e-mail phish
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 23 Oct 2022 22:10:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1omomN-000D0I-3W
for dave@doctor.nl2k.ab.ca;
Sun, 23 Oct 2022 22:09:35 -0600
Resent-From: The Doctor
Resent-Date: Sun, 23 Oct 2022 22:09:35 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from srbyfnhp.acupuncturehk.com ([92.52.217.191]:51078)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1omnfI-0002j1-AJ
for root@nk.ca;
Sun, 23 Oct 2022 20:58:17 -0600
From: "nk.ca"
To: root@nk.ca
Subject: (8) Incoming mails are pending
Date: 24 Oct 2022 04:55:12 +0200
Message-ID: <20221024045512.D122BB314714EB28@nk.ca>
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.1
X-Spam_score_int: 51
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Un-Received (8) Incoming Emails   Your 8 important incoming
emails are stuck on the nk.ca Email server.
Content analysis details: (5.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: w3s.link]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[92.52.217.191 listed in bl.score.senderscore.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=no-reply%40nk.ca;ip=92.52.217.191;r=doctor.nl2k.ab.ca]
0.5 URI_NOVOWEL URI: URI hostname has long non-vowel sequence
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF
failed
Subject: {SPAM?} (8) Incoming mails are pending
elvetica, sans-serif; WIDTH: 480px; WHITE-SPACE: normal; WORD-SPACING: 0px;=
TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: nor=
mal; MARGIN-LEFT: 60px; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACK=
GROUND-COLOR: rgb(249,247,247); font-variant-ligatures: normal; font-varian=
t-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: =
initial; text-decoration-style: initial;=20
text-decoration-color: initial" cellSpacing=3D0 cellPadding=3D0 width=3D480=
align=3Dleft border=3D0>
botoDraft, Helvetica, Arial, sans-serif; BORDER-RIGHT-WIDTH: 0px; VERTICAL-=
ALIGN: top; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px=
; MARGIN: 0px; BORDER-TOP-WIDTH: 0px' width=3D"100%">
order=3D0>
ial, sans-serif; PADDING-BOTTOM: 5px; PADDING-TOP: 10px; MARGIN: 0px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.5">
ING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGHT: 0px">
le=3D"FONT-SIZE: 18px">Un-Received (8) Incoming Emails
>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
order=3D0>
AMILY: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; MA=
RGIN: 0px; LINE-HEIGHT: 1px'>
TR>
order=3D0>
ial, sans-serif; PADDING-BOTTOM: 15px; PADDING-TOP: 15px; PADDING-LEFT: 15p=
x; MARGIN: 0px; PADDING-RIGHT: 20px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.5">
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">Your 8 important incoming emails are stuck on the nk.ca
> Email server.
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">
A system error occurred at Monday, October 24, 2022 4:55 =
a.m.
You can retrieve the 8 stuck emails with the button below.
<=
BR>
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">Stuck emails will be deleted automatically from the system.
V>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
dana, Segoe, sans-serif; BORDER-RIGHT: rgb(138,59,143) 1px solid; WIDTH: au=
to; BORDER-BOTTOM: rgb(138,59,143) 1px solid; COLOR: rgb(255,255,255); PADD=
ING-BOTTOM: 5px; PADDING-TOP: 5px; BORDER-LEFT: rgb(138,59,143) 1px solid; =
DISPLAY: inline-block; BACKGROUND-COLOR: rgb(0,2,165); text-decoration-line=
: none; border-radius: 4px"=20
href=3D"https://bafybeiblaatxxnjr7fu7uknkgqdbxyx36w42rvr6bhp37vh5jkxn7im7rm=
=2Eipfs.cf-ipfs.com/?filename=3Dgigfrnd.html#root@nk.ca" rel=3Dnoopener tar=
get=3D_blank data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps:/=
/bafybeiersowck3k5nu5t62eaidchmlcahn5754j3caprcdvjkb2zlyfily.ipfs.w3s.link/=
own.html%23%5B%5B-Email-%5D%5D&source=3Dgmail&ust=3D166275926284300=
0&usg=3DAOvVaw1jQw8r94yeYBdPZc0BW-je">
ADDING-LEFT: 20px; DISPLAY: inline-block; PADDING-RIGHT: 20px">
13px; LINE-HEIGHT: 19px">Retrieve 8 Emails<=
/TD>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
order=3D0>
AMILY: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; MA=
RGIN: 0px; LINE-HEIGHT: 1px'>
TR>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.2">
ING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGHT: 0px">
le=3D"FONT-SIZE: 13px">This message is strictly for the attention of root@n=
k.ca
BLE>
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Sun, 23 Oct 2022 22:10:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1omomN-000D0I-3W
for dave@doctor.nl2k.ab.ca;
Sun, 23 Oct 2022 22:09:35 -0600
Resent-From: The Doctor
Resent-Date: Sun, 23 Oct 2022 22:09:35 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from srbyfnhp.acupuncturehk.com ([92.52.217.191]:51078)
by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.95 (FreeBSD))
(envelope-from
id 1omnfI-0002j1-AJ
for root@nk.ca;
Sun, 23 Oct 2022 20:58:17 -0600
From: "nk.ca"
To: root@nk.ca
Subject: (8) Incoming mails are pending
Date: 24 Oct 2022 04:55:12 +0200
Message-ID: <20221024045512.D122BB314714EB28@nk.ca>
MIME-Version: 1.0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam_score: 5.1
X-Spam_score_int: 51
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Un-Received (8) Incoming Emails   Your 8 important incoming
emails are stuck on the nk.ca Email server.
Content analysis details: (5.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: w3s.link]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[92.52.217.191 listed in bl.score.senderscore.com]
1.3 RCVD_IN_VALIDITY_RPBL RBL: Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=no-reply%40nk.ca;ip=92.52.217.191;r=doctor.nl2k.ab.ca]
0.5 URI_NOVOWEL URI: URI hostname has long non-vowel sequence
0.0 HTML_MESSAGE BODY: HTML included in message
1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF
failed
Subject: {SPAM?} (8) Incoming mails are pending
elvetica, sans-serif; WIDTH: 480px; WHITE-SPACE: normal; WORD-SPACING: 0px;=
TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: nor=
mal; MARGIN-LEFT: 60px; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACK=
GROUND-COLOR: rgb(249,247,247); font-variant-ligatures: normal; font-varian=
t-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: =
initial; text-decoration-style: initial;=20
text-decoration-color: initial" cellSpacing=3D0 cellPadding=3D0 width=3D480=
align=3Dleft border=3D0>
botoDraft, Helvetica, Arial, sans-serif; BORDER-RIGHT-WIDTH: 0px; VERTICAL-=
ALIGN: top; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 5px; PADDING-TOP: 5px=
; MARGIN: 0px; BORDER-TOP-WIDTH: 0px' width=3D"100%">
order=3D0>
ial, sans-serif; PADDING-BOTTOM: 5px; PADDING-TOP: 10px; MARGIN: 0px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.5">
ING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGHT: 0px">
le=3D"FONT-SIZE: 18px">Un-Received (8) Incoming Emails
>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
order=3D0>
AMILY: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; MA=
RGIN: 0px; LINE-HEIGHT: 1px'>
TR>
order=3D0>
ial, sans-serif; PADDING-BOTTOM: 15px; PADDING-TOP: 15px; PADDING-LEFT: 15p=
x; MARGIN: 0px; PADDING-RIGHT: 20px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.5">
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">Your 8 important incoming emails are stuck on the nk.ca
> Email server.
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">
A system error occurred at Monday, October 24, 2022 4:55 =
a.m.
You can retrieve the 8 stuck emails with the button below.
<=
BR>
NG-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGH=
T: 0px">Stuck emails will be deleted automatically from the system.
V>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
dana, Segoe, sans-serif; BORDER-RIGHT: rgb(138,59,143) 1px solid; WIDTH: au=
to; BORDER-BOTTOM: rgb(138,59,143) 1px solid; COLOR: rgb(255,255,255); PADD=
ING-BOTTOM: 5px; PADDING-TOP: 5px; BORDER-LEFT: rgb(138,59,143) 1px solid; =
DISPLAY: inline-block; BACKGROUND-COLOR: rgb(0,2,165); text-decoration-line=
: none; border-radius: 4px"=20
href=3D"https://bafybeiblaatxxnjr7fu7uknkgqdbxyx36w42rvr6bhp37vh5jkxn7im7rm=
=2Eipfs.cf-ipfs.com/?filename=3Dgigfrnd.html#root@nk.ca" rel=3Dnoopener tar=
get=3D_blank data-saferedirecturl=3D"https://www.google.com/url?q=3Dhttps:/=
/bafybeiersowck3k5nu5t62eaidchmlcahn5754j3caprcdvjkb2zlyfily.ipfs.w3s.link/=
own.html%23%5B%5B-Email-%5D%5D&source=3Dgmail&ust=3D166275926284300=
0&usg=3DAOvVaw1jQw8r94yeYBdPZc0BW-je">
ADDING-LEFT: 20px; DISPLAY: inline-block; PADDING-RIGHT: 20px">
13px; LINE-HEIGHT: 19px">Retrieve 8 Emails
/TD>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
order=3D0>
AMILY: "Google Sans", Roboto, RobotoDraft, Helvetica, Arial, sans-serif; MA=
RGIN: 0px; LINE-HEIGHT: 1px'>
TR>
border=3D0>
ial, sans-serif; MARGIN: 0px'>
rif; COLOR: rgb(57,61,71); LINE-HEIGHT: 1.2">
ING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 1.5; PADDING-RIGHT: 0px">
le=3D"FONT-SIZE: 13px">This message is strictly for the attention of root@n=
k.ca
BLE>
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments