more link spam from gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 06 Mar 2023 08:40:03 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1pZCvV-000ACL-32
for dave@doctor.nl2k.ab.ca;
Mon, 06 Mar 2023 08:39:01 -0700
Resent-From: The Doctor
Resent-Date: Mon, 6 Mar 2023 08:39:01 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f41.google.com ([209.85.167.41]:41906)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from)
id 1pZBlG-000IQ8-0e
for doctor@nl2k.ab.ca;
Mon, 06 Mar 2023 07:24:27 -0700
Received: by mail-lf1-f41.google.com with SMTP id d36so9780055lfv.8
for; Mon, 06 Mar 2023 06:22:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1678112537;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=gRuXIiLtloYOGiKXPwFrESrbTwb7QPtkpsfyPDsSVno=;
b=gLbND/iSClzc9G31APmy/yPbdOZZXqvR+0bvnGSuqeGgBaMTZD+via6Lutm+2Kvr+3
ACINUgfs/G+l6SdNmecaHkdBSaUDKoskRFXkMI1PTP7HCuWKMcaW5y5/Cl9NHN6DM984
37P/5I37uoWrxmrXpiA3rWUOoqalC3VLE6ru6VWxARg+ZZNJMTKM+egUkvzzsvLpLt74
Nxv+AHuV0pAIl1+1fTShFrBeEBlZhwhOze/z5htnz+pCWc1AwR+T4T6eJj466u64lwRX
7avmv+wdekSkcfYcOJGGJ1KksUjqDqpWfDILR/50LNzP0UlKTx7qqXF+ZLMlvDvf9Py0
IwFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1678112537;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=gRuXIiLtloYOGiKXPwFrESrbTwb7QPtkpsfyPDsSVno=;
b=lxKRHUvoUg+ZwWesAVjI7vTH+LhMWTJ1Zqvq/yBHwT2d9coefe9V44rlNy7l9XuMuX
0Goxy18Uey1zpB6GXC1uAEjbfhA/UoSohC2w7RpWNMIRQrf3fr6eRWsK0HjVi7nuNYj2
IDpAJW4EvPEBVVuDuCUjrYxd8zMIh3iONcBXM3dHwk1ICXYF+CZwIpTvGLBD9UHZ24Of
5kxTFdpl9CxHba6QNpCKpmRurGUk1bJV+dQiGM2EFRXg0DnDS2yNuF/OFp2eeZ4QYrvl
eaKWtjXYRdu5Uduc9J+ZQE5sGYGeFf8EELeq6UweZ4+1j7VHX+GTxKxYAeA61TWXpjTn
FJXA==
X-Gm-Message-State: AO0yUKV3UOHxYvsRF70BUKVXf5hUkSrSqShycV2fmo59hEodVCOCavGO
dQknCYfc6ylNpNc/rGS34aCoe/oBjgoaA59as8E=
X-Google-Smtp-Source: AK7set/6tr+XQnaGFyRMcC7mO23qcCj5nrhVrWQGD3JNbE8N6wE4en//758dlyNMLTccK66DpvczmkqZvUbd+TScx5A=
X-Received: by 2002:ac2:539c:0:b0:4d5:ca42:e43b with SMTP id
g28-20020ac2539c000000b004d5ca42e43bmr3359632lfh.4.1678112536745; Mon, 06 Mar
2023 06:22:16 -0800 (PST)
MIME-Version: 1.0
From: "dieudonnenzuzi07@yahoo.fr"
Date: Mon, 6 Mar 2023 14:22:19 +0000
Message-ID:
Subject:
To: dcreativ, deniscarole5 ,
denisefob1991, desjar m ,
dianelefort, dleroux ,
doctor, dominique myre , fmbuyi
Content-Type: multipart/alternative; boundary="000000000000a558e005f63c0570"
X-Spam_score: 10.1
X-Spam_score_int: 101
X-Spam_bar: ++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://akki3.app.link/6ti0kIPNUxb https://akki3.app.link/6ti0kIPNUxb
Content analysis details: (10.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.41 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
2.5 SORTED_RECIPS Recipient list is sorted by address
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[davidndolo354(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[davidndolo354(at)gmail.com]
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 TVD_SPACE_RATIO No description available.
0.7 PDS_FROM_2_EMAILS From header has multiple different addresses
2.0 FROM_2_EMAILS_SHORT Short body and From looks like 2 different emails
0.4 NAME_EMAIL_DIFF Sender NAME is an unrelated email address
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.41 listed in wl.mailspike.net]
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
Subject: {SPAM?}
--000000000000a558e005f63c0570
Content-Type: text/plain; charset="UTF-8"
https://akki3.app.link/6ti0kIPNUxb
--000000000000a558e005f63c0570
Content-Type: text/html; charset="UTF-8"
https://akki3.app.link/6ti0kIPNUxb
--000000000000a558e005f63c0570--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 06 Mar 2023 08:40:03 -0700
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1pZCvV-000ACL-32
for dave@doctor.nl2k.ab.ca;
Mon, 06 Mar 2023 08:39:01 -0700
Resent-From: The Doctor
Resent-Date: Mon, 6 Mar 2023 08:39:01 -0700
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f41.google.com ([209.85.167.41]:41906)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from
id 1pZBlG-000IQ8-0e
for doctor@nl2k.ab.ca;
Mon, 06 Mar 2023 07:24:27 -0700
Received: by mail-lf1-f41.google.com with SMTP id d36so9780055lfv.8
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1678112537;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=gRuXIiLtloYOGiKXPwFrESrbTwb7QPtkpsfyPDsSVno=;
b=gLbND/iSClzc9G31APmy/yPbdOZZXqvR+0bvnGSuqeGgBaMTZD+via6Lutm+2Kvr+3
ACINUgfs/G+l6SdNmecaHkdBSaUDKoskRFXkMI1PTP7HCuWKMcaW5y5/Cl9NHN6DM984
37P/5I37uoWrxmrXpiA3rWUOoqalC3VLE6ru6VWxARg+ZZNJMTKM+egUkvzzsvLpLt74
Nxv+AHuV0pAIl1+1fTShFrBeEBlZhwhOze/z5htnz+pCWc1AwR+T4T6eJj466u64lwRX
7avmv+wdekSkcfYcOJGGJ1KksUjqDqpWfDILR/50LNzP0UlKTx7qqXF+ZLMlvDvf9Py0
IwFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1678112537;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=gRuXIiLtloYOGiKXPwFrESrbTwb7QPtkpsfyPDsSVno=;
b=lxKRHUvoUg+ZwWesAVjI7vTH+LhMWTJ1Zqvq/yBHwT2d9coefe9V44rlNy7l9XuMuX
0Goxy18Uey1zpB6GXC1uAEjbfhA/UoSohC2w7RpWNMIRQrf3fr6eRWsK0HjVi7nuNYj2
IDpAJW4EvPEBVVuDuCUjrYxd8zMIh3iONcBXM3dHwk1ICXYF+CZwIpTvGLBD9UHZ24Of
5kxTFdpl9CxHba6QNpCKpmRurGUk1bJV+dQiGM2EFRXg0DnDS2yNuF/OFp2eeZ4QYrvl
eaKWtjXYRdu5Uduc9J+ZQE5sGYGeFf8EELeq6UweZ4+1j7VHX+GTxKxYAeA61TWXpjTn
FJXA==
X-Gm-Message-State: AO0yUKV3UOHxYvsRF70BUKVXf5hUkSrSqShycV2fmo59hEodVCOCavGO
dQknCYfc6ylNpNc/rGS34aCoe/oBjgoaA59as8E=
X-Google-Smtp-Source: AK7set/6tr+XQnaGFyRMcC7mO23qcCj5nrhVrWQGD3JNbE8N6wE4en//758dlyNMLTccK66DpvczmkqZvUbd+TScx5A=
X-Received: by 2002:ac2:539c:0:b0:4d5:ca42:e43b with SMTP id
g28-20020ac2539c000000b004d5ca42e43bmr3359632lfh.4.1678112536745; Mon, 06 Mar
2023 06:22:16 -0800 (PST)
MIME-Version: 1.0
From: "dieudonnenzuzi07@yahoo.fr"
Date: Mon, 6 Mar 2023 14:22:19 +0000
Message-ID:
Subject:
To: dcreativ
denisefob1991
dianelefort
doctor
Content-Type: multipart/alternative; boundary="000000000000a558e005f63c0570"
X-Spam_score: 10.1
X-Spam_score_int: 101
X-Spam_bar: ++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://akki3.app.link/6ti0kIPNUxb https://akki3.app.link/6ti0kIPNUxb
Content analysis details: (10.1 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.41 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
2.5 SORTED_RECIPS Recipient list is sorted by address
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[davidndolo354(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[davidndolo354(at)gmail.com]
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 TVD_SPACE_RATIO No description available.
0.7 PDS_FROM_2_EMAILS From header has multiple different addresses
2.0 FROM_2_EMAILS_SHORT Short body and From looks like 2 different emails
0.4 NAME_EMAIL_DIFF Sender NAME is an unrelated email address
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.41 listed in wl.mailspike.net]
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
Subject: {SPAM?}
--000000000000a558e005f63c0570
Content-Type: text/plain; charset="UTF-8"
https://akki3.app.link/6ti0kIPNUxb
--000000000000a558e005f63c0570
Content-Type: text/html; charset="UTF-8"
https://akki3.app.link/6ti0kIPNUxb
--000000000000a558e005f63c0570--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments