Investment spam from Google Gmail
Posted by Dave Yadallee on
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 29 Jul 2024 17:54:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))
(envelope-from)
id 1sYaB3-00000000EOS-29Sd
for dave@doctor.nl2k.ab.ca;
Mon, 29 Jul 2024 17:53:17 -0600
Resent-From: The Doctor
Resent-Date: Mon, 29 Jul 2024 17:53:17 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f68.google.com ([209.85.167.68]:45417)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.98 (FreeBSD))
(envelope-from)
id 1sYXBZ-00000000844-2AsA
for root@nk.ca;
Mon, 29 Jul 2024 14:41:40 -0600
Received: by mail-lf1-f68.google.com with SMTP id 2adb3069b0e04-52efd8807aaso6019683e87.3
for; Mon, 29 Jul 2024 13:39:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1722285575; x=1722890375; darn=nk.ca;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=k0YOn0Jwzh8ivb9SX56L3+OTQ+6sQjKauuhJWHNXtiw=;
b=kgH+inPKcvrHdHzQ4+n2mKWEqvYIHJnQnaqUNfRknN2k3synfLfg8d7Xa73x4LI4E+
28F66EHmh2uhHGPiPOVWBb//HJb09/oCQ9Rh//Cf48h3tbnhX8vGazrknj0OabLOYh8U
yeROfwNR3Bi1oNqvRx9TDUwYfN3X+01ErTOHSU/G4NLIOz9Z1kuC/L+XnGSwl4pWTg6z
WHvDRn47VBx3dEBzMPyLDUXRgNEbxdRCFPVEECiYkJuiBjt5B4geqPbpzAG4CPV6/MOQ
VGkvD5u6uMDU3l6N0ofZQQdwFnjgF4OrPGzS98IPaLjAIxwujWnZOrUTVNMdJuXS4CtV
7UJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1722285575; x=1722890375;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=k0YOn0Jwzh8ivb9SX56L3+OTQ+6sQjKauuhJWHNXtiw=;
b=J0BXjC1INC8fHD6EjZWRv8JbiF+4PqlvN49qA/oa4pedyYz++NCzegYOd4zZv1LYWe
Jn9v6GpoAMPK0/+YzmidCjbFbUWdKXmrEDqzAseaTv9jKw3z28oN7WR4nD8VVjAgugEE
q8QCNcEEf2smwDlyBOgV1QgR2aA87P1yoGkuItkbHEyuXRBd4oIB/x8uyn+nAi+y+GEv
tkKYwJSMahEfFEZNIns7fpBakjnq7khxye3kP8AXXzG+HiR78L+83ymOVaDsFf2pP4Jx
rmg6SLxIRfY5+o/MQCiGouxtbv6EWvoFyOfGQj2DuLqO7wnNye1Qm3o6cTkXaf/K8JZ5
TZaw==
X-Gm-Message-State: AOJu0YzxhVHVscQipon/ohQK9dAq3RsI9NPcEzde383EMTm55BxTBXr9
V61F+vbz5tn5k80VgpUOssiWz82JufaX5CwkzvZlmI5ZokJ6sHAFIpoDuyRRLP0DrvALRBR60oY
WxQj6vXkohDz3/cADf593cwCdvbEgepIICboeKe9c
X-Google-Smtp-Source: AGHT+IEKyd4XjtxHMT0bSQgDjm7cXq8CgNnPT3lgXgJVOzFj2H/YK8hudJebLJetl+azLzPIMaWdPWazaTa8u06duS8=
X-Received: by 2002:a19:380d:0:b0:52f:1a0:b49 with SMTP id 2adb3069b0e04-5309b28e808mr5380049e87.31.1722285574818;
Mon, 29 Jul 2024 13:39:34 -0700 (PDT)
MIME-Version: 1.0
Reply-To: msemmadjonge@gmail.com
From: "Ms. Emma de Jonge"
Date: Mon, 29 Jul 2024 21:39:10 +0100
Message-ID:
Subject: Dave Yadallee
To: root@nk.ca
Content-Type: multipart/alternative; boundary="000000000000e394c7061e68db66"
X-Spam_score: 5.6
X-Spam_score_int: 56
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello, I wish to inquire if you are open to new business opportunities
in crude oil brokerage? Kindly get back to me if interested. Kind regards,
Ms. Emma de Jonge Hello, I wish to inquire if you are open to new business
opportunities in crude oil brokerage? Kindly get back to me if interested.
Content analysis details: (5.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.68 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.68 listed in wl.mailspike.net]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[msemadjonge(at)gmail.com]
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
Subject: {SPAM?} Dave Yadallee
--000000000000e394c7061e68db66
Content-Type: text/plain; charset="UTF-8"
Hello, I wish to inquire if you are open to new business opportunities in
crude oil brokerage? Kindly get back to me if interested.
Kind regards,
Ms. Emma de Jonge
--000000000000e394c7061e68db66
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
nature" data-smartmail=3D"gmail_signature">
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 29 Jul 2024 17:54:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))
(envelope-from
id 1sYaB3-00000000EOS-29Sd
for dave@doctor.nl2k.ab.ca;
Mon, 29 Jul 2024 17:53:17 -0600
Resent-From: The Doctor
Resent-Date: Mon, 29 Jul 2024 17:53:17 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from mail-lf1-f68.google.com ([209.85.167.68]:45417)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256
(Exim 4.98 (FreeBSD))
(envelope-from
id 1sYXBZ-00000000844-2AsA
for root@nk.ca;
Mon, 29 Jul 2024 14:41:40 -0600
Received: by mail-lf1-f68.google.com with SMTP id 2adb3069b0e04-52efd8807aaso6019683e87.3
for
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1722285575; x=1722890375; darn=nk.ca;
h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
:subject:date:message-id:reply-to;
bh=k0YOn0Jwzh8ivb9SX56L3+OTQ+6sQjKauuhJWHNXtiw=;
b=kgH+inPKcvrHdHzQ4+n2mKWEqvYIHJnQnaqUNfRknN2k3synfLfg8d7Xa73x4LI4E+
28F66EHmh2uhHGPiPOVWBb//HJb09/oCQ9Rh//Cf48h3tbnhX8vGazrknj0OabLOYh8U
yeROfwNR3Bi1oNqvRx9TDUwYfN3X+01ErTOHSU/G4NLIOz9Z1kuC/L+XnGSwl4pWTg6z
WHvDRn47VBx3dEBzMPyLDUXRgNEbxdRCFPVEECiYkJuiBjt5B4geqPbpzAG4CPV6/MOQ
VGkvD5u6uMDU3l6N0ofZQQdwFnjgF4OrPGzS98IPaLjAIxwujWnZOrUTVNMdJuXS4CtV
7UJA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1722285575; x=1722890375;
h=to:subject:message-id:date:from:reply-to:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=k0YOn0Jwzh8ivb9SX56L3+OTQ+6sQjKauuhJWHNXtiw=;
b=J0BXjC1INC8fHD6EjZWRv8JbiF+4PqlvN49qA/oa4pedyYz++NCzegYOd4zZv1LYWe
Jn9v6GpoAMPK0/+YzmidCjbFbUWdKXmrEDqzAseaTv9jKw3z28oN7WR4nD8VVjAgugEE
q8QCNcEEf2smwDlyBOgV1QgR2aA87P1yoGkuItkbHEyuXRBd4oIB/x8uyn+nAi+y+GEv
tkKYwJSMahEfFEZNIns7fpBakjnq7khxye3kP8AXXzG+HiR78L+83ymOVaDsFf2pP4Jx
rmg6SLxIRfY5+o/MQCiGouxtbv6EWvoFyOfGQj2DuLqO7wnNye1Qm3o6cTkXaf/K8JZ5
TZaw==
X-Gm-Message-State: AOJu0YzxhVHVscQipon/ohQK9dAq3RsI9NPcEzde383EMTm55BxTBXr9
V61F+vbz5tn5k80VgpUOssiWz82JufaX5CwkzvZlmI5ZokJ6sHAFIpoDuyRRLP0DrvALRBR60oY
WxQj6vXkohDz3/cADf593cwCdvbEgepIICboeKe9c
X-Google-Smtp-Source: AGHT+IEKyd4XjtxHMT0bSQgDjm7cXq8CgNnPT3lgXgJVOzFj2H/YK8hudJebLJetl+azLzPIMaWdPWazaTa8u06duS8=
X-Received: by 2002:a19:380d:0:b0:52f:1a0:b49 with SMTP id 2adb3069b0e04-5309b28e808mr5380049e87.31.1722285574818;
Mon, 29 Jul 2024 13:39:34 -0700 (PDT)
MIME-Version: 1.0
Reply-To: msemmadjonge@gmail.com
From: "Ms. Emma de Jonge"
Date: Mon, 29 Jul 2024 21:39:10 +0100
Message-ID:
Subject: Dave Yadallee
To: root@nk.ca
Content-Type: multipart/alternative; boundary="000000000000e394c7061e68db66"
X-Spam_score: 5.6
X-Spam_score_int: 56
X-Spam_bar: +++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hello, I wish to inquire if you are open to new business opportunities
in crude oil brokerage? Kindly get back to me if interested. Kind regards,
Ms. Emma de Jonge Hello, I wish to inquire if you are open to new business
opportunities in crude oil brokerage? Kindly get back to me if interested.
Content analysis details: (5.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
[209.85.167.68 listed in dnsbl.ahbl.org]
1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org
[209.85.167.68 listed in dnsbl.ahbl.org]
1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
[209.85.167.68 listed in will-spam-for-food.eu.org]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[209.85.167.68 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[209.85.167.68 listed in wl.mailspike.net]
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
[msemadjonge(at)gmail.com]
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
Subject: {SPAM?} Dave Yadallee
--000000000000e394c7061e68db66
Content-Type: text/plain; charset="UTF-8"
Hello, I wish to inquire if you are open to new business opportunities in
crude oil brokerage? Kindly get back to me if interested.
Kind regards,
Ms. Emma de Jonge
--000000000000e394c7061e68db66
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
nature" data-smartmail=3D"gmail_signature">
Hello, I w=
ish to inquire if you are open to new business opportunities in crude oil b=
rokerage? Kindly get back to me if interested.
ish to inquire if you are open to new business opportunities in crude oil b=
rokerage? Kindly get back to me if interested.
Kin=
d regards,
d regards,
Ms. Emma de Jonge
--000000000000e394c7061e68db66--
Trackbacks
Trackback specific URI for this entryThis link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.
No Trackbacks
Comments
Display comments as Linear | ThreadedNo comments