walmart phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 17 Jan 2026 09:08:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh8pY-00000000LTV-3GKe

for dave@doctor.nl2k.ab.ca;

Sat, 17 Jan 2026 09:07:16 -0700

Resent-From: The Doctor

Resent-Date: Sat, 17 Jan 2026 09:07:16 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.menbdsr.cc ([163.44.121.134]:41118)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh8Tc-00000000J8Y-15Q1

for doctor@nl2k.ab.ca;

Sat, 17 Jan 2026 08:44:43 -0700

Authentication-Results: mail.menbdsr.cc;

auth=pass (login)

Message-ID: <8deb0ca15aea5c4d73fa2fcb294f45ff@menbdsr.cc>

From: Walmart

To: doctor

Subject: Your Walmart Rewards points are available

Date: Sun, 18 Jan 2026 00:43:45 +0900

X-Priority: 3

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Received: from localhost (Unknown [127.0.0.1])

by mail.menbdsr.cc (Haraka) with ESMTPSA id B1F310CD-E613-4761-BAB2-F947EB367EA4.1

envelope-from

tls TLS_AES_256_GCM_SHA384 (authenticated bits=0);

Sat, 17 Jan 2026 23:43:46 +0800

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=menbdsr.cc;

h=Content-Transfer-Encoding: Content-Type: MIME-Version: Date: Subject:

To: From: Message-ID; q=dns/txt; s=s20260117179; t=1768664627;

bh=Qnyke4G2+mFFHdzoQ97E8iKeUavoCWqVtYwJsBN44NY=;

b=CyQ6t8wFz0mk7tsmZG0Y5bnmuCdmJENpKRBXlbmMndwM6FoIBMi8+VL0wi1XisU6INCHxiS3U

odKJvj/yhVewGPMmQ5s1rrG0odjK0F1FS5RVSEssydFHF+zW9RconCPKsmnCa1/7SWla4foenpY

YrqLpZ9mahof1kXPkfq/BhY=

X-Spam_score: 21.1

X-Spam_score_int: 211

X-Spam_bar: +++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Thank you for being a registered customer with Walmart

Canada.



Content analysis details: (21.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: lickinpussy.net]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: lickinpussy.net]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: lickinpussy.net]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: lickinpussy.net]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: menbdsr.cc]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: lickinpussy.net]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[163.44.121.134 listed in bb.barracudacentral.org]

0.0 T_SPF_PERMERROR SPF: test of record failed (permerror)

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay

2.0 MIXED_HREF_CASE Has href in mixed case

Subject: {SPAM?} Your Walmart Rewards points are available



=0D=0A<=

HEAD>=0D=0A
t-Type>=0D=0A
EAD>=0D=0A=0D=0A

Hello,

=0D=0A

Thank you for being a registere=

d customer with Walmart =0D=0ACanada.

=0D=0A

We=E2=80=

=99re writing to let you know that Walmart Rewards points have been=

=0D=0Aadded to your account. These points can be redeemed on elig=

ible =0D=0Apurchases online at walmart.ca or at participat=

ing Walmart =0D=0ACanada stores.

=0D=0A

To view your points balance an=

d redeem your rewards, please sign in to your =0D=0Aaccount using the link =

below:

=0D=0A

=F0=9F=

=91=89 View and redeem your =0D=0AWalmart Rewards points
A>
Sign in to your=

Walmart =0D=0Aaccount

=0D=0A

Please note:

=0D=

=0A
    =0D=0A
  • =0D=0A

    Rewards points are subject to Walmart Rewards=

    terms and =0D=0Aconditions.

    • =0D=0A
  • =0D=0A

    Points may expi=

    re if not redeemed within the applicable time =0D=0A period.

    • =0D=

    =0A
  • =0D=0A

    You must be signed in to your registered Walmart accoun=

    t to access your =0D=0A rewards.

=0D=0A

If you did not expe=

ct this email or believe it was sent to you in error, =0D=0Aplease visit th=

e Walmart Canada Help Centre for more information.

=0D=0A

Thank you fo=

r shopping with Walmart Canada.

=0D=0A

Kind regards,
Walmar=

t Canada Rewards
Walmart =0D=0ACanada
walmart.ca

=0D=0A
R>=0D=0A=0D=0A

This email was sent from an automated notification add=

ress. Please do not =0D=0Areply to this message.

=0D=

=0A



Walmart phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 17 Jan 2026 07:38:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh7R6-00000000OnG-22nT

for dave@doctor.nl2k.ab.ca;

Sat, 17 Jan 2026 07:37:56 -0700

Resent-From: The Doctor

Resent-Date: Sat, 17 Jan 2026 07:37:56 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.menbdsr.cc ([163.44.121.134]:54652)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh3sF-00000000PtN-3TgS

for doctor@nl2k.ab.ca;

Sat, 17 Jan 2026 03:49:51 -0700

Authentication-Results: mail.menbdsr.cc;

auth=pass (login)

Message-ID: <361507d47fbc7030aef9dec92fbee803@menbdsr.cc>

From: Walmart

To:

Subject: Your Walmart Rewards points are available

Date: Sat, 17 Jan 2026 19:48:51 +0900

X-Priority: 3

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Received: from localhost (Unknown [127.0.0.1])

by mail.menbdsr.cc (Haraka) with ESMTPSA id D78CA048-378E-4A06-82E1-B0F5C39C94D7.1

envelope-from

tls TLS_AES_256_GCM_SHA384 (authenticated bits=0);

Sat, 17 Jan 2026 18:48:51 +0800

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=menbdsr.cc;

h=Content-Transfer-Encoding: Content-Type: MIME-Version: Date: Subject:

To: From: Message-ID; q=dns/txt; s=s20260117179; t=1768646931;

bh=Qnyke4G2+mFFHdzoQ97E8iKeUavoCWqVtYwJsBN44NY=;

b=d+bdF39DP9EOMrh8gLwpndFIY+ynIxEo511o67jp4BxkCr9ZwE6SWcjlTn/O3ueZSMd/Ye1oC

8zlNRrl3xs0p7E0daZnqph0zHReWlz6elZkvbSHCbLB/Ge6myDO7E35CnTQQ4TQkmcKolN5eI4Y

8KtE2bkVLSn+5YW5FhiNPPg=

X-Spam_score: 15.7

X-Spam_score_int: 157

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Thank you for being a registered customer with Walmart

Canada.



Content analysis details: (15.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

[163.44.121.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[163.44.121.134 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

[163.44.121.134 listed in will-spam-for-food.eu.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: lickinpussy.net]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: lickinpussy.net]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: lickinpussy.net]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: lickinpussy.net]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: menbdsr.cc]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[163.44.121.134 listed in bb.barracudacentral.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[163.44.121.134 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[163.44.121.134 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 T_SPF_PERMERROR SPF: test of record failed (permerror)

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[163.44.121.134 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[163.44.121.134 listed in bl.score.senderscore.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay

2.0 MIXED_HREF_CASE Has href in mixed case

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Your Walmart Rewards points are available



=0D=0A<=

HEAD>=0D=0A
t-Type>=0D=0A
EAD>=0D=0A=0D=0A

Hello,

=0D=0A

Thank you for being a registere=

d customer with Walmart =0D=0ACanada.

=0D=0A

We=E2=80=

=99re writing to let you know that Walmart Rewards points have been=

=0D=0Aadded to your account. These points can be redeemed on elig=

ible =0D=0Apurchases online at walmart.ca or at participat=

ing Walmart =0D=0ACanada stores.

=0D=0A

To view your points balance an=

d redeem your rewards, please sign in to your =0D=0Aaccount using the link =

below:

=0D=0A

=F0=9F=

=91=89 View and redeem your =0D=0AWalmart Rewards points
A>
Sign in to your=

Walmart =0D=0Aaccount

=0D=0A

Please note:

=0D=

=0A
    =0D=0A
  • =0D=0A

    Rewards points are subject to Walmart Rewards=

    terms and =0D=0Aconditions.

    • =0D=0A
  • =0D=0A

    Points may expi=

    re if not redeemed within the applicable time =0D=0A period.

    • =0D=

    =0A
  • =0D=0A

    You must be signed in to your registered Walmart accoun=

    t to access your =0D=0A rewards.

=0D=0A

If you did not expe=

ct this email or believe it was sent to you in error, =0D=0Aplease visit th=

e Walmart Canada Help Centre for more information.

=0D=0A

Thank you fo=

r shopping with Walmart Canada.

=0D=0A

Kind regards,
Walmar=

t Canada Rewards
Walmart =0D=0ACanada
walmart.ca

=0D=0A
R>=0D=0A=0D=0A

This email was sent from an automated notification add=

ress. Please do not =0D=0Areply to this message.

=0D=

=0A



Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 17 Jan 2026 07:38:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh7Qz-00000000O9l-2Hgu

for dave@doctor.nl2k.ab.ca;

Sat, 17 Jan 2026 07:37:49 -0700

Resent-From: The Doctor

Resent-Date: Sat, 17 Jan 2026 07:37:49 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from computeone.uk ([95.154.244.134]:48494)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh3eA-00000000PMu-15Zl

for sales@nk.ca;

Sat, 17 Jan 2026 03:35:20 -0700

Received: from [108.175.8.68] (port=59106)

by smtp.computeone.uk with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1vh3dI-000000003nU-1Om5

for sales@nk.ca;

Sat, 17 Jan 2026 10:34:16 +0000

Reply-To: ironwoodfamilytrustfoundation@hotmail.com

From: Ironwood Family Trust Foundation

To: sales@nk.ca

Subject: Official Notification of Donation Approval!!!

Date: 17 Jan 2026 10:34:18 +0000

Message-ID: <20260117103418.3D500A4F166F2018@spicearoma.uk>

MIME-Version: 1.0

Content-Type: text/html

Content-Transfer-Encoding: quoted-printable

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - smtp.computeone.uk

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - spicearoma.uk

X-Get-Message-Sender-Via: smtp.computeone.uk: authenticated_id: bills@spicearoma.uk

X-Authenticated-Sender: smtp.computeone.uk: bills@spicearoma.uk

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched

X-Spam_score: 11.3

X-Spam_score_int: 113

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir/Madam, This is to confirm that a USD $1,000,000

donation from the Ironwood Family Trust Foundation has been approved. Please

respond to indicate your interest and enable us to proceed.



Content analysis details: (11.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[95.154.244.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[95.154.244.134 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[95.154.244.134 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[95.154.244.134 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[95.154.244.134 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 LOTS_OF_MONEY Huge... sums of money

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

0.0 T_FROM_MISSP_DKIM From misspaced, DKIM dependable

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

Subject: {SPAM?} Official Notification of Donation Approval!!!













Dear Sir/Ma=

dam,

This is to confirm that a U=

SD $1,000,000 donation from the Ironwood Family Trust Foundation has been a=

pproved. Please respond to indicate your interest and enable us to proceed.=

Best regards,
Mr. David Guzman
Ironw=

ood Family Trust Foundation



Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 17 Jan 2026 07:38:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh7Qu-00000000Non-0BTk

for dave@doctor.nl2k.ab.ca;

Sat, 17 Jan 2026 07:37:44 -0700

Resent-From: The Doctor

Resent-Date: Sat, 17 Jan 2026 07:37:43 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from computeone.uk ([95.154.244.134]:48792)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vh3eA-00000000PNJ-15c9

for root@nk.ca;

Sat, 17 Jan 2026 03:35:20 -0700

Received: from [108.175.8.68] (port=59111)

by smtp.computeone.uk with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1vh3dJ-000000003qw-0ap1

for root@nk.ca;

Sat, 17 Jan 2026 10:34:17 +0000

Reply-To: ironwoodfamilytrustfoundation@hotmail.com

From: Ironwood Family Trust Foundation

To: root@nk.ca

Subject: Official Notification of Donation Approval!!!

Date: 17 Jan 2026 10:34:18 +0000

Message-ID: <20260117103418.1CA03D2401837C1F@spicearoma.uk>

MIME-Version: 1.0

Content-Type: text/html

Content-Transfer-Encoding: quoted-printable

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - smtp.computeone.uk

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - spicearoma.uk

X-Get-Message-Sender-Via: smtp.computeone.uk: authenticated_id: bills@spicearoma.uk

X-Authenticated-Sender: smtp.computeone.uk: bills@spicearoma.uk

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched

X-Spam_score: 11.3

X-Spam_score_int: 113

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir/Madam, This is to confirm that a USD $1,000,000

donation from the Ironwood Family Trust Foundation has been approved. Please

respond to indicate your interest and enable us to proceed.



Content analysis details: (11.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[108.175.8.68 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

[95.154.244.134 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[108.175.8.68 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[108.175.8.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[108.175.8.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[108.175.8.68 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[108.175.8.68 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

[95.154.244.134 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[95.154.244.134 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[95.154.244.134 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 LOTS_OF_MONEY Huge... sums of money

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 T_FROM_MISSP_DKIM From misspaced, DKIM dependable

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

Subject: {SPAM?} Official Notification of Donation Approval!!!













Dear Sir/Ma=

dam,

This is to confirm that a U=

SD $1,000,000 donation from the Ironwood Family Trust Foundation has been a=

pproved. Please respond to indicate your interest and enable us to proceed.=

Best regards,
Mr. David Guzman
Ironw=

ood Family Trust Foundation



Manufacturer's products spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (8.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:b2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

0.8 DKIM_ADSP_NXDOMAIN No valid author signature and domain not in DNS

0.0 ARC_VALID Message has a valid ARC signature

0.0 ARC_SIGNED Message has a ARC signature

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

1.2 MISSING_HEADERS Missing To: header

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.6 J_CHICKENPOX_83 BODY: 8alpha-pock-3alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.66.63 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

Subject: {SPAM?} Bearing Supply



--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_

Content-Type: text/plain; charset="gb2312"

Content-Transfer-Encoding: base64



SGVsbG8sDQpIYXZlIGEgbmljZSBkYXkhDQpJIGtub3cgeW91IGFyZSBpbiB0aGUgQmVhcmluZ3Mg

aW5kdXN0cnkuIFdlIGFyZSBhIHByb2Zlc3Npb25hbCBCZWFyaW5ncyBhbmQgZXhwb3J0ZXIgc3Bl

Y2lhbGl6aW5nIGluIGEgdmFyaWV0eSBvZiBCZWFyaW5ncyxUaGUgc2VydmljZXMgd2UgcHJvdmlk

ZSBpbmNsdWRlOg0KDQoxLkN1c3RvbWl6ZWQgZGVzaWduIHRvIG1lZXQgeW91ciBzcGVjaWZpYyBu

ZWVkcy4NCjIuT0VNIHNlcnZpY2UgdG8gY3JlYXRlIGEgcGVyc29uYWxpemVkIGJyYW5kLg0KMy5I

aWdoLXF1YWxpdHkgcHJvZHVjdHMsIHJlbGlhYmxlIGFuZCB0aW1lbHkgZGVsaXZlcnkuDQoNCklm

IHlvdSBhcmUgaW50ZXJlc3RlZCwgcGxlYXNlIGxldCB1cyBrbm93IGFuZCB3ZSB3aWxsIHByb3Zp

ZGUgeW91IHdpdGggYSBjb21wZXRpdGl2ZSBxdW90YXRpb24uDQpXZSBsb29rIGZvcndhcmQgdG8g

ZXN0YWJsaXNoaW5nIGEgbG9uZy10ZXJtIGJ1c2luZXNzIHJlbGF0aW9uc2hpcCB3aXRoIHlvdS4g

TG9va2luZyBmb3J3YXJkIHRvIHlvdXIgcmVwbHkhDQpTaW5jZXJlbHksDQpBbmR5DQo=



--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_

Content-Type: text/html; charset="gb2312"

Content-Transfer-Encoding: quoted-printable
















Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hello,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Have a nice day!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

I know you are in the Bearings industry. We are a professional Bearings and=

exporter specializing in a variety of Bearings,The services we provide inc=

lude:



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

1.Customized design to meet your specific needs.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

2.OEM service to create a personalized brand.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

3.High-quality products, reliable and timely delivery.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

If you are interested, please let us know and we will provide you with a co=

mpetitive quotation.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

We look forward to establishing a long-term business relationship with you.=

Looking forward to your reply!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Sincerely,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Andy








--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_--

Manufacturer's products spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 16 Jan 2026 17:58:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgudO-00000000P5V-38CO

for dave@doctor.nl2k.ab.ca;

Fri, 16 Jan 2026 17:57:46 -0700

Resent-From: The Doctor

Resent-Date: Fri, 16 Jan 2026 17:57:46 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012063.outbound.protection.outlook.com ([52.103.66.63]:3727 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vguPb-00000000NLa-2AKO

for doctor@nl2k.ab.ca;

Fri, 16 Jan 2026 17:43:42 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=sdVX1E5rTIlciZj7tzFahVkKLEL7h44bRMSj9FegLAy5hRT4ekn7am6275z30tT6w4aQtB8C4OjQW8HT/rEk83LQDkHhZ70pfmIUI+RJoL/Gz12U1/A9lQ8sDnLnON7aHAeZDkFHP93czBxGCy38G/EYzPHnkK5tqQlV8vidiohCtz734dYd3m9ES/iv6y4znw0QICTSJgvzEoSOfwRbwyJSVf3yZVDPlUFDbxVl8CTXu7f5g//nd+F//flyRCml2se7SDuZW5V5UC+6VwYWK4ZPVlHa2pv4X38qdiDWF1z5KwzwxB9/n4121Hyq7Wz2OX6BjhlZ/WF4gC0PRNb7rA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=95EpWoQMB/4L5UX4o+dhdyScA/dd9L1O8cvBTi3ZwsU=;

b=dXerFmCqUUqBXK8lXc/eHlzROmiryi4rTmdEle3LfOc26NHbC9hnYDxtLsQlsP6gtG9UaRn/qVS1TDNvQxTlZ7q7U+evK4Vzc/2jwe5g5ZEig1dQYf8WZUa+9ce2Qrme6XU9OCqt1LLkOkHKRh28F3uB/BuLbPRhX2RWVmvfJ5TXk2pwmWibQ6220WosGH/zgws5+A/Hp0TC/otN27/c3V35cmGrCH2bBHfxeDLzTpVbNgFbX0+l/RvvCmsmLve9aTvHDVmskZnmL8pnlFo+K/cV4V3g3qniqTteYU0rWmgg5i7HvGuAAdujhq1x5UKfxxp9fNklThuFcyXpLCbcOA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

Received: from SEYPR06MB5792.apcprd06.prod.outlook.com (2603:1096:101:b2::12)

by SEYPR06MB8194.apcprd06.prod.outlook.com (2603:1096:101:2f3::10) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.5; Sat, 17 Jan

2026 00:42:08 +0000

Received: from SEYPR06MB5181.apcprd06.prod.outlook.com

([fe80::38d0:8d6e:2874:b8c9]) by SEYPR06MB5792.apcprd06.prod.outlook.com

([fe80::38d0:8d6e:2874:b8c9%6]) with mapi id 15.20.9520.006; Sat, 17 Jan 2026

00:42:08 +0000

From: G Y



Subject: Bearing Supply

Thread-Topic: Bearing Supply

Thread-Index: AQHch0m/ddXh91dvVkOUxbUGMF60Xw==

Date: Sat, 17 Jan 2026 00:39:36 +0000

Message-ID:



Accept-Language: en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEYPR06MB5792:EE_|SEYPR06MB8194:EE_

x-ms-office365-filtering-correlation-id: 5bcef10d-e908-4534-7b4d-08de55613e50

x-ms-exchange-slblob-mailprops:

bHQ38DpbEWAayy1Fxvh9DGGZQkLoCo9lIwdbLBS0GqxBxarupYk2f6GfxgY4tdDKpIV209gWMCWDJaDLPwviq6TkwIQmv7rYjeBJRotGiVIq5Mqz1Mre+wUHzEH5EBFbgzcvmGWsMPuKVr9KvNMO+fFsbzM3RhZ6R5PjaMjXjK0PodxfbVnDPbvG5SkHZp9rZw55XOne3IWU31x3ii7O8BrSGwpexa89mVqWr/J7cSLL67ChEhKIXqqU3DWD9oUm9yFJ4A0UKFrPtQaY5hYa7ENyMsOhZVPpNdy16ithHzyWAA/ldNw9DGn63MLpcqJbbCnxhvRAlIcG0kLuDvj4hFScmEjjuboItpVVdNxQn9/AAtnW2UKFnVQb8BQCS/I28qt5P0FNyqRR8ID+RyyKBzhfnbi6cCzq+JXr97H2r8BfhE7VIukf4zU9ZyvbTVeu7TFNfGAfkSWkwZvUZa61KdgB3yMpLUkJt3Txn3YlU2674dY0vvPnab6YTh6hxxRnp35Lbnt6fNyXTN5lK2sEde5Ooav0n9G01fwg8r/7h00ql98IhGk9X0/U0VQ4oOS1c20UcXC4KP4AOlOrjIHH/SLEyZXaygtLbZSxKRAJ06Wm+okU607WrYqYiAo6zZGpuRCEK5aJQlzL+p272DRvQwk/btADbm7UU9GQlHBwRqlVjK4xZwOYBQ==

x-microsoft-antispam:

BCL:0;ARA:14566002|31061999003|37102599003|461199028|7071999006|39105399006|41001999006|15030799006|15080799012|19110799012|8060799015|8062599012|3412199025|440099028|41105399003|40105399003|39145399003|26104999006|102099032;

x-microsoft-antispam-message-info:

=?gb2312?B?eVdFKzdycXFiVkMzdURLb1Z4SXhHOUlVTU1MejVteHd2VG5rWkM4ditXRjBi?=

=?gb2312?B?K1h0aE1lb1A0MlNPSVBZTFBXWG1xZThISjcyZWpxdDJMZFVtQ1ZaWVc0QnJ5?=

=?gb2312?B?Nm1rVVVNZUdxVjlFa1d3R0dYNWh3RzE4bjBjUkx1dUJQYmVweXArSVRRUEF4?=

=?gb2312?B?MmY4VnVMc2pCZFVTS2dkdTZrKzZDanoxN0J4Nnc5MmtKdVdMZytxYUhGbUxv?=

=?gb2312?B?UXl6clZEbDFEQTEzWk1LNFZ2dkEwZ05YZ1FtaWhuc1NCdmhXbFR2UUlLSTVK?=

=?gb2312?B?c0IvY1V2YVBuVW90YjVkK2Y5Y25GZXYwcjI2ZEVYLy92bmpGN3Q2clM1Smpx?=

=?gb2312?B?MS9mb1JmYVlndmtHNG9sTk1NS1Q0L3hvdmJPbmh6ZXI2TFBicWg0Vm8wNGVX?=

=?gb2312?B?bkFYOTE5UWVkNlpXb0wreVBuNVg4bytlRFpjTGMxRTNjelpiMWlickU0ekVk?=

=?gb2312?B?c1BXMlc4dlVKRTRGMXhWamdNdUo4djNJRDh2NkJHT2txMkVZWEdiRXlDWTFZ?=

=?gb2312?B?RDRzcHVURHk5STM5OGZNcUgvQjFueDRYbU13VjNLejZzVENpTG5WMDNOV3kx?=

=?gb2312?B?bjlDTU84VW5qUThkUHU5OTArZHJ2UDEyNDViWDBoU29rMUVDZnk4Ry9UL0JK?=

=?gb2312?B?RlFVWG5PTE1UdGZENm5ldUtOZytLaUZpdTgreHNld0ZlZDB6K3JVdHNGNmVs?=

=?gb2312?B?RjRzRTJobHk5QzI1NlVPcVJucUV4ZG14TW51bWp0NUwyNk54a2FOeU5BNjZv?=

=?gb2312?B?cVFVc05QTTlFK1dFRjRwNU4zK1d3V1JDOWlVUW1WU25uZlkzc1NMZzZSdnVV?=

=?gb2312?B?Z0V6eHMyMDh1anFNUmhLMENOQVY1bjdoYzgxTGgzcTROUEhYZ2Z0Sko3S1Yv?=

=?gb2312?B?VWZVSDFkSyt4NWpocXRhNnV2ZjlQYWlWbnhYeEhTRXZpQUZPdnYzOWxpS0Fl?=

=?gb2312?B?RGtFRys4bmdkaEJXbkdLVXNtWWFWNDR3MWR5amxRejZkMUhMMGNGMVJRT2JQ?=

=?gb2312?B?QURYMTRSTWtJZ1FVdzNWVkttNDJHRktON1NycGwzRWEzcExJTnlXWG9KMHV1?=

=?gb2312?B?SFlDYjh4UzU4VXFxQmtob0JhNm1iMGxxTGZnS1lWZmxjM21ZL3VacjhMYllU?=

=?gb2312?B?VmovMnVPb21mUUdKbnA0eWZxMU5rMjVDY3R2dDYyQW15RmtqYmxjOWk0a01W?=

=?gb2312?B?NSs3RHVaK25JbW5iNWhwME9SUkN5TTFZSnNRM3AzcmtIczVheFo5dUR3SDZv?=

=?gb2312?B?UWVDKy9RTW9uSGJoYzdhcU5LSFJTV0VVbWE1WXdxZ0x1S2tTOHRaMjg0TFp0?=

=?gb2312?B?bHRiMEx6ZVZNQjlVTGRDOSsxeGhkMFZnT3VCMWFBdUZ2NXkzZ1ZLVHpySjNZ?=

=?gb2312?B?VVZCUUFHWi8zbWR1Mldod0tlSWpxZFdWWHhqUUdmTFVqY2UrSmJFaFBScGRC?=

=?gb2312?B?TnR3Wjk3d3ZMVzk4VWFLUjhrdTM2OGJGajVubnJpcENBaU9IVGN1Z003QjU3?=

=?gb2312?B?WE1Eek1EUkwyUUh2aUFaOU1XSWlBVXd4RWRkV0Y2cHhDQ3RBM2FEK01FV3lv?=

=?gb2312?B?WXJTSnk0T2pVRGd6aFFtOVU2T29wYzN2SUxDbjRWejV1YkRjT0lrSDlNL1Nu?=

=?gb2312?B?ZmlQcVRqK2RVaWFIM3F5djRQU3U0QWJ2dWJyUzIyTFV6UFhIdkJ5N2t6M2Ja?=

=?gb2312?B?dW50M2pldzJWZTNDYTRkNTlwYUNCN2VVNU9yeUJwaGU1NjQ4UjV3dWFEWjA4?=

=?gb2312?B?WHFBVnBYL0EyTDVHelVwbTRlRzdTOGxKNXFuTVpBRGZqTjN3cW1BeXNtdjcx?=

=?gb2312?B?TjdrVU1qVitLTzdDblRaMUQydmt6cGhIMm1zSk5mbitCVllYdUdGcGRVVWlD?=

=?gb2312?B?czU3K2NmcEZnNks3bmdDNzlMU2pCRHJPOUlJRDVXU3ZyQVE9PQ==?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?gb2312?B?SkdOSUR2K3VncG9GQXpDbVgxUWRIZjB2MHhDWkNSR2I4TEFSanNYaHdPTDUz?=

=?gb2312?B?WlhmSkl6Y2l5ajZmR1YwODI5TklhTi91ZWhvK0U5ZEczSmRuYlJPMnk2M1l5?=

=?gb2312?B?Z20yZ0JURWtQU0xYVnlxQnFNSjhSb0pSY2dkWmx4NCtUd3RFaXJ2Y1hkSEp0?=

=?gb2312?B?QWJWZWUrcUJHZTJwaUZNRVM5YmIyVFJEdkRQY0RRZHBjSTdlYXJlalJEemtV?=

=?gb2312?B?aHRFRTE5SHFSSkNrZCtNMnNTN1FVY0JCWExNVTdteklnaVE4R05CaTQ3Unc4?=

=?gb2312?B?cDRZUFFrYnA1T1RiSTRsY1VCaUhvRkhMcUxMNG9raXhUMEdjOUwyUXFjVU5a?=

=?gb2312?B?cnVzMlZadHd1ckxqOXlGdStPWCszYldtT1E5QjRSUmp1UTlKaXhXdUNSM2xK?=

=?gb2312?B?Sm4zMXNnMURPVkZBYmo5byt1d1NHLzFnUDBCWDhvbC9icytzK1lmbFY0bWFC?=

=?gb2312?B?V3dFS2c5WlZxSGxFcnlTczMvQzk0dWZETlhUQ2I1WHAvR3M5VTVmQkpQMFAz?=

=?gb2312?B?TG1yZWJhVVR5bHhnNjF3Z2RxK2NNM2taK3ZCenhoQnlUN29ueHBUMVRmVVd4?=

=?gb2312?B?YW1SSk9EbHI3QUtpclduZGh6d2hJNExEMjJvTE1MZjJ4Q05aMWtmejR3UTlj?=

=?gb2312?B?Q3RsRk5HRUhTZVVZM085UzhSME5qSzBzRlVRbktuTjlrU3B4clJycXRLekdV?=

=?gb2312?B?eUUyMW9sczdqQjhja0VvdnlnbUN0ZTJ2b1VwVGYrNGFWNEFsSVMzdzVYQnpl?=

=?gb2312?B?bjFhZEhYL3FTWHhPc2JCUkVtS1hXZTY4d1hoU3l3NE1EOXp6Ukw5djNhVmFS?=

=?gb2312?B?SGd1K3hPb0VDaVhiNkcxeDJxekVNMGs2RFBhSnREZGhycGl2NUg2Zng2SjRp?=

=?gb2312?B?VDBEb2xQT1hoQVNxcjFUYXNSM01LZzlyMGRNRFVyS2JaTmFudXpxREJ3THdW?=

=?gb2312?B?TndlZXI0N2ZENWlFbmRPZnk0VGh3VU5xY0NzMDUzelZWNUdmaXF6OThFK1k4?=

=?gb2312?B?WVJBRksvaXhQcnY1OUxhV2V4VnhhZ2x3RzYwanV3Z3BqeWpjRUhEZ0owUlJw?=

=?gb2312?B?Sno4OGhNcTlzZXVieENaVVdDb1lkdmV2UzBRci9OSTcycmpuZFF0U2dmYkRY?=

=?gb2312?B?STNPL1JXR3NtN0pWL01NNEFiOUlkdTR5bWs4cnVTRi9yWFlqUm5xcTdDNllP?=

=?gb2312?B?Y3hqeXRvcUMzTmdxVmhmNGxHSTB5RDdNL1RaV0xTQXljYmIrQnViekpaN2VV?=

=?gb2312?B?d1Q5T1JoZGQ0UU4wRmpnNWxPMkh5TldVNjJMck16VEV5UmR5VWZ5bXhDZDlU?=

=?gb2312?B?QlpWK3B3L0JHaC8vdnZMQXBOenVIL0VXSlYyc2NyS1BMdWtDQTlhNHRHZEc2?=

=?gb2312?B?NU5qbk1vN2ZvR05zdWFWNmNjckdsTFdoS0dSZFMvZGI3dmdGcTluME9reHlM?=

=?gb2312?B?OVpQVHJQc0xiZlI1UE9FaWN2RkxTRzFYWEJUOE1JVVFrWVJyUVVraHByRVh4?=

=?gb2312?Q?vfHO0I=3D?=

Content-Type: multipart/alternative;

boundary="_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-7141d.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEYPR06MB5792.apcprd06.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 5bcef10d-e908-4534-7b4d-08de55613e50

X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2026 00:39:36.0645

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR06MB8194

X-Spam_score: 8.6

X-Spam_score_int: 86

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Have a nice day! I know you are in the Bearings industry.

We are a professional Bearings and exporter specializing in a variety of

Bearings,The services we provide include: 1.Customized design to meet your

specific needs. 2.OEM service to create a personalized brand. 3.High-quality

products, reliable and timely delivery.

Manufacturing products spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Have a nice day! I know you are in the Bearings industry.

We are a professional Bearings and exporter specializing in a variety of

Bearings,The services we provide include: 1.Customized design to meet your

specific needs. 2.OEM service to create a personalized brand. 3.High-quality

products, reliable and timely delivery.



Content analysis details: (8.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.85 listed in dnsbl.ahbl.org]

[52.103.74.85 listed in dnsbl.ahbl.org]

[52.103.74.85 listed in dnsbl.ahbl.org]

[52.103.74.85 listed in dnsbl.ahbl.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.85 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.85 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.85 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.85 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:101:8c:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

[52.103.74.85 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.85 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.2 MISSING_HEADERS Missing To: header

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[gysell20(at)outlook.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[gysell20(at)outlook.com]

0.6 J_CHICKENPOX_83 BODY: 8alpha-pock-3alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.85 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

Subject: {SPAM?} Bearing Supply



--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_

Content-Type: text/plain; charset="gb2312"

Content-Transfer-Encoding: base64



SGVsbG8sDQpIYXZlIGEgbmljZSBkYXkhDQpJIGtub3cgeW91IGFyZSBpbiB0aGUgQmVhcmluZ3Mg

aW5kdXN0cnkuIFdlIGFyZSBhIHByb2Zlc3Npb25hbCBCZWFyaW5ncyBhbmQgZXhwb3J0ZXIgc3Bl

Y2lhbGl6aW5nIGluIGEgdmFyaWV0eSBvZiBCZWFyaW5ncyxUaGUgc2VydmljZXMgd2UgcHJvdmlk

ZSBpbmNsdWRlOg0KDQoxLkN1c3RvbWl6ZWQgZGVzaWduIHRvIG1lZXQgeW91ciBzcGVjaWZpYyBu

ZWVkcy4NCjIuT0VNIHNlcnZpY2UgdG8gY3JlYXRlIGEgcGVyc29uYWxpemVkIGJyYW5kLg0KMy5I

aWdoLXF1YWxpdHkgcHJvZHVjdHMsIHJlbGlhYmxlIGFuZCB0aW1lbHkgZGVsaXZlcnkuDQoNCklm

IHlvdSBhcmUgaW50ZXJlc3RlZCwgcGxlYXNlIGxldCB1cyBrbm93IGFuZCB3ZSB3aWxsIHByb3Zp

ZGUgeW91IHdpdGggYSBjb21wZXRpdGl2ZSBxdW90YXRpb24uDQpXZSBsb29rIGZvcndhcmQgdG8g

ZXN0YWJsaXNoaW5nIGEgbG9uZy10ZXJtIGJ1c2luZXNzIHJlbGF0aW9uc2hpcCB3aXRoIHlvdS4g

TG9va2luZyBmb3J3YXJkIHRvIHlvdXIgcmVwbHkhDQpTaW5jZXJlbHksDQpBbmR5DQo=



--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_

Content-Type: text/html; charset="gb2312"

Content-Transfer-Encoding: quoted-printable
















Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hello,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Have a nice day!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

I know you are in the Bearings industry. We are a professional Bearings and=

exporter specializing in a variety of Bearings,The services we provide inc=

lude:



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

1.Customized design to meet your specific needs.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

2.OEM service to create a personalized brand.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

3.High-quality products, reliable and timely delivery.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

If you are interested, please let us know and we will provide you with a co=

mpetitive quotation.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

We look forward to establishing a long-term business relationship with you.=

Looking forward to your reply!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Sincerely,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Andy








--_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_--

Manufacturing products spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: daave@doctor.nl2k.ab.ca

Delivery-date: Fri, 16 Jan 2026 17:58:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgudK-00000000P5H-0SkJ

for daave@doctor.nl2k.ab.ca;

Fri, 16 Jan 2026 17:57:42 -0700

Resent-From: The Doctor

Resent-Date: Fri, 16 Jan 2026 17:57:42 -0700

Resent-Message-ID:

Resent-To: daave@doctor.nl2k.ab.ca

Received: from mail-koreacentralazolkn19013085.outbound.protection.outlook.com ([52.103.74.85]:56091 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vguPb-00000000NLU-0mH2

for doctor@nl2k.ab.ca;

Fri, 16 Jan 2026 17:43:42 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=zGhfP7ktB46TgGSDYQQ3LoPqK9ey8v2ePsQxzS+ud6fJJ8UcbiK9/cvpOiCpdDmngaYK5bgarvuPc/VTW2RI1uirfPVM3XjoN4BFDWkA2zc7G2g52J3T+H8Lpq1e93Txg9YCF91l7Bq3IoP4KDiOJE8TBvchGtsxcfpTvSivZUQqiQhccQS4yJdNupHfSvIED0gZv8S0wlg5g9L96vRSEFrSpmrR6x1p8x2oTG+96cYnl1anX3bt4BCQC07If5U5Zdk9FDsUSvng9dbqOQyYjMgFyhznekgKnufFzQyOOfnk4Fg/QE6aorn7Rvs+/C8RTRCMDDEtRXKAVELSW6Rapg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=95EpWoQMB/4L5UX4o+dhdyScA/dd9L1O8cvBTi3ZwsU=;

b=Vld9W2aw9zvBr1CF1wlpNlpc8mwgqyo2IRmCKEUNzV5Iz+9OQlv8C+eC3hjXaxReeTiGkG0TKgn856pNyxf5W0F7RZvKCwiwA8ewDMTt7FLfvuQRNTqJPQhYGhqsujlxD/NeQbDGN5B5UNr//O91mmVC0hj3q99S1b1yIqo3lDk6C2m1XMg4S9GDPIu70XKftowbkn1dhApi5/1zrHyd4q11Jac8gq9C5udYbqn8NBOw6mDQJGvaIQo8J5+n7L0EydD5m6ujpp6NUvjNOAAp4FOefyc36BCl8XCZPo3CfbhJJ2ixEKGBNUV1l2JtcWrkfmBv2MuWElahMqcpkRjdPw==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=95EpWoQMB/4L5UX4o+dhdyScA/dd9L1O8cvBTi3ZwsU=;

b=Xw3kSF5JqhSnp+UZKVItdPHo6O5+2N9ERLSDgLQbXGzmDdHgY4y+Y6XBnlT4eWtoAmsyYaTaUfUsln+bb5fJMJEE6AQvFAxKdAgARAHABFp378xsXrPHmAnQauLRqX/rKybXnSRPpJ/ZVnvuG2giqwJ9BF7OJ8sGRxNPzH/9Ffk8HKfCg6GTih1HoKbnTEyA0YmrMJJ4M+Y4Kt6zAQJOtG/xOOLPJ6bYV7w53al/gaBWIwsURNleckavBS0cinAIn4o9jF5bPKd/owLDYQ+sXcEacEwVjbmh0MqAbHH2Uv1pJyzy+AwcdO/0YE1T0rdOt4GyVJRyRc3irPgRzOlPdw==

Received: from SEYPR06MB5181.apcprd06.prod.outlook.com (2603:1096:101:8c::10)

by SEZPR06MB5437.apcprd06.prod.outlook.com (2603:1096:101:9b::7) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.9; Sat, 17 Jan

2026 00:42:08 +0000

Received: from SEYPR06MB5181.apcprd06.prod.outlook.com

([fe80::c768:8f07:2710:e56c]) by SEYPR06MB5181.apcprd06.prod.outlook.com

([fe80::c768:8f07:2710:e56c%4]) with mapi id 15.20.9520.006; Sat, 17 Jan 2026

00:42:08 +0000

From: G Y

Subject: Bearing Supply

Thread-Topic: Bearing Supply

Thread-Index: AQHch0m/ddXh91dvVkOUxbUGMF60Xw==

Date: Sat, 17 Jan 2026 00:39:36 +0000

Message-ID:



Accept-Language: zh-CN, en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEYPR06MB5181:EE_|SEZPR06MB5437:EE_

x-ms-office365-filtering-correlation-id: 7b0c3666-3138-4d91-25db-08de55613df8

x-ms-exchange-slblob-mailprops:

bHQ38DpbEWAayy1Fxvh9DGGZQkLoCo9lIwdbLBS0GqwCoe89wxwlkXLpZqCwwUJu8yCV6EsuzF1mGyNpVYvQeGz2CHwEO22u9wPF6nq+dP1B1BKRdyUArbnyl/dFgKkb8UIxiRJ0/Mxjmn7LOrgnsg4VZgirECM1ZXTsgSuQHKqtbUYr8t0rNXl0sNBUyn5ISNBzsUhXxb1upoH/l/GxPUD+femR+s58vcO+56SChPdPyXVoM9kfVWY5p8NcRgWpht+DiQkwC+LbN2RUaWKMGbU4kISHWF6P/f0NCAA42sEYMsEybsIOfO4s+b6P6GpEcvYob3hCbFRHt3/nyQp6Tt7xT2DZ5XW3KXLaidpAiSisT0WV9rzNLZv5xYeSF6QHn9Pa9iv0JvOQkmi9VDye6LGSxJtRrcFA3/6IaCnIVPw3xpS55w3NmGOgG3pHmb3aqeoOU/dA+IQk4qc3pHOKGMQ9IwZqDbQd6WN+5FbywDsKZ7mSX+IvtNoPm+c8Dc6kl/m3DL4tWUptNrx6BllFh06gmZ323ifIYgtZ2d8YTu0Ds9ndeC9YFHMtf/H6SeMt82LJnD5P3nlfPq0L/qmvj6yQTIpjIk1a4QhW8m2ti1g7M/akMBWCusftAH38oN9YNzyc5RAyC5oXBkvcxrL0n2twJ7DC99ImRFqi72vHmL2CLpnhN6Y0Gg==

x-microsoft-antispam:

BCL:0;ARA:14566002|20031999003|37102599003|8060799015|19110799012|8062599012|39105399006|41001999006|15080799012|15030799006|7071999006|461199028|35041999003|31061999003|39145399003|40105399003|41105399003|3412199025|440099028|102099032;

x-microsoft-antispam-message-info:

=?gb2312?B?MS9EYmtJYU5jWnNhMmlkN0JHWkRneWFFUk5TeEZiV0czZkI5WFgvR01BM2Js?=

=?gb2312?B?LzZJamk3Ri9EM2RiV0RwL0Jqb3RqaVNyaFowTlE5cWcxUTh4K2JzU3lZRnJy?=

=?gb2312?B?Q2lDbzJyZmpnZE1KWFBRaXZiQlNkQXprNFJJZThzYnVGYUFCRjdWbE5mVlM3?=

=?gb2312?B?WTJsenJmbEhDK0RLUk9wOGlWTEtqREZ1ekdueldjM21TbTM4bWVuWDJDTkI2?=

=?gb2312?B?djNLZksyR2dlQXVpQzZPY3h3Sm92S0ttVWJndktDSlpzeUEwa0hodmpPTDFN?=

=?gb2312?B?emZVWXlsKzg2WVZUMlJ2amlGQ25FZ3dJWEVRa0tiaTgxUnE2TlRkL0J3ejh1?=

=?gb2312?B?S2RZcXNQL0FURTZ2Ym95N2RvY2hOcjBIeE82dThtR2kyaHY1bzVGTFZsL3Zv?=

=?gb2312?B?c1U5VzBmajZteStZMjRYTGZ3bXVmUS92SzRscTBmbEo4bnpFWUVGT2s5bnlY?=

=?gb2312?B?ZFpZdW1PMWJwWmcwMkxmUmd6VmtDeUNLL3lpeWg5L05uRFp5S045NW16UWVa?=

=?gb2312?B?SDNvbytlVHlUV0NaVXp3YjRWTmp4TjZOaGV0ZFZQSms1aE1GVHRUVHlEa2xY?=

=?gb2312?B?U2FTenp1eUJzSVF2c1pxU3IyWEtHQzFNMFNuWHlWVzNpU0lJbHczK3pwam92?=

=?gb2312?B?bjhLRUl4dUcvSFRZZG44SzJzc0ZUQVl2ZHlFTVFrRThxUCt2OFhnbnk4dXQw?=

=?gb2312?B?dm9CdW56L1FmUTJZSllaUVBxM3UzejNlci9uYnhzOWNNOUhPRldnUEtRZmJz?=

=?gb2312?B?YVl5YkxpZmxsa3dCVTlUT1lZakdnc1hpQWFEVEUyTGlqV29jWEhjMWZYTU1n?=

=?gb2312?B?bFRmbXdYb3lBa0lLQlNScC94bTMyVmxJRUd2VnRDTzd0OTJOS2NLKzRYT250?=

=?gb2312?B?YnJzOVlHREZMRk5MME9oc3JPZnRCL1pSbUZhQmsrN1RQMG45VE5jZVJEMjJy?=

=?gb2312?B?QlhoRUpOdGVtZWZ0OEJVVlRPdDdiMUhsVWxKTnN3TkREbDBxWEdGZG1DZHB4?=

=?gb2312?B?aGdFTGFaVFpOTTc4eFRJOHNGV25Xbkp2V2ZMWUpQWnE2Qlh1ZkY1bm9pbFdn?=

=?gb2312?B?NkIxOWFxb2pGTkFkOEtKUWxjd2VNV2JRVXpxZU5BQmFEZmlyamN6b05Vd2JS?=

=?gb2312?B?bGFTb1R5YVg2T3J1U1Y0S3VNK2tjREtJc29FaTFYZjVpV3lPZmo1M1p4YzRQ?=

=?gb2312?B?SHpuM3hPT1dqbHpDalRWRVJFZTZjRXRxaHpNS1B6Um45TWN6a004bXNpRHg0?=

=?gb2312?B?R2lsd29icFQ0ZlBYRTQrdGUzL0dWc2FvOEwwTE8wb1lrVFlyWHNLSGdDVUlY?=

=?gb2312?B?L3BhR0V4Z1ZJcmVFUHREUXpxOVdsT3VZQmFKbGJFV01iMXVVVFpNZHpDQ3RS?=

=?gb2312?B?MzJxSUlEYk9mdkFaNlIyWGtMWVBpbFpydnUrNWNJOFVYVVMrNUJWSXNJekIr?=

=?gb2312?B?K2NRTzBtWVQzVndmTUtDaFV4YTk5SHJVQ0pBeVovZmdCajV5ajBmdEFFS2Q3?=

=?gb2312?B?UjRBbm1LYlJydEdzVGZHZVM1K0FmTWdSRlZYYWFtQkZZbDlRNjRzZU9VRFF5?=

=?gb2312?B?Y1hmc3J4dU80SEszZDBqNjZNbURBM3pibkh4MHlNc215dnF6bW5uaHA0Mytm?=

=?gb2312?B?OFZ2THBaMDJLZFJ5VlFIVStRNmk3YjhGdEdyNnUxTEwvRkt2ZXBYQnlZZ0Ix?=

=?gb2312?B?RTJPcGxKMlg4UUVxRWswYWlZUFFteW9YU0tRNjhKV0VhbzNJTVhEczl2OG1z?=

=?gb2312?B?bVkvbVBlbld4ZjNpZkE0eTJDMmt2UDBWL0pUL01ucjVhb1NONUxaUDJ5dnFI?=

=?gb2312?B?WHBHN2piM1ZsaUkxL1JzWXhuQzY0WUxOQ3lNU0VpVThsSGlHKzlKNU84U3F3?=

=?gb2312?B?NW01RmN0RWJxQUsrN0dLdW5pNjRwWkpvZHoxS2UxMFhMUnpTc1NzZzd0TVFD?=

=?gb2312?Q?igwuJdPbXBk=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?gb2312?B?a2VQckRpbkwzUE9XbXVEdGl4M3BxSmpxOHM0VDB2Zmk3TzVRYms2LzBWSXNN?=

=?gb2312?B?M05saklCZTY5WUNGNzdldkUvZ2pvZWw2SFE0QmgyaXFQcWcrb29yOTRibWI0?=

=?gb2312?B?QkYwNkJqMWsyZ3lwaXdaVHFpM3Y1NCs3ZE5wZDZXL2FkMzV3QzlwVUlkTEZ2?=

=?gb2312?B?emduMFdBY0psMnhhWFpoV1RyQ2R3YjBXS0VSVUNQR0Y5QXR6SHNLNm1HbHNE?=

=?gb2312?B?aERjZ2tKbmdBZzFqcUJNK0hlK3krZlJkSGRNWXBqTk5pUXhBbWFWT3MwM1JY?=

=?gb2312?B?dVltK2FuMDBHbStqMFJGTnUzTVBMNE1tRXdVTHp2U1BBQ0MrWlJWcnc4Mzkr?=

=?gb2312?B?dnlLV0hkV3AvZUhSaFlZSENtS0d2NTUzSnJaMndVWlZ3b0VyK0RlSDAwYml6?=

=?gb2312?B?MTl3RnNKNFExRDdFNEN1Q05CaVBtM0tWTWY4RFVEM20yNzllSTR3cC9PYzNu?=

=?gb2312?B?anRid3BVNitwU2xNTkVLZlRvaTFXcXhaempPcmgwUk9hRGszTlVRMTR1Q054?=

=?gb2312?B?TmdUQXhFVTF2aUw3eHNMMmQ3MlJ3clNNdUR0R2psNUtncDlVUW5EcWhBQUMz?=

=?gb2312?B?bENZUUFvdXNHTnZ3K25seHdrb1BkaUxpL0t0d0lOTTlLQXhQblk2TGhPUXo5?=

=?gb2312?B?QXZUcWpLN2ZQa3RHNXhnd1h3NDNERDMxd29zbjNicDRXWmZkRzFZQkRRUlFN?=

=?gb2312?B?dWJCQ0xyVVJNUEYrMXdueHB2TVNwb2RBdUxPc3BIZ0svOVZQaksxNnh6VTZp?=

=?gb2312?B?a3pVcVlxZVdlUkxZVzdQL09Lb3Y0bklUbkR2RmJWVW1ZUUJUUjFFWXZ0dGsv?=

=?gb2312?B?dTFTbTRZTGdhUmdSakVMekYxU0ZyN3lGMHdmaEF6SWZNamdqVGlrcnZ0MktR?=

=?gb2312?B?b3lTcVhxMGFJSXBKK0k0QXJLaTRsazZhWllrc0QwMHNJOEZLcVlnQWxCZ2Jy?=

=?gb2312?B?ODlUQmRIUld4YzVpdE95eGZ4N3R0dDJSWTk4NUJKOGtkVjhYNnJPbVBqY0h2?=

=?gb2312?B?Q3E4ZkxSeGRrMlZtZlhYUXJRcFFjOUwvUGlhUWlFQWtNUU9QM3dMVkVuVFR3?=

=?gb2312?B?L1hLOGV0TXVMdU9nNFRrMWZvK0tWWmNSRXZibTRVc3lPYlNEalZMS3g0eTkr?=

=?gb2312?B?SlVzd1RObVRaMGFjbG84YVpKNUhzYXhxS3lJUit5ZlNPeXd1YXgyQWx6TElp?=

=?gb2312?B?VjBEazZFT2gxZ2gxeUd5VzZHSkQyYjBYckhldXR0M3lTWGpwR0RuQkthUVpP?=

=?gb2312?B?UG52WFNTUitmVjMyQ3RKa0xDcUpCbDVJMjM3VTdIV0hCOXFUakpMa0JDa0F2?=

=?gb2312?B?d1NUcXZuTVY4YUFpUExFVi80TjljZlVuSkJUQzB3WXBUajFXendXYkR0Zml5?=

=?gb2312?B?STFZb2xHTm9ZeWsrM0UydDkwVnFQV2srQ2N2ajN2eFVQdVpRbUx4dDBKVGZT?=

=?gb2312?B?TEFUR1lXVWF2RlJaaFRQRHVBeXI5WkF2bm1BSUN1QUlsQWpLTmxsSXZ5TTZS?=

=?gb2312?B?TnBJRXJZVE1SWWtWYUUzYlh6QUFYeHVsNkg2cUJVUjdhc0Z5dTZsSjZYd2JC?=

=?gb2312?B?cDVnbGt6UkQycjdFSU1xMnBpbCtyRGZqWnU0QmIzZ3lUN3dKdFUyc0Jhd3lh?=

=?gb2312?B?T2hXdEljdUtmSGxXZ3VJRE9vSXZZWnR3QlU3RHZxWWZUc0QvWktkb3Y1cWZ5?=

=?gb2312?B?Wm1SWEFtMHNBSkJQWE5XeTIrNWZTaXhudjJTVXh4c2dZWHJiZStWeWl6Z3E5?=

=?gb2312?B?aldCYzVJOXYzRzFlcUdrTm5RTFBwT1RQRTB5QmRoTE9mMzNpMnJPbHY2d1hR?=

=?gb2312?B?S3FlV0NTa0Q4UFd4aFZJeDlqcUVDWVBnUFdvVTM5eXdSMWVBei9UM282Mzl6?=

=?gb2312?B?ems5a3FRdnl0U1Bjd1I3ZVFzUnpkRXh0QWhydDdYbjlnc0JNMEdzamFKMVlv?=

=?gb2312?Q?gQOJsgaNn2g=3D?=

Content-Type: multipart/alternative;

boundary="_000_SEYPR06MB518148A3E938D6853FC1FAFED68AASEYPR06MB5181apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEYPR06MB5181.apcprd06.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 7b0c3666-3138-4d91-25db-08de55613df8

X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2026 00:39:36.0645

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR06MB5437

Selfridges phish from Microsoft Outlook Part 4

Posted by Dave Yadallee on



SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'>SELFRIDGES




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: rgb(0,112,192)'>
://deref-mail.com/mail/client/l6xyp6dUUU4/dereferrer/?redirectUrl=3Dhttps%3=

A%2F%2Fderef-mail.com%2Fmail%2Fclient%2FWFRz24lO58M%2Fdereferrer%2F%3Fredir=

ectUrl%3Dhttps%253A%252F%252Fderef-mail.com%252Fmail%252Fclient%252F_AVl430=

CegA%252Fdereferrer%252F%253FredirectUrl%253Dhttps%25253A%25252F%25252Fdere=

f-mail.com%25252Fmail%25252Fclient%25252Fst5DiR_MmU8%25252Fdereferrer%25252=

F%25253FredirectUrl%25253Dhttps%2525253A%2525252F%2525252Fderef-mail.com%25=

25252Fmail%2525252Fclient%2525252FFZGeeNrbaY8%2525252Fdereferrer%2525252F%2=

525253FredirectUrl%2525253Dhttps%252525253A%252525252F%252525252Fderef-mail=

.com%252525252Fmail%252525252Fclient%252525252FTHKefJwGq2M%252525252Fderefe=

rrer%252525252F%252525253FredirectUrl%252525253Dhttps%25252525253A%25252525=

252F%25252525252Fderef-mail.com%25252525252Fmail%25252525252Fclient%2525252=

5252FI3Pvp29gfsw%25252525252Fdereferrer%25252525252F%25252525253FredirectUr=

l%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fderef-mail.=

com%2525252525252Fmail%2525252525252Fclient%2525252525252FeLujXkOto8w%25252=

52525252Fdereferrer%2525252525252F%2525252525253FredirectUrl%2525252525253D=

https%252525252525253A%252525252525252F%252525252525252Fderef-mail.com%2525=

25252525252Fmail%252525252525252Fclient%252525252525252FgP7ia_nvIgQ%2525252=

52525252Fdereferrer%252525252525252F%252525252525253FredirectUrl%2525252525=

25253Dhttps%25252525252525253A%25252525252525252F%25252525252525252Fderef-m=

ail.com%25252525252525252Fmail%25252525252525252Fclient%25252525252525252FF=

hpC0vG1D_A%25252525252525252Fdereferrer%25252525252525252F%2525252525252525=

3FredirectUrl%25252525252525253Dhttps%2525252525252525253A%2525252525252525=

252F%2525252525252525252Fderef-mail.com%2525252525252525252Fmail%2525252525=

252525252Fclient%2525252525252525252FzUmOPp_HAhY%2525252525252525252Fderefe=

rrer%2525252525252525252F%2525252525252525253FredirectUrl%25252525252525252=

53Dhttps%252525252525252525253A%252525252525252525252F%25252525252525252525=

2Fderef-mail.com%252525252525252525252Fmail%252525252525252525252Fclient%25=

2525252525252525252FPzwSvIPwUvE%252525252525252525252Fdereferrer%2525252525=

25252525252F%252525252525252525253FredirectUrl%252525252525252525253Dhttps%=

25252525252525252525253A%25252525252525252525252F%25252525252525252525252Fd=

eref-mail.com%25252525252525252525252Fmail%25252525252525252525252Fclient%2=

5252525252525252525252F3XwXK8HERSY%25252525252525252525252Fdereferrer%25252=

525252525252525252F%25252525252525252525253FredirectUrl%2525252525252525252=

5253Dhttps%2525252525252525252525253A%2525252525252525252525252F%2525252525=

252525252525252Fderef-mail.com%2525252525252525252525252Fmail%2525252525252=

525252525252Fclient%2525252525252525252525252FW4xJlecxxxo%25252525252525252=

52525252Fdereferrer%2525252525252525252525252F%2525252525252525252525253Fre=

directUrl%2525252525252525252525253Dhttps%252525252525252525252525253A%2525=

25252525252525252525252F%252525252525252525252525252Fderef-mail.com%2525252=

52525252525252525252Fmail%252525252525252525252525252Fclient%25252525252525=

2525252525252FdyDWwsbvUeU%252525252525252525252525252Fdereferrer%2525252525=

25252525252525252F%252525252525252525252525253FredirectUrl%2525252525252525=

25252525253Dhttps%25252525252525252525252525253A%25252525252525252525252525=

252F%25252525252525252525252525252Fderef-mail.com%2525252525252525252525252=

5252Fmail%25252525252525252525252525252Fclient%2525252525252525252525252525=

2FV_aqrOOu_2c%25252525252525252525252525252Fdereferrer%25252525252525252525=

252525252F%25252525252525252525252525253FredirectUrl%2525252525252525252525=

2525253Dhttps%2525252525252525252525252525253A%2525252525252525252525252525=

252F%2525252525252525252525252525252Fderef-mail.com%25252525252525252525252=

52525252Fmail%2525252525252525252525252525252Fclient%2525252525252525252525=

252525252FogW12J893og%2525252525252525252525252525252Fdereferrer%2525252525=

252525252525252525252F%2525252525252525252525252525253FredirectUrl%25252525=

25252525252525252525253Dhttps%252525252525252525252525252525253A%2525252525=

25252525252525252525252F%252525252525252525252525252525252Fderef-mail.com%2=

52525252525252525252525252525252Fmail%252525252525252525252525252525252Fcli=

ent%252525252525252525252525252525252FbvYjx1y5syA%2525252525252525252525252=

52525252Fdereferrer%252525252525252525252525252525252F%25252525252525252525=

2525252525253FredirectUrl%252525252525252525252525252525253Dhttps%252525252=

52525252525252525252525253A%25252525252525252525252525252525252F%2525252525=

2525252525252525252525252Fderef-mail.com%2525252525252525252525252525252525=

2Fmail%25252525252525252525252525252525252Fclient%2525252525252525252525252=

5252525252FWvniS0ox1c0%25252525252525252525252525252525252Fdereferrer%25252=

525252525252525252525252525252F%25252525252525252525252525252525253Fredirec=

tUrl%25252525252525252525252525252525253Dhttps%2525252525252525252525252525=

252525253A%2525252525252525252525252525252525252F%2525252525252525252525252=

525252525252Fderef-mail.com%2525252525252525252525252525252525252Fmail%2525=

252525252525252525252525252525252Fclient%2525252525252525252525252525252525=

252FK4PEGxbmCZk%2525252525252525252525252525252525252Fdereferrer%2525252525=

25252525252525252" target=3D_blank>www.selfridges.com




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'>Best regards
P>


SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'>Frank Jonathan. 
AN>



--===============2054106438==--

Selfridges phish from Microsoft Outlook Part 3

Posted by Dave Yadallee on
--===============2054106438==

Content-Type: text/html; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body




=3Diso-8859-1"/>


FONT-FAMILY: Verdana; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFO=

RM: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: =

0in 0in 10pt; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: n=

ormal; TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps:=

normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial=

; text-decoration-style: initial; text-decoration-color: initial">
RONG>Dear Sir,  




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
14px; FONT-FAMILY: Verdana, sans-serif; WHITE-SPACE: nowrap; WORD-SPACING: =

0px; TEXT-TRANSFORM: none; FLOAT: none; FONT-WEIGHT: 700; COLOR: rgb(51,51,=

51); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; DISPLAY: inline; LETTER-SPA=

CING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px">
tyle=3D"FONT-SIZE: 14px; FONT-FAMILY: Verdana, sans-serif; WHITE-SPACE: now=

rap; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FLOAT: none; FONT-WEIGHT: 700=

; COLOR: rgb(51,51,51); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; DISPLAY:=

inline !important; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,2=

55); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: n=

ormal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; =

text-decoration-style: initial; text-decoration-color: initial">
AN>
Roman", serif; COLOR: black'>We are interested in your products and partne=

ring with your company. We are a large wholesale and retail distributor wit=

h several stores around the world, our shops are well patronized=




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'> Kindly=

send us your Catalog to learn more about your products and price list alon=

g with stock availability. We hope that your products are of good quality a=

s we look forward to a long-term partnership..




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'> Kindly=

contact Mrs. Margaret Smith with below email address for more discussion.<=

/SPAN>




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'>Email: =


", serif; COLOR: rgb(0,112,192)'>margaretsmithh@representative.com
B>
COLOR: black'>




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'> Head o=

f Purchase and Marketing Department.




SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; C=

OLOR: rgb(0,0,0); FONT-STYLE: normal; MARGIN: 0in 0in 10pt; ORPHANS: 2; WID=

OWS: 2; LETTER-SPACING: normal; LINE-HEIGHT: normal; TEXT-INDENT: 0px; font=

-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-=

width: 0px; text-decoration-thickness: initial; text-decoration-style: init=

ial; text-decoration-color: initial">
T-FAMILY: "Times New Roman", serif; COLOR: black'>Mrs. Margaret Smith our R=

epresentative

Selfridges phish from Mikcrosoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 16 Jan 2026 15:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgsM1-00000000Gtt-3RSp

for dave@doctor.nl2k.ab.ca;

Fri, 16 Jan 2026 15:31:41 -0700

Resent-From: The Doctor

Resent-Date: Fri, 16 Jan 2026 15:31:41 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-switzerlandwestazrlh10230004.outbound.protection.outlook.com ([52.103.184.4]:4845 helo=GVAP278CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgp68-0000000053K-3DW1

for sales@nk.ca;

Fri, 16 Jan 2026 12:03:14 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=ZITUrPeJSp8dARsTI6KJKJtNMAOi3GNBFnjzwFyQvPUTzl6PQmAK4ZeJ4vhqz81dQDs59yrvGrQw2t5dOQ+AOPeaq1nSa/F0kcRWcB9zkGSplgtAL6wdQWQpYsXbi3Op+qLUHzHY7SgAPwl36ua5sCc3Y6wxHowEyVWMfSXELwEaPtdLbzs0UPU0uTQoN4NDgoACt/hhqxnxrQnRf4nRgYA/tcOltI/HGHPVDxS0JJmQdxxsi7Kych9KAg2lmyO5g6h7msHqu++CENvFxqU73vdlZztjeUo6++Q6sLTBtY5e3tZOXk+ORIqFMS7/ADV+lpnX/uoOgonahgopPRntDw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=pXpVZH31r2BGBG09Bk3SzyliW0jPC2xH5kI5RpEfmlg=;

b=uNXzohsWrz8jOHyoj4T+zTeLtv/czuC6CyG5mD/dPXED7VcChd90hCo2Tfn8noITm8DUlcbEHmscJko6l8ppcu4H13SVLhrcwBpc8mLvqPJpkSwxwKlX2mXUBIE67MRuf8FOzSEM4M35cje+8j9Ky2+RbcHzGPKScrJPVGifNphw8IIjcZ/c2pOVWQm/UjoHBMn6F4o5gVXF/7WQpHnnz96CjiwJkbQRtKIgctHpABL1lzJZQMxqNm09NPXCY3ne+FHsFiawQ+Fx6S5nslpCOg5j56HLlP8ym3RzFs64DDT0E48JSyuvHCXSP9gTluWMxY30nTS3+4eBZ1hRXwNg+A==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=fail (sender ip is

41.193.154.189) smtp.rcpttodomain=nitta.co.in smtp.mailfrom=selfridges.com;

dmarc=fail (p=reject sp=reject pct=100) action=oreject

header.from=selfridges.com; dkim=none (message not signed); arc=none (0)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icrc.onmicrosoft.com;

s=selector2-icrc-onmicrosoft-com;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=pXpVZH31r2BGBG09Bk3SzyliW0jPC2xH5kI5RpEfmlg=;

b=rP3v8J49DmMVwbcBCxnifz7CPLtJCig2FdgV7ljJ3EG2Crz6ywCUP0WkDD0YE2envWJWTY/ERDyvkphrKPVWaRVHOzHBi9ridMLQNT8NSnwgOEe4oMGrHjBduUvXwef0XGYmhOJzUKiAwf9xWeEveFJ2aCp5o8oawpTAZnxgeuQ=

Received: from ZR2P278CA0045.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:47::18)

by ZR5P278MB1925.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:b0::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.6; Fri, 16 Jan

2026 19:02:06 +0000

Received: from ZR2PEPF0000012D.CHEP278.PROD.OUTLOOK.COM

(2603:10a6:910:47:cafe::2d) by ZR2P278CA0045.outlook.office365.com

(2603:10a6:910:47::18) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.9520.8 via Frontend Transport; Fri,

16 Jan 2026 19:02:02 +0000

X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 41.193.154.189)

smtp.mailfrom=selfridges.com; dkim=none (message not signed)

header.d=none;dmarc=fail action=oreject header.from=selfridges.com;

Received-SPF: Fail (protection.outlook.com: domain of selfridges.com does not

designate 41.193.154.189 as permitted sender)

receiver=protection.outlook.com; client-ip=41.193.154.189; helo=;

Received: from edge.ext.icrc.org (80.94.146.31) by

ZR2PEPF0000012D.mail.protection.outlook.com (10.167.241.37) with Microsoft

SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

15.20.9542.4 via Frontend Transport; Fri, 16 Jan 2026 19:02:06 +0000

Received: from [192.168.101.106] (41.193.154.189) by edge.ext.icrc.org

(80.94.146.31) with Microsoft SMTP Server id 15.2.2562.29; Fri, 16 Jan 2026

20:02:02 +0100

Content-Type: multipart/alternative; boundary="===============2054106438=="

MIME-Version: 1.0

Subject: Head of Purchase and Marketing Department.

To: Recipients

From: SELFRIDGES

Date: Fri, 16 Jan 2026 21:01:50 +0200

Reply-To:

Message-ID:

Received-SPF: Fail (orgexchapp03p.gva.icrc.priv: domain of

customercare@selfridges.com does not designate 41.193.154.189 as permitted

sender) receiver=orgexchapp03p.gva.icrc.priv; client-ip=41.193.154.189;

helo=[192.168.101.106];

X-EOPAttributedMessage: 0

X-MS-Exchange-SkipListedInternetSender: ip=[41.193.154.189];domain=

X-MS-Exchange-ExternalOriginalInternetSender: ip=[41.193.154.189];domain=

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: ZR2PEPF0000012D:EE_|ZR5P278MB1925:EE_

X-MS-Office365-Filtering-Correlation-Id: ff034ba2-019f-4a50-b246-08de5531be10

X-MS-Exchange-SenderADCheck: 2

X-MS-Exchange-AntiSpam-Relay: 1

X-Microsoft-Antispam:

BCL:0;ARA:13230040|7416014|156008|61400799027|82310400026|376014|35950700016|48200799018|8096899003|13003099007|54012099003|39260700002|83656021;

X-Microsoft-Antispam-Message-Info:

=?iso-8859-1?Q?+zgxvPacWMZlKy7Q25E53C9bQErGeu2iJTXIMeNy7L22d3jxVdlGn7411H?=

=?iso-8859-1?Q?VJw4chhVvfpPxZss0TZi13tCdcq+2EVT6T2EmI01t7NBnWMqEo+OxhrQYD?=

=?iso-8859-1?Q?lLiTyINw1bRx6f+RYlGvu9ci3l9Zsw8c2dgXL90gjfTo10nK3hxWVA1lw6?=

=?iso-8859-1?Q?s6KOZmV2qZbnncFMAu+5rugGZ/HE5skBIkeG4V+KVLl4cxZ400TsHqTmo9?=

=?iso-8859-1?Q?4dc8sb8mpLS1ty9mYRUZ5dYy9MDWyBJfg8zhmGiEnH1WZmCB0xtqiTyUPK?=

=?iso-8859-1?Q?7ehzJC4IvZXWp3PSTPD4PnkYQWj2ggarSWsTVs5FboVKnjnIiMQ0zD1IQ4?=

=?iso-8859-1?Q?3Q7spm/8dYSoODKNXPJjKoHz+tgp/pI9aMOZZpJCzwCa6NF9z3R5eY5dmL?=

=?iso-8859-1?Q?ZioILxGEuLHlcRvqJD8x7SeQYwO733oJhjSRSV2fKooQSiXJEMCNzHmh3h?=

=?iso-8859-1?Q?eOjr2fw4Z+YXbcwTikaVUCw4NVHArsTOgCR8onJMo3GtijvT7IJ2z+JGth?=

=?iso-8859-1?Q?MPvc8S/UKW9mrGN0drIWWn7ci5tBLz6ojoV5fwwC5a+xFDOJ88KMEAPVHd?=

=?iso-8859-1?Q?8ms7UP/2iXEorYSlsG8tlQxFUaa+O9QU+SeLsxoFg39tlSl13bsuuLZb9j?=

=?iso-8859-1?Q?orzxGsSlUtIZBlDs0AvugKw9j/MCoXO/pw6TyNhrMbQzAUqzvCdUULZxwb?=

=?iso-8859-1?Q?N9jAQtsUB/GFr2BcPCyt0lWMG5vl0CIVG/jgQTz/TjPq6bxVehurnWwUOg?=

=?iso-8859-1?Q?brTqLqCWDrbALnygddBBWtIOF8fu2Bo2zL12u0++op2ul9VzW7oBZYJctk?=

=?iso-8859-1?Q?Wu5Be1byT8obif/Bc4wKGbfyu+Xaq1iHaTZcw0mpb6KgXzzEhTJ09Tfrg5?=

=?iso-8859-1?Q?jGmilJxCLuCSt1Wb280hzGK4/jK9VJ9aur+IyFik0yBdrIENPXDHULtXxO?=

=?iso-8859-1?Q?0kLgKYQv3NaSnyhdn5g4UAh8IwNnCQwLY1sb1svCnz4/rjwM3S5mQ92Hhs?=

=?iso-8859-1?Q?p2PRl7NgL01fookFaADnRvX3qKGQeS1KV6h5Z5lL7QLS98zh1cN5jlUQ7O?=

=?iso-8859-1?Q?qqzJ1uL6yW90rqkLAiK3/+KBkjzg9rcNtZKWniH4anrkEMPEKiC1NjNoQ2?=

=?iso-8859-1?Q?5Uo8NL7jNHl4rjF6bbqIEvJhuo5GlToZFJWRnoMSbBys0xXZJh0nAK3mpQ?=

=?iso-8859-1?Q?V41o8CrpkcZH2ZbdNeiFZLKKlZZFGa0+c9HdNgnikFG/6sII4xcR1I155W?=

=?iso-8859-1?Q?8UlC97N0pwzsJhB/4VsvZPte4iWRoSuHe8dq3x/6FRltGlv30YAskYvhSf?=

=?iso-8859-1?Q?BKtxZ1XM1ad591eXNClGVffNr7YVf69p5yh7CT/UHne1L2pwf8WXpnb1ma?=

=?iso-8859-1?Q?kjceCjvuRCt/OGj1McpxRhiKwDjSdpPAX1hBGL1r+aRuhpwxYgKn1xD+Gt?=

=?iso-8859-1?Q?KD0W/FBbwyzJPzscadDnebMUr4KDjSp49pXgU4sc4fOeC03DFPd7Bktg7j?=

=?iso-8859-1?Q?XqmfAviPoGj049Zfj2qnh/3eS084FPmtnNFptx5aUiFHqo4Q9a5RLNf81U?=

=?iso-8859-1?Q?uljAstmoNCDudUonlOhKx2qOLJwuiVhv53Buzeh0sSK2/57HlU9qPi/gx9?=

=?iso-8859-1?Q?Dz7mYn2pMA8H/cw6Grh9JtjgA3UincpAYpcVTjKCrZB0Jb76HBW+e8cxyE?=

=?iso-8859-1?Q?VWp9gPS5EkHDTS+AJdIUeZqB9hRHQPhGMRKQ1mlOXwGAi/VSfts13mC9nW?=

=?iso-8859-1?Q?dBZc+q9kMPh5FSovZZaJa15Sf3owbExwKyiFMquAIDwbo5buLIr0I3SB15?=

=?iso-8859-1?Q?Hct1YcvUAxqtc+E8A14giBGRGwn7hmbx5XRB6EKCVLUXXrVGVrE4RSoImJ?=

=?iso-8859-1?Q?0FkHeGdFmN4djET+AR1AM/D6KZFVYR3LZSmGH7V23YHk7G4ZD9PiBFGhlk?=

=?iso-8859-1?Q?fH6YrUAelXDXyEtcqlxT9fwS4ayTnP3bIvD3yMGzig8USZiVMdpUI5Zp6C?=

=?iso-8859-1?Q?kIFD7lwKS9mEVpN/GTVoa4sAMQ3La/BZxMPIsfFrMQKDXEroJp0JpNsOek?=

=?iso-8859-1?Q?PXKM7Uq0buge3MtCbh5wLaVnPu3KnDjS6bq5/MOhU9lapwuCiJ1ca+Q20l?=

=?iso-8859-1?Q?R8/XkekHvKvXYKdyGTbeDq8tCdvt61rVuYP1TPOBmwGYlFcDIvYEiTgnqb?=

=?iso-8859-1?Q?pE5KVrbMF1ssqqql+EwCUtF9w9ZqiKH5MMHXYGRCaGR/VTdNo1eozxh3HV?=

=?iso-8859-1?Q?wNW37kXPrL78B6b9gwqK0bK6RhsnGZza1yXL7jHaImzs3UjdJe9+CUwp2f?=

=?iso-8859-1?Q?+xujKH6D0XmweH/cLVI67FRqNZWMFiOIR50D7fs7lRUXpcdUFjujDm7fCj?=

=?iso-8859-1?Q?AoOs8nE4WEY4fW6Ai+i5l8K2Svnh3YKmHyAy1hBIRCvRtaUWb7FmV2ZpHH?=

=?iso-8859-1?Q?jQ636JnaOeDOtPGchVI3Qim55CNfsBSTYYejuv4fjYzlYhohzwizpNWb8o?=

=?iso-8859-1?Q?vlKj1SPmKZ8V2FuX4xLk7apbf5sZ/12GEk5mlefTdsYtdv7wBYDLCtnPE4?=

=?iso-8859-1?Q?IwaRxtyrtMr5LEdTB2p9hD7Trj9XZm8wftajLU+6DrzaUTNJG5aqmyUS0+?=

=?iso-8859-1?Q?Eut3qnoj703zGTL9wZruhUcaYu092mLl5OVfrzMWbz6nAEsHZwMFA+loRU?=

=?iso-8859-1?Q?g5PMUYelvZPVoNmOcPyFCM4KaOQDJI5p2HQnZlBYFZHp74SbUj+0IUWXfR?=

=?iso-8859-1?Q?HF1iqmFlGU1eAAzGiAQs8N2rrcEhL3vUasmMw5BuGxqfzmejUjP06rhgsN?=

=?iso-8859-1?Q?kL8L/o7k31mjlQNwI3fUadX4mVvhcTqqLnaIJSxNGmhxVnwekE/kN1eDqA?=

=?iso-8859-1?Q?0wytyspeGdMDZYInU4DGMXB9Qu6SQ8aQp9vuryNw4JSGrooQARDgAFQjrj?=

=?iso-8859-1?Q?f8rxBoifhRR2rWtTpWyyQpmkGYIQEkTckJlV2c9B/33eqlxb6OdC+LSItA?=

=?iso-8859-1?Q?TQI+3T0mvxUpCd4gFSnZjhh/0tW1Scb/KnqSWhzK6l89G2fcubSfJiIWIE?=

=?iso-8859-1?Q?iQ=3D=3D?=

X-Forefront-Antispam-Report:

CIP:80.94.146.31;CTRY:ZA;LANG:en;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:;PTR:41-193-154-189.vox.co.za;CAT:OSPM;SFS:(13230040)(7416014)(156008)(61400799027)(82310400026)(376014)(35950700016)(48200799018)(8096899003)(13003099007)(54012099003)(39260700002)(83656021);DIR:OUT;SFP:1023;

X-OriginatorOrg: icrc.onmicrosoft.com

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jan 2026 19:02:06.3378

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: ff034ba2-019f-4a50-b246-08de5531be10

X-MS-Exchange-CrossTenant-Id: 9e8a5334-497c-4d8a-a797-7997cf8cc763

X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=9e8a5334-497c-4d8a-a797-7997cf8cc763;Ip=[80.94.146.31];Helo=[edge.ext.icrc.org]

X-MS-Exchange-CrossTenant-AuthSource: ZR2PEPF0000012D.CHEP278.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem

X-MS-Exchange-Transport-CrossTenantHeadersStamped: ZR5P278MB1925

X-Spam_score: 22.7

X-Spam_score_int: 227

X-Spam_bar: ++++++++++++++++++++++

Selfridges phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir, We are interested in your products and partnering

with your company. We are a large wholesale and retail distributor with several

stores around the world, our shops are well patronized Kindl [...]



Content analysis details: (22.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[41.193.154.189 listed in dnsbl.ahbl.org]

[41.193.154.189 listed in dnsbl.ahbl.org]

[41.193.154.189 listed in dnsbl.ahbl.org]

[41.193.154.189 listed in dnsbl.ahbl.org]

[52.103.184.4 listed in dnsbl.ahbl.org]

[52.103.184.4 listed in dnsbl.ahbl.org]

[52.103.184.4 listed in dnsbl.ahbl.org]

[52.103.184.4 listed in dnsbl.ahbl.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[80.94.146.31 listed in dnsbl.ahbl.org]

[80.94.146.31 listed in dnsbl.ahbl.org]

[80.94.146.31 listed in dnsbl.ahbl.org]

[80.94.146.31 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[41.193.154.189 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[41.193.154.189 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[41.193.154.189 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[41.193.154.189 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[41.193.154.189 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[80.94.146.31 listed in will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:cafe:0:0:2d listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:910:47:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

[52.103.184.4 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[41.193.154.189 listed in sbl-xbl.spamhaus.org]

[41.193.154.189 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[41.193.154.189 listed in zen.spamhaus.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.184.4 listed in wl.mailspike.net]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.0 ARC_VALID Message has a valid ARC signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

0.0 AXB_X_FF_SEZ_S Forefront sez this is spam

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 MIXED_HREF_CASE Has href in mixed case

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

2.0 TEQF_USR_POLITE To and from user nearly same + polite greeting

0.0 TO_EQ_FM_DOM_SPF_FAIL To domain == From domain and external SPF

failed

0.0 TO_EQ_FM_SPF_FAIL To == From and external SPF failed

Subject: {SPAM?} Head of Purchase and Marketing Department.



--===============2054106438==

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body



Dear Sir, =



We are interested in your products and partnering with your company. We ar=

e a large wholesale and retail distributor with several stores around the w=

orld, our shops are well patronized

Kindly send us your Catalog to learn more about your products and price l=

ist along with stock availability. We hope that your products are of good q=

uality as we look forward to a long-term partnership..

Kindly contact Mrs. Margaret Smith with below email address for more disc=

ussion.

Email: margaretsmithh@representative.com

Head of Purchase and Marketing Department.

Mrs. Margaret Smith our Representative

SELFRIDGES

www.selfridges.com

Best regards

Frank Jonathan.=20

Web/SEO/App spam from Microsoft outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (5.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[52.103.43.56 listed in dnsbl.ahbl.org]

[2603:1096:405:14:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:14:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:14:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:14:0:0:0:12 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.43.56 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:14:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

[52.103.43.56 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[madilynsmead(at)outlook.com]

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.43.56 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Follow up...



--_000_TY0PR04MB740464E09714578D8620A068D88DATY0PR04MB7404apcp_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable



Hi,



I was just wondering if you had a chance to review the previous email I sen=

t to you.



I understand the value of your time so I'd like to know what the best way t=

o reach you is and when we can discuss this in more detail.



Waiting,



...........................................................................=

...........................................................................=

..................



From: Madilyn [MadilynSmead@outlook.com]



Sent: Friday, June 30, 2023, 2:40 PM



To: root@nk.ca



Subject: SEO Service







Hi root@nk.ca,







I found your details on Google. Would you like your website to appear on Go=

ogle's 1st page to boost your business?







I'm an SEO expert and have helped over 5000 businesses rank on page one. Ou=

r rates are affordable. Can I send you a quote and price list?







Thanks!



--_000_TY0PR04MB740464E09714578D8620A068D88DATY0PR04MB7404apcp_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=

//www.w3.org/TR/REC-html40">




>








k-word">



Hi,



I was just wondering if you had a chance to revie=

w the previous email I sent to you.



I understand the value of your time so I’d =

like to know what the best way to reach you is and when we can discuss this=

in more detail.



Waiting,



…………………=

…………………………̷=

0;…………………………=

230;…………………………&=

#8230;…………………………=

;………………



From: Madilyn [MadilynSmead@outlook.c=

om]



Sent: Friday, June 30, 2023, 2:40 PM<=

o:p>



To: root@nk.ca



Subject: SEO Service



 <=

/o:p>



Hi root@nk.ca,
n>



 <=

/o:p>



I found your detail=

s on Google. Would you like your website to appear on Google’s 1st pa=

ge to boost your business?



 <=

/o:p>



I’m an SEO ex=

pert and have helped over 5000 businesses rank on page one. Our rates are a=

ffordable. Can I send you a quote and price list?



 <=

/o:p>



Thanks!











--_000_TY0PR04MB740464E09714578D8620A068D88DATY0PR04MB7404apcp_--

Web/SEO/App spam from Microsoft outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 16 Jan 2026 15:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgsLQ-00000000Gt3-0VCT

for dave@doctor.nl2k.ab.ca;

Fri, 16 Jan 2026 15:31:04 -0700

Resent-From: The Doctor

Resent-Date: Fri, 16 Jan 2026 15:31:04 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012056.outbound.protection.outlook.com ([52.103.43.56]:30427 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vgnJJ-00000000Mfd-0QbF

for root@nk.ca;

Fri, 16 Jan 2026 10:08:44 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=gmx88rhv9SEBbLKjpkivmujp9LiUUsYrRsWlvz/JD+FxgVQohB/YZJOjEQ4xfzk3bdqihPC87Nr6/hEFNv9p/X8PFV9g1LYgHUI4Yc8ojkNwza0cd9xScFudDrV18Wzw1Xx+wnlrvawGFE1EpYghC/nSE1TLWgw2UtN/LeFBt4V8efat4LZXjBAGFPdn6zNpKKqxCqltdW0UjrPn3AiyHMFMe27ssrePJCZlHNS1S46d9szvbIjUdRpYJ+5PvttLbhV+MlJeU4Amo3rDWlHLntnL8gLioVsV4zbbfCDihifq8MeedtD56lMn3rfVtXZqVrVq8cmQLnAmqKTi8HXwag==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=I5G1S3ahy79VyLYU7lrXjNtRq+1gxK+Odyi/jD4xxPE=;

b=cJQt8Geeitb1SptGGZQ0MvWA/Uy0efDY5p9kG3k8gsD5UxVQfQJeO1Xs1fs33wP8JBPpd1vY/goBm0612QNkjllLpsWhX4xbuJYK3IyPSHB20m2+PEtFJLY3I/qizPQs29JRGorXntwiI9Zaj9d1+NnHxafIow2CtGHm7hWaMXBkINQfxWx9LlZfC3u2/fZQlWUWo1HrzMrGqOEnz5k5UoxjdsDSGzlPxDe1q5AFa1CkCnffNsysMYkQzmYcNoLxHvR9KOWAx5izF+Y7Li3TUG12LyjWeRd6I0xG00wtlsp3nfMTlI1mXQ/6KVHHxFCD4StWLjX37SBrOXBvKZIY2w==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=I5G1S3ahy79VyLYU7lrXjNtRq+1gxK+Odyi/jD4xxPE=;

b=mtcL3hdLuCmp12gyQZPoV8cSRg9N2f1XAbFt++BZR9pneuJN6NwFzYe6P7QJvKGNWgvHmm/s/DfAbuxPxHvpBzi2A+GxGjN6pBg+eEsqbMokv7WPp1TfoIi2DHENqr9wqlVuUINBnUWKkhWAH6QB9RqW9gKzUauvtA7VBAmOu/IhevovdIbiZbkZxeLo1EErJbdHVl3hAgVSU3SF04aPJBwt6/gMCAmeJBNqgP+0FHXXc79D/zvxm2b2fhKObTxfp9Tnx5ZS1Z8MUnt+8d3oG3H82iigh7p9h+bBMj3onKzPSSEXjfdcxdfFtNLeX9HYGHC2Zeh/wz7Y1VyZ0En0sw==

Received: from TY0PR04MB7404.apcprd04.prod.outlook.com (2603:1096:405:14::12)

by SEYPR04MB7362.apcprd04.prod.outlook.com (2603:1096:101:1a6::12) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9520.5; Fri, 16 Jan

2026 17:07:36 +0000

Received: from TY0PR04MB7404.apcprd04.prod.outlook.com

([fe80::efae:494e:44eb:4af7]) by TY0PR04MB7404.apcprd04.prod.outlook.com

([fe80::efae:494e:44eb:4af7%4]) with mapi id 15.20.9520.005; Fri, 16 Jan 2026

17:07:36 +0000

From: Madilyn Smead

To: "root@nk.ca"

Subject: Follow up...

Thread-Topic: Follow up...

Thread-Index: AdyG/IVHIPhvSkoKThKsP/8WxigEYg==

Date: Fri, 16 Jan 2026 17:07:26 +0000

Message-ID:



Accept-Language: en-GB, en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TY0PR04MB7404:EE_|SEYPR04MB7362:EE_

x-ms-office365-filtering-correlation-id: ab3e0f4e-cf65-4861-e06b-08de5521bf2d

x-ms-exchange-slblob-mailprops:

bHQ38DpbEWAayy1Fxvh9DGGZQkLoCo9lA8ldtO/kAhGOZh7jeSBYfavP37K3Umcd8YH1SdZA9/OrYvPjJeZKSq2hTt/GQwxWWcAJCQHzfAmePSfWsCEMAPWrEuDLyQBu49TqFte05QuON1H3XZVRBK5Fc5HnPPY+UCsnce3AKs0j2g6e0gLLz3S/7SKCzTxDU3RhNynEUD47MBXnfhi37TQdl2RuDUfuiSQfzCybq/EFuoMZunljtH03uJU0MdB0MWic0FC/TeCy7XH2RppL/k1fQTmLaOR+HlLocfx2mZySOQA+g5GJTROOt/sic+5+oLxJBqSBBnCf/ZsKy/FMnreWQjNpuKIvxa5bILfjw4flrcEyRZtVrZrBhRIptKQ0zCdoHQVWf9aW629N0fOMyr8CnR8ziZoQttUD4JJG1HU+txWIyB8v2Ndbt15sGqELuDt0YPBRGq7hYv+9RjGqC6FxvvcERog6f9IUKi/d303I/cEXV8oWapJ5k9ZCwaTBl/KapN7Xw1x4/ro90/71fbtMnyknelk8HDBTr82m+a29wPdHgkZ6dC3kgu9IxHEQR67HBl7ucAk0rgJlK7NBHFMu5TckrXzHt+GEqZ1WchflkHsOFwVUKmvoPbGAoUKkxSS5Ur/wQHOopYpptgJ5dDg80K5wkFpBWbQULaoa1Pheo/gWZaY5lg==

x-microsoft-antispam:

BCL:0;ARA:14566002|20031999003|31061999003|15080799012|461199028|13091999003|8060799015|8062599012|5062599005|39105399006|19110799012|3412199025|440099028|40105399003|102099032;

x-microsoft-antispam-message-info:

=?us-ascii?Q?FoLPTWyFuXJw2uOI0hILX9359DvTWOIeD8nGAui0DMZVmKu4ub53d/VCKSvk?=

=?us-ascii?Q?a3Bj7uHRWhBqqQcZ7a1GTwWF0+3V+vN81EMpSsq+vdDSCrdKmUSD/PhXAD0G?=

=?us-ascii?Q?Tl9tlotqBOW1+pBAeGY2ESvwlVaKnoQrrcpUScSu4t6h1MQ+VqWfWwFbF74u?=

=?us-ascii?Q?G1mui9kqowCl7uTEvZmw8NWVXvDKfioOMnLaF1AJ9zs7xq7tVAfxN2uBuNJX?=

=?us-ascii?Q?Cz+j1rzq4bn/FZ4Yx7QFo7MHysoJpMOu86CXMuNSBIi/uNbGj/eo6paECG7X?=

=?us-ascii?Q?FCM3nXUgdVzJqSBC93DKZQEeMvcZbvqTt31+Pgt10ZKCqM2FEOZ7j6i/7fLT?=

=?us-ascii?Q?clj+jvnr3y2sanxlc/viCP6YcO+L0FNKfL8cjxFVs1B3OYTrsbzE8Bp9yUDo?=

=?us-ascii?Q?52Q7f95IvO42Bcu+YJhg+KjG61E4Qu5Pgko4tuPAjebIpr5KqbZLluDnLQAX?=

=?us-ascii?Q?gMbhjLbLEZIhGHwCYzKL0yeM+Hd/izmM3BEQYTt5RehSKYdBquJkoFCTauxy?=

=?us-ascii?Q?LnXIEdJxeiZTvvN6GWo42EudlGADkHonMedUy8/GeNJu044L764CIlZzGljs?=

=?us-ascii?Q?pi4NlqW0I5/mjK/+MfjSh3//P4gT6Jo81Z7+8yUOGVo5Zfc9fPWfI8V/5b2R?=

=?us-ascii?Q?9q6yoJgDvqCyj+bbfE6XVtw2uXa9uwoHKxaOjEk/p8PgZ9hvF8oYG7FfZW7v?=

=?us-ascii?Q?VsG6OxbjM+CHhHChvVBZ/k29wbJYEzjV97y5Ua/UfNn0SlKl+PBOpH3f7FZI?=

=?us-ascii?Q?DGY7Q2ypwJ9srCp2pFjXSIfm2dSYSWXWRNQSIygVw0aVLPg8z7dw3y0pNGtv?=

=?us-ascii?Q?umvlqlKpIeUknKGttFgjW+fnJG1tY4ss2H0N9fK5ouDTMjCPgX/TXUhTi3tY?=

=?us-ascii?Q?hJFvpH/bHeGhiKiTrKCp0wukj9LW3sL85VIMPiSkFey+Y1lecgby675DTeFX?=

=?us-ascii?Q?Oew9fMDP99Pix3X4qlpMCHt8lfbWNxgRRKmWDG4xE+WfYtv5sxUjeR8fclhm?=

=?us-ascii?Q?72I/ndd7QScUJXPfimO+dg+g/bo+bK2FxccDBe9udcUIVBlzzy4Iv4zvUs/8?=

=?us-ascii?Q?lumjH/3YxYJx1OYVwAugc/AMavnbV1DqPYGXtmsZNMCHP5MnliJvUwqfi1av?=

=?us-ascii?Q?Qs/2IOON+FePOizVXjTPWNu9agAxpnHsQmO+UwTSv155ep9iZwquHGSDoxcV?=

=?us-ascii?Q?QO6/9y0bGiHlytVqsrwwXD0vYppFPO1j4oK8KyhdO0Zji298ooydXh41wODC?=

=?us-ascii?Q?t8uynzEVKVZ9XXSIvdqqklebztIDtt1ZVpUkNsY0WQ=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?us-ascii?Q?0oPcy7K5LZfIyDrL/jZa0KJq/IpLoIQHbS6aZlF1TWxExl1IAyMf2oJw+NxQ?=

=?us-ascii?Q?zskMY0g6R6C+QBkZlYCRPMoRvh0l80gd3ZMMXqWdduh6Fk6+cUi8qyl6QaZs?=

=?us-ascii?Q?3QS3GD5gd3g+e2Uqcq1NIXPMfG6UXQxFxNeczV3bl1kkVTkqrqHukLj4IC48?=

=?us-ascii?Q?Gspttgz8EoDZK4dKQFKS3xwzL9ZIWTUQQ6NUdRJgKaDy+1ndVLl40B/lns4L?=

=?us-ascii?Q?S0t0Df/zOj4/PDgYgNyfbxguOHMgJ6ms96XSeTCrzXb8dWHFw6svM94a9c7h?=

=?us-ascii?Q?1UgYJ1/5Up7GccwGo6t3cTVO8miXxbKEFpaUci4HDINbSJTVhY5AbKJDrVvb?=

=?us-ascii?Q?/JmraI8zpbQvIecRjDgIW5aLjteN72SPU9Sk3ErqeINpTSKb5XLN5HoSh4vZ?=

=?us-ascii?Q?zJJCP+NWt/oeRhIubeCxXUo6gwhcSHh2ijGmxMOHabUcE39h0IKWOTtUKr9x?=

=?us-ascii?Q?eXHKaywbfe4e4I1vlfuklVqUZSgmfrPygVC9P4/D0iqrjqfCVmDAKLodsS/5?=

=?us-ascii?Q?lPE+Y6XAa8rtpUZiMZIMTo0sGJT6uxs+kX/xJTTolHvSje8NzGrlhcy0/laR?=

=?us-ascii?Q?5LuOqe6PDZNgE5uryEie6F9Npm/yNXY5/663jtLzxKAf190ErAF8Lv1ZbNmc?=

=?us-ascii?Q?6yRFwgrqUIeyu8ZcCe7pvQIiSkiUEiu9zb8iWjd1gcb1C1QiIS2+0ygKGguQ?=

=?us-ascii?Q?h5xD4DIRfSQVVVxKHyIk4V3uQJovd5DHLNiY4CgkxYR9stpgY7W3g/M/EbL9?=

=?us-ascii?Q?io5YCR+ag9kdWC8eTaSRhU5uezmNZ1YG34qkzcTkEpV5Nx0ztUal9WiJlkGV?=

=?us-ascii?Q?vuntGeyFP5e/gQrOFxzBjwbV+Zf2MPXbEFLiIDIRMCCwA+yA+CJCKnMLkOwK?=

=?us-ascii?Q?bCPz74DgOzmHIDACHF1s7JJMbjgZZrmbhHYWF3V2t9Epvo2OyT8Mbz7LaYao?=

=?us-ascii?Q?ytn+RPFeLgmwIr4a7yAIGn/I4nJYDS7NmcSORhLFyS3WmyyEJyWRKMk/WDTU?=

=?us-ascii?Q?oR3NgjrP28/YGJumT15NtKs0+eWi2ZXiVCZtPiKaEgleyUWcYu4b8yx4nCY8?=

=?us-ascii?Q?C52zHZm5a/fuB7UL5y6ge1e1Xr++ffh4k+tiad6EoWz9GGxQmJfOsKCBxTr0?=

=?us-ascii?Q?L8RM70Jvak9f8XJnbCq+cTwmZKP4eSA39LmNwumoJnTlDnWijH00I5QHqjb5?=

=?us-ascii?Q?LJUBNkGXLK2OU550n64x2NIsMWtC4mSDCzwD3tVYlBGs0ZgUfBXGQUrW2uin?=

=?us-ascii?Q?4R2umwsD/FW1HHAihCHjXsIN+RQNbZVdASOO95K9N4pMV9yB0aJZb/SvqfI5?=

=?us-ascii?Q?cfNcI4M5tIAmcPQnFygD7umlHVgZC1y2Wvt3eqSVEhI5Vo5dBTa5vTLj04Vd?=

=?us-ascii?Q?X49V7AuR2wxvvU1cn4+Dj336CFua?=

Content-Type: multipart/alternative;

boundary="_000_TY0PR04MB740464E09714578D8620A068D88DATY0PR04MB7404apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TY0PR04MB7404.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: ab3e0f4e-cf65-4861-e06b-08de5521bf2d

X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jan 2026 17:07:26.4765

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR04MB7362

X-Spam_score: 5.1

X-Spam_score_int: 51

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, I was just wondering if you had a chance to review the

previous email I sent to you. I understand the value of your time so I'd

like to know what the best way to reach you is and when we can discuss this

in more detail.

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?yi+etgmsje9dO1DAUzOCTk5puwkJDKvZOUdaYJJ9NNG5rs8YVuhTmTBX?=

=?Windows-1252?Q?DMYxPLMYaz2mjBavzN9gmvEyjREPhtupLhHF33+gn33+RE+0l9y26E3L?=

=?Windows-1252?Q?L4ngGAmveziDbIU9nxjCkgp8jUYz6HfVRmEoAIHidoadCw5GnUFfcoqC?=

=?Windows-1252?Q?y9YMWQn/RjcleKTtVanviEGKz9OXaWtGBUVoDyg2Gbmv6WXRQ4IZ2/t8?=

=?Windows-1252?Q?GQITWh/2pypptdt0h4Ba5IG7CqSzO0LPlfN3ACNgFngbt02zcwp6bVLY?=

=?Windows-1252?Q?DIQPDNjMrX8UwaZBQwnyAa6uV62g47jCuUzLPEJVu9oJTOpNW4sM1FUx?=

=?Windows-1252?Q?CvvqQDC9tSqGL10+QIXhDl0U6EhIEIVAtt2sDNwV837wZ1MpQsiEv79H?=

=?Windows-1252?Q?NCHYpuZC3OKebS4hVstHMA5go4U2k0b16RKjVHAVLitZk/j8GDhJvLtU?=

=?Windows-1252?Q?oUH/diuzn4gN2QmcNVn/Mitf2YuDsVXSF8RtWVbZFCePSkl7ml022/kc?=

=?Windows-1252?Q?SmPfW4RYhmN/kl3sfimZ3fhzfi4/9P5zjcXEKPaSBefBfIt4lp9iw3Jp?=

=?Windows-1252?Q?mMn2dsgqrabXsAJiaK2jpdCO59LhWGQnO9shF1u+Z/Cti36Bt8O7IgFO?=

=?Windows-1252?Q?ZPSM96SAN6QpEf/bvo9R9UGMicfle3JlfW4T0hy/EROjaTF8p3fUxbGh?=

=?Windows-1252?Q?bb4O9ytoW4KB4gUGGQMsXmx2GwnhZWs0p9odJegnEGoM08IYJaVDYhxU?=

=?Windows-1252?Q?FNIf0Gs43EOf9O5Byzk50+ESUfkYOUhPLvre4x4HnYYlpLTAlRnqgj6v?=

=?Windows-1252?Q?hpjK8TQdyWJE464cqKQUCMWN+v5MvOsfuNtjhEYNBTbCQfjGikWuUlX4?=

=?Windows-1252?Q?aQWZiVERjqkUH3xfv7xR+vdHMzcckFbQSCAGs+pNOxkEED+Si40PUabW?=

=?Windows-1252?Q?vEJe5wOlnM2IYi1/Q0tlESZfFELc7Q/tlwAWj6KrelZioHjGuScNgcVi?=

=?Windows-1252?Q?vjTW06GzlJkTUodziS2l0be0DdprAy+fn19FxkAoMaRlcvgflh/7Ms6H?=

=?Windows-1252?Q?pH9YDIdlS4jAwiCCgwoBr76SFSBTbpYC3GMG0hfMDAgrs5mmxKcv4Aqe?=

=?Windows-1252?Q?7YPe4+dO66LHRW4bKxeeYtisNA62eZ4eqZhl8L53ROHC065aG33XGjvY?=

=?Windows-1252?Q?Z+IcedPI1ZP1BRQaLPj/2jIBkNhl2z8Zcew9scO2DYPZQmp2AGq2SF3y?=

=?Windows-1252?Q?GKxn5J9QUn+sQkNaTVCj0R+5sqHUaoeX39rSSK5EOSns4tSyOD0iSsDZ?=

=?Windows-1252?Q?y7mXye/0yJsyRoKxKDvDxK0mosC8P/5daDHmDy1cTjuiNCPJsNUwiJgu?=

=?Windows-1252?Q?X2xMVCpem2vH9+AgEXdTc5KJSSQTQmchb66dHwK56y+6Ak8k/ySJ80Kf?=

=?Windows-1252?Q?L5Ik5BzFwySiV7Thr5XTfmL7gcFMoHiaKCqRp7T2eVLtb1pl/T0prr0S?=

=?Windows-1252?Q?/Uz8D0PDzc02IYRmrYCIwnFyS68LaAYZhOtkfvbWGzI4XLAY3mZ+a6I3?=

=?Windows-1252?Q?cQWob9RrwjLRPYKrlRPVNf5xdimRENWHtCPpfQ=3D=3D?=

Content-Type: multipart/alternative;

boundary="_000_MA0PR01MB985236AF841EEB5293642417BE8DAMA0PR01MB9852INDP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: MA0PR01MB9852.INDPRD01.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: f156a95e-ace5-448c-19d0-08de5535640d

X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jan 2026 19:28:13.2504

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: MAXPR01MB4438



--_000_MA0PR01MB985236AF841EEB5293642417BE8DAMA0PR01MB9852INDP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



I sent you an email a few days ago. I didn't get any response back from you=

.



May I send you over those price list.



Thank you!



From: Charles Expert

Sent: 13 January 2026 09:07

To: Charles Expert

Subject: Re: Portfolio & Pricing



Hi,



I personally visited your website when I was browsing it.



In order to significantly improve these search results for you, I would lik=

e to send you an audit report of your website.



Can I Send you Quote=94 and Cost/=94?



Best regards



--_000_MA0PR01MB985236AF841EEB5293642417BE8DAMA0PR01MB9852INDP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Hi,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I sent you an email a few days ago. I didn't get any response back from you=

.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

May I send you over those price list.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thank you!



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">









11pt; color: rgb(0, 0, 0);">

From: Charles Expert <CharlesExpert1971@outlook.com>


Sent: 13 January 2026 09:07


To: Charles Expert <CharlesExpert1971@outlook.com>


Subject: Re: Portfolio & Pricing


 





_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Hi,





_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I personally visited your website when I was browsing it.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

In order to significantly improve these search results for you, I would lik=

e to send you an audit report of your website.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Can I Send you Quote=94 and Cost/=94? 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Best regards










--_000_MA0PR01MB985236AF841EEB5293642417BE8DAMA0PR01MB9852INDP_--