Domain name spam from Google Gmail

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Sep 2024 10:39:02 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1sqauX-00000000Kpb-1b9i

for dave@doctor.nl2k.ab.ca;

Tue, 17 Sep 2024 10:18:41 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Sep 2024 10:18:40 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lf1-f53.google.com ([209.85.167.53]:47383)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98 (FreeBSD))

(envelope-from )

id 1sqZqI-00000000GW9-46UJ

for sales@nk.ca;

Tue, 17 Sep 2024 09:10:19 -0600

Received: by mail-lf1-f53.google.com with SMTP id 2adb3069b0e04-535be093a43so7107882e87.3

for ; Tue, 17 Sep 2024 08:08:20 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1726585693; x=1727190493; darn=nk.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=uiEUqOtHt55KsCtmhXA47RgB5vGLLlq42jnU5/LArHs=;

b=TABfuClrjpk3iF5rnb1XOGXDqpERBnEnyWU/hYF8Y3aaJsaSNSaRVAWdOH2d80tIhy

o992H4+m+QgLAt4VECZafYHlK8M8JmFobe6/cN89y4kAFDoL0cNWL1MvN22fieO8oP76

otfSkb5mMG6OnbO+Sq800mYpD/8wVaJCeQtWX8pITr8sEjrDTcGSSGh/jOvUGIxEKwOV

doqDoIq/srgrNZthn4BpF5F9jD2l1JZUtnZlz3wQNEGmSilXr6z80B908YzBHXrfZKzK

cPhQgYXtpyUnC+6/uOCThP+7+0m+inYjNYjCpu+G9KtgduvDHGc4f3fquE9UTJWbye4d

Gf0w==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1726585693; x=1727190493;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=uiEUqOtHt55KsCtmhXA47RgB5vGLLlq42jnU5/LArHs=;

b=FkWy6sm5fRehVfGdsm9jFpjk+7gtpn2znKFOMx3C6RuIrsjCCIoCtRcNSWpxA/k6sc

VE9/YorIsozvQFP1jgXyTepMNrFY0HCFGv+kP7fE1NpigjwcP3Z1XG83CJNeryr7fpTb

uzQ/0P+NMcJqb4L13UNGNlFhALlp0w7WK56d53vV0CuKpTjWafSxFXTbmhNbdITCYScu

PegOxgJznke604SK+DjnBu1kQ9m9egkiFSHd6VWzbLGboxSa2/CuD0dLhVpQxcux6DKK

G65ZBikm+kfATSPoz1gjwszudHks8yVeVZs7hyCeJ8ws6Vp40p+CXI333hO0erzj2EAg

NKpQ==

X-Gm-Message-State: AOJu0YxWauo16SsAZLP0TenbcqGkQ8ejNVU3XDERQ/2Az0/jGzblTNSL

HzZNgDwqHvupkNM7ewZu0JKeBzmyc8DoXgY9H0AqHwNUyV4uAuyVzIXTx0on8bLuLAgOsmuay+x

9Lb7jqjEyCpGX+GdaCY4s+o87nSbfee4O

X-Google-Smtp-Source: AGHT+IEYZAu1MQBzdkdBenKb7qbGd52II1LUoMd6FyPAzJ8rq2nMxW3iJvtOMp9IjKodOj3KRmQmwQiZkeHoR1NpfJQ=

X-Received: by 2002:a05:6512:ba8:b0:530:ae4a:58d0 with SMTP id

2adb3069b0e04-53678fb1d2bmr10613355e87.8.1726585692790; Tue, 17 Sep 2024

08:08:12 -0700 (PDT)

Received: from 326440123436 named unknown by gmailapi.google.com with

HTTPREST; Tue, 17 Sep 2024 08:08:12 -0700

MIME-Version: 1.0

From: Ezekiel Laolu

X-Streak-Sequence-Data: action-key=acn_CH6ETPjt7XQQhGBDcA; recipient-key=rcp_CH6EPGCurs3NmMkIlw

Date: Tue, 17 Sep 2024 08:08:12 -0700

Message-ID:

Subject: Domain Acquisition

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="000000000000e4a9b20622520eeb"

X-Spam_score: 6.4

X-Spam_score_int: 64

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Just a quick note to inform you that BroadbandAlberta.com

is on sale for just $299 Take advantage of this opportunity!



Content analysis details: (6.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

[209.85.167.53 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.53 listed in dnsbl.ahbl.org]

[209.85.167.53 listed in dnsbl.ahbl.org]

[209.85.167.53 listed in dnsbl.ahbl.org]

[209.85.167.53 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.53 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.53 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.53 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.53 listed in dnsbl.ahbl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.53 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.167.53 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ezekielprodomains(at)gmail.com]

1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

-0.0 T_SCC_BODY_TEXT_LINE No description available.

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} Domain Acquisition



--000000000000e4a9b20622520eeb

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hi,



Just a quick note to inform you that BroadbandAlberta.com is on sale for

just $299



Take advantage of this opportunity!



Visit www.BroadbandAlberta.com to complete this acquisition or acquire via

godaddy marketplace



Warm regards

=E1=90=A7



--000000000000e4a9b20622520eeb

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hi,

Just a quick note to inform you that BroadbandA=

lberta.com is on sale for just $299

Take advantage of this opportuni=

ty!

Visit =C2=A0www.Broa=

dbandAlberta.com
to complete this acquisition or acquire via godaddy ma=

rketplace

Warm regards


3D""
=3D"width:0px;max-height:0px;overflow:hidden" src=3D"https://mailfoogae.app=

spot.com/t?sender=3DaZXpla2llbHByb2RvbWFpbnNAZ21haWwuY29t&type=3Dzeroco=

ntent&guid=3D36423add-c54a-4136-9b76-1392c8b5f4d8">
ff" size=3D"1">=E1=90=A7




--000000000000e4a9b20622520eeb--

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA 1CAPTCHA 2CAPTCHA 3CAPTCHA 4CAPTCHA 5


Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA 1CAPTCHA 2CAPTCHA 3CAPTCHA 4CAPTCHA 5