CAA Phish from telus.com

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 30 Sep 2024 09:31:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98 (FreeBSD))

(envelope-from )

id 1svILm-00000000NZJ-3BgR

for dave@doctor.nl2k.ab.ca;

Mon, 30 Sep 2024 09:30:14 -0600

Resent-From: The Doctor

Resent-Date: Mon, 30 Sep 2024 09:30:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [108.181.130.12] (port=43897 helo=y99e1w115a1a51sesd.edu)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98 (FreeBSD))

(envelope-from )

id 1svH6o-00000000L94-0gw0

for doctor@netknow.ca;

Mon, 30 Sep 2024 08:10:47 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mein.gmx;

s=s31663417; t=1727705214; x=1728310014;

i=clientassistancemaj@mein.gmx;

bh=WCgjR7CKVJQRjrmAGhihDF24n4UrX/ZozaJlovTW0Gk=;

h=X-UI-Sender-Class:MIME-Version:Message-ID:From:To:Subject:

Content-Type:Date:cc:content-transfer-encoding:content-type:date:

from:message-id:mime-version:reply-to:subject:to;

b=bVYYehCvMUn0qiAZ4IJVUCoMhwXfV3DcEtISdGdxEifWXkDMc/zdnsZ7E08AMD5n

EKr0G/9xQae7oJMIzIrphodTiya2pZkkEm3TQIwy4NTDnjb6aIZU1TX0ma5UhXLTB

NH8+fG3PBuYzCTpsur1yU00WqqmnJkiZ428/H+eQWhMfGJXr5ro2Z2vpJVdv+tz+O

dzcF0e27y/fsKZS7ufbWhBvPIPWu5Avx8tHoQ6qJ7wOCl0/ZSD6/gPmcZiJphJeo2

sHMHZwJSFDfeGQZEN+0ak+sZgK3NKLs6omNiazpr5T3hRKUlnGmPZC7509iHLh729

SUjbp3VFIBqfLiNTLw==

X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a

MIME-Version: 1.0

Message-ID:

From: The CAA - Exclusive Notice

To: margarettebickle@gmail.com

Subject: Your Selection #80721 - Action Needed

Content-Type: text/html; charset=UTF-8

Date: Mon, 30 Sep 2024 16:06:54 +0200

Importance: normal

Sensitivity: Normal

X-Priority: 3

X-Provags-ID: V03:K1:pjGqF6PrQA9KXFdtVAPoX5evfSj08LXZdP2O0RCVtJdux/NE6WvYO4k5UER99z1Ytqnv7

3re1zLS11WPvZ3/OnT8Nrryuppr2YYk7qVecyuGDvfYiBBtpiPCyZnMP37w/bjuJ1WX/WB+Xv2Nk

rL0VDcadxuIOM7buJBFTMxV2++ALylMaxTnOl+aMND4il6hKBhRYg192z2s9pt8PXqYDRzRkcZX6

sBkKXngakafiaoaQxPJEmmbgges0cYwWDmCFN+TVHNbjPOh+/+XlKACeqp4MicisHZ7GyDBFOW35

ao=

X-Spam-Flag: NO

UI-OutboundReport: notjunk:1;M01:P0:/cyWs+eCPU4=;eyld0BJY15481GhZF4HYVbqjt/4

7ahSErMKqAQi+9FnnW3Xu/uUQiyVOGcA7Ay7LC3uIpWbYdoHoBfJTEfNzf2sAnE5mjytACuTl

14UjUmRiTg1UFnK7e3kdZlynATz93ibdsUlJSByECuaZ/7Qjb9uZ2tmhRmejdXdZprH0XKD3u

QU76M2Al0/AVknrd35RBpbtsJZlxC+8Lj9zgG3xfr7KNKgU366CyLcBtToYGzVSqvS2LxWJFy

YcWSDLat1se/u7CODmKASCBU9HamC6tV2uGAC81maaAnyKr0mMpBT3cECqWupWeu8DIoY0FVT

8VsVi7XJ4u2BF3j9Auiz7I95KO6sd3ckazR1K2TDsgbcLrWq5QpCxwja7NGxHN9Isd4/LfMfo

wSJ8BiCuWGoPmXT+Fgi0fs++YwdqsbZFFlrXqn4nGkpSnoN3iNmot7vq/SaobYNa9laUjPW4k

KVMoIEnEq4En4SFSE0+wt64zuUWmYiKVCq7fqJS7yNNFY+AVKKIDVNwKFb6od1DXZoM05+GEQ

AGEkCP4XWFJ02Cp207PW7Oml19zmV46E7xaTyFz8tu7U3S+MUVKzjQ/RJ9mWpWt4QMKGFy74p

6HsZmLfRDayGVkRVDE61NgnT0HFtVnVZh5VZpvRNONFCLK7cekL1oz0s70pNQj3/MNU3rgi69

WCZ1sbuwTSU9q4t6pvrlUp203O8YzPJ8/KSy9e2ItF+t7+E1+dsXXhtcVNv8OAkoF4Fw2is6o

EvYwrH7RjzIQ2D17BQrTn+R1xeHrwKTTg==

X-Spam_score: 16.0

X-Spam_score_int: 160

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: The one item you hope you’ll never need—but should have!





Content analysis details: (16.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

[108.181.130.12 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[108.181.130.12 listed in dnsbl.ahbl.org]

[108.181.130.12 listed in dnsbl.ahbl.org]

[108.181.130.12 listed in dnsbl.ahbl.org]

[108.181.130.12 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[108.181.130.12 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[108.181.130.12 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[108.181.130.12 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[108.181.130.12 listed in dnsbl.ahbl.org]

0.7 SPF_NEUTRAL SPF: sender does not match SPF record (neutral)

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

1.6 HTML_IMAGE_ONLY_12 BODY: HTML: images with 800-1200 bytes of words

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.3 HTML_SHORT_LINK_IMG_2 HTML is very short with a linked image

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

2.9 GOOG_STO_NOIMG_HTML Apparently using google content hosting to avoid

URIBL

1.0 XPRIO Has X-Priority header

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} Your Selection #80721 - Action Needed









Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA