link spam from Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 18 May 2023 06:59:02 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from)
id 1pzdDW-000Eie-9l
for dave@doctor.nl2k.ab.ca;
Thu, 18 May 2023 06:58:50 -0600
Resent-From: The Doctor
Resent-Date: Thu, 18 May 2023 06:58:50 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-ed1-f51.google.com ([209.85.208.51]:56628)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from)
id 1pzd26-000DAR-BJ
for root@doctor.nl2k.ab.ca;
Thu, 18 May 2023 06:47:06 -0600
Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-50bcb00a4c2so2994844a12.1
for; Thu, 18 May 2023 05:45:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684413897; x=1687005897;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=a5YWYXtil2SfQeyzYgI5aSfWT1s2MkIedSitud5e3Tw=;
b=oBzOdctpOo85RbA9on5MQvIaotJx5+694U3zRPNHuID97h5KtN5hS0jzyPLEPia/Cx
XCClWXNtbT+vzErsNZ6eB9XiYyp+vUyiC5rzPQXX9rfX5FvB1Rynu/OyCwvVXTJ+bUpr
c9GsBUbXXTIC7IvHuVjTXTqCjaB4VrEKkgG4TWMW2K6K50YetqmD/7znYhEjohy+dAfv
vxJ/r5A7EA8cdK73pgy8Dgbspn+ZXwyutNvolZ9x4HnAFkaPiY7HXp3yUCWiy05aiiH2
SaAWwOkgEXwUt2e/zMpwYAFt7cyUjMNZ7BguZbxjerNq7mIR4lQ/BfQuIbUIxKiJRzdk
+j6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684413897; x=1687005897;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=a5YWYXtil2SfQeyzYgI5aSfWT1s2MkIedSitud5e3Tw=;
b=PXCQlv7WsA3D8cYRHW2Bti9nGwnrIVzBb5ztTmAmIXz7ST7ulIEHJYu2ADWcxxuOZC
dhOi7uHoajHLqQCwivmwOWkq1sXWCQ96ZsHZVjw/ykirXGIGP+1HVDVyk34eST6BI2MJ
lYKbbFn0yE0rrjUcn65rZu0+HwzKOW2AP4aBCJKuAR64cjer/2nW7j8GxDA01I3za+nP
lB8RinnTGB/KhmajfOh9IFA/T4OuBRPgj22LEa++hHMImCFuM/kK272dCz79wGJxufJa
qL+ipOBjNd2toAnLxsTyFm41USGoYjIQdPBVumiLnILZalRdOtp8IJJvkoPR6C0DuC8e
qP9g==
X-Gm-Message-State: AC+VfDzeLzkCjqHD4qkHrjDIrEducSM/nZPfXbbl2Q8T9kSkCky6KHg3
Wxt5la+bcY0XcYsv5Wq1XtRYgyiuk0HgIZL/Vx4=
X-Google-Smtp-Source: ACHHUZ6iZLtrB1J7lo5KmAi3NT3soPz4jvgrEjqSQPYDfkg4iDYn+0dqd1Cpg9a8qFUd1FwpyCZttTDwTmCt6JqYfwc=
X-Received: by 2002:a05:6402:1243:b0:50d:dba8:c64a with SMTP id
l3-20020a056402124300b0050ddba8c64amr4397236edw.18.1684413896945; Thu, 18 May
2023 05:44:56 -0700 (PDT)
MIME-Version: 1.0
From: "evs_idea@yahoo.com"
Date: Thu, 18 May 2023 12:44:46 +0000
Message-ID:
Subject:
To: mpboucher, mpol , nacyki ,
nlangmuir, patrickhenault1 ,
pierre tremblay, romarnal ,
romtrade mtl, root
Content-Type: multipart/alternative; boundary="000000000000fb745605fbf72bd5"
X-Spam_score: 8.6
X-Spam_score_int: 86
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://bit.ly/3MeMkhA https://bit.ly/3MeMkhA
Content analysis details: (8.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.208.51 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[wekk630(at)gmail.com]
2.5 SORTED_RECIPS Recipient list is sorted by address
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[wekk630(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.208.51 listed in wl.mailspike.net]
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.7 PDS_FROM_2_EMAILS No description available.
0.4 NAME_EMAIL_DIFF Sender NAME is an unrelated email address
0.0 TVD_SPACE_RATIO No description available.
2.8 POSSIBLE_GMAIL_PHISHER Apparent phishing email sent from a gmail
account
0.0 T_TONOM_EQ_TOLOC_SHRT_PSHRTNER Short subject with potential shortener
and To:name eq To:local
1.0 FROM_2_EMAILS_SHORT Short body and From looks like 2 different emails
1.2 BODY_SINGLE_URI Message body is only a URI
Subject: {SPAM?}
X-Antivirus: AVG (VPS 230517-10, 5/17/2023), Inbound message
X-Antivirus-Status: Clean
--000000000000fb745605fbf72bd5
Content-Type: text/plain; charset="UTF-8"
https://bit.ly/3MeMkhA
--000000000000fb745605fbf72bd5
Content-Type: text/html; charset="UTF-8"
https://bit.ly/3MeMkhA
--000000000000fb745605fbf72bd5--
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Thu, 18 May 2023 06:59:02 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))
(envelope-from
id 1pzdDW-000Eie-9l
for dave@doctor.nl2k.ab.ca;
Thu, 18 May 2023 06:58:50 -0600
Resent-From: The Doctor
Resent-Date: Thu, 18 May 2023 06:58:50 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-ed1-f51.google.com ([209.85.208.51]:56628)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.95 (FreeBSD))
(envelope-from
id 1pzd26-000DAR-BJ
for root@doctor.nl2k.ab.ca;
Thu, 18 May 2023 06:47:06 -0600
Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-50bcb00a4c2so2994844a12.1
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684413897; x=1687005897;
h=to:subject:message-id:date:from:mime-version:from:to:cc:subject
:date:message-id:reply-to;
bh=a5YWYXtil2SfQeyzYgI5aSfWT1s2MkIedSitud5e3Tw=;
b=oBzOdctpOo85RbA9on5MQvIaotJx5+694U3zRPNHuID97h5KtN5hS0jzyPLEPia/Cx
XCClWXNtbT+vzErsNZ6eB9XiYyp+vUyiC5rzPQXX9rfX5FvB1Rynu/OyCwvVXTJ+bUpr
c9GsBUbXXTIC7IvHuVjTXTqCjaB4VrEKkgG4TWMW2K6K50YetqmD/7znYhEjohy+dAfv
vxJ/r5A7EA8cdK73pgy8Dgbspn+ZXwyutNvolZ9x4HnAFkaPiY7HXp3yUCWiy05aiiH2
SaAWwOkgEXwUt2e/zMpwYAFt7cyUjMNZ7BguZbxjerNq7mIR4lQ/BfQuIbUIxKiJRzdk
+j6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684413897; x=1687005897;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=a5YWYXtil2SfQeyzYgI5aSfWT1s2MkIedSitud5e3Tw=;
b=PXCQlv7WsA3D8cYRHW2Bti9nGwnrIVzBb5ztTmAmIXz7ST7ulIEHJYu2ADWcxxuOZC
dhOi7uHoajHLqQCwivmwOWkq1sXWCQ96ZsHZVjw/ykirXGIGP+1HVDVyk34eST6BI2MJ
lYKbbFn0yE0rrjUcn65rZu0+HwzKOW2AP4aBCJKuAR64cjer/2nW7j8GxDA01I3za+nP
lB8RinnTGB/KhmajfOh9IFA/T4OuBRPgj22LEa++hHMImCFuM/kK272dCz79wGJxufJa
qL+ipOBjNd2toAnLxsTyFm41USGoYjIQdPBVumiLnILZalRdOtp8IJJvkoPR6C0DuC8e
qP9g==
X-Gm-Message-State: AC+VfDzeLzkCjqHD4qkHrjDIrEducSM/nZPfXbbl2Q8T9kSkCky6KHg3
Wxt5la+bcY0XcYsv5Wq1XtRYgyiuk0HgIZL/Vx4=
X-Google-Smtp-Source: ACHHUZ6iZLtrB1J7lo5KmAi3NT3soPz4jvgrEjqSQPYDfkg4iDYn+0dqd1Cpg9a8qFUd1FwpyCZttTDwTmCt6JqYfwc=
X-Received: by 2002:a05:6402:1243:b0:50d:dba8:c64a with SMTP id
l3-20020a056402124300b0050ddba8c64amr4397236edw.18.1684413896945; Thu, 18 May
2023 05:44:56 -0700 (PDT)
MIME-Version: 1.0
From: "evs_idea@yahoo.com"
Date: Thu, 18 May 2023 12:44:46 +0000
Message-ID:
Subject:
To: mpboucher
nlangmuir
pierre tremblay
romtrade mtl
Content-Type: multipart/alternative; boundary="000000000000fb745605fbf72bd5"
X-Spam_score: 8.6
X-Spam_score_int: 86
X-Spam_bar: ++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: https://bit.ly/3MeMkhA https://bit.ly/3MeMkhA
Content analysis details: (8.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.208.51 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[wekk630(at)gmail.com]
2.5 SORTED_RECIPS Recipient list is sorted by address
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit
[wekk630(at)gmail.com]
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.208.51 listed in wl.mailspike.net]
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
0.7 PDS_FROM_2_EMAILS No description available.
0.4 NAME_EMAIL_DIFF Sender NAME is an unrelated email address
0.0 TVD_SPACE_RATIO No description available.
2.8 POSSIBLE_GMAIL_PHISHER Apparent phishing email sent from a gmail
account
0.0 T_TONOM_EQ_TOLOC_SHRT_PSHRTNER Short subject with potential shortener
and To:name eq To:local
1.0 FROM_2_EMAILS_SHORT Short body and From looks like 2 different emails
1.2 BODY_SINGLE_URI Message body is only a URI
Subject: {SPAM?}
X-Antivirus: AVG (VPS 230517-10, 5/17/2023), Inbound message
X-Antivirus-Status: Clean
--000000000000fb745605fbf72bd5
Content-Type: text/plain; charset="UTF-8"
https://bit.ly/3MeMkhA
--000000000000fb745605fbf72bd5
Content-Type: text/html; charset="UTF-8"
https://bit.ly/3MeMkhA
--000000000000fb745605fbf72bd5--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments