more link spam from gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 Mar 2023 17:19:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from)
id 1pi1Xa-000CAe-0S
for dave@doctor.nl2k.ab.ca;
Thu, 30 Mar 2023 17:18:46 -0600
Resent-From: The Doctor
Resent-Date: Thu, 30 Mar 2023 17:18:46 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pl1-f195.google.com ([209.85.214.195]:34392)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from)
id 1pi0SB-0009bG-20
for doctor@nl2k.ca;
Thu, 30 Mar 2023 16:09:11 -0600
Received: by mail-pl1-f195.google.com with SMTP id o11so19502339ple.1
for; Thu, 30 Mar 2023 15:07:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1680214023;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=fZbdQSRpo18I9PprmhFZnpIVYFzxSzHDFvzLrfBO40U=;
b=ihrU47kG73hlxhayAFSZSXu/dZFM1tA98zkTIAfGX5hPyyp6TNvBwEGy0zvQMGFOvQ
xCGTRTPfOfymUiq0diu8arCtAaLzwcaC3clygvZ63aOGTdz5vF9LVWER0uBaprSXolwt
1N/y7RzkjSGeqEHDrgtMAAcj7VOVwDg/vBmvcgHb0x9xqxG82hj+qhydSK66eqZ65fd0
9ID6fbyJL8dU3rXDIyahRsTc//apTKTS6Svr1UNs/mbjrgj5/p0Oe6x3CcUtf9P+2pW2
Fr87zl3DWjYUn+Mt9ah3IQUiOKDO1OFvgPk2IXOlAqTLFkeWHkDqga31zCnBSCYraHaN
B/dA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1680214023;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=fZbdQSRpo18I9PprmhFZnpIVYFzxSzHDFvzLrfBO40U=;
b=cWfQ0QRjuCzjoRqb3AbwMyDJHAlAF8RtHIT4+sZXHMB6LnkzlqqhOLvwpIlpvrAdCd
3uDj7Yzn+RUZymLC9l8cSCZrH5P/JCi9xxBMg3DLc2NHmzhkzAl9WdB8WEdR5+N1Mre5
LZiemrjt3FdOnv+ORbpgmTsgSBImnuZ6gHYkwhPzeFUHMXZtNyO/nBGb3HV4St3/dcCZ
q78KiHL9utQbSZyx4F3S6X6FXr4Jt2/wVXwMIX3MehPP263MEcbKUYl8CYwJnyUA+pkW
vmiIFi2e+qkfnOyQHh0cYgdqXArL3lSDLjbQYemDltD8BYZ/Hg4GO6ZKBLcJwbGG3Lce
m2+A==
X-Gm-Message-State: AAQBX9fQ3BNCjFTIOcOwBxtuf9966E3zFNobGI7Ps93ZJ7vQ5v8nP09P
IhS4EGhvx5LWgjzLC3ycsl0m6F8l9JV54x4Bfik=
X-Google-Smtp-Source: AKy350YZUY3oS/eLUTEx2ZtpJvQCj5v8Lrid/f1WXD9GrBkVMZ7rpnBLAurmKRBVaeHUpkfrHtW6XxERgtlJ9XLHa2I=
X-Received: by 2002:a17:902:c3c6:b0:1a1:b318:2776 with SMTP id
j6-20020a170902c3c600b001a1b3182776mr9639476plj.0.1680214023234; Thu, 30 Mar
2023 15:07:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:6a10:ed26:b0:40a:cf16:e00f with HTTP; Thu, 30 Mar 2023
15:07:02 -0700 (PDT)
From: Herr Gomez Rodrigo
Date: Fri, 31 Mar 2023 05:07:02 +0700
Message-ID:
Subject:
To: dlennick, doctor , doctor
Content-Type: text/plain; charset="UTF-8"
X-Spam_score: 6.7
X-Spam_score_int: 67
X-Spam_bar: ++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://i1bxu.app.link/YQgYxaIbxyb
Content analysis details: (6.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.214.195 listed in list.dnswl.org]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist
[URI: i1bxu.app.link]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[anonimjava890(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[anonimjava890(at)gmail.com]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 TVD_SPACE_RATIO No description available.
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.214.195 listed in wl.mailspike.net]
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
Subject: {SPAM?}
https://i1bxu.app.link/YQgYxaIbxyb
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 30 Mar 2023 17:19:01 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.96)
(envelope-from
id 1pi1Xa-000CAe-0S
for dave@doctor.nl2k.ab.ca;
Thu, 30 Mar 2023 17:18:46 -0600
Resent-From: The Doctor
Resent-Date: Thu, 30 Mar 2023 17:18:46 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-pl1-f195.google.com ([209.85.214.195]:34392)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.96)
(envelope-from
id 1pi0SB-0009bG-20
for doctor@nl2k.ca;
Thu, 30 Mar 2023 16:09:11 -0600
Received: by mail-pl1-f195.google.com with SMTP id o11so19502339ple.1
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112; t=1680214023;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=fZbdQSRpo18I9PprmhFZnpIVYFzxSzHDFvzLrfBO40U=;
b=ihrU47kG73hlxhayAFSZSXu/dZFM1tA98zkTIAfGX5hPyyp6TNvBwEGy0zvQMGFOvQ
xCGTRTPfOfymUiq0diu8arCtAaLzwcaC3clygvZ63aOGTdz5vF9LVWER0uBaprSXolwt
1N/y7RzkjSGeqEHDrgtMAAcj7VOVwDg/vBmvcgHb0x9xqxG82hj+qhydSK66eqZ65fd0
9ID6fbyJL8dU3rXDIyahRsTc//apTKTS6Svr1UNs/mbjrgj5/p0Oe6x3CcUtf9P+2pW2
Fr87zl3DWjYUn+Mt9ah3IQUiOKDO1OFvgPk2IXOlAqTLFkeWHkDqga31zCnBSCYraHaN
B/dA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112; t=1680214023;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=fZbdQSRpo18I9PprmhFZnpIVYFzxSzHDFvzLrfBO40U=;
b=cWfQ0QRjuCzjoRqb3AbwMyDJHAlAF8RtHIT4+sZXHMB6LnkzlqqhOLvwpIlpvrAdCd
3uDj7Yzn+RUZymLC9l8cSCZrH5P/JCi9xxBMg3DLc2NHmzhkzAl9WdB8WEdR5+N1Mre5
LZiemrjt3FdOnv+ORbpgmTsgSBImnuZ6gHYkwhPzeFUHMXZtNyO/nBGb3HV4St3/dcCZ
q78KiHL9utQbSZyx4F3S6X6FXr4Jt2/wVXwMIX3MehPP263MEcbKUYl8CYwJnyUA+pkW
vmiIFi2e+qkfnOyQHh0cYgdqXArL3lSDLjbQYemDltD8BYZ/Hg4GO6ZKBLcJwbGG3Lce
m2+A==
X-Gm-Message-State: AAQBX9fQ3BNCjFTIOcOwBxtuf9966E3zFNobGI7Ps93ZJ7vQ5v8nP09P
IhS4EGhvx5LWgjzLC3ycsl0m6F8l9JV54x4Bfik=
X-Google-Smtp-Source: AKy350YZUY3oS/eLUTEx2ZtpJvQCj5v8Lrid/f1WXD9GrBkVMZ7rpnBLAurmKRBVaeHUpkfrHtW6XxERgtlJ9XLHa2I=
X-Received: by 2002:a17:902:c3c6:b0:1a1:b318:2776 with SMTP id
j6-20020a170902c3c600b001a1b3182776mr9639476plj.0.1680214023234; Thu, 30 Mar
2023 15:07:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:6a10:ed26:b0:40a:cf16:e00f with HTTP; Thu, 30 Mar 2023
15:07:02 -0700 (PDT)
From: Herr Gomez Rodrigo
Date: Fri, 31 Mar 2023 05:07:02 +0700
Message-ID:
Subject:
To: dlennick
Content-Type: text/plain; charset="UTF-8"
X-Spam_score: 6.7
X-Spam_score_int: 67
X-Spam_bar: ++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://i1bxu.app.link/YQgYxaIbxyb
Content analysis details: (6.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.214.195 listed in list.dnswl.org]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist
[URI: i1bxu.app.link]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[anonimjava890(at)gmail.com]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[anonimjava890(at)gmail.com]
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.0 TVD_SPACE_RATIO No description available.
-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)
[209.85.214.195 listed in wl.mailspike.net]
-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders
1.7 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
2.4 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
Subject: {SPAM?}
https://i1bxu.app.link/YQgYxaIbxyb
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments