DHL Phish from teksavvy.com

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 14 Jun 2024 00:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1sI0Vu-000000003ZQ-1rjG

for dave@doctor.nl2k.ab.ca;

Fri, 14 Jun 2024 00:34:18 -0600

Resent-From: The Doctor

Resent-Date: Fri, 14 Jun 2024 00:34:18 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from pmg-pub-smtp1.teksavvy.com ([76.10.175.137]:52460)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.97.1 (FreeBSD))

(envelope-from )

id 1sHtPg-00000000KBT-3Kdk

for doctor@nl2k.ab.ca;

Thu, 13 Jun 2024 16:59:38 -0600

Received: from pmg-pub-smtp1.teksavvy.com (localhost.localdomain [127.0.0.1])

by pmg-pub-smtp1.teksavvy.com (Proxmox) with ESMTP id 2AFA534C1FA1;

Thu, 13 Jun 2024 18:57:25 -0400 (EDT)

Received: from [51.89.204.27] (23-233-38-178.cpe.pppoe.ca [23.233.38.178])

by pmg-pub-smtp1.teksavvy.com (Proxmox) with ESMTP id F178734C1C4E;

Thu, 13 Jun 2024 18:57:00 -0400 (EDT)

Content-Type: multipart/alternative; boundary="===============0430008566=="

MIME-Version: 1.0

Subject: Important Notification

To: DHL EXPRESS

From:

Date: Thu, 13 Jun 2024 15:56:30 -0700

X-Mailer: MIME::Lite 2.117 (F2.6; B2.12; Q2.03)

Message-Id: <20240613225725.2AFA534C1FA1@pmg-pub-smtp1.teksavvy.com>

X-Spam_score: 5.2

X-Spam_score_int: 52

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Important Notification Dear customer, Your package is waiting

for delivery. Please confirm the payment 1.99 on the link below, The online

verification needs to be done in less than 24H before the pac [...]



Content analysis details: (5.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[76.10.175.137 listed in dnsbl.ahbl.org]

[76.10.175.137 listed in dnsbl.ahbl.org]

[76.10.175.137 listed in dnsbl.ahbl.org]

[76.10.175.137 listed in dnsbl.ahbl.org]

[23.233.38.178 listed in dnsbl.ahbl.org]

[23.233.38.178 listed in dnsbl.ahbl.org]

[23.233.38.178 listed in dnsbl.ahbl.org]

[23.233.38.178 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[76.10.175.137 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[76.10.175.137 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[76.10.175.137 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[76.10.175.137 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[23.233.38.178 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

[76.10.175.137 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[76.10.175.137 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_IMAGE_ONLY_32 BODY: HTML: images with 2800-3200 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 T_SCC_BODY_TEXT_LINE No description available.

Subject: {SPAM?} Important Notification



You will not see this in a MIME-aware mail reader.

--===============0430008566==

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body



=



Important Notification

Dear customer,

Your package is waiting for delivery. Please confirm the payment 1.99 on t=

he link below,

The online verification needs to be done in less than 24H before the packa=

ge is sent back.

Make Payment =A9 Validity of information confirmed at the time of dispatc=

h.

=A9 DHL Express Limited 2024. All rights reserved.

=20



--===============0430008566==

Content-Type: text/html; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body




=3Diso-8859-1"/>

ium; MAX-WIDTH: 600px; FONT-FAMILY: Arial, sans-serif; WHITE-SPACE: normal;=

WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,=

0); PADDING-BOTTOM: 20px; FONT-STYLE: normal; TEXT-ALIGN: center; PADDING-T=

OP: 20px; PADDING-LEFT: 20px; ORPHANS: 2; WIDOWS: 2; MARGIN: 0px auto; DISP=

LAY: flex; LETTER-SPACING: normal; PADDING-RIGHT: 20px; BACKGROUND-COLOR: r=

gb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-var=

iant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thicknes=

s: initial; text-decoration-style: initial; text-decoration-color: initial;=

border-radius: 8px; box-shadow: rgba(0, 0, 0, 0.1) 0px 4px 8px; flex-direc=

tion: column; align-items: center">


: 100px" alt=3D"DHL Logo" src=3D"https://www.openpricer.com/wp-content/uplo=

ads/2021/10/dhl-round-logo-200x200.png">




Important Notification






NE-HEIGHT: 1.6">Dear customer,




NE-HEIGHT: 1.6">Your package is waiting for delivery. Please confirm the pa=

yment 1.99 on the link below,




NE-HEIGHT: 1.6">The online verification needs to be done in less than 24H b=

efore the package is sent back.






f; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGH=

T: 400; COLOR: rgb(102,102,102); PADDING-BOTTOM: 20px; FONT-STYLE: normal; =

TEXT-ALIGN: center; PADDING-TOP: 20px; PADDING-LEFT: 20px; ORPHANS: 2; WIDO=

WS: 2; LETTER-SPACING: normal; PADDING-RIGHT: 20px; BACKGROUND-COLOR: rgb(2=

45,245,245); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant=

-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: i=

nitial; text-decoration-style: initial; text-decoration-color: initial; bor=

der-radius: 0px 0px 8px 8px">

=A9 Validity of information confirmed at the time of dispatch.



=A9 DHL Express Limited 2024. All rights reserved.



 



--===============0430008566==--

I1.68KL0LD41.6KI2.17KwhoissourceRank12.7MPIN0Summary reportDiagnosisDensity00n/a

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA