Chinese products spam from Outlook
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 11 Jul 2022 07:43:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oAtg0-000NqW-9W
for dave@doctor.nl2k.ab.ca;
Mon, 11 Jul 2022 07:42:16 -0600
Resent-From: The Doctor
Resent-Date: Mon, 11 Jul 2022 07:42:16 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from [113.111.143.119] (port=53813 helo=psychtech-co-il.mail.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oAqwt-000Gt2-Hk
for root@nk.ca;
Mon, 11 Jul 2022 04:47:38 -0600
Date: Mon, 11 Jul 2022 18:47:08 +0800 (CST)
From: ivyapex
Sender: bihdeiurg
To: root
Message-ID: <365119617.1858715.1657536428548@psychtech-co-il.mail.protection.outlook.com>
Subject: RE: Do you still remember ?
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.7
X-Spam_score_int: 57
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hey A good weekend always leaves you with happiness deep inside
your heart…. Have a lovely weekend that brings you peace.
Content analysis details: (5.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror)
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=bihdeiurg%40maxxel.sk;ip=113.111.143.119;r=doctor.nl2k.ab.ca]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[ivyapex[at]163.com]
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
different
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML
tag
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
1.5 SPOOFED_FREEMAIL No description available.
Subject: {SPAM?} RE: Do you still remember ?
px;">
margin-top: 2px; margin-bottom: 2px;">
margin-bottom: 2px;">-----------------------------------------------------=
-----------------------------------
rgin-bottom: 2px; white-space: normal;">
=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=96=B6 pro=
ducts we supply in China
om: 2px; white-space: normal;">
=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85phone case &a=
mp; tablet
-space: normal;">
=BB=91, "Microsoft YaHei";">=E2=9C=85earpphone & Headset
n>
">
icrosoft YaHei";">=E2=9C=85wireless speaker
in-top: 2px; margin-bottom: 2px; white-space: normal;">
family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";"=
>=E2=9C=85web camera
2px; white-space: normal;">
=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Smart Watch &=
; Bracelet
-space: normal;">
=BB=91, "Microsoft YaHei";">=E2=9C=85watch & airpods accessor=
ies
normal;">
"Microsoft YaHei";">=E2=9C=85Audio & Video Cables /adapters<=
/span>
mal;">
ot;Microsoft YaHei";">=E2=9C=85Power bank
-top: 2px; margin-bottom: 2px; white-space: normal;">
mily: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=
=E2=9C=85tablet pc
x; white-space: normal;">
=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85car charger& &n=
bsp;holder stand
white-space: normal;">
=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Drones
yle=3D"margin-top: 2px; margin-bottom: 2px; white-space: normal;">
le=3D"font-family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft Ya=
Hei";">=E2=9C=85USB Reader
; margin-bottom: 2px; white-space: normal;">
=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85N=
etworking & Communications
n-bottom: 2px; white-space: normal;">
=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Drop Sh=
ipping/ warehouseing service /quality control service/Shipping
style=3D"margin-top: 2px; margin-bottom: 2px; white-space: normal;">
style=3D"font-family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft=
YaHei";">=E2=9C=85others
n-bottom: 2px; white-space: normal;">
margin-bottom: 2px; white-space: normal;">
=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">you can Em=
aill Back to me to have a talk if you have interests .
=3D"margin-top: 2px; margin-bottom: 2px;">
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 11 Jul 2022 07:43:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oAtg0-000NqW-9W
for dave@doctor.nl2k.ab.ca;
Mon, 11 Jul 2022 07:42:16 -0600
Resent-From: The Doctor
Resent-Date: Mon, 11 Jul 2022 07:42:16 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from [113.111.143.119] (port=53813 helo=psychtech-co-il.mail.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtp (Exim 4.95 (FreeBSD))
(envelope-from
id 1oAqwt-000Gt2-Hk
for root@nk.ca;
Mon, 11 Jul 2022 04:47:38 -0600
Date: Mon, 11 Jul 2022 18:47:08 +0800 (CST)
From: ivyapex
Sender: bihdeiurg
To: root
Message-ID: <365119617.1858715.1657536428548@psychtech-co-il.mail.protection.outlook.com>
Subject: RE: Do you still remember ?
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.7
X-Spam_score_int: 57
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hey A good weekend always leaves you with happiness deep inside
your heart…. Have a lovely weekend that brings you peace.
Content analysis details: (5.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror)
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=bihdeiurg%40maxxel.sk;ip=113.111.143.119;r=doctor.nl2k.ab.ca]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[ivyapex[at]163.com]
0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
different
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML
tag
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
1.5 SPOOFED_FREEMAIL No description available.
Subject: {SPAM?} RE: Do you still remember ?
px;">Hey
px;">
=3D"font-size: 16px;">A good weekend always leaves you with happiness deep =
inside your heart=E2=80=A6.
_0078.gif"/>
![](3D"http://img.baidu.com/hi/jx2/j=<br)
le=3D"font-size: 16px;"> Have a lovely weekend that brings you peace.<=
/span>![](3D"http://img.baidu.com/hi/tsj/t_0002.gif"/)
margin-top: 2px; margin-bottom: 2px;">
margin-bottom: 2px;">-----------------------------------------------------=
-----------------------------------
rgin-bottom: 2px; white-space: normal;">
=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=96=B6 pro=
ducts we supply in China
om: 2px; white-space: normal;">
=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85phone case &a=
mp; tablet
-space: normal;">
=BB=91, "Microsoft YaHei";">=E2=9C=85earpphone & Headset
n>
">
icrosoft YaHei";">=E2=9C=85wireless speaker
in-top: 2px; margin-bottom: 2px; white-space: normal;">
family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";"=
>=E2=9C=85web camera
2px; white-space: normal;">
=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Smart Watch &=
; Bracelet
-space: normal;">
=BB=91, "Microsoft YaHei";">=E2=9C=85watch & airpods accessor=
ies
normal;">
"Microsoft YaHei";">=E2=9C=85Audio & Video Cables /adapters<=
/span>
mal;">
ot;Microsoft YaHei";">=E2=9C=85Power bank
-top: 2px; margin-bottom: 2px; white-space: normal;">
mily: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=
=E2=9C=85tablet pc
x; white-space: normal;">
=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85car charger& &n=
bsp;holder stand
white-space: normal;">
=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Drones
yle=3D"margin-top: 2px; margin-bottom: 2px; white-space: normal;">
le=3D"font-family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft Ya=
Hei";">=E2=9C=85USB Reader
; margin-bottom: 2px; white-space: normal;">
=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85N=
etworking & Communications
n-bottom: 2px; white-space: normal;">
=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">=E2=9C=85Drop Sh=
ipping/ warehouseing service /quality control service/Shipping
style=3D"margin-top: 2px; margin-bottom: 2px; white-space: normal;">
style=3D"font-family: =E5=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft=
YaHei";">=E2=9C=85others
n-bottom: 2px; white-space: normal;">
margin-bottom: 2px; white-space: normal;">
=BE=AE=E8=BD=AF=E9=9B=85=E9=BB=91, "Microsoft YaHei";">you can Em=
aill Back to me to have a talk if you have interests .
=3D"margin-top: 2px; margin-bottom: 2px;">
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments