Domain names selling spam from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:36:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTjPw-000299-MD
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:35:32 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:35:32 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-ej1-f47.google.com ([209.85.218.47]:43571)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTiS1-000LAu-7A
for sales@nk.ca;
Thu, 01 Sep 2022 05:33:41 -0600
Received: by mail-ej1-f47.google.com with SMTP id gb36so13153310ejc.10
for; Thu, 01 Sep 2022 04:33:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date;
bh=e+HaJQTJ8jWdDOn5CTIjLbuaUDq0Ye911fxyWuQ9Q/Q=;
b=QYR/Fhjq7YJhh4V52Wg+9DliEq37zn3n0QDTq7+0vFIamrxMFrDToaJ6NwwqRp9Yhn
QK2JtkS6HKMN/TrduIulcRzfpDKlXTyA4bvtyq0bmLSYCfhvV+uxL8zvMRxw8MeWPdnu
jTRBl0ylLxYiqYjv5mlv/Z4xhNCUfDmsMExqkDb9QXFFQJqn4VKNodPDr6h6uWa10j+a
3rciBrZDXCYIG3rXpLUE7efF3QpJx+9I27o0rNf4FH2xyUXs/oFiqq7uCwcOEV3BTN1B
MF4M7EbBNDrtO7OyuFwFAROffxZLnpttFenC0RFbDTsIeJI23XepQqASIiWFWNCWcSzx
08+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date;
bh=e+HaJQTJ8jWdDOn5CTIjLbuaUDq0Ye911fxyWuQ9Q/Q=;
b=CdHebrQ284ROQYWxY06aCnq6OMVH14ZxlaA2RSrr0vIOqVY4O4gC9/W5BN7ls2JVrS
bZe+vLHup5kfUSim51WlKx/42vCvCsCUlh2j6ezrkLG7RtRBGsqvYvc0UEZqxvXvEEWi
H85SUhZbWnHs8nu+fuoIslkhTJq/w0fOxa0mHchemOqTV3QnmcdzEKrXcxcSg7/3g7Jm
Ml4nXzoo0X4Jw+l5igg6+ZFgHZEoXujiwoNsvGaJDpENGNX3+eD+N8cyHmNbL1bkW3Sy
2ytdjHHfvWa7mNlBt4eRa5R+4b+QhZ0XaEBrtHOjP2KwbE8EcFGs8rjaN8iabkJOHhWX
qyHA==
X-Gm-Message-State: ACgBeo37JBWZi4oKG3HB9V9VxAAFRXMEZX5deJ7HSA4H/X9X2KUCiFN1
J9txeTPiiKzOxVUNllB1UsqzK6NsgkUoq2o58raF8Ijd1SA=
X-Google-Smtp-Source: AA6agR7GpvB7Tc62zT4xWX66ixZcyypXjpd7Si84pcdMuL17WLKmd+9EytHqA7SoeIN+BZLP17ohC7Uvq5ZkKxVdP3Y=
X-Received: by 2002:a17:907:2723:b0:741:4fbf:4658 with SMTP id
d3-20020a170907272300b007414fbf4658mr15662298ejl.424.1662031989028; Thu, 01
Sep 2022 04:33:09 -0700 (PDT)
MIME-Version: 1.0
From: Mathew Henderson
Date: Thu, 1 Sep 2022 12:32:50 +0100
Message-ID:
Subject: BROADBAND ALBERTA
To: sales@nk.ca
Content-Type: multipart/alternative; boundary="0000000000004fbc2605e79bfa9c"
--0000000000004fbc2605e79bfa9c
Content-Type: text/plain; charset="UTF-8"
Hello
BroadbandAlberta.com
Concerning the above domain, we are reaching out to Broadband Companies in
Alberta for a sale of the domain
The domain align with your Broadband Service and you could use it to
authenticate your brand by redirecting it to your primary website.
It's available for $599 and If interested in the domain for your company,
kind take action as soon as possible by visiting www.BroadbandAlberta.com
to purchase the domain name.
Thanks
Mathew Henderson
For Wisdom Domains
--0000000000004fbc2605e79bfa9c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
=
iv>
=3D"auto">
v>
--0000000000004fbc2605e79bfa9c--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:36:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oTjPw-000299-MD
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:35:32 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:35:32 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-ej1-f47.google.com ([209.85.218.47]:43571)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oTiS1-000LAu-7A
for sales@nk.ca;
Thu, 01 Sep 2022 05:33:41 -0600
Received: by mail-ej1-f47.google.com with SMTP id gb36so13153310ejc.10
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date;
bh=e+HaJQTJ8jWdDOn5CTIjLbuaUDq0Ye911fxyWuQ9Q/Q=;
b=QYR/Fhjq7YJhh4V52Wg+9DliEq37zn3n0QDTq7+0vFIamrxMFrDToaJ6NwwqRp9Yhn
QK2JtkS6HKMN/TrduIulcRzfpDKlXTyA4bvtyq0bmLSYCfhvV+uxL8zvMRxw8MeWPdnu
jTRBl0ylLxYiqYjv5mlv/Z4xhNCUfDmsMExqkDb9QXFFQJqn4VKNodPDr6h6uWa10j+a
3rciBrZDXCYIG3rXpLUE7efF3QpJx+9I27o0rNf4FH2xyUXs/oFiqq7uCwcOEV3BTN1B
MF4M7EbBNDrtO7OyuFwFAROffxZLnpttFenC0RFbDTsIeJI23XepQqASIiWFWNCWcSzx
08+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date;
bh=e+HaJQTJ8jWdDOn5CTIjLbuaUDq0Ye911fxyWuQ9Q/Q=;
b=CdHebrQ284ROQYWxY06aCnq6OMVH14ZxlaA2RSrr0vIOqVY4O4gC9/W5BN7ls2JVrS
bZe+vLHup5kfUSim51WlKx/42vCvCsCUlh2j6ezrkLG7RtRBGsqvYvc0UEZqxvXvEEWi
H85SUhZbWnHs8nu+fuoIslkhTJq/w0fOxa0mHchemOqTV3QnmcdzEKrXcxcSg7/3g7Jm
Ml4nXzoo0X4Jw+l5igg6+ZFgHZEoXujiwoNsvGaJDpENGNX3+eD+N8cyHmNbL1bkW3Sy
2ytdjHHfvWa7mNlBt4eRa5R+4b+QhZ0XaEBrtHOjP2KwbE8EcFGs8rjaN8iabkJOHhWX
qyHA==
X-Gm-Message-State: ACgBeo37JBWZi4oKG3HB9V9VxAAFRXMEZX5deJ7HSA4H/X9X2KUCiFN1
J9txeTPiiKzOxVUNllB1UsqzK6NsgkUoq2o58raF8Ijd1SA=
X-Google-Smtp-Source: AA6agR7GpvB7Tc62zT4xWX66ixZcyypXjpd7Si84pcdMuL17WLKmd+9EytHqA7SoeIN+BZLP17ohC7Uvq5ZkKxVdP3Y=
X-Received: by 2002:a17:907:2723:b0:741:4fbf:4658 with SMTP id
d3-20020a170907272300b007414fbf4658mr15662298ejl.424.1662031989028; Thu, 01
Sep 2022 04:33:09 -0700 (PDT)
MIME-Version: 1.0
From: Mathew Henderson
Date: Thu, 1 Sep 2022 12:32:50 +0100
Message-ID:
Subject: BROADBAND ALBERTA
To: sales@nk.ca
Content-Type: multipart/alternative; boundary="0000000000004fbc2605e79bfa9c"
--0000000000004fbc2605e79bfa9c
Content-Type: text/plain; charset="UTF-8"
Hello
BroadbandAlberta.com
Concerning the above domain, we are reaching out to Broadband Companies in
Alberta for a sale of the domain
The domain align with your Broadband Service and you could use it to
authenticate your brand by redirecting it to your primary website.
It's available for $599 and If interested in the domain for your company,
kind take action as soon as possible by visiting www.BroadbandAlberta.com
to purchase the domain name.
Thanks
Mathew Henderson
For Wisdom Domains
--0000000000004fbc2605e79bfa9c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Hello
=C2=A0BroadbandAlberta.com
iv>
Concerning the above domain, we are reaching out to Br=
oadband Companies in Alberta for a sale of the domain=C2=A0
oadband Companies in Alberta for a sale of the domain=C2=A0
=3D"auto">
The domain align with your Broadband =
Service and you could use it to authenticate your brand by redirecting it t=
o your primary website.
Service and you could use it to authenticate your brand by redirecting it t=
o your primary website.
=
It's available for $599 and If=C2=A0 interested in the domain for your =
company,=C2=A0 kind take action as soon as possible by visiting
http://www.BroadbandAlberta.com">www.BroadbandAlberta.com to purchase t=
he domain name.
It's available for $599 and If=C2=A0 interested in the domain for your =
company,=C2=A0 kind take action as soon as possible by visiting
http://www.BroadbandAlberta.com">www.BroadbandAlberta.com to purchase t=
he domain name.
v>
Thanks=C2=A0
Mathew Henderson
iv>
iv>
For Wisdom Domains
--0000000000004fbc2605e79bfa9c--
Linkedin PHish from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:36:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTjPg-000289-8l
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:35:16 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:35:16 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pj1-f52.google.com ([209.85.216.52]:56005)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTiWI-000LiY-8Z
for root@nk.ca;
Thu, 01 Sep 2022 05:38:07 -0600
Received: by mail-pj1-f52.google.com with SMTP id l5so12981648pjy.5
for; Thu, 01 Sep 2022 04:37:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date;
bh=6Ur8jH1nUXae41GG2SX6COUHW66OmD1tnsXxg8WmK4s=;
b=FfakMf06c2ns7gPsSLQswpMVH+snTlvlLxqnR1DhmLcg3u/Glxpjm94jZjgWtfdDhq
Qz+P+nTGd+2uQAtiheQkoccmD736tE0JEBGRSe8ebRAZrbnaXFEGkpaMUneFINk4pyVt
XyPSnFXtNaZaWVz2LWM3+9VwewhNpTPsajJTwNBajmjMycv/zyJLMFuwuB/VYnrVx+10
81YjMM3mCU6ZfYsL8OJb0W7tiCKNngpwFW6XvlZfMSgDY5A3piIuSML8Jnk0C1LiK0S3
aVrQnGxMJAL2nnkknZQ2SMHB3rndJP3EgelnuOqJDO2gOHb5zSGm3Eeko3nnvQvoFCcI
h8gg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date;
bh=6Ur8jH1nUXae41GG2SX6COUHW66OmD1tnsXxg8WmK4s=;
b=WoUglzZF3tio4jKHirhOoWpvhIzQRX4DodWvh2Ji9f+r3kc1uyeniLxhHYfplogGIL
cEl9nGbBbTQ9332D5QJ3oW+dkhlw8HkKT8WYs00hOkWiora9wtZSEGgzalnaFw36kK3T
+GPzhQFTYeNG8SpvDDcUsFtbPL07WqQazOSI+/fbLw68MOb4t3B+TtyM08CHBgAb7BEv
YGdbG+EnYjZDmTjhUgx/Xe7iX/GTSrjFKAt1La5Sxq2LbVvzVTyQsXSLMiTAPEz582Om
wOLEjJzA1ik00FDzoDjImYFkgEY9ic2bgGh2Bejz0t8RUcEw0hYoCo27pTGncdkpbR0W
I/dg==
X-Gm-Message-State: ACgBeo2Tz8vURvB8WZS581YyPKZKgQoklugwlZEPTDco30SEf/5LaFOX
WuRF8eEN1rLeUgFm/ulxPKOcKEXwPrX57YmYvsSEoBzh36aOz39g3TgOzQ==
X-Google-Smtp-Source: AA6agR5W3VWJk0jVOuLqORCEC9FW4G3JCHT/pwjbdoJ059fOrKerr6kYfmZlINmiz2gCld9ta0K8DrvoT+dprYShhYs=
X-Received: by 2002:a17:903:120c:b0:170:aa42:dbba with SMTP id
l12-20020a170903120c00b00170aa42dbbamr30877511plh.67.1662031911319; Thu, 01
Sep 2022 04:31:51 -0700 (PDT)
MIME-Version: 1.0
From: LinkedIn Update Reminder
Date: Thu, 1 Sep 2022 04:32:10 -0700
Message-ID:
Subject: LinkedIn Quick Mail Info
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="000000000000ae005805e79bf509"
Bcc: root@nk.ca
--000000000000ae005805e79bf509
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
[image: LinkedIn]
LinkedIn User
Dear User,
We're unable to reach you using your primary email. Please confirm if the
email below is correct.
Please Emails aren't getting through to one of your email addresses.
please Update or Confirm your email.
Update.
Please review the information associated with your account. Remove any
inactive information and add your new information. Your recommendation to
Update your Account not to lead to loss of account.
Unsubscribe
Help
>
You are receiving LinkedIn notification emails.
This email was intended for,
User Only
=C2=A9 2022 LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place,
Dublin 2. LinkedIn is a registered business name of LinkedIn Ireland
Unlimited Company. LinkedIn and the LinkedIn logo are registered trademarks
of LinkedIn.
--000000000000ae005805e79bf509
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
le=3D"presentation" width=3D"100%" style=3D"width:488px;min-width:100%">
ody>
=3D"nofollow noopener noreferrer" target=3D"_blank" href=3D"https://www.lin=
kedin.com/" style=3D"color:rgb(0,115,177);text-decoration-line:none;display=
:inline-block">![3D"LinkedIn"](3D"https://ecp.yusercontent.com/ma=<br)
il?url=3Dhttps%3A%2F%2Fstatic.licdn.com%2Fsc%2Fp%2Fcom.linkedin.email-asset=
s-frontend%253Aemail-assets-frontend-static-content%252B__latest__%2Ff%2F%2=
52Femail-assets-frontend%252Fimages%252Femail%252Fphoenix%252Flogos%252Flog=
o_phoenix_header_blue_78x66_v1.png&t=3D1662028631&ymreqid=3Dde7e845=
d-f460-7e31-2f2c-5a000c011d00&sig=3DVib.qRDZD_DDiyPc01ZgDg--~D" style=
=3D"outline: currentcolor none medium; color: rgb(255, 255, 255); border-wi=
dth: 0px; border-style: solid; width: 40px; min-height: 34px; visibility: v=
isible;">
e=3D"outline:none">
role=3D"presentation" width=3D"100%">
=3D"middle" style=3D"outline:none;padding:0px 0px 0px 10px">
gin:0px">LinkedIn User
outline:none;padding-left:10px">=C2=A0
dth=3D"1" style=3D"outline:none">=C2=A0
der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" width=
=3D"100%">
le role=3D"presentation" width=3D"512" cellspacing=3D"0" cellpadding=3D"0" =
border=3D"0" bgcolor=3D"#FFFFFF" style=3D"color:rgb(38,40,42);font-size:13p=
x;margin:0px auto;max-width:512px;width:inherit">
tline:none">
ellpadding=3D"0" border=3D"0">
20px 24px 10px">
0" cellpadding=3D"0" border=3D"0">
ing-bottom:20px">
;line-height:1.2">Dear User,
dding-bottom:20px">
6px">We're unable to rea=
ch you using your primary email. Please confirm if the email below is corre=
ct.
ottom:20px">
ht=3D"50" cellspacing=3D"0" cellpadding=3D"0" border=3D"0" style=3D"border-=
radius:23px;background-color:rgb(43,170,223)">
le" style=3D"font-family:Arial;outline:none;font-size:16px;padding:10px;tex=
t-align:center">
ref=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.yolasite.com/"=
style=3D"color:rgb(255,255,255);text-decoration-line:none;font-weight:bold=
;line-height:16px">Update.
tyle=3D"outline:none;padding-bottom:20px;text-align:justify">
=3D"arial, sans-serif">Please review the information associated with your a=
ccount. Remove any inactive information and add your new information. Your =
recommendation to Update your Account not to lead to loss of account.
>
style=3D"outline:none">
ing=3D"0" cellpadding=3D"0" border=3D"0" bgcolor=3D"#EDF0F3" align=3D"cente=
r" style=3D"background-color:rgb(237,240,243);padding:0px 24px;color:rgb(10=
6,108,109);text-align:center">
ine:none;padding:16px 0px 0px">=C2=A0
t>
th=3D"100%" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">
align=3D"center" style=3D"outline:none;padding:0px 0px 12px">
"arial, sans-serif">
" href=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.yolasite.co=
m/" style=3D"color:blue;display:inline-block">
ne-height:1.333">Unsubscribe=C2=A0=C2=A0|=C2=A0=C2=A0
llow noopener noreferrer" href=3D"https://linkedinrequestconfirmationr5357d=
jsfhjdgjdsgj.yolasite.com/" style=3D"color:blue;display:inline-block">
yle=3D"font-size:12px;line-height:1.333">Help
You are=
receiving LinkedIn notification emails.
enter" style=3D"outline:none;padding:0px 0px 12px">
s-serif">This email was intended for,
er" style=3D"outline:none;padding:0px 0px 8px">
noreferrer" href=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.y=
olasite.com/" style=3D"color:blue;font-family:arial,sans-serif;font-size:sm=
all;display:inline-block">Use=
r Only
align=3D"center" style=3D"outline:none;padding:0px 0px 12px">
=3D"presentation" width=3D"100%" cellspacing=3D"0" cellpadding=3D"0" border=
=3D"0">
x 12px;text-align:center">=C2=A9 2022 Link=
edIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2. Linke=
dIn is a registered business name of LinkedIn Ireland Unlimited Company. Li=
nkedIn and the LinkedIn logo are registered trademarks of LinkedIn.<=
/td>
x;text-align:center">
e>
able>
--000000000000ae005805e79bf509--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:36:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oTjPg-000289-8l
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:35:16 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:35:16 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pj1-f52.google.com ([209.85.216.52]:56005)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oTiWI-000LiY-8Z
for root@nk.ca;
Thu, 01 Sep 2022 05:38:07 -0600
Received: by mail-pj1-f52.google.com with SMTP id l5so12981648pjy.5
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date;
bh=6Ur8jH1nUXae41GG2SX6COUHW66OmD1tnsXxg8WmK4s=;
b=FfakMf06c2ns7gPsSLQswpMVH+snTlvlLxqnR1DhmLcg3u/Glxpjm94jZjgWtfdDhq
Qz+P+nTGd+2uQAtiheQkoccmD736tE0JEBGRSe8ebRAZrbnaXFEGkpaMUneFINk4pyVt
XyPSnFXtNaZaWVz2LWM3+9VwewhNpTPsajJTwNBajmjMycv/zyJLMFuwuB/VYnrVx+10
81YjMM3mCU6ZfYsL8OJb0W7tiCKNngpwFW6XvlZfMSgDY5A3piIuSML8Jnk0C1LiK0S3
aVrQnGxMJAL2nnkknZQ2SMHB3rndJP3EgelnuOqJDO2gOHb5zSGm3Eeko3nnvQvoFCcI
h8gg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date;
bh=6Ur8jH1nUXae41GG2SX6COUHW66OmD1tnsXxg8WmK4s=;
b=WoUglzZF3tio4jKHirhOoWpvhIzQRX4DodWvh2Ji9f+r3kc1uyeniLxhHYfplogGIL
cEl9nGbBbTQ9332D5QJ3oW+dkhlw8HkKT8WYs00hOkWiora9wtZSEGgzalnaFw36kK3T
+GPzhQFTYeNG8SpvDDcUsFtbPL07WqQazOSI+/fbLw68MOb4t3B+TtyM08CHBgAb7BEv
YGdbG+EnYjZDmTjhUgx/Xe7iX/GTSrjFKAt1La5Sxq2LbVvzVTyQsXSLMiTAPEz582Om
wOLEjJzA1ik00FDzoDjImYFkgEY9ic2bgGh2Bejz0t8RUcEw0hYoCo27pTGncdkpbR0W
I/dg==
X-Gm-Message-State: ACgBeo2Tz8vURvB8WZS581YyPKZKgQoklugwlZEPTDco30SEf/5LaFOX
WuRF8eEN1rLeUgFm/ulxPKOcKEXwPrX57YmYvsSEoBzh36aOz39g3TgOzQ==
X-Google-Smtp-Source: AA6agR5W3VWJk0jVOuLqORCEC9FW4G3JCHT/pwjbdoJ059fOrKerr6kYfmZlINmiz2gCld9ta0K8DrvoT+dprYShhYs=
X-Received: by 2002:a17:903:120c:b0:170:aa42:dbba with SMTP id
l12-20020a170903120c00b00170aa42dbbamr30877511plh.67.1662031911319; Thu, 01
Sep 2022 04:31:51 -0700 (PDT)
MIME-Version: 1.0
From: LinkedIn Update Reminder
Date: Thu, 1 Sep 2022 04:32:10 -0700
Message-ID:
Subject: LinkedIn Quick Mail Info
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="000000000000ae005805e79bf509"
Bcc: root@nk.ca
--000000000000ae005805e79bf509
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
[image: LinkedIn]
LinkedIn User
Dear User,
We're unable to reach you using your primary email. Please confirm if the
email below is correct.
Please Emails aren't getting through to one of your email addresses.
please Update or Confirm your email.
Update.
Please review the information associated with your account. Remove any
inactive information and add your new information. Your recommendation to
Update your Account not to lead to loss of account.
Unsubscribe
Help
>
You are receiving LinkedIn notification emails.
This email was intended for,
User Only
=C2=A9 2022 LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place,
Dublin 2. LinkedIn is a registered business name of LinkedIn Ireland
Unlimited Company. LinkedIn and the LinkedIn logo are registered trademarks
of LinkedIn.
--000000000000ae005805e79bf509
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
le=3D"presentation" width=3D"100%" style=3D"width:488px;min-width:100%">
ody>
=3D"nofollow noopener noreferrer" target=3D"_blank" href=3D"https://www.lin=
kedin.com/" style=3D"color:rgb(0,115,177);text-decoration-line:none;display=
:inline-block">
il?url=3Dhttps%3A%2F%2Fstatic.licdn.com%2Fsc%2Fp%2Fcom.linkedin.email-asset=
s-frontend%253Aemail-assets-frontend-static-content%252B__latest__%2Ff%2F%2=
52Femail-assets-frontend%252Fimages%252Femail%252Fphoenix%252Flogos%252Flog=
o_phoenix_header_blue_78x66_v1.png&t=3D1662028631&ymreqid=3Dde7e845=
d-f460-7e31-2f2c-5a000c011d00&sig=3DVib.qRDZD_DDiyPc01ZgDg--~D" style=
=3D"outline: currentcolor none medium; color: rgb(255, 255, 255); border-wi=
dth: 0px; border-style: solid; width: 40px; min-height: 34px; visibility: v=
isible;">
e=3D"outline:none">
role=3D"presentation" width=3D"100%">
=3D"middle" style=3D"outline:none;padding:0px 0px 0px 10px">
gin:0px">LinkedIn User
outline:none;padding-left:10px">=C2=A0
dth=3D"1" style=3D"outline:none">=C2=A0
der=3D"0" cellpadding=3D"0" cellspacing=3D"0" role=3D"presentation" width=
=3D"100%">
le role=3D"presentation" width=3D"512" cellspacing=3D"0" cellpadding=3D"0" =
border=3D"0" bgcolor=3D"#FFFFFF" style=3D"color:rgb(38,40,42);font-size:13p=
x;margin:0px auto;max-width:512px;width:inherit">
tline:none">
ellpadding=3D"0" border=3D"0">
20px 24px 10px">
0" cellpadding=3D"0" border=3D"0">
ing-bottom:20px">
;line-height:1.2">Dear User,
dding-bottom:20px">
6px">We're unable to rea=
ch you using your primary email. Please confirm if the email below is corre=
ct.
ottom:20px">
ont face=3D"arial, sans-serif" size=3D"2">Please=C2=A0Emails aren't =
getting through to one of your email addresses. please=C2=A0Update or Confi=
rm=C2=A0your email.
=C2=A0
ht=3D"50" cellspacing=3D"0" cellpadding=3D"0" border=3D"0" style=3D"border-=
radius:23px;background-color:rgb(43,170,223)">
le" style=3D"font-family:Arial;outline:none;font-size:16px;padding:10px;tex=
t-align:center">
ref=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.yolasite.com/"=
style=3D"color:rgb(255,255,255);text-decoration-line:none;font-weight:bold=
;line-height:16px">Update.
tyle=3D"outline:none;padding-bottom:20px;text-align:justify">
=3D"arial, sans-serif">Please review the information associated with your a=
ccount. Remove any inactive information and add your new information. Your =
recommendation to Update your Account not to lead to loss of account.
>
style=3D"outline:none">
ing=3D"0" cellpadding=3D"0" border=3D"0" bgcolor=3D"#EDF0F3" align=3D"cente=
r" style=3D"background-color:rgb(237,240,243);padding:0px 24px;color:rgb(10=
6,108,109);text-align:center">
ine:none;padding:16px 0px 0px">=C2=A0
t>
th=3D"100%" cellspacing=3D"0" cellpadding=3D"0" border=3D"0">
align=3D"center" style=3D"outline:none;padding:0px 0px 12px">
"arial, sans-serif">
" href=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.yolasite.co=
m/" style=3D"color:blue;display:inline-block">
ne-height:1.333">Unsubscribe=C2=A0=C2=A0|=C2=A0=C2=A0
llow noopener noreferrer" href=3D"https://linkedinrequestconfirmationr5357d=
jsfhjdgjdsgj.yolasite.com/" style=3D"color:blue;display:inline-block">
yle=3D"font-size:12px;line-height:1.333">Help
You are=
receiving LinkedIn notification emails.
enter" style=3D"outline:none;padding:0px 0px 12px">
s-serif">This email was intended for,
er" style=3D"outline:none;padding:0px 0px 8px">
noreferrer" href=3D"https://linkedinrequestconfirmationr5357djsfhjdgjdsgj.y=
olasite.com/" style=3D"color:blue;font-family:arial,sans-serif;font-size:sm=
all;display:inline-block">Use=
r Only
align=3D"center" style=3D"outline:none;padding:0px 0px 12px">
=3D"presentation" width=3D"100%" cellspacing=3D"0" cellpadding=3D"0" border=
=3D"0">
x 12px;text-align:center">=C2=A9 2022 Link=
edIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2. Linke=
dIn is a registered business name of LinkedIn Ireland Unlimited Company. Li=
nkedIn and the LinkedIn logo are registered trademarks of LinkedIn.<=
/td>
x;text-align:center">
e>
able>
--000000000000ae005805e79bf509--
Investment spam from Google
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:33:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTjNG-0001ue-UQ
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:32:46 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:32:46 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-psaapc01rlhn2153.outbound.protection.outlook.com ([40.95.53.153]:44096 helo=APC01-PSA-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTeBE-000Kxf-I7
for doctor@nl2k.ab.ca;
Thu, 01 Sep 2022 01:00:08 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=BzJb+0P4FxC49+IqPGrV+XAIJ+fyCSlHeR0DsiYLJnECpZcsseLz8cF2qwqgBHkPdEFQazKD/84FjBx9f3VrHhWVXELYFeusIZ2JRWfHnShWIqmZpWlMv+vUyNXv9x7G1k9GGSYkPUvVzCf7NXYoNo+G7oTyoWtRL6WuFY8sf8ZlYPAUo8oJzJUeaki16M+AfNk+5DuCbfp87ynwwBt9GiHiMqP6pSdP72/kG8dNgfubACa3zm42X6Jo6msheFrOLg/Xj0bwKWBa/XnTq04FwiPI7F4VDg0Lb2Fsj1i7AXzAL7l4zDWMGoeuVBKNXiNW0js6SYtP9kVcg/aDhqvMyg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=UKccRC3qAj4v8LOOtmTeZ1hpqMwXKtXjTYRHVNuneIk=;
b=dSksMPTHAXaXw+XmGLbPrWn54lOS09Dtl7oSGTuy3FAG1TYadfzCyeSezFjur1m2M2TOF2He4omfI5EcvxPh2CQdaZaQpowM/HNgDtutVu1cArBafkADdBJYjWQJeO64XKcauv4RO5Ba36BRW8cl1Ckmxg8bolHm/Dpk17y7H6vu0UCEqwLcLTyWHKBi6LFwgCy5/Qiluc2SEONovZngDPqnCJRCWDFk8Oqk8dNCmlCiC0SnTQkQGEdEXsBMMFI+H8ZOuTllhhTNwTKLgAm9dcByNfmCaZ/W8kZ625YiyMf7fglTDouoHhbyaeaazDOHdQj4qiDGU0uGp2+AjStd0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip
is 171.22.30.52) smtp.rcpttodomain=bosheng.net smtp.mailfrom=bright-ed.com;
dmarc=none action=none header.from=bright-ed.com; dkim=none (message not
signed); arc=none (0)
Received: from TYCPR01CA0042.jpnprd01.prod.outlook.com (2603:1096:405:1::30)
by PSAPR04MB4486.apcprd04.prod.outlook.com (2603:1096:301:76::10) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15; Thu, 1 Sep
2022 06:59:35 +0000
Received: from TYZAPC01FT046.eop-APC01.prod.protection.outlook.com
(2603:1096:405:1:cafe::89) by TYCPR01CA0042.outlook.office365.com
(2603:1096:405:1::30) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5588.10 via Frontend
Transport; Thu, 1 Sep 2022 06:59:34 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 171.22.30.52)
smtp.mailfrom=bright-ed.com; dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=bright-ed.com;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning
bright-ed.com discourages use of 171.22.30.52 as permitted sender)
Received: from mail.prasarana.com.my (58.26.8.158) by
TYZAPC01FT046.mail.protection.outlook.com (10.118.152.137) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.20.5588.10 via Frontend Transport; Thu, 1 Sep 2022 06:59:34 +0000
Received: from MRL-EXH-02.prasarana.com.my (10.128.66.101) by
MRL-EXH-01.prasarana.com.my (10.128.66.100) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2176.14; Thu, 1 Sep 2022 14:58:58 +0800
Received: from User (171.22.30.52) by MRL-EXH-02.prasarana.com.my
(10.128.66.101) with Microsoft SMTP Server id 15.1.2176.14 via Frontend
Transport; Thu, 1 Sep 2022 14:58:36 +0800
Reply-To:
From: Mr.Mohammed Saeed
Subject: Re.YOUR LOAN
Date: Wed, 31 Aug 2022 23:58:56 -0700
MIME-Version: 1.0
Content-Type: text/html; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <91400ad0-4a16-47c6-b128-99ad100045f9@MRL-EXH-02.prasarana.com.my>
To: Undisclosed recipients:;
X-EOPAttributedMessage: 0
X-MS-Exchange-SkipListedInternetSender: ip=[171.22.30.52];domain=User
X-MS-Exchange-ExternalOriginalInternetSender: ip=[171.22.30.52];domain=User
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 0d57da69-51fd-4669-3aac-08da8be786ef
X-MS-TrafficTypeDiagnostic: PSAPR04MB4486:EE_
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-SenderADCheck: 2
X-MS-Exchange-AntiSpam-Relay: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
=?windows-1251?Q?xWhFZUZupTF6IdBjisK9D2l+yzkb4ZYQEuBFEN6BweNZHysDwwiXT5YK?=
=?windows-1251?Q?6hfNNU5Id+QCxCqTPkgQLg5Gn9nMVNk6Woe5AG/RXyl/iVjU+iGHQtTB?=
=?windows-1251?Q?enoVq0/XdqB0QBnfHaRJ7Uln084RVgXTlUhbwjSiDBMeITeHXToccq1I?=
=?windows-1251?Q?jUz0gXAIOuMIuUhg2xEF3D826MiGU/dh4V1rDIQ0xQ0p+U0k67j7fNJY?=
=?windows-1251?Q?f5PWUMOSEOPLKIrGFdqwSW8yQLlAV6UOfxQOWNJJGH7sf1jxL0k0lErm?=
=?windows-1251?Q?M6rzzRfeoQXPv9IrkcbAPMyJ5AWy129TQg354PIsCwZVlE1kJLZzatSn?=
=?windows-1251?Q?jxGLV20EkZ4NIJtmYUxmhULN2KK1BiNfR94kXObPDI9VJyWieMez4Trn?=
=?windows-1251?Q?90FKzoiE8XgZySLfZz46R/fmmftTFFlIkr+KQ5vVqFy6zisMSlkzPkJ8?=
=?windows-1251?Q?/Yq/ZT3humBbLI/Z2o1Asuw4F6+k45hHII1FxNJxOaQvw51zCM6h62zm?=
=?windows-1251?Q?EXEuJrsEopi+zW4JBAHuhIcsdvRkceo87Es0Shqp9Og8PJ0zrNLaWue8?=
=?windows-1251?Q?VUJOS3gb2I4G/UuC85uuBW/x8MKuP2aONgPG8+4jslCEkLNLFm9XYT/N?=
=?windows-1251?Q?CeE9H1sVD66wHls1UYoqbnyVYlLqm4NS0UdIpQFT2beIJECLX99o/Z16?=
=?windows-1251?Q?asq5Pe/ZRC6oFsRNaCdAkx1mjxrjmRI06b1m///gEBFzLme94eh6offp?=
=?windows-1251?Q?W5lGhMKFix7w/m/eotfyvSI9FQWoii3ZhoUmJYjteltTim++zbeZg8o9?=
=?windows-1251?Q?o2MmP0ZbnMhQUL2nsOJIJUc8juPNMw4YIU834monPUw7UEBOGKYYV7hA?=
=?windows-1251?Q?txyMSH2PA8Q6Ni91frqvi5JDYsE5neoHMI/lnSk7YNRTIB2rdGb39k6x?=
=?windows-1251?Q?IjoNJUmylE5ggQeYWFsswrycRU9/QNuEL/VU1RX3xoHrbGvKSyXdCgaD?=
=?windows-1251?Q?g0lqnAkajtbfbimIIQM1dEoOjGNlQmW+frjmSI5WCjEnJH9KglELOB/E?=
=?windows-1251?Q?Kj1Hse0wSBrc/yuwyKSc8dPY7VinjM1BT/w+7+34bPGbGNCoVuRumgQs?=
=?windows-1251?Q?ys7L9wJmo2xn1sC1qn7fWa4wPOZghJ8Cj92v9ubIxE96qwjvoJ+hCIoH?=
=?windows-1251?Q?rH8jeilcHrPODgCh3KDy97F4BKU75FtyqGY7nTjp70WJg48MSi+SaS6a?=
=?windows-1251?Q?w/82u7ps9ckaAsrsmxBDsLIOse4PNxUQbruVI9uEmJ+wvgWqReM8MLGh?=
=?windows-1251?Q?vNjt6Tlos2QOPCJRdOH/UB+EzffEv7tT6ubutihpsslsy6bh?=
X-Forefront-Antispam-Report:
CIP:58.26.8.158;CTRY:US;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:User;PTR:InfoDomainNonexistent;CAT:OSPM;SFS:(13230016)(4636009)(136003)(376002)(396003)(39860400002)(346002)(40470700004)(336012)(2906002)(4744005)(82310400005)(40480700001)(5660300002)(8676002)(26005)(36906005)(7406005)(70586007)(2860700004)(316002)(70206006)(8936002)(6666004)(7366002)(498600001)(9686003)(41300700001)(109986005)(31686004)(32850700003)(7416002)(32650700002)(3480700007)(956004)(83380400001)(35950700001)(40460700003)(31696002)(156005)(86362001)(82740400003)(81166007)(2700400008);DIR:OUT;SFP:1023;
X-OriginatorOrg: myprasarana.onmicrosoft.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Sep 2022 06:59:34.2159
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 0d57da69-51fd-4669-3aac-08da8be786ef
X-MS-Exchange-CrossTenant-Id: 3cbb2ff2-27fb-4993-aecf-bf16995e64c0
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3cbb2ff2-27fb-4993-aecf-bf16995e64c0;Ip=[58.26.8.158];Helo=[mail.prasarana.com.my]
X-MS-Exchange-CrossTenant-AuthSource:
TYZAPC01FT046.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PSAPR04MB4486
X-Spam_score: 18.2
X-Spam_score_int: 182
X-Spam_bar: ++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Dear Sir, We invite all interested project owners and investors
to our project financing programme. We are ready to fund projects in the
form of Loan or debt finance.
Content analysis details: (18.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 AXB_X_FF_SEZ_S Forefront sez this is spam
0.0 NSL_RCVD_FROM_USER Received from User
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit
[mrmohammedsaeed5[at]gmail.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
[40.95.53.153 listed in bl.score.senderscore.com]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[40.95.53.153 listed in psbl.surriel.com]
0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=APC01-PSA-obe.outbound.protection.outlook.com;ip=40.95.53.153;r=doctor.nl2k.ab.ca]
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.6 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 HK_NAME_MR_MRS No description available.
2.0 PDS_HELO_SPF_FAIL High profile HELO that fails SPF
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS
2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
Subject: {SPAM?} Re.YOUR LOAN
Dear Sir,
We invite all interested project owners and investors to our project financing programme.
We are ready to fund projects in the form of Loan or debt finance.
We grant loan to both Corporate and private entities at a low interest rate of 2.5% ROI per annum.
The terms are very flexible and interesting.
Kindly revert back if you have projects that needs funding for further discussion and negotiation.
Regards,
Mr.Mohammed Saeed
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 01 Sep 2022 06:33:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oTjNG-0001ue-UQ
for dave@doctor.nl2k.ab.ca;
Thu, 01 Sep 2022 06:32:46 -0600
Resent-From: The Doctor
Resent-Date: Thu, 1 Sep 2022 06:32:46 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-psaapc01rlhn2153.outbound.protection.outlook.com ([40.95.53.153]:44096 helo=APC01-PSA-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oTeBE-000Kxf-I7
for doctor@nl2k.ab.ca;
Thu, 01 Sep 2022 01:00:08 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=BzJb+0P4FxC49+IqPGrV+XAIJ+fyCSlHeR0DsiYLJnECpZcsseLz8cF2qwqgBHkPdEFQazKD/84FjBx9f3VrHhWVXELYFeusIZ2JRWfHnShWIqmZpWlMv+vUyNXv9x7G1k9GGSYkPUvVzCf7NXYoNo+G7oTyoWtRL6WuFY8sf8ZlYPAUo8oJzJUeaki16M+AfNk+5DuCbfp87ynwwBt9GiHiMqP6pSdP72/kG8dNgfubACa3zm42X6Jo6msheFrOLg/Xj0bwKWBa/XnTq04FwiPI7F4VDg0Lb2Fsj1i7AXzAL7l4zDWMGoeuVBKNXiNW0js6SYtP9kVcg/aDhqvMyg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=UKccRC3qAj4v8LOOtmTeZ1hpqMwXKtXjTYRHVNuneIk=;
b=dSksMPTHAXaXw+XmGLbPrWn54lOS09Dtl7oSGTuy3FAG1TYadfzCyeSezFjur1m2M2TOF2He4omfI5EcvxPh2CQdaZaQpowM/HNgDtutVu1cArBafkADdBJYjWQJeO64XKcauv4RO5Ba36BRW8cl1Ckmxg8bolHm/Dpk17y7H6vu0UCEqwLcLTyWHKBi6LFwgCy5/Qiluc2SEONovZngDPqnCJRCWDFk8Oqk8dNCmlCiC0SnTQkQGEdEXsBMMFI+H8ZOuTllhhTNwTKLgAm9dcByNfmCaZ/W8kZ625YiyMf7fglTDouoHhbyaeaazDOHdQj4qiDGU0uGp2+AjStd0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=softfail (sender ip
is 171.22.30.52) smtp.rcpttodomain=bosheng.net smtp.mailfrom=bright-ed.com;
dmarc=none action=none header.from=bright-ed.com; dkim=none (message not
signed); arc=none (0)
Received: from TYCPR01CA0042.jpnprd01.prod.outlook.com (2603:1096:405:1::30)
by PSAPR04MB4486.apcprd04.prod.outlook.com (2603:1096:301:76::10) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5566.15; Thu, 1 Sep
2022 06:59:35 +0000
Received: from TYZAPC01FT046.eop-APC01.prod.protection.outlook.com
(2603:1096:405:1:cafe::89) by TYCPR01CA0042.outlook.office365.com
(2603:1096:405:1::30) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5588.10 via Frontend
Transport; Thu, 1 Sep 2022 06:59:34 +0000
X-MS-Exchange-Authentication-Results: spf=softfail (sender IP is 171.22.30.52)
smtp.mailfrom=bright-ed.com; dkim=none (message not signed)
header.d=none;dmarc=none action=none header.from=bright-ed.com;
Received-SPF: SoftFail (protection.outlook.com: domain of transitioning
bright-ed.com discourages use of 171.22.30.52 as permitted sender)
Received: from mail.prasarana.com.my (58.26.8.158) by
TYZAPC01FT046.mail.protection.outlook.com (10.118.152.137) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.20.5588.10 via Frontend Transport; Thu, 1 Sep 2022 06:59:34 +0000
Received: from MRL-EXH-02.prasarana.com.my (10.128.66.101) by
MRL-EXH-01.prasarana.com.my (10.128.66.100) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2176.14; Thu, 1 Sep 2022 14:58:58 +0800
Received: from User (171.22.30.52) by MRL-EXH-02.prasarana.com.my
(10.128.66.101) with Microsoft SMTP Server id 15.1.2176.14 via Frontend
Transport; Thu, 1 Sep 2022 14:58:36 +0800
Reply-To:
From: Mr.Mohammed Saeed
Subject: Re.YOUR LOAN
Date: Wed, 31 Aug 2022 23:58:56 -0700
MIME-Version: 1.0
Content-Type: text/html; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-ID: <91400ad0-4a16-47c6-b128-99ad100045f9@MRL-EXH-02.prasarana.com.my>
To: Undisclosed recipients:;
X-EOPAttributedMessage: 0
X-MS-Exchange-SkipListedInternetSender: ip=[171.22.30.52];domain=User
X-MS-Exchange-ExternalOriginalInternetSender: ip=[171.22.30.52];domain=User
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 0d57da69-51fd-4669-3aac-08da8be786ef
X-MS-TrafficTypeDiagnostic: PSAPR04MB4486:EE_
X-MS-Exchange-AtpMessageProperties: SA|SL
X-MS-Exchange-SenderADCheck: 2
X-MS-Exchange-AntiSpam-Relay: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
=?windows-1251?Q?xWhFZUZupTF6IdBjisK9D2l+yzkb4ZYQEuBFEN6BweNZHysDwwiXT5YK?=
=?windows-1251?Q?6hfNNU5Id+QCxCqTPkgQLg5Gn9nMVNk6Woe5AG/RXyl/iVjU+iGHQtTB?=
=?windows-1251?Q?enoVq0/XdqB0QBnfHaRJ7Uln084RVgXTlUhbwjSiDBMeITeHXToccq1I?=
=?windows-1251?Q?jUz0gXAIOuMIuUhg2xEF3D826MiGU/dh4V1rDIQ0xQ0p+U0k67j7fNJY?=
=?windows-1251?Q?f5PWUMOSEOPLKIrGFdqwSW8yQLlAV6UOfxQOWNJJGH7sf1jxL0k0lErm?=
=?windows-1251?Q?M6rzzRfeoQXPv9IrkcbAPMyJ5AWy129TQg354PIsCwZVlE1kJLZzatSn?=
=?windows-1251?Q?jxGLV20EkZ4NIJtmYUxmhULN2KK1BiNfR94kXObPDI9VJyWieMez4Trn?=
=?windows-1251?Q?90FKzoiE8XgZySLfZz46R/fmmftTFFlIkr+KQ5vVqFy6zisMSlkzPkJ8?=
=?windows-1251?Q?/Yq/ZT3humBbLI/Z2o1Asuw4F6+k45hHII1FxNJxOaQvw51zCM6h62zm?=
=?windows-1251?Q?EXEuJrsEopi+zW4JBAHuhIcsdvRkceo87Es0Shqp9Og8PJ0zrNLaWue8?=
=?windows-1251?Q?VUJOS3gb2I4G/UuC85uuBW/x8MKuP2aONgPG8+4jslCEkLNLFm9XYT/N?=
=?windows-1251?Q?CeE9H1sVD66wHls1UYoqbnyVYlLqm4NS0UdIpQFT2beIJECLX99o/Z16?=
=?windows-1251?Q?asq5Pe/ZRC6oFsRNaCdAkx1mjxrjmRI06b1m///gEBFzLme94eh6offp?=
=?windows-1251?Q?W5lGhMKFix7w/m/eotfyvSI9FQWoii3ZhoUmJYjteltTim++zbeZg8o9?=
=?windows-1251?Q?o2MmP0ZbnMhQUL2nsOJIJUc8juPNMw4YIU834monPUw7UEBOGKYYV7hA?=
=?windows-1251?Q?txyMSH2PA8Q6Ni91frqvi5JDYsE5neoHMI/lnSk7YNRTIB2rdGb39k6x?=
=?windows-1251?Q?IjoNJUmylE5ggQeYWFsswrycRU9/QNuEL/VU1RX3xoHrbGvKSyXdCgaD?=
=?windows-1251?Q?g0lqnAkajtbfbimIIQM1dEoOjGNlQmW+frjmSI5WCjEnJH9KglELOB/E?=
=?windows-1251?Q?Kj1Hse0wSBrc/yuwyKSc8dPY7VinjM1BT/w+7+34bPGbGNCoVuRumgQs?=
=?windows-1251?Q?ys7L9wJmo2xn1sC1qn7fWa4wPOZghJ8Cj92v9ubIxE96qwjvoJ+hCIoH?=
=?windows-1251?Q?rH8jeilcHrPODgCh3KDy97F4BKU75FtyqGY7nTjp70WJg48MSi+SaS6a?=
=?windows-1251?Q?w/82u7ps9ckaAsrsmxBDsLIOse4PNxUQbruVI9uEmJ+wvgWqReM8MLGh?=
=?windows-1251?Q?vNjt6Tlos2QOPCJRdOH/UB+EzffEv7tT6ubutihpsslsy6bh?=
X-Forefront-Antispam-Report:
CIP:58.26.8.158;CTRY:US;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:User;PTR:InfoDomainNonexistent;CAT:OSPM;SFS:(13230016)(4636009)(136003)(376002)(396003)(39860400002)(346002)(40470700004)(336012)(2906002)(4744005)(82310400005)(40480700001)(5660300002)(8676002)(26005)(36906005)(7406005)(70586007)(2860700004)(316002)(70206006)(8936002)(6666004)(7366002)(498600001)(9686003)(41300700001)(109986005)(31686004)(32850700003)(7416002)(32650700002)(3480700007)(956004)(83380400001)(35950700001)(40460700003)(31696002)(156005)(86362001)(82740400003)(81166007)(2700400008);DIR:OUT;SFP:1023;
X-OriginatorOrg: myprasarana.onmicrosoft.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Sep 2022 06:59:34.2159
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 0d57da69-51fd-4669-3aac-08da8be786ef
X-MS-Exchange-CrossTenant-Id: 3cbb2ff2-27fb-4993-aecf-bf16995e64c0
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3cbb2ff2-27fb-4993-aecf-bf16995e64c0;Ip=[58.26.8.158];Helo=[mail.prasarana.com.my]
X-MS-Exchange-CrossTenant-AuthSource:
TYZAPC01FT046.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PSAPR04MB4486
X-Spam_score: 18.2
X-Spam_score_int: 182
X-Spam_bar: ++++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Dear Sir, We invite all interested project owners and investors
to our project financing programme. We are ready to fund projects in the
form of Loan or debt finance.
Content analysis details: (18.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 AXB_X_FF_SEZ_S Forefront sez this is spam
0.0 NSL_RCVD_FROM_USER Received from User
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit
[mrmohammedsaeed5[at]gmail.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
[40.95.53.153 listed in bl.score.senderscore.com]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[40.95.53.153 listed in psbl.surriel.com]
0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=APC01-PSA-obe.outbound.protection.outlook.com;ip=40.95.53.153;r=doctor.nl2k.ab.ca]
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.6 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 HK_NAME_MR_MRS No description available.
2.0 PDS_HELO_SPF_FAIL High profile HELO that fails SPF
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS
2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
Subject: {SPAM?} Re.YOUR LOAN
Dear Sir,
We invite all interested project owners and investors to our project financing programme.
We are ready to fund projects in the form of Loan or debt finance.
We grant loan to both Corporate and private entities at a low interest rate of 2.5% ROI per annum.
The terms are very flexible and interesting.
Kindly revert back if you have projects that needs funding for further discussion and negotiation.
Regards,
Mr.Mohammed Saeed
Business proposal spam from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 31 Aug 2022 14:58:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTUmN-0008kz-I4
for dave@doctor.nl2k.ab.ca;
Wed, 31 Aug 2022 14:57:43 -0600
Resent-From: The Doctor
Resent-Date: Wed, 31 Aug 2022 14:57:43 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-oa1-f53.google.com ([209.85.160.53]:41547)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oTUlM-0008Y2-RQ
for doctor@doctor.nl2k.ab.ca;
Wed, 31 Aug 2022 14:56:44 -0600
Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-12243fcaa67so4412403fac.8
for; Wed, 31 Aug 2022 13:56:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date;
bh=fI8FVxk8qFBjRisSy+R5dbptBQHa/0ksyQMmVsF1ZSQ=;
b=d+UdpGXu1h5+HYlqggPapg6/Xk2sUoca1+aiRZAz69AQCSahn3CmMmpV/cipGqd5OU
PQuycId6Fpf99nnpcheHjVBc518y2G9nNf+PezVf6j9n+XABdXotOek8Gs/EKe4VnKaT
kV2irhZCbL+DGyXl1qBHj5HCV9eBBY+XAGV0KQ21Ny5oH56qPWa5KK+hgNd15Nw8J/3N
BARuO8p4Nt7gKdmERT+261V/GVrfH/GkEYpaQoMbWstX8DLSoxeTYjendhrjKRiS2vDy
+uNVilI/1z9Jb9HfG2s6p3uJcUfBd6ZcyXLt/102mALBViFBNzhIg/MT40BPhDXXqYxm
R54g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date;
bh=fI8FVxk8qFBjRisSy+R5dbptBQHa/0ksyQMmVsF1ZSQ=;
b=g2JTDdbZ7R+/ZN9UwA5wwSpm30EpW2NDPvM371aqiyBJG0lY03Zn4J1ZkZVGSUYJyz
B0D1EmiSnIiMJRYLRHW+uHGZp40zhoplHSWRklrHBBVtvT4R+h5XIV9jtLDkokeJLU1y
pTwxHhX5Z+7/nrNgo7W/GaE4Fxs1D+R+S1eAZ5WxFeunYcpOqZ9A3zb1EZE57Zj/xgEe
MTEABiwy2uCtZ5thkQK2tC4ALIMCceudn+TY0MVU/xXZ2CBjIyrsDDuyfKy0dcFhns8o
l0H/egvkexKO+ZmhIQfp3b22RKKvsYrydPOo7BT0YsT93xH7iUk8ji1eJ6Z//ZX9cUQP
1QcQ==
X-Gm-Message-State: ACgBeo0T24H+ljaoCjsSyd2mXeH1d6gD/cluFWuSkIKI1Ku/7IUZ7PZQ
LLkbpwgywuSbS9r5Zfsuy1J4s/yV78TgjauNtbU=
X-Google-Smtp-Source: AA6agR4O3U/oUFJctmACjeyywaDr3BVj6ID4CaWHyLkuZKWOUrOHe3BQL4sXKOXkIj1Kug/WJpyuoT0ZqWH4nmXy7Mk=
X-Received: by 2002:a05:6870:f152:b0:11e:7366:4a28 with SMTP id
l18-20020a056870f15200b0011e73664a28mr2412481oac.170.1661979373647; Wed, 31
Aug 2022 13:56:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:6838:3da6:0:0:0:0 with HTTP; Wed, 31 Aug 2022 13:56:13
-0700 (PDT)
Reply-To: tonybanneth@gmail.com
From: "Mr. Tony Banneth"
Date: Wed, 31 Aug 2022 13:56:13 -0700
Message-ID:
Subject: hello
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 16.7
X-Spam_score_int: 167
X-Spam_bar: ++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: DEAR FRIEND I am(Mr.Tony Banneth),With the business proposal
deal of US(US$10.5 million) to transfer into your account, if you are interested
get back to me for more detail at my E-Your Urgent,my private Email Address,(
tonybanneth@gmail.com )
Content analysis details: (16.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[ptishamichael[at]gmail.com]
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.160.53 listed in wl.mailspike.net]
-0.0 SPF_PASS SPF: sender matches SPF record
2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 LOTS_OF_MONEY Huge... sums of money
1.5 HK_NAME_FM_MR_MRS No description available.
0.0 T_HK_NAME_FM_MR_MRS No description available.
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
3.2 UNDISC_FREEM Undisclosed recipients + freemail reply-to
2.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free
email?
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form
1.5 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} hello
DEAR FRIEND
I am(Mr.Tony Banneth),With the business proposal deal of US(US$10.5
million) to transfer into your account, if you are interested get back
to me for more detail at my E-Your
Urgent,my private Email Address,( tonybanneth@gmail.com )
Thanks with my Best Regards
Thanks
Mr.Tony Banneth
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 31 Aug 2022 14:58:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oTUmN-0008kz-I4
for dave@doctor.nl2k.ab.ca;
Wed, 31 Aug 2022 14:57:43 -0600
Resent-From: The Doctor
Resent-Date: Wed, 31 Aug 2022 14:57:43 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-oa1-f53.google.com ([209.85.160.53]:41547)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oTUlM-0008Y2-RQ
for doctor@doctor.nl2k.ab.ca;
Wed, 31 Aug 2022 14:56:44 -0600
Received: by mail-oa1-f53.google.com with SMTP id 586e51a60fabf-12243fcaa67so4412403fac.8
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date;
bh=fI8FVxk8qFBjRisSy+R5dbptBQHa/0ksyQMmVsF1ZSQ=;
b=d+UdpGXu1h5+HYlqggPapg6/Xk2sUoca1+aiRZAz69AQCSahn3CmMmpV/cipGqd5OU
PQuycId6Fpf99nnpcheHjVBc518y2G9nNf+PezVf6j9n+XABdXotOek8Gs/EKe4VnKaT
kV2irhZCbL+DGyXl1qBHj5HCV9eBBY+XAGV0KQ21Ny5oH56qPWa5KK+hgNd15Nw8J/3N
BARuO8p4Nt7gKdmERT+261V/GVrfH/GkEYpaQoMbWstX8DLSoxeTYjendhrjKRiS2vDy
+uNVilI/1z9Jb9HfG2s6p3uJcUfBd6ZcyXLt/102mALBViFBNzhIg/MT40BPhDXXqYxm
R54g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date;
bh=fI8FVxk8qFBjRisSy+R5dbptBQHa/0ksyQMmVsF1ZSQ=;
b=g2JTDdbZ7R+/ZN9UwA5wwSpm30EpW2NDPvM371aqiyBJG0lY03Zn4J1ZkZVGSUYJyz
B0D1EmiSnIiMJRYLRHW+uHGZp40zhoplHSWRklrHBBVtvT4R+h5XIV9jtLDkokeJLU1y
pTwxHhX5Z+7/nrNgo7W/GaE4Fxs1D+R+S1eAZ5WxFeunYcpOqZ9A3zb1EZE57Zj/xgEe
MTEABiwy2uCtZ5thkQK2tC4ALIMCceudn+TY0MVU/xXZ2CBjIyrsDDuyfKy0dcFhns8o
l0H/egvkexKO+ZmhIQfp3b22RKKvsYrydPOo7BT0YsT93xH7iUk8ji1eJ6Z//ZX9cUQP
1QcQ==
X-Gm-Message-State: ACgBeo0T24H+ljaoCjsSyd2mXeH1d6gD/cluFWuSkIKI1Ku/7IUZ7PZQ
LLkbpwgywuSbS9r5Zfsuy1J4s/yV78TgjauNtbU=
X-Google-Smtp-Source: AA6agR4O3U/oUFJctmACjeyywaDr3BVj6ID4CaWHyLkuZKWOUrOHe3BQL4sXKOXkIj1Kug/WJpyuoT0ZqWH4nmXy7Mk=
X-Received: by 2002:a05:6870:f152:b0:11e:7366:4a28 with SMTP id
l18-20020a056870f15200b0011e73664a28mr2412481oac.170.1661979373647; Wed, 31
Aug 2022 13:56:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:6838:3da6:0:0:0:0 with HTTP; Wed, 31 Aug 2022 13:56:13
-0700 (PDT)
Reply-To: tonybanneth@gmail.com
From: "Mr. Tony Banneth"
Date: Wed, 31 Aug 2022 13:56:13 -0700
Message-ID:
Subject: hello
To: undisclosed-recipients:;
Content-Type: text/plain; charset="UTF-8"
Bcc: doctor@doctor.nl2k.ab.ca
X-Spam_score: 16.7
X-Spam_score_int: 167
X-Spam_bar: ++++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: DEAR FRIEND I am(Mr.Tony Banneth),With the business proposal
deal of US(US$10.5 million) to transfer into your account, if you are interested
get back to me for more detail at my E-Your Urgent,my private Email Address,(
tonybanneth@gmail.com )
Content analysis details: (16.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[ptishamichael[at]gmail.com]
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.160.53 listed in wl.mailspike.net]
-0.0 SPF_PASS SPF: sender matches SPF record
2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 LOTS_OF_MONEY Huge... sums of money
1.5 HK_NAME_FM_MR_MRS No description available.
0.0 T_HK_NAME_FM_MR_MRS No description available.
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain
different freemails
3.2 UNDISC_FREEM Undisclosed recipients + freemail reply-to
2.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free
email?
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form
1.5 UNDISC_MONEY Undisclosed recipients + money/fraud signs
3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} hello
DEAR FRIEND
I am(Mr.Tony Banneth),With the business proposal deal of US(US$10.5
million) to transfer into your account, if you are interested get back
to me for more detail at my E-Your
Urgent,my private Email Address,( tonybanneth@gmail.com )
Thanks with my Best Regards
Thanks
Mr.Tony Banneth