcOapUCuroAvaMVV2k73c1Z5.xGu_8r16fXyqjnca8_

vrErUWaeU1MT43FA0d4TlJzQD1a56gV_oT2hLXRdkZKD5hUYJBmfRl5xfG41C7LqSEzX9pxoZmDa

vl4IPhCjaDWI_NciCCrDuOp_9q2.._eBHbg6AqLGsuqv_FLzjuvw0JgcTJn.37LJAuVoU17koMum

syZgS6ElAN.mQfGr9ZdDOeDKEb3E.c2cqlznk7gJlD0NdCqYwFnI93sEgAGlYN8N.4nR0LuNlM1O

W2tvuUA9rFCsK66OvEqI8I9n58bC_5t5jG.gp96oSQfg0wxoxZUq2X.2aql0FjgdGM0uvbxARMZb

jXIowotmvvKwcHh93BWXPpi0wlEFIu_qxQXZwLSClEMAicfsg6U6lkYujdHCaqT2e5aK1iEQAj9W

TeBZepHiys3.zVsCe2QYJHIX.3wEJ5Sn26.aMGcr9RhKpSBXdMvv4vJJZ.ZIlID_V_3Rb70V_9sk

CBEGJgq4yZIQJQusrXx6JLDIoVqfcRWdMNbIZb5od_11vgXAzHNiqYhJjMyu2LofpklRnKQG0_f8

oGlWR8ml4HqrrLxlVuKH_lwQkDpinhw6osS_F6.WaaeDtliC4YPSdVQEzIizohKymEAHc1cfmzn0

jZvALurN7NYgxzuGyOcX27Rcavah.yJeeg.fB48XOFMFyNVLVB4IONfEiY3.5B0FSlLoSJa_t6EK

84Px1d8nsjnSm5zPB1eXTSjt1OLAumCr7lOqCcyor4VFEgUluWpp7HOaz8NZnJo9jvx7jLmJ9kZj

kwgLIZokfYvZ_Yvd08qyDjUccMoLAp.BvoolEVN6Ot2_mJ.UQlI5MBtk8FgtZx9AIkBpmSvMyaJh

T1C.WvtqdtQTRJ4fuPhBz4W.JE45yBNo2JrokQdniEJOuLYkYFZQPT37IEtw12L2EJ2oWX_Niv35

nZNTSAKJWR3yoh1g7oXD26mDGXa35NPpK8HR9NKkcwCqlOQgEUeidy.WN0oU_4vmulaLFd7Bi4GT

puR01W9tD3Jk4r5kyLi0K8B9py5YjckeM7aJu5uBkUhWD32C_1tXuMciB0PZvjPab__0h5mjJVV8

PottB_8jJTsUBIfkXIMD1MEIIAwcurrWNOthFPXq6rQWiOGlP_EFMTXM0zJ2Lhx4B_IZPRw..EWj

Vo7O089v2.6NpdalBfeYDlQqeuWahMEV_Tu3xYZ0tdT7avCdB7wp9mTLb9FfC3uDJuQj0qJr4qi.

fVu.6H9uS17LQR9zRHbPa8AFiDVgfLx7TgMQPKXx4ex9eTe5i4Pz_e.DS1WdKu4cynCKmaASuIzr

voo.8jlms_MXy9Gv5BfWDbsL3ZjF7hAypPAcXtI3k5z9GauE0XtCnz6CXbZmhsHKpTHiTBhVthSU

lUb8l8wTQohtYgkA.i0CHnHLZUoAD.FB4_DLSKBdATlHLw4xcc9eHRoeMV4FwUBquWcDSPL_Sh8v

gAER2Upv9i6YlGfYfpWzlfaOfr3omwx4fQBnTlmvzv2CcD6kfohjKgJtlR87XzwacAHpTNmzhk89

pGXqIEsSIGSZyPOvzByD14w.pUT7WWr0lpeFtaWNeaZ6vB9t5gUUvm1eCh8chXpeKVIP6zm.0zjw

ikeTi2NmYIE73sFntHaUF1NPN0BjyecHcOwMIVwaknrfsWBRjg30aHBHTmBlQJwC2cJT7XJ9Mfh2

I3FuF.CiiaeoeAi38VySHxtnfKcNfA5zHJO.TlCVLf92UdTdKmpmpzIHsMoaZirHS4NvhcHEPnCE

wwl38lgWwHHwUImTRt6cTt4V6C8V9SRgDmqyQqVtEnV.Gp1jfdnzn3sz1KukaJYYR.T_Z4rfT9Qk

PjiKZZHZIfQrqFeCWT5SkdRiZIQHbubGiFQRLuXi19vJ2FYMQHXYnf0y8iO7a_0.N.elxpcFiXmG

QzGdNO9_i1H1FjbOxO2Gu_TK01t3DFzRjSA2PVapBwGMoLuXl0G6ffgeYyJnj5d0itFja3CuxRrn

6a4KqeHaot1F0p7RFmyhcbomJ_vYAjliT6oFKSamzYI7DiLW0tuMkzqZE5IiU

X-Sonic-MF:

X-Sonic-ID: b1c91c8b-c55e-4c5b-bc81-231aad46ae8a

Received: from sonic.gate.mail.ne1.yahoo.com by sonic303.consmr.mail.sg3.yahoo.com with HTTP; Sat, 13 Dec 2025 10:25:17 +0000

Date: Sat, 13 Dec 2025 10:25:13 +0000 (UTC)

From: "Chirag Saiya (Speaker&Writer)"

Message-ID: <662187800.294821.1765621513248@mail.yahoo.com>

Subject: Seeking Help To Search Job / Employment / Freelance Work Etc.

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_Part_294820_1943786367.1765621513248"

References: <662187800.294821.1765621513248.ref@mail.yahoo.com>

X-Mailer: WebService/1.1.24866 YMailNorrin

------=_Part_294820_1943786367.1765621513248

Content-Type: multipart/alternative;

boundary="----=_Part_294819_1214789710.1765621513173"

------=_Part_294819_1214789710.1765621513173

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

Hello,

=C2=A0

I Am Chirag Saiya, Age 42 (April1983 Born), From Mumbai - India.

=C2=A0

I Am A FullTime Professional Philosopher - Spiritual Speaker & Writer.

=C2=A0

I AmGlobally Popular But People Do Not Pay Me "MONEY" For My NOBLE WORK!

=C2=A0

So I Am NowThinking Of Doing Parallel Similar Work For Regular Fix "INCOME"=

As IDream To Buy My Own House.

=C2=A0

I HavePass-Port. I Know 5 Languages : English, Hindi, Gujarati, Marathi & K=

utchi.I Am Single & I Am Flexible To Work Around The World.

=C2=A0

Preferably I Am Looking ForOpportunity To Work As Professor / Teacher / Tut=

or / Coach / Counselor /Trainer Etc. i.e. An Educator.

=C2=A0

I Can Teach =E2=80=9CTHEORY=E2=80=9DIncluding Philosophy & Psychology To An=

y Level Any-Where Including To =E2=80=98PhD=E2=80=99+ =E2=80=98Re-Search=E2=

=80=99 Students Etc.

=C2=A0

I Have Worked As Professor Of =E2=80=9CEthics& Communication=E2=80=9D Subje=

ct For =E2=80=98Inter C.A. Students At Mahesh Tutorials=E2=80=99.

=C2=A0

I Can Also WorkWith NGO Etc. Into Charity & Philanthropy Social-Work e.g. C=

SR As SalariedEmployee / Paid Volunteer Etc.

=C2=A0

I Can WriteMovie / Serial Dialogues & Songs / Advertisements + Do P.R. &Net=

working Etc.

=C2=A0

I Can Even DoCrime Investigation & Prevention + Behavioral Planning / Facil=

itator Too Etc.Mind Or Brain Work.

=C2=A0

I Can PlayAny Managerial / Leadership / Administrative / Marketing / Psycho=

logical RolesEtc...!!

=C2=A0

PleaseConsider My Request Sincerely & Kindly Try To HELP. I Can MEET To Tal=

k.

=C2=A0

I HaveAttached My Profile. Plz Share This e-Mail With All & Oblige + Bless.

=C2=A0

Just To Add, I Have C.A.(Chartered Accountant i.e. Say Like CPA - USA) Degr=

ee & Before BecomingPhilosopher I Have Done Job At ICICI Bank But I Do Not =

Like Numbers Because ILove Words!

=C2=A0

Below Is My Work Website:

=C2=A0

https://sites.google.com/site/chiragsaiya

=C2=A0

Thank You.

Best Wishes.

=C2=A0

Chirag Saiya

W-App / Mobile: +919819210230

E-Mail ID: chiragsaiya@gmail.com

=C2=A0

Address:

=C2=A0

B - 6, Nrusinha Ashish,

Goshala Road,

Mulund (West),

Mumbai - 400080,

Maharashtra - India.

=C2=A0

PS:

=C2=B7=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0This e-Mail Drafting =

Will Help You To Evaluate MyExpertise & Sincerity + Transparency In Express=

ion!

=C2=A0

NAMASTE

Posted by Dave Yadallee on Saturday, December 13. 2025

--_000_DU0P191MB2993E9B797A73A11D480654DADAFADU0P191MB2993EURP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

252">

Hi,

Can I send you our complete price list?

Thanks in advance!

Babita

From: Babita Smith

Sent: Thursday, December 11, 2025 5:04 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hi,sales@nk.ca

ANY UPDATE

Can I send packages and a Price with great proposals?

Best Regards,

From: Babita Smith

Sent: Tuesday, December 9, 2025 3:37 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hi,

I=92d like to follow-up on my last email.

I=92d like to send you our proposal and Price list.

Thank you!

From: Babita Smith

Sent: Friday, December 5, 2025 3:26 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hello,

We specialise in helping businesses appear on Google=92s first p=

age for their niche keywords. This can significantly increase=

traffic, leads, and enquiries.

If you=92re interested, I can send over our affordable SEO packa=

ges.

Best,

Babita

--_000_DU0P191MB2993E9B797A73A11D480654DADAFADU0P191MB2993EURP_--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 13 Dec 2025 06:42:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUPsB-00000000E11-2hqB

for dave@doctor.nl2k.ab.ca;

Sat, 13 Dec 2025 06:41:23 -0700

Resent-From: The Doctor

Resent-Date: Sat, 13 Dec 2025 06:41:23 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-northeuropeazolkn19010005.outbound.protection.outlook.com ([52.103.32.5]:47457 helo=DB3PR0202CU003.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUK2E-00000000K74-174r

for sales@nk.ca;

Sat, 13 Dec 2025 00:27:33 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=onsWImOu/GQaWfEZOeLbPme3v6Eg/UivzPvuWVtNybc2Lo993wq2OA662XnkwV7VnaSA8EOCoIv3ThIY1/anJIJn16YNsRJP2ZBKLi7qFY2L6VGEBgmk5XfbR/gEbqua7tkFaGynNrDJW9JiGijMyMdjyDdvgz3IEHTeVzw4OxeuKTxXgnNYyoG5idp4Ml0oU1n8I4ceHcHB4KK7oynieD/ngDf/WD337s8NmD9egwlCOUNK5OCv+vIVPI59lgWyoQtHm0TxuKbj87K3PJiNm5j2QxTtAt9VxTl6IKSUqXbbNdfVDzYxjO+NMFG+sCxJzBGITAb/suyPoawEvVInSQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=JF+hoHxsUuECdycsT2uZMxPyhrGkUsdgxYcUOEcEUDo=;

b=kq6vk6P7dzNxt/b0qtE+CK6sh5M6pX6hXGJbnDbI3QKDnOld/mj5sZn1uwLZoPg8OZhT3qOrJgNE9geXcTr733GcqyfWrLcA+skZqwrl+Dgn6I/8yKKtM9cQRX04pSbCfGeFs6SKo3MCE/FLvAYAaqprfeRtQYsN97xvMQxnMxivPPrTvP7Tuwbtcly3whIXR7LFAywof+x94ByWha8vd9P66tGd6euHNCLHZeywu2vOk6rcN7/cnXwLhrfpYxnnT7ojNrrcYfCZyaJIG3VXaOHwbLbSeE6OoDihrcC4SS5dDqWL3PXFobdI59JiVmYpoY4+tkdgtIImXd9s7Awtxg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=JF+hoHxsUuECdycsT2uZMxPyhrGkUsdgxYcUOEcEUDo=;

b=LtI22jgpTuOVW5JvLwbQMryhnjQAowV7fySiiynYFa5Hi/HX6jPJL5KtBsMj/+r/SPfUwWv72dLreVOOmqNfLDY6Dn4UDqTt/v1vnAErBKTfeJ6+tuq5KIHVO+d0AJ74UmPJJAid9pjFPpaei1kq8/MajiEinYxmIq9GzdnXVTOjpWquWqb5KWyU2Si8rdK6fdtFSj49LLyOHtmZJ27hT7Wrgy9ZYhS2eUEDXin8/GNeITEbR1iz2X5Oou6C6CNNr5nZFs71aY5X8OgnawuB0WuQTN5e9FuC2ADrKA/Kcroqj4QV5y0uXTlG2kc3vm6qlJqRWtbQGIx6oXVogWcgZQ==

Received: from DU0P191MB2993.EURP191.PROD.OUTLOOK.COM (2603:10a6:10:5a7::19)

by VI0P191MB2919.EURP191.PROD.OUTLOOK.COM (2603:10a6:800:2b1::21) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9412.13; Sat, 13 Dec

2025 07:26:26 +0000

Received: from DU0P191MB2993.EURP191.PROD.OUTLOOK.COM

([fe80::ec:b83:4418:ba80]) by DU0P191MB2993.EURP191.PROD.OUTLOOK.COM

([fe80::ec:b83:4418:ba80%4]) with mapi id 15.20.9412.005; Sat, 13 Dec 2025

07:26:26 +0000

From: Babita Smith

To: "sales@nk.ca"

Subject: Great Results to Your Clients?

Thread-Topic: Great Results to Your Clients?

Thread-Index: AQHcbAHKvJY1DI2BqUuBwQMx49CRqQ==

Date: Sat, 13 Dec 2025 07:26:26 +0000

Message-ID:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: DU0P191MB2993:EE_|VI0P191MB2919:EE_

x-ms-office365-filtering-correlation-id: ef7266b0-8f53-4ef1-509c-08de3a18ed42

x-microsoft-antispam:

BCL:0;ARA:14566002|31061999003|461199028|5062599005|38102599003|39105399006|15080799012|8062599012|8060799015|19110799012|440099028|3412199025|40105399003|102099032;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?Hq0StUBig/lpdMzjtGg+evcQKjCgZC7gAECO98Tk9e6S1UytkAHq/Oyo?=

=?Windows-1252?Q?Qx6o1F5xGOHr4Ym/YMIrbugdZRcEcVlgx9q19tDe2XeKqlIVnGGrChJ3?=

=?Windows-1252?Q?ZOVg8tMkIeoQZXC4gi1G3ZXzls2nRLLMSjEUSqLqVNLBQ94blw7Ce8Fk?=

=?Windows-1252?Q?FWywtF0OoDJIiRUSPpTVIPMrr2cm3/okc5rXOqsCE9lQlAHDu1a0RbrV?=

=?Windows-1252?Q?W/Ktdh2h8YNhGADNbbyTCi52cMHuj5as9kkk2zSXCX7LWTLQ4rlYa9Wa?=

=?Windows-1252?Q?Fy9IHEzRjsKaFNqdiPQV1n8ZKk4fJUXoHeDfKB6al7lxaboOEicVdB+1?=

=?Windows-1252?Q?vhadHoIBiWltb7PHJ4PnusS/XGXS2ydpBLWpiDSEycz5gV9mZMPvVRdB?=

=?Windows-1252?Q?8I9BC9j6/NIR/ajuX3d276P1Kze5t2R+BrMe0EL1p3UDRe3bgBPOhAgw?=

=?Windows-1252?Q?4SoorFShTNI3Gdk57ZkYYxp5wOjUWPG84aQ8eXOd6uNLUVGerNDhZweP?=

=?Windows-1252?Q?iYYkAZISHvLJ7zs2zSCeukMi0tOv5fZgUVBYtwIqyp5OetVrW3lYaJgl?=

=?Windows-1252?Q?wqbvTy3kXOOgAVqvmZrG4BB0Qmwvg5IsJ+pdfQf4AuXWaaStv6941RBf?=

=?Windows-1252?Q?perc2itpU80oPRvtKidFg4yipaE4LdJ9EKWud8VcMMK1esQfOKi0YCye?=

=?Windows-1252?Q?ihztl6GLw7MXcMMDoUCE1303zNA6J8prpmlvWaY2nu/I+aLi2lQJxm2B?=

=?Windows-1252?Q?VSaeiRVJy8VMr/A7t2uM4czYzlePbF7854IV+8FDoeP+darmZKYahAjv?=

=?Windows-1252?Q?63VHH8pBy7Dkhk6St25+8yTmoyvBCc3K9HN8fg8gCcHCiTS4YTi5ogoV?=

=?Windows-1252?Q?7xBssV6FGjHXxIGOwqmA8kdtaDBDur2oUavA5jvpfzFBWcx1by21oLeg?=

=?Windows-1252?Q?vpDPpRaay/D/xnicTexp64NA7d+GK0MwGrcSEc1db4WlB6cvhjGHKPww?=

=?Windows-1252?Q?D2XtNv+rvd2U8jO+SL4DNYOTIh4tF7ee2KUs7eWXN+tETuRmiuJUSz+m?=

=?Windows-1252?Q?4WaKVAIb4bazcXXG9bV40kaT8WohoFN0UxWZ5VQNzLM+hFvrvXro8q43?=

=?Windows-1252?Q?2TjP+4yrtUALzMyIAF7ceoB5brdykY4o65MfE8Tf6PtB1Ts4CXlosjgV?=

=?Windows-1252?Q?30j0lBomSIv9whFdbAGChzV02rX08KOVZwOqd6moh3RuYWPMDGZnbioA?=

=?Windows-1252?Q?Q5mZDMJIwjpwsAlcR5tUFdsYBNwBuBy+zXouFrDKN1S3UrI1/POmfES5?=

=?Windows-1252?Q?O3X1QL1cjS9X4ZjgGnhKV63i80g=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?vv1tV8X1/i193M24L7il5XL41JBcY59qZ9+s6CFKda/w2Fgf7bZ0Hecz?=

=?Windows-1252?Q?HbP+Xblh9TfXXBN5SXstdw4q6vBA0nY4xHGs8WKXErY6/M4LFk0Ms2SU?=

=?Windows-1252?Q?3ZXheo3ncT4ZqDIzNWdWbTlRd5z+FlOT4IHp5+6/ULbWVIoDby0/zmdr?=

=?Windows-1252?Q?hjpoPl32aoQNRgNwZa9VoBf5cSnoRu/NagH5GQ9IWYJAfhcHeoWcu3xu?=

=?Windows-1252?Q?Cg4nHggF6lHk873SDt73SkdGyxpGlWjDxbHYbpfcPzTEJx/FgwTvl70H?=

=?Windows-1252?Q?zeVI9MAGLfSObrco3aSs4QD6mNHh5D2dTfqI9RcMWJO5LMfaBu0gom7B?=

=?Windows-1252?Q?3rfa9OCXkdhKpFOnG3znNpj7Gg6xfO76zxcECc6sTYH2smp5JEDLbAla?=

=?Windows-1252?Q?kWMzZQUvKpTJOpgg20mZ0fcZy0pamuqucnyZYcUtkLdS8qu0LBwT0AuL?=

=?Windows-1252?Q?kbdrW0/emupAnbDkftq2NDK9X4qSkeLLxEr3n8xEPzI5oVDecTuzzeo0?=

=?Windows-1252?Q?i8DPN5X0NfiQ2n2CMFnvS7j7s6k4f9VvLzZYspWYId//Xx841btCrm9v?=

=?Windows-1252?Q?dA2/03g4J5bYW+xXpwvBm77Wqqm8tyoBXrz739Xm+jMnWIjS+WEcXcLM?=

=?Windows-1252?Q?8vS1lqbkrloo/F/yLD7t61zu5PJvp45o5NcJrRWlzpj9/rd6Js13tkdJ?=

=?Windows-1252?Q?lmCac5P4v6/yrcdHy6dBcHaDkCrPkg5lDzQ0eTjO7ts5v40L+p/JSB9p?=

=?Windows-1252?Q?5uAP3oQvQc4qfmO0bm5mgeyAWFkOrL+WiXftE/MWNBFAX4VtXEx51/yJ?=

=?Windows-1252?Q?KdsTDIy8C1vuUxqOp28NvFVDk1V9/dOs2apvF+vQaqsblFQHDT8aYEO+?=

=?Windows-1252?Q?et+2UyVV+DB/Nak5HBZR8E0rdvB5N4wFq2FzS5MKeLXwBTWFy19rW+hb?=

=?Windows-1252?Q?J3XB047KLYb4Vss7X64muLPeu6hKBJwns8z9VDFeJM5xtQDthX/OgCxE?=

=?Windows-1252?Q?FGdvmBVR53CzEcqBEdk/vRjgkK+V9WwAO4hBrwdEJ5p5MexpGOi6LNrj?=

=?Windows-1252?Q?jkb0KyHKhcjoOPxu3N8ksxIqm/Md0Ysglvm/rvHfxZuVzuHTgxyS4QC5?=

=?Windows-1252?Q?kOeiHSx4URbBb61cV5BJCb8/moizUeWuCIIwelN4v0hV5JD6uQotWk+j?=

=?Windows-1252?Q?u1vr0X/i+eGugtU1ZHBXRV+Ye5k9ZkPWEXRwm8YKqSrPpRBqLacckn2i?=

=?Windows-1252?Q?F2wNMA9r3oNqNFIdjqRDyh5Z/jYwGfpXuZpRthzJAN9FCg2Z2FP+dbip?=

=?Windows-1252?Q?ELPUTQV3yoln25jy6lwLIn9lH+PkugHd75ulVDe3i+I+GiBU?=

Content-Type: multipart/alternative;

boundary="_000_DU0P191MB2993E9B797A73A11D480654DADAFADU0P191MB2993EURP_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-71052.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: DU0P191MB2993.EURP191.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: ef7266b0-8f53-4ef1-509c-08de3a18ed42

X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2025 07:26:26.7265

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI0P191MB2919

--_000_DU0P191MB2993E9B797A73A11D480654DADAFADU0P191MB2993EURP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

Hi,

Can I send you our complete price list?

Thanks in advance!

Babita

From: Babita Smith

Sent: Thursday, December 11, 2025 5:04 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hi,sales@nk.ca

ANY UPDATE

Can I send packages and a Price with great proposals?

Best Regards,

From: Babita Smith

Sent: Tuesday, December 9, 2025 3:37 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hi,

I=92d like to follow-up on my last email.

I=92d like to send you our proposal and Price list.

Thank you!

From: Babita Smith

Sent: Friday, December 5, 2025 3:26 PM

To: sales@nk.ca

Subject: Great Results to Your Clients?

Hello,

We specialise in helping businesses appear on Google=92s first page for the=

ir niche keywords. This can significantly increase traffic, leads, and enqu=

iries.

If you=92re interested, I can send over our affordable SEO packages.

Best,

Babita

Posted by Dave Yadallee on Saturday, December 13. 2025

Content analysis details: (15.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in sa-trusted.bondedsender.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.230 listed in wl.mailspike.net]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.230 listed in list.dnswl.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.214.230 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 22:51:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUIWU-00000000Ebw-1YGN

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 22:50:30 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 22:50:30 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f230.google.com ([209.85.214.230]:43183)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUHd0-00000000BZD-1pem

for doctor@nl2k.ab.ca;

Fri, 12 Dec 2025 21:53:18 -0700

Received: by mail-pl1-f230.google.com with SMTP id d9443c01a7336-297d4ac44fbso9352315ad.0

for ; Fri, 12 Dec 2025 20:51:28 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765601482; x=1766206282;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=vQRw5juGRWn7EtVahunvlbnYVLtozUoc9tnYO+EqlzKfK1FJ6G8HSWCECrIgWvLrWB

GW4WRkYPIZL92rRo08ek9jI501XWdcZno3s7OYPkxoHTVsEh3Uqtv95iKpEd7oq5nLBl

Vw064+fHKLrdbE/x3uxn4M1JOhmwyaKZajRT7AF7pqrWO8b2PCUuUK47uVFNw0evQ0Bc

L8CXAj5uz8dYuLFkrYYF9Gs/rqQV8ZsnHuPD5VZa3rM4cWURyC09DFAXoDdKxVB7h+VX

ZSehnfEf6XyDR/LncQNIhYSiRp5QpFtNROuocWNjUVtcbXaLUjUNe8NKJEWuJTJq6j20

Pn0w==

X-Forwarded-Encrypted: i=1; AJvYcCVFl7WiJuy4hAIeb060ylBlquJbCHHToJO1NymRAKQW4z/7aVj4QnNlCqw343yaF1FPJUS4VVM=@nl2k.ab.ca

X-Gm-Message-State: AOJu0YxHja/sMJyaiwwUci5XL4E5FuP/kDIIZGcA/tOuGX0Y2+oxuEca

oOfyW4EtcdJWDyciUUWyEew9p8Uf3XGMULmDoCAsQJSwaLzM5Nhhb5OPGKvGG1OeoJUZRfi3KRz

FrK1py2kqmUO0w7UDH2tK+J/wMksSUP/JX5tp

X-Gm-Gg: AY/fxX6X7DymNaenpInQFbR1zqGJ2wOOT0D3vB9lLEwiWabLfJ8UZL8dj1OHvauD6wq

UxMduf/Ul22NcKX/3jUS57rXM6jAaQLkd6X+F9KFVhkp+UWSj4F1Q3zThO2zfk+TImOl9b+7Dgc

zxrzFb+VevlCIq6uXfb8zQ/WQ3f3t6/vr6Zx8SZ7qJMSmsLAPg5T5zYkkyhL1kyvgZb6fyP2zOQ

w/dLy0/dSX4Kq90WQRULVkbu/ZQOxH5yK7X+ePJercvUHU4JAyW8PpYUZIVmTtAm6826OGbenFA

5p8jGKyq6kTaVxWdzqg6E4gW4YbYBkCe9tEZjhnmX0TlxvX8hVqS8mofA2GXGKVup6dcnNJLZdi

LRxJ6k4vC64Qk6KI2XJSHfQ==

X-Google-Smtp-Source: AGHT+IH3GOt6ps9lOSAWeV3+2yGvttF1OjoDKfyV72lqD70I9ZibncJjmsOnvDCd0NCcc5doP6ppeq4nEyvk

X-Received: by 2002:a17:903:2a90:b0:295:99f0:6c65 with SMTP id d9443c01a7336-29eeec38ae8mr79036355ad.30.1765601481970;

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a08df4a425sm2222055ad.23.2025.12.12.20.51.21

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id C4674146016;

Fri, 12 Dec 2025 22:51:13 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765601481; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=QOOxxPl0j4lT0LG2b4GMbazYOUXtjhpXfn/c2nZ55mX0TfZ7Zwg2Xa1N+x2otPu+3QbpX6

943ggxwXnsPfmeFNm6BLevK4rIznuIUNmlkaCorLnCiAULLvg1b9teN4YjFqmxs6bGYumh

xKwgZBdh/47PS3Q6nDlfkE50K9v7IX2uE19jSEKwEeJN4t+M5dHlGutdgg73SGW43PCla+

o6dmvBU4UHR5dXbV1pOLwm7T79MASDZUapNpGAGE6pfC6a9twMTd60qm7P9VZQxY5a+cRK

tmCgpApY8zKaaGgeUTeIrgRyR3T2UHKI9TEHB3dRQ2wsAZ2dg9YNeromcLBR/w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID: <60df76e3919315de5c349bc5c265eeb5@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="14da1bab14540aaf3b0fafbcf078de42d"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 15.1

X-Spam_score_int: 151

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Posted by Dave Yadallee on Saturday, December 13. 2025

Content analysis details: (15.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

[209.85.214.230 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

[209.85.214.230 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in sa-trusted.bondedsender.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.230 listed in wl.mailspike.net]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.230 listed in list.dnswl.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.214.230 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.230 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 22:51:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUIWU-00000000Ebw-1YGN

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 22:50:30 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 22:50:30 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f230.google.com ([209.85.214.230]:43183)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUHd0-00000000BZD-1pem

for doctor@nl2k.ab.ca;

Fri, 12 Dec 2025 21:53:18 -0700

Received: by mail-pl1-f230.google.com with SMTP id d9443c01a7336-297d4ac44fbso9352315ad.0

for ; Fri, 12 Dec 2025 20:51:28 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765601482; x=1766206282;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=vQRw5juGRWn7EtVahunvlbnYVLtozUoc9tnYO+EqlzKfK1FJ6G8HSWCECrIgWvLrWB

GW4WRkYPIZL92rRo08ek9jI501XWdcZno3s7OYPkxoHTVsEh3Uqtv95iKpEd7oq5nLBl

Vw064+fHKLrdbE/x3uxn4M1JOhmwyaKZajRT7AF7pqrWO8b2PCUuUK47uVFNw0evQ0Bc

L8CXAj5uz8dYuLFkrYYF9Gs/rqQV8ZsnHuPD5VZa3rM4cWURyC09DFAXoDdKxVB7h+VX

ZSehnfEf6XyDR/LncQNIhYSiRp5QpFtNROuocWNjUVtcbXaLUjUNe8NKJEWuJTJq6j20

Pn0w==

X-Forwarded-Encrypted: i=1; AJvYcCVFl7WiJuy4hAIeb060ylBlquJbCHHToJO1NymRAKQW4z/7aVj4QnNlCqw343yaF1FPJUS4VVM=@nl2k.ab.ca

X-Gm-Message-State: AOJu0YxHja/sMJyaiwwUci5XL4E5FuP/kDIIZGcA/tOuGX0Y2+oxuEca

oOfyW4EtcdJWDyciUUWyEew9p8Uf3XGMULmDoCAsQJSwaLzM5Nhhb5OPGKvGG1OeoJUZRfi3KRz

FrK1py2kqmUO0w7UDH2tK+J/wMksSUP/JX5tp

X-Gm-Gg: AY/fxX6X7DymNaenpInQFbR1zqGJ2wOOT0D3vB9lLEwiWabLfJ8UZL8dj1OHvauD6wq

UxMduf/Ul22NcKX/3jUS57rXM6jAaQLkd6X+F9KFVhkp+UWSj4F1Q3zThO2zfk+TImOl9b+7Dgc

zxrzFb+VevlCIq6uXfb8zQ/WQ3f3t6/vr6Zx8SZ7qJMSmsLAPg5T5zYkkyhL1kyvgZb6fyP2zOQ

w/dLy0/dSX4Kq90WQRULVkbu/ZQOxH5yK7X+ePJercvUHU4JAyW8PpYUZIVmTtAm6826OGbenFA

5p8jGKyq6kTaVxWdzqg6E4gW4YbYBkCe9tEZjhnmX0TlxvX8hVqS8mofA2GXGKVup6dcnNJLZdi

LRxJ6k4vC64Qk6KI2XJSHfQ==

X-Google-Smtp-Source: AGHT+IH3GOt6ps9lOSAWeV3+2yGvttF1OjoDKfyV72lqD70I9ZibncJjmsOnvDCd0NCcc5doP6ppeq4nEyvk

X-Received: by 2002:a17:903:2a90:b0:295:99f0:6c65 with SMTP id d9443c01a7336-29eeec38ae8mr79036355ad.30.1765601481970;

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a08df4a425sm2222055ad.23.2025.12.12.20.51.21

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id C4674146016;

Fri, 12 Dec 2025 22:51:13 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765601481; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=QOOxxPl0j4lT0LG2b4GMbazYOUXtjhpXfn/c2nZ55mX0TfZ7Zwg2Xa1N+x2otPu+3QbpX6

943ggxwXnsPfmeFNm6BLevK4rIznuIUNmlkaCorLnCiAULLvg1b9teN4YjFqmxs6bGYumh

xKwgZBdh/47PS3Q6nDlfkE50K9v7IX2uE19jSEKwEeJN4t+M5dHlGutdgg73SGW43PCla+

o6dmvBU4UHR5dXbV1pOLwm7T79MASDZUapNpGAGE6pfC6a9twMTd60qm7P9VZQxY5a+cRK

tmCgpApY8zKaaGgeUTeIrgRyR3T2UHKI9TEHB3dRQ2wsAZ2dg9YNeromcLBR/w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID: <60df76e3919315de5c349bc5c265eeb5@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="14da1bab14540aaf3b0fafbcf078de42d"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 15.1

X-Spam_score_int: 151

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Posted by Dave Yadallee on Saturday, December 13. 2025

Content analysis details: (14.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in sa-accredit.habeas.com]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.214.232 listed in wl.mailspike.net]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.232 listed in list.dnswl.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.214.232 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 22:51:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUIWQ-00000000Ebi-0oVr

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 22:50:26 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 22:50:26 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f232.google.com ([209.85.214.232]:43318)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUHd0-00000000BZC-1mEA

for doctor@mail.nl2k.ab.ca;

Fri, 12 Dec 2025 21:53:18 -0700

Received: by mail-pl1-f232.google.com with SMTP id d9443c01a7336-297e239baecso12635155ad.1

for ; Fri, 12 Dec 2025 20:51:27 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765601482; x=1766206282;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=A0ONl/XraIXQMQjnJDaaMgi3vr+G7+gLIkwLsLG8w90UZHrcP4apvLdEVBoasNl2gt

aJ8Fsfvvxjgs5X2s5Zcfr1+Cd05YrTsba4wNArnS+u+pjMUZu3OqlncySYE+/av363wJ

vdWU2yCMTcvs9eWeY1K1YgdGlVQ2fK2Zyx0BgJj7rCWBSE6dBNfYcFuMkD/XpEMb8ogC

azzzqJ0HfX80F0NgaNLQX/yh+qXqmqzQuqStg24DHLugoevaoc2jKi37FaA1I1TjPyRh

yeffsQXA/2+Dv3aQcbeRcyKJxikCvlYkywZx33l9tf2afJHnWtJyqOofyixlVywI5EvI

mgcw==

X-Forwarded-Encrypted: i=1; AJvYcCW8yr2mSyVp8JyvsYeQzMJfzHfoW2GY//RoOP2/ebAKuKOfHMZ2IeKWcYu6pZK2A5/1l4hcrwE=@mail.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxQu7RrtoutaQt/yREebYyOjPiDOW9aPyQFPpizcJA1Iw+3DWR3

5j78q/bRC8b4Pf+wAprY/wyujwe+t+qlq5dt+H92QbYIPNyVfOeOPLF1yZeuIQ6Gky0ILzcVQ0B

oTlWH0JZ0hBrY0nx7QKuTHyF6irPDNXAH6eF0

X-Gm-Gg: AY/fxX7kQb9JgN/HeVmYCPKRHZCsKJe6Vb0BSvYHcPFftdINAjCUQp/hs4W60zNsA7w

ChK7gF8t8T/WKuU+roN7JfpkftTGC5HnfZg5QmFQiU6E+Mlu9YwUzf9eOKMzZCXwMDwnqWMKzEn

VS1H7p2dmxj96VC2RwcdkByN3xRTPBSTVnH+bXQztYxW9AzqZR0BGrbPWQooZhDGJOQdc9Ej+0l

DgIhNTCOtf7l9KEU/p4KKGAdbQCLsMA1qL5rE3Xf/IWkKezSuRiOgyYZGTMZefUenG9XzqYKQ7s

oHrpwVLuP6d8TCRmSOS2HIYLhUSvxJC5MyxmkAPFL2+SWb93G4qzzTSm+SvhqpNU4hBIkjE4kYb

cnwzKN6NzwMWULVNF6v4q3A==

X-Google-Smtp-Source: AGHT+IH3GOt6ps9lOSAWeV3+2yGvttF1OjoDKfyV72lqD70I9ZibncJjmsOnvDCd0NCcc5doP6ppeq4nEyvk

X-Received: by 2002:a17:903:2a90:b0:295:99f0:6c65 with SMTP id d9443c01a7336-29eeec38ae8mr79036355ad.30.1765601481970;

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a08df4a425sm2222055ad.23.2025.12.12.20.51.21

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id C4674146016;

Fri, 12 Dec 2025 22:51:13 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765601481; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=QOOxxPl0j4lT0LG2b4GMbazYOUXtjhpXfn/c2nZ55mX0TfZ7Zwg2Xa1N+x2otPu+3QbpX6

943ggxwXnsPfmeFNm6BLevK4rIznuIUNmlkaCorLnCiAULLvg1b9teN4YjFqmxs6bGYumh

xKwgZBdh/47PS3Q6nDlfkE50K9v7IX2uE19jSEKwEeJN4t+M5dHlGutdgg73SGW43PCla+

o6dmvBU4UHR5dXbV1pOLwm7T79MASDZUapNpGAGE6pfC6a9twMTd60qm7P9VZQxY5a+cRK

tmCgpApY8zKaaGgeUTeIrgRyR3T2UHKI9TEHB3dRQ2wsAZ2dg9YNeromcLBR/w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID: <60df76e3919315de5c349bc5c265eeb5@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="14da1bab14540aaf3b0fafbcf078de42d"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 14.9

X-Spam_score_int: 149

X-Spam_bar: ++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 20:23:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUGCt-000000006E4-0qrE

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 20:22:07 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 20:22:07 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lj1-f196.google.com ([209.85.208.196]:60611)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUFaj-000000003Kb-1Izc

for doctor@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 19:42:50 -0700

Received: by mail-lj1-f196.google.com with SMTP id 38308e7fff4ca-37a2dcc52aeso15827991fa.0

for ; Fri, 12 Dec 2025 18:41:56 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1765593709; x=1766198509; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=hg6yT7ppGRbhNH7XMg2vFFLQ4ORbrxFq6y1JdNuFT9M=;

b=klgu8AGF7nJKhdGyGUqvaxg2p4byoh119b7sRG2tJQyBwI5Ko603O5g1tSi9o+6Bz9

l8pUZwUGDpADY6OYb0nUQkrJrK3R+4d9rwIW9TNBBBsw5d6d/Jp45UchGYXAgl/De4qY

NYJqrXw/yXfiQPKCJHL4h9ijWvAq6/hyxXic9reMPJyYp91PPDfYccxDtbNCY89GFNbU

RUIm2AQK5y9Js2LRCj70qwZKyDusmNNE0J0yAJWfM7iRKpLcNFh9UQfrvrp06aGaUB7/

mDx+kAkeIy4mPDD5v4XfMR57JN+dC4+XuTihZSkH0ltSrzqJGEiBRdZSJX33wFkzeQto

0wHQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765593709; x=1766198509;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=hg6yT7ppGRbhNH7XMg2vFFLQ4ORbrxFq6y1JdNuFT9M=;

b=XUI+1jX+YthiVS0oMzjYEsX/RintJGbyjlFrT251EpmJxnBKZADFN0Q2hxHGk8Islg

KNWKYhh/5irZHK+T8slxnTZxwkGF3nrjxjSpOHAVmuGriqQzwwCk0ZqpJHtZcQ7eaPe4

uMOLMtZ5OoGmtlx1nItAfPc4Bf+9xNO97BSwIqqww0beAxRMEIapHnKXO9pGiQkc/1Yb

pB0clkIEWOvzmCssZs9R7sSoiQCFC/6PxbntE0QoxKCkbOwLrKNTA5A0Riu0MJzNQSbo

YK0W+IKYWYqazJRaigxXaHMHPtZbjD+uuhr5D0m40bYUeE+Q3aet71Jouutm5HTMSQL3

c8sA==

X-Forwarded-Encrypted: i=1; AJvYcCWCLzZfuRBnVPiVei0Fnjhbc2K1wJxRm+rJKS16j8yFzkal6vSIvosLO6Kn1oOgvKOW15lf4RQ=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyNS2wMkbRXA4IkgnUBhBpHl7f1i/oiIz63JFsnlI1YRfIe/TZy

JF+xClY/YEtN6wtoHDY80aaDSSl0Fw6C8r8BpYip98K/0xLUotCfVHuY4URmQS0ELu9hdQekw+k

m9E6TywdtCXndGFvdt3J3anOcbGfwDm0=

X-Gm-Gg: AY/fxX5xOtY+VB95W3pqR6A+4ouTiSTI0OIK+aNZOh1tjA0oB8i1DqVyPH+QX/Ga6PS

RXwE+RE7K/DtIAP6aJL1w5mn1bsFS3LwgaUgvwpvgWv/4ZYUBc2eSvAlJRiGlkRilHK/sUw3OWJ

mEhubyQNsY6dNL5fPxiBX+9/AK5KNmAvp8Z7NnXhVpVGRcP5JktsgnAh7z1sV4KjKkSv8JJW+i+

ndIjoFIwk6fvQMTcCG4yXD170rlZy3HUQL4TRqEMOUxVzz5FZdcXZs8MKpvo0oTjLLoesfqog4D

Sg==

X-Google-Smtp-Source: AGHT+IFdaDs56PMH4MJ2Xvj8hnhc2a4LBkY9id+ZFF+3VyJNAl9vFsQV2YaI+7C5nDTqlqogEIAF97gS0GiZCZ7SA6A=

X-Received: by 2002:a2e:9a12:0:b0:37a:95c9:4745 with SMTP id

38308e7fff4ca-37fd08c7a93mr12514031fa.40.1765593709055; Fri, 12 Dec 2025

18:41:49 -0800 (PST)

MIME-Version: 1.0

Reply-To: louisa244love@gmail.com

From: Louisa

Date: Sat, 13 Dec 2025 09:41:37 +0700

X-Gm-Features: AQt7F2pho8Xis1q1fAf7gJR36-xrstLxWy6jDGAgM5WYva0rG56t9QOHYxXtqVA

Message-ID:

Subject: HELLO

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000d895010645cc514d"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 6.3

X-Spam_score_int: 63

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello , How are you and your family doing today? I hope all

is well with you? Hello ,

Content analysis details: (6.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in sa-accredit.habeas.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.196 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.196 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.196 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in bl.score.senderscore.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[louisab354(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[louisab354(at)gmail.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

Subject: {SPAM?} HELLO

--000000000000d895010645cc514d

Content-Type: text/plain; charset="UTF-8"

Hello ,

How are you and your family doing today? I hope all is well with you?

--000000000000d895010645cc514d

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

:Helvetica,Arial,sans-serif">Hello ,

r:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif">

:13px;color:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif">
=3D"font-size:13px;color:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif"=

>How are you and your family doing today? I hope all is well with you?=C2=

=A0

--000000000000d895010645cc514d--

December '25

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 20:22:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUGCf-000000006Cg-3Kbb

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 20:21:53 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 20:21:53 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ua1-f103.google.com ([209.85.222.103]:57580)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUEp6-000000000Oz-31vz

for root@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 18:53:36 -0700

Received: by mail-ua1-f103.google.com with SMTP id a1e0cc1a2514c-93f5667f944so1103144241.2

for ; Fri, 12 Dec 2025 17:52:43 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765590757; x=1766195557;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=dutKWXB6qWezxV7ePGOU87aIyoiLN4AGBrtyOSZE6dY=;

b=Jsb/VrXRLbxTOikVdbiT6+kmS+qL4i/Kz83HRgWUPB+mXS7o0HHHlewpe+UCj3OaEG

oJPSFkSMHIlBOCv3O2MvsHZDPzNWwX2wJsCD3ZteGm7LdTJVc1RP+MXmZ+Lo2uvgBQab

6/Z1YCovY7Z793Co1HOSt+j0Wi+PopNxEiThrJ2MjdzY6qcWdjiV+Ze1vxCj5aYP4wbw

iPSZeyw27NZqn23MNFCRQDMl8IAkp5zCFM1FZI0c3hEk4wVUO5f7yPW8BwiF7TLbKZ3t

2SA+xWLR0+5pZ/pts0o2hYhF88As/N7gZCRTW1ZEMrlgqD1rMKE3HrbmQUFvVfXfCjlK

lazA==

X-Forwarded-Encrypted: i=1; AJvYcCUQXXwVnUEvE88WmCIIKYaWkYt22MIzE0AF0wWbM9Gv6x5y27/aVuX0Flgp5dKirN6TeL+u@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxC8jcNrQ9ZM/jDf3e0RROUkUeu07qtWdAdHEhVr4fYfMqaYJHj

x8wOfeCED5c9drWEkZe8ZhP6AMrH1BIt9eMt4MZqZE8C2llZO99nje3jJ38Xb+EEYocO6CON1La

PPJQJrwLSPT1tof1ccSlB2S6mfI9AEmWb1wEm

X-Gm-Gg: AY/fxX7iUExbnMUXiF02euIifHplf9LLw+mT1aemlrtZEo7UjlpINtXDqhlnRb236eZ

Eem4r6zIP3EvcT6oJUTUasui7xAPz25tEGEOJANAVh/ZoesEGx/otdn0MyflfuWklpp38+RvVGQ

LAh8X2ys9PUVkKE8U7waOiWfSNVFIcYt2TSQ1dWpn7lZ+3u8vdGqgWUhVgad2ylYrrnYE46F/K9

65SraDI8cW0bXADG3wdSM9kcY/6xsT83nRXrTuUXAZ96WvmsLniKLNaaMjU3DOJalePbSy8XjLu

1CKV5t2vdLr7f+fqXoH8kwUQWWlNcX7A2XxCbiYqdOkNbqsDd6K37lzcWFvGovWgKYgF9HimFU/

Lpx3nEEan2ihGq8alG3P+fg==

X-Google-Smtp-Source: AGHT+IElSQJD4EuzNyeT/wLN5Wwq9ADndnKpPMprIFVBKutX19Z1D22HAf1YDiiuyLyeE7WRt0breOugPj1x

X-Received: by 2002:a05:6102:e12:b0:5d6:254f:4e24 with SMTP id ada2fe7eead31-5e827835869mr1664251137.32.1765590757385;

Fri, 12 Dec 2025 17:52:37 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id ada2fe7eead31-5e7c85bb9b4sm1037051137.0.2025.12.12.17.52.37

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 17:52:37 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 2C749146138;

Fri, 12 Dec 2025 19:52:05 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765590755; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=dutKWXB6qWezxV7ePGOU87aIyoiLN4AGBrtyOSZE6dY=;

b=CGH8PWZCCPViEU8XqCia5znE5HX0enPvVKB06I4R/A3U3r6HAs2uO33UV0ivGdFvakhadR

BtJmvH7ig2j6PGJv34TgI/uAMmv4Y7sTWxPgj9j0/uSxbpJOpyTietikXZkRWow//ezAwx

QS2cBCtOXsiQjJkG3owfGjtJ9+o5EaB0pSb18yiwHO1Bs6bWpUz2zCDZitGq9lDWxMpQ5Q

rWhA4IfqzYyDweuwGsjtRGuoG3U7pHpqImjb0gzw2+CUMNDHcVnGZ1sY4JnphsgyDyp5wf

LU9EIcJkyBJDi8v+4GMas/g5HNANNN7aPNx8Ds0bADoA3Jo7VIsvQqACJwoD+w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="12595d64276c0482262d2ac7c83b13fd7"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 17.5

X-Spam_score_int: 175

X-Spam_bar: +++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Content analysis details: (17.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.103 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.103 listed in wl.mailspike.net]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--12595d64276c0482262d2ac7c83b13fd7

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--12595d64276c0482262d2ac7c83b13fd7

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--12595d64276c0482262d2ac7c83b13fd7--