even lottery spam from Outlook
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 14 Sep 2022 14:01:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1oYYYz-0008V8-9r
for dave@doctor.nl2k.ab.ca;
Wed, 14 Sep 2022 14:00:49 -0600
Resent-From: The Doctor
Resent-Date: Wed, 14 Sep 2022 14:00:49 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-am7eur03olkn2034.outbound.protection.outlook.com ([40.92.59.34]:1921 helo=EUR03-AM7-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oYW3D-000HyE-6t
for root@doctor.nl2k.ab.ca;
Wed, 14 Sep 2022 11:19:56 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=h4+1ih5YCUDRxSzFGf4yPcPOooWJ3fwtgZ3ngAV4u46QDlvdJrsnN32+5CU/sswXdH08agVbocrvnvMeXiYweox4ELf+z9/gW5E2HjT1YY94a+THbeVK03/15aOEGksePn1rMnPveAkkzUJas01jiCaxJS96oZQRIdkFhM6Q1EhTeq6Jm3+F5NhMF9ke2/cctnI+l5i/RMzMG6pX7Qn/JQD2OtLPXbMrhBQ3qVS6npm/GaddxXPfXGaxm7Eg2lEkjO3X/OFIpW9ocZK0VHmX0ZIhmZ4n0V3HS5czVjXmwuLd11hdJzVziqQP1KqT4teDqD682lQPygtuKTVjL3WXKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=7XBtHxp01DL1jRJZFi1TcQAzdkAKwQmuycYVzZel0lM=;
b=ahgRpkIh1j9zgfderR/Rb8vKNkupm3BfQR54je7EUWJ6/UkZcUPEcWJYFR4kjD37W3oRxTm0M9MiF+SKZFE774mgq5tI0BsMxzi1okZ+LUwy9dsujtyuNl2hz04HgM6qh4oalNxVh/Fzo6ZmXe69A0H9ImHBtyJo+i3ansXiUkiXNr0ymAp2jgdridj/W8M+2BAr1tzNP+mAnk8s2ecIa9w1/kvPlbuovoZ/VsT6NRl7KOxhH07c5Ro8GxVXjjgiOEZzrbU41IUHXiGnpMEymLvgPxzWz1NaD9Ozus7rGWv+66cItxEmdIykf0/0V9y7gBGAlAchwaRyaCb0YCYawQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=7XBtHxp01DL1jRJZFi1TcQAzdkAKwQmuycYVzZel0lM=;
b=cAi2ui7PrqKeoE5/HpWsB7F1bMyO0/mZZUvcZjy/bc8MU5gPVdelN0xYebF5AeaeHilOrUntes+GI3qqaC1sUC2Q4jjtd2wFEZSFcRPAFLZDgEUwS5s4WjvAyb30AA4YmMH0wAjBrOyZnSqvmNX7JLea3d+o2iaBqbXmrT3iltE/2cuPtnvGooq0w+Tyeq442LW63TGNlCzcF2gxbiO1vqi/YZRd+VZEYLU/sNlYDRsliWAJx47+ERhv55XBeVUPak25HF9GD14w3v6wW+MQ9YLzpI0ffa8osNoWMu/cI22smdacKh7k370kW8yvMOyVa1x7/WNiOb7djm7vrQonJA==
Received: from AM8P194MB0980.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:24a::11)
by AM8P194MB1579.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:36e::21) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5612.19; Wed, 14 Sep
2022 17:19:24 +0000
Received: from AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
([fe80::5dda:deab:c453:d1fc]) by AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
([fe80::5dda:deab:c453:d1fc%5]) with mapi id 15.20.5612.022; Wed, 14 Sep 2022
17:19:24 +0000
From: Microsoft- Corp.
Subject: Notification Email.
Thread-Topic: Notification Email.
Thread-Index: AQHYyF4Y/wT7Co4c70yv1PDEEroo+A==
Date: Wed, 14 Sep 2022 17:19:24 +0000
Message-ID:
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-tmn: [nSz8uPSlv+wEWG8u15pvSx53XmfiCH6L]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM8P194MB0980:EE_|AM8P194MB1579:EE_
x-ms-office365-filtering-correlation-id: c709be8a-86d8-4873-f4cb-08da96754510
x-ms-exchange-slblob-mailprops:
QyUpsVPvcqlV4CrD75uwKCFsN2FIYl1b70kXgODh/Xadkhyw8+bFvk2vepYtED5otU5OhfqCOAe8+5SY4cGoqBhKRipfAOsWYqcHOdLwyQP67hWCLHj1CguqCj5/9lUaaHc3ceJPQcEOf6CAi/eUTWKNU9MPjOiEzJRauQgPPOkQHh5K6XPwmonQIZsgqu+DvDWqhpJYclsKEsNno+b3Rw/ENus5giycByQqcSyQWIMYWa2mKYDQJltWzSd+G4qXQE7ibR4j7uF5HqOso5Xr6/WzNOWPkIqTekJJaGSaLUyPC3erS/ZtNChKpIA7y4OvIy4oPAtIiBpbftCWUoghsG3mU/E/ycoXICFRIxzIMnI1+JK27uk9Xwi2Hgn+iebdCtADdqV+ApV49QvabDhhE6YaOz8IobNYvEsVPQizh1cc6++as59QZ0XrzcEHcMxT4kQJocdRUTj4lSg0A44iyrexBoWt5qmDmfRO513KeXt6ZgrwZHpEd8Jjhl2pu81a2mJsc1sQW7YkCInDFQUqSoZRvPLhcBq7+yB42oHzqt1f3Fd2lSHaTScp1kGCHCVXh46KLaba4b3hoJ8lPYsMHA+wzBgchXaNoADoifg9XwoSnb0RdrYohVoMvatIHBx7QAWNaxmItJdaAeIFnGSh2ep8RqWcomfhbE85UqrRM3JOLgeqso7X2BaLJ2eoSkbE
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
Pz/l7l/JMs1mWAEOVq2s0+NUAmuelM9PGvAA3ghvZdGNnfS7Hx6BoaDBzabhXzVKjEnQp6St71Aher+UfJS86P2sh6JqRRxwnabifvdvQ974cJ7IvM6M5UUsugVqlpu0DTA34RAQQ0FKgNcc+hXxrGsbEmSMEM7P+TtiiCW2Ujy6/Pby8x/tFWmkrW5nrYzgQCgg3ARa2CQRjfRtyGyIFKDmeFYEgNKkeucR5Gb4xJdrwQk4ZG/AN+PUaC56Y4vVqgNupssFApryp1GciTCgxtzRTdP0SZJLBf4cU4Ec1UN5spzc83Z9P31VVcyFXFqPtNHTl8JZC5D+fv3aaLn5VZiNF6EoH24qwUVjKTxqRSqyHPolEWMTJeuBGvmWNqxNOa2W0MuYxGIviVCYOQeHv4+2ciCeW0/lM+zHKeY814c+JRfinhp4iQU2wCvsYs2TSXyYCpvTBbRx+xnXvJeqQajnKBQ8ujm3l5MtvMdSbvOa0emtOJ42qTCIbkZVhfBaPtBEaa0kxnmbMkKwUkoF+sGwji8F7j5ODu7GGb86O3Wkq+OXjsYneYTzgQwiqK+SAKv8Mjs+1DGkvl8SfKQPtKbwbotu4F34xugKoGgOpXf4EcAX6feaAXIZWBmfKT+B
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
=?iso-8859-1?Q?h6whK5MglHI6vkgZZWgugm1leQ4gmiOtkxdcKQfH6F3LDNqPkSXn810lQx?=
=?iso-8859-1?Q?b4cpWT7hDmMkeVqOw9nV+a7E7bHGcsotiyyR23CzUYLuM1mHLLfqcIi19H?=
=?iso-8859-1?Q?zdZQXIbGCvIkKN8gKGoGAwrZt14lTjcsxYsW8tCHiWPF03Rb+ATAjYOKRs?=
=?iso-8859-1?Q?iGx2FNql0819gne4qHn6MxBGmMECjCiUWeXNLerCUkF0tY1jXZttUSDC2l?=
=?iso-8859-1?Q?HZXzAaWN9mmOyb7wlf41BjzEB6Hxt+XWa6P/JRpBcTsUbrWntdZdzAU+YD?=
=?iso-8859-1?Q?MtX3nicbA4a7XIwqHlEesaUjYqiTK/4UCevWDekBYxouLbjqHi6zylmu8V?=
=?iso-8859-1?Q?O9GAiuVlDgdW7vPTeEO1ZXDYHKhgN1hdIE3cE2WWyXr1PgZ0TTUj3Rz24F?=
=?iso-8859-1?Q?Em3CnZbIPhHvylFocDcuEjh57uwN4thTesApINYfGllBWLJrk1y33FuAHL?=
=?iso-8859-1?Q?LfgOLoLGMgYruZP0nQ/djWZtcxFrRGVoMUBqtkvIypI/mD4NC5sjTOwF/8?=
=?iso-8859-1?Q?8UwHSXi2r9Z9m04Xd2+8i0mJ/jS+npB+6dxuRQ0RJSCvq1s3uVHK+MmVw5?=
=?iso-8859-1?Q?7GR6B5+kla5XD0e5YNUUv/wVUvCzRasReBNcvzhIvDYqNhf6AP5Amf5iR8?=
=?iso-8859-1?Q?aQdQw8O/aD2KbZBu3VMkwDjJB3Lkc8dH9emDAcxL7GuvkQxMlPJN10IDJD?=
=?iso-8859-1?Q?yxR5Ig4cBJUSKDT3iBmePkJTUCEvcHbV2jwKtoJ6XHYDGVZkTwblbu8BjZ?=
=?iso-8859-1?Q?EoFaUdVxDOOZI5xfX5OD5MznXgJ+WYf2LL5QRr/q7YmCCOlk6RrUnhzynz?=
=?iso-8859-1?Q?SrGRwbHi1ZHU2z7skPuriQKk4LcuQO0sVEJYf4tOUIgCT+trJo5YrC33tQ?=
=?iso-8859-1?Q?eGZsSFeHXlL4HlfvbWs7ixH4rhrc0NKL3JfG3Cg8Dj0SmIeHERu+ocKPuX?=
=?iso-8859-1?Q?YkhXZzfOip6cwxEtO2IKyzDjdTiWBDOYO92sBhR3kslN4lA2dP7Sgw6Uek?=
=?iso-8859-1?Q?2yYr+BJgn4aGL4xKMjnnufrv/TrkpOUPCq6/5d1zqb+hcWr7FaTF7LRzMv?=
=?iso-8859-1?Q?Jh9crGxQ4IYEos3sKMifUpfpYM66mBac2gMnhFKYyw3w/amCgeQ+CzZ2o0?=
=?iso-8859-1?Q?G/a2umVJPeHNVX8WzN7VcHYFpdMlWchASNlrmPlAGEK1Kuorvho9uJURuQ?=
=?iso-8859-1?Q?kOYYL7sLc3B2/HQZsiFWWQnKZhyyT7CNPHy22+k0RSzWI5j361Epmj0k3n?=
=?iso-8859-1?Q?J7EN2RddgWGvmmAsAGLNOBGC37DZ1+Y5ZBdLBa4iRoTa/8ug9PTiLjxf7K?=
=?iso-8859-1?Q?sOQP?=
Content-Type: multipart/alternative;
boundary="_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: c709be8a-86d8-4873-f4cb-08da96754510
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Sep 2022 17:19:24.0269
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P194MB1579
X-Spam_score: 13.2
X-Spam_score_int: 132
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Attn: Congratulation!!! Your e-mail address has won (US$2,000,000.00)
for 2022 Microsoft Award. Serial numbers MDB/002 0869958/09 Contact (ADVOCATE
FRANKLIN EDWARD) immediately; through his email address (f [...]
Content analysis details: (13.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[webkk38[at]outlook.com]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[webkk38[at]outlook.com]
1.2 MISSING_HEADERS Missing To: header
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
0.0 HTML_MESSAGE BODY: HTML included in message
1.4 MALFORMED_FREEMAIL Bad headers on message from free email
service
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
3.0 BIGNUM_EMAILS Lots of email addresses/leads
0.0 LOTS_OF_MONEY Huge... sums of money
0.8 HK_LOTTO No description available.
1.0 FREEMAIL_REPLY From and body contain different freemails
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form
1.8 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} Notification Email.
--_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Attn:
Congratulation!!!
Your e-mail address has won (US$2,000,000.00) for 2022 Microsoft Award. Ser=
ial numbers MDB/002 0869958/09 Contact (ADVOCATE FRANKLIN EDWARD) immediate=
ly; through his email address (franklinedward44@aol.com) or phone number +2=
7736394004 and forward him your Winning No.(19-45-87-36-76-38(77), to redee=
m your winning prize, All participants were selected randomly from Worldwid=
e Web site through computer draw system and extracted from over 100,000 ema=
il addresses of companies and Individuals.
Sincerely,
Dr. Elizabeth Henning.
Copyright =A9 2022 Microsoft! Inc. All rights reserved.
--_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
1">
: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">
Attn:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Wed, 14 Sep 2022 14:01:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1oYYYz-0008V8-9r
for dave@doctor.nl2k.ab.ca;
Wed, 14 Sep 2022 14:00:49 -0600
Resent-From: The Doctor
Resent-Date: Wed, 14 Sep 2022 14:00:49 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-am7eur03olkn2034.outbound.protection.outlook.com ([40.92.59.34]:1921 helo=EUR03-AM7-obe.outbound.protection.outlook.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oYW3D-000HyE-6t
for root@doctor.nl2k.ab.ca;
Wed, 14 Sep 2022 11:19:56 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=h4+1ih5YCUDRxSzFGf4yPcPOooWJ3fwtgZ3ngAV4u46QDlvdJrsnN32+5CU/sswXdH08agVbocrvnvMeXiYweox4ELf+z9/gW5E2HjT1YY94a+THbeVK03/15aOEGksePn1rMnPveAkkzUJas01jiCaxJS96oZQRIdkFhM6Q1EhTeq6Jm3+F5NhMF9ke2/cctnI+l5i/RMzMG6pX7Qn/JQD2OtLPXbMrhBQ3qVS6npm/GaddxXPfXGaxm7Eg2lEkjO3X/OFIpW9ocZK0VHmX0ZIhmZ4n0V3HS5czVjXmwuLd11hdJzVziqQP1KqT4teDqD682lQPygtuKTVjL3WXKA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=7XBtHxp01DL1jRJZFi1TcQAzdkAKwQmuycYVzZel0lM=;
b=ahgRpkIh1j9zgfderR/Rb8vKNkupm3BfQR54je7EUWJ6/UkZcUPEcWJYFR4kjD37W3oRxTm0M9MiF+SKZFE774mgq5tI0BsMxzi1okZ+LUwy9dsujtyuNl2hz04HgM6qh4oalNxVh/Fzo6ZmXe69A0H9ImHBtyJo+i3ansXiUkiXNr0ymAp2jgdridj/W8M+2BAr1tzNP+mAnk8s2ecIa9w1/kvPlbuovoZ/VsT6NRl7KOxhH07c5Ro8GxVXjjgiOEZzrbU41IUHXiGnpMEymLvgPxzWz1NaD9Ozus7rGWv+66cItxEmdIykf0/0V9y7gBGAlAchwaRyaCb0YCYawQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
s=selector1;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=7XBtHxp01DL1jRJZFi1TcQAzdkAKwQmuycYVzZel0lM=;
b=cAi2ui7PrqKeoE5/HpWsB7F1bMyO0/mZZUvcZjy/bc8MU5gPVdelN0xYebF5AeaeHilOrUntes+GI3qqaC1sUC2Q4jjtd2wFEZSFcRPAFLZDgEUwS5s4WjvAyb30AA4YmMH0wAjBrOyZnSqvmNX7JLea3d+o2iaBqbXmrT3iltE/2cuPtnvGooq0w+Tyeq442LW63TGNlCzcF2gxbiO1vqi/YZRd+VZEYLU/sNlYDRsliWAJx47+ERhv55XBeVUPak25HF9GD14w3v6wW+MQ9YLzpI0ffa8osNoWMu/cI22smdacKh7k370kW8yvMOyVa1x7/WNiOb7djm7vrQonJA==
Received: from AM8P194MB0980.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:24a::11)
by AM8P194MB1579.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:36e::21) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5612.19; Wed, 14 Sep
2022 17:19:24 +0000
Received: from AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
([fe80::5dda:deab:c453:d1fc]) by AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
([fe80::5dda:deab:c453:d1fc%5]) with mapi id 15.20.5612.022; Wed, 14 Sep 2022
17:19:24 +0000
From: Microsoft- Corp.
Subject: Notification Email.
Thread-Topic: Notification Email.
Thread-Index: AQHYyF4Y/wT7Co4c70yv1PDEEroo+A==
Date: Wed, 14 Sep 2022 17:19:24 +0000
Message-ID:
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-tmn: [nSz8uPSlv+wEWG8u15pvSx53XmfiCH6L]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM8P194MB0980:EE_|AM8P194MB1579:EE_
x-ms-office365-filtering-correlation-id: c709be8a-86d8-4873-f4cb-08da96754510
x-ms-exchange-slblob-mailprops:
QyUpsVPvcqlV4CrD75uwKCFsN2FIYl1b70kXgODh/Xadkhyw8+bFvk2vepYtED5otU5OhfqCOAe8+5SY4cGoqBhKRipfAOsWYqcHOdLwyQP67hWCLHj1CguqCj5/9lUaaHc3ceJPQcEOf6CAi/eUTWKNU9MPjOiEzJRauQgPPOkQHh5K6XPwmonQIZsgqu+DvDWqhpJYclsKEsNno+b3Rw/ENus5giycByQqcSyQWIMYWa2mKYDQJltWzSd+G4qXQE7ibR4j7uF5HqOso5Xr6/WzNOWPkIqTekJJaGSaLUyPC3erS/ZtNChKpIA7y4OvIy4oPAtIiBpbftCWUoghsG3mU/E/ycoXICFRIxzIMnI1+JK27uk9Xwi2Hgn+iebdCtADdqV+ApV49QvabDhhE6YaOz8IobNYvEsVPQizh1cc6++as59QZ0XrzcEHcMxT4kQJocdRUTj4lSg0A44iyrexBoWt5qmDmfRO513KeXt6ZgrwZHpEd8Jjhl2pu81a2mJsc1sQW7YkCInDFQUqSoZRvPLhcBq7+yB42oHzqt1f3Fd2lSHaTScp1kGCHCVXh46KLaba4b3hoJ8lPYsMHA+wzBgchXaNoADoifg9XwoSnb0RdrYohVoMvatIHBx7QAWNaxmItJdaAeIFnGSh2ep8RqWcomfhbE85UqrRM3JOLgeqso7X2BaLJ2eoSkbE
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info:
Pz/l7l/JMs1mWAEOVq2s0+NUAmuelM9PGvAA3ghvZdGNnfS7Hx6BoaDBzabhXzVKjEnQp6St71Aher+UfJS86P2sh6JqRRxwnabifvdvQ974cJ7IvM6M5UUsugVqlpu0DTA34RAQQ0FKgNcc+hXxrGsbEmSMEM7P+TtiiCW2Ujy6/Pby8x/tFWmkrW5nrYzgQCgg3ARa2CQRjfRtyGyIFKDmeFYEgNKkeucR5Gb4xJdrwQk4ZG/AN+PUaC56Y4vVqgNupssFApryp1GciTCgxtzRTdP0SZJLBf4cU4Ec1UN5spzc83Z9P31VVcyFXFqPtNHTl8JZC5D+fv3aaLn5VZiNF6EoH24qwUVjKTxqRSqyHPolEWMTJeuBGvmWNqxNOa2W0MuYxGIviVCYOQeHv4+2ciCeW0/lM+zHKeY814c+JRfinhp4iQU2wCvsYs2TSXyYCpvTBbRx+xnXvJeqQajnKBQ8ujm3l5MtvMdSbvOa0emtOJ42qTCIbkZVhfBaPtBEaa0kxnmbMkKwUkoF+sGwji8F7j5ODu7GGb86O3Wkq+OXjsYneYTzgQwiqK+SAKv8Mjs+1DGkvl8SfKQPtKbwbotu4F34xugKoGgOpXf4EcAX6feaAXIZWBmfKT+B
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0:
=?iso-8859-1?Q?h6whK5MglHI6vkgZZWgugm1leQ4gmiOtkxdcKQfH6F3LDNqPkSXn810lQx?=
=?iso-8859-1?Q?b4cpWT7hDmMkeVqOw9nV+a7E7bHGcsotiyyR23CzUYLuM1mHLLfqcIi19H?=
=?iso-8859-1?Q?zdZQXIbGCvIkKN8gKGoGAwrZt14lTjcsxYsW8tCHiWPF03Rb+ATAjYOKRs?=
=?iso-8859-1?Q?iGx2FNql0819gne4qHn6MxBGmMECjCiUWeXNLerCUkF0tY1jXZttUSDC2l?=
=?iso-8859-1?Q?HZXzAaWN9mmOyb7wlf41BjzEB6Hxt+XWa6P/JRpBcTsUbrWntdZdzAU+YD?=
=?iso-8859-1?Q?MtX3nicbA4a7XIwqHlEesaUjYqiTK/4UCevWDekBYxouLbjqHi6zylmu8V?=
=?iso-8859-1?Q?O9GAiuVlDgdW7vPTeEO1ZXDYHKhgN1hdIE3cE2WWyXr1PgZ0TTUj3Rz24F?=
=?iso-8859-1?Q?Em3CnZbIPhHvylFocDcuEjh57uwN4thTesApINYfGllBWLJrk1y33FuAHL?=
=?iso-8859-1?Q?LfgOLoLGMgYruZP0nQ/djWZtcxFrRGVoMUBqtkvIypI/mD4NC5sjTOwF/8?=
=?iso-8859-1?Q?8UwHSXi2r9Z9m04Xd2+8i0mJ/jS+npB+6dxuRQ0RJSCvq1s3uVHK+MmVw5?=
=?iso-8859-1?Q?7GR6B5+kla5XD0e5YNUUv/wVUvCzRasReBNcvzhIvDYqNhf6AP5Amf5iR8?=
=?iso-8859-1?Q?aQdQw8O/aD2KbZBu3VMkwDjJB3Lkc8dH9emDAcxL7GuvkQxMlPJN10IDJD?=
=?iso-8859-1?Q?yxR5Ig4cBJUSKDT3iBmePkJTUCEvcHbV2jwKtoJ6XHYDGVZkTwblbu8BjZ?=
=?iso-8859-1?Q?EoFaUdVxDOOZI5xfX5OD5MznXgJ+WYf2LL5QRr/q7YmCCOlk6RrUnhzynz?=
=?iso-8859-1?Q?SrGRwbHi1ZHU2z7skPuriQKk4LcuQO0sVEJYf4tOUIgCT+trJo5YrC33tQ?=
=?iso-8859-1?Q?eGZsSFeHXlL4HlfvbWs7ixH4rhrc0NKL3JfG3Cg8Dj0SmIeHERu+ocKPuX?=
=?iso-8859-1?Q?YkhXZzfOip6cwxEtO2IKyzDjdTiWBDOYO92sBhR3kslN4lA2dP7Sgw6Uek?=
=?iso-8859-1?Q?2yYr+BJgn4aGL4xKMjnnufrv/TrkpOUPCq6/5d1zqb+hcWr7FaTF7LRzMv?=
=?iso-8859-1?Q?Jh9crGxQ4IYEos3sKMifUpfpYM66mBac2gMnhFKYyw3w/amCgeQ+CzZ2o0?=
=?iso-8859-1?Q?G/a2umVJPeHNVX8WzN7VcHYFpdMlWchASNlrmPlAGEK1Kuorvho9uJURuQ?=
=?iso-8859-1?Q?kOYYL7sLc3B2/HQZsiFWWQnKZhyyT7CNPHy22+k0RSzWI5j361Epmj0k3n?=
=?iso-8859-1?Q?J7EN2RddgWGvmmAsAGLNOBGC37DZ1+Y5ZBdLBa4iRoTa/8ug9PTiLjxf7K?=
=?iso-8859-1?Q?sOQP?=
Content-Type: multipart/alternative;
boundary="_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8P194MB0980.EURP194.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: c709be8a-86d8-4873-f4cb-08da96754510
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Sep 2022 17:19:24.0269
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P194MB1579
X-Spam_score: 13.2
X-Spam_score_int: 132
X-Spam_bar: +++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Attn: Congratulation!!! Your e-mail address has won (US$2,000,000.00)
for 2022 Microsoft Award. Serial numbers MDB/002 0869958/09 Contact (ADVOCATE
FRANKLIN EDWARD) immediately; through his email address (f [...]
Content analysis details: (13.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[webkk38[at]outlook.com]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[webkk38[at]outlook.com]
1.2 MISSING_HEADERS Missing To: header
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
0.0 HTML_MESSAGE BODY: HTML included in message
1.4 MALFORMED_FREEMAIL Bad headers on message from free email
service
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
3.0 BIGNUM_EMAILS Lots of email addresses/leads
0.0 LOTS_OF_MONEY Huge... sums of money
0.8 HK_LOTTO No description available.
1.0 FREEMAIL_REPLY From and body contain different freemails
0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal
information
1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form
1.8 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money
Subject: {SPAM?} Notification Email.
--_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Attn:
Congratulation!!!
Your e-mail address has won (US$2,000,000.00) for 2022 Microsoft Award. Ser=
ial numbers MDB/002 0869958/09 Contact (ADVOCATE FRANKLIN EDWARD) immediate=
ly; through his email address (franklinedward44@aol.com) or phone number +2=
7736394004 and forward him your Winning No.(19-45-87-36-76-38(77), to redee=
m your winning prize, All participants were selected randomly from Worldwid=
e Web site through computer draw system and extracted from over 100,000 ema=
il addresses of companies and Individuals.
Sincerely,
Dr. Elizabeth Henning.
Copyright =A9 2022 Microsoft! Inc. All rights reserved.
--_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
1">
: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">
Attn:
Congratulation!!!
Your e-mail address has won (US$2,000,000.00) for 2022 Microsoft Award=
. Serial numbers MDB/002 0869958/09 Contact (ADVOCATE FRANKLIN EDWARD) imme=
diately; through his email address (franklinedward44@aol.com) or phone numb=
er +27736394004 and forward him
your Winning No.(19-45-87-36-76-38(77), to redeem your winning prize, All =
participants were selected randomly from Worldwide Web site through compute=
r draw system and extracted from over 100,000 email addresses of companies =
and Individuals.
. Serial numbers MDB/002 0869958/09 Contact (ADVOCATE FRANKLIN EDWARD) imme=
diately; through his email address (franklinedward44@aol.com) or phone numb=
er +27736394004 and forward him
your Winning No.(19-45-87-36-76-38(77), to redeem your winning prize, All =
participants were selected randomly from Worldwide Web site through compute=
r draw system and extracted from over 100,000 email addresses of companies =
and Individuals.
Sincerely,
Dr. Elizabeth Henning.
Copyright =A9 2022 Microsoft! Inc. All rights reserved.
--_000_AM8P194MB098081AB3140B5CA95DB4D69A7469AM8P194MB0980EURP_--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments