URL spam from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 14 Nov 2022 08:33:29 -0700
Received: from mail-io1-f53.google.com ([209.85.166.53]:36464)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1oubRs-000Hbk-Dw
for dave@doctor.nl2k.ab.ca;
Mon, 14 Nov 2022 08:32:40 -0700
Received: by mail-io1-f53.google.com with SMTP id z3so8398078iof.3
for; Mon, 14 Nov 2022 07:29:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=l8n5HsdG5qZGyFhYn8jrYTuf7lZfFBb1HTrbSLxBupg=;
b=pB9qGMFJu+HCM76yTFpTFxysA8DQHZHaYiixCwSafXNkoXdSiQkzX6lpNDOqW/DZPo
JJgYKT00tiHRb23n4wQyjORuH3ldVlYbhKr510YGOK+MnHufzDldl+9OMku4Z868IHq1
Iq7Rpiig7pvozRJjaGZn4tpFFgVyZSSjSCSxgYO3vVNNKvKkGQl3kRI2xjzT8E/5ZlHZ
mUjnkTej/ndO+KSeEmJw5Pp3I7mMvOlDfCjM4MqVjgtRcEzXTodgIoEoqtocbzg7Wfj1
xaIMa2Lf0qT20F04BdEGUH6wtxvSop1CEZY8lisrJwQKGHPZ81EaCP7AZ8DvoOC1W/Dp
aWrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=l8n5HsdG5qZGyFhYn8jrYTuf7lZfFBb1HTrbSLxBupg=;
b=4vRdAUvVYJ4TDuNNqD9ASw7zc7AXVKtDkbRnEoZPfeWXpQ/N8BxFBsbfIM+1McCM+w
nv5hMgIA11izaN+hfetTmwiBe2mP9bCdcOn8KWxcTmP29oKWrl6zjnGvCltMvAUGJgrJ
aWNbS2Ph8GvmS3FiBmi5kNyYrhNAt2wZJQHCj791lhAVMrOJJDMWkDt00x5Yv6pqLfpq
M3MCfSBLWTS7UzwuYLmQJidLxKEZ4uPgR6POsc2JylUUmpAYq01D2zj2UBipGf/s0xus
nryq+dyAndcMr3quPi3S49Ak4Jjxc9b0bTn7jjQMEcigjjDS/2oL1c7AJdaYsTrsdvCb
Cidg==
X-Gm-Message-State: ANoB5pn9K58YlInzouIW4XSbStlKj1mXgY9s7Ifq7Jwtyz76aQWzEA5q
KWxlkve0HYShfiSH5N4ZXA/Fqu3HozZxkZKHu90=
X-Google-Smtp-Source: AA0mqf5xmUBDUjBanfH940h1nVYT5JTMTjE3Bxbc7qXMPydHz2iEeh5i7ysxUaDINw8ddjkTIZjHOSynw+rifzRDpzo=
X-Received: by 2002:a02:2acd:0:b0:374:8236:4cc6 with SMTP id
w196-20020a022acd000000b0037482364cc6mr5830196jaw.7.1668439787006; Mon, 14
Nov 2022 07:29:47 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6622:f91:0:0:0:0 with HTTP; Mon, 14 Nov 2022 07:29:46
-0800 (PST)
From: yeiner steven salazar
Date: Mon, 14 Nov 2022 10:29:46 -0500
Message-ID:
Subject: Re: Dr.Charles Edward
To: DanzASalsaRico, dan ike ,
daoud kermiche, darbyttservices ,
darcel260, daria b55 ,
darnaque leschats2011, dave
Content-Type: text/plain; charset="UTF-8"
X-Spam_score: 9.5
X-Spam_score_int: 95
X-Spam_bar: +++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://81zix.app.link/HuS08iOlVub
Content analysis details: (9.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust
[209.85.166.53 listed in list.dnswl.org]
2.5 SUSPICIOUS_RECIPS Similar addresses in recipient list
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[yeinersalazar98[at]gmail.com]
2.5 SORTED_RECIPS Recipient list is sorted by address
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[yeinersalazar98[at]gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.166.53 listed in wl.mailspike.net]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Subject: {SPAM?} Re: Dr.Charles Edward
https://81zix.app.link/HuS08iOlVub
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 14 Nov 2022 08:33:29 -0700
Received: from mail-io1-f53.google.com ([209.85.166.53]:36464)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1oubRs-000Hbk-Dw
for dave@doctor.nl2k.ab.ca;
Mon, 14 Nov 2022 08:32:40 -0700
Received: by mail-io1-f53.google.com with SMTP id z3so8398078iof.3
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=l8n5HsdG5qZGyFhYn8jrYTuf7lZfFBb1HTrbSLxBupg=;
b=pB9qGMFJu+HCM76yTFpTFxysA8DQHZHaYiixCwSafXNkoXdSiQkzX6lpNDOqW/DZPo
JJgYKT00tiHRb23n4wQyjORuH3ldVlYbhKr510YGOK+MnHufzDldl+9OMku4Z868IHq1
Iq7Rpiig7pvozRJjaGZn4tpFFgVyZSSjSCSxgYO3vVNNKvKkGQl3kRI2xjzT8E/5ZlHZ
mUjnkTej/ndO+KSeEmJw5Pp3I7mMvOlDfCjM4MqVjgtRcEzXTodgIoEoqtocbzg7Wfj1
xaIMa2Lf0qT20F04BdEGUH6wtxvSop1CEZY8lisrJwQKGHPZ81EaCP7AZ8DvoOC1W/Dp
aWrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=l8n5HsdG5qZGyFhYn8jrYTuf7lZfFBb1HTrbSLxBupg=;
b=4vRdAUvVYJ4TDuNNqD9ASw7zc7AXVKtDkbRnEoZPfeWXpQ/N8BxFBsbfIM+1McCM+w
nv5hMgIA11izaN+hfetTmwiBe2mP9bCdcOn8KWxcTmP29oKWrl6zjnGvCltMvAUGJgrJ
aWNbS2Ph8GvmS3FiBmi5kNyYrhNAt2wZJQHCj791lhAVMrOJJDMWkDt00x5Yv6pqLfpq
M3MCfSBLWTS7UzwuYLmQJidLxKEZ4uPgR6POsc2JylUUmpAYq01D2zj2UBipGf/s0xus
nryq+dyAndcMr3quPi3S49Ak4Jjxc9b0bTn7jjQMEcigjjDS/2oL1c7AJdaYsTrsdvCb
Cidg==
X-Gm-Message-State: ANoB5pn9K58YlInzouIW4XSbStlKj1mXgY9s7Ifq7Jwtyz76aQWzEA5q
KWxlkve0HYShfiSH5N4ZXA/Fqu3HozZxkZKHu90=
X-Google-Smtp-Source: AA0mqf5xmUBDUjBanfH940h1nVYT5JTMTjE3Bxbc7qXMPydHz2iEeh5i7ysxUaDINw8ddjkTIZjHOSynw+rifzRDpzo=
X-Received: by 2002:a02:2acd:0:b0:374:8236:4cc6 with SMTP id
w196-20020a022acd000000b0037482364cc6mr5830196jaw.7.1668439787006; Mon, 14
Nov 2022 07:29:47 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:6622:f91:0:0:0:0 with HTTP; Mon, 14 Nov 2022 07:29:46
-0800 (PST)
From: yeiner steven salazar
Date: Mon, 14 Nov 2022 10:29:46 -0500
Message-ID:
Subject: Re: Dr.Charles Edward
To: DanzASalsaRico
daoud kermiche
darcel260
darnaque leschats2011
Content-Type: text/plain; charset="UTF-8"
X-Spam_score: 9.5
X-Spam_score_int: 95
X-Spam_bar: +++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://81zix.app.link/HuS08iOlVub
Content analysis details: (9.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust
[209.85.166.53 listed in list.dnswl.org]
2.5 SUSPICIOUS_RECIPS Similar addresses in recipient list
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider
[yeinersalazar98[at]gmail.com]
2.5 SORTED_RECIPS Recipient list is sorted by address
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
in digit
[yeinersalazar98[at]gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.166.53 listed in wl.mailspike.net]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Subject: {SPAM?} Re: Dr.Charles Edward
https://81zix.app.link/HuS08iOlVub
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments