Phish from Spain



Delivery-date: Sat, 16 Jul 2022 07:03:01 -0600

Received: from doctor by with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1oChRh-0004vJ-AY


Sat, 16 Jul 2022 07:02:57 -0600

Resent-From: The Doctor

Resent-Date: Sat, 16 Jul 2022 07:02:57 -0600


Resent-To: Dave Yadallee

Received: from ([]:58682)

by with esmtp (Exim 4.95 (FreeBSD))

(envelope-from )

id 1oCbmf-0004gV-NH


Sat, 16 Jul 2022 01:00:18 -0600

Received: from User (localhost [])

by (Postfix) with SMTP id 521FE6BFD60;

Sat, 16 Jul 2022 08:20:04 +0200 (CEST)


From: "Ray Wilfred."

Subject: Quick follow-up

Date: Sat, 16 Jul 2022 09:20:45 +0300

MIME-Version: 1.0

Content-Type: text/plain;


Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

Message-Id: <>

X-Spam_score: 24.1

X-Spam_score_int: 241

X-Spam_bar: ++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Quick follow-up I sent you some headline ideas last week.

Have you had a chance to look at them? I would love to hear what you think?

Direct Contact: Regards, Ray Wilfred.

Content analysis details: (24.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.0 NSL_RCVD_FROM_USER Received from User

0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends

in digit


0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail



1.0 FORGED_GMAIL_RCVD 'From' does not match 'Received'


0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in



1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

1.2 MISSING_HEADERS Missing To: header

0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is


1.9 REPLYTO_WITHOUT_TO_CC No description available.

1.4 MALFORMED_FREEMAIL Bad headers on message from free email


0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority

3.4 MSOE_MID_WRONG_CASE No description available.

0.6 FSL_NEW_HELO_USER Spam's using Helo and User

0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool

0.0 FROM_MISSP_USER From misspaced, from "User"

0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait

-0.0 T_SCC_BODY_TEXT_LINE No description available.

0.6 SCC_BODY_URI_ONLY No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain

different freemails

0.0 FROM_MISSPACED From: missing whitespace

1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing


0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To

0.0 T_FROM_MISSP_DKIM From misspaced, DKIM dependable

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

1.4 SPOOFED_FREEMAIL No description available.

2.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool

2.5 SPOOFED_FREEM_REPTO Forged freemail sender with freemail


0.0 FROM_MISSP_FREEMAIL From misspaced + freemail provider

0.0 SPOOF_GMAIL_MID From Gmail but it doesn't seem to be...

Subject: {SPAM?} Quick follow-up

Quick follow-up

I sent you some headline ideas last week. Have you had a chance to look at them? I would love to hear what you think?

Direct Contact:


Ray Wilfred.