NetKnow Corporate Blog

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[209.85.221.69 listed in will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

[40.93.20.59 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[40.93.20.59 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.0 HK_RANDOM_FROM From username looks random

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

3.5 VOWEL_FROM_7 Impronouncable from header (7+ consecutive vowels)

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[40.93.20.59 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[40.93.20.59 listed in wl.mailspike.net]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[haressaznzxrrsxaxz321(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[haressaznzxrrsxaxz321(at)gmail.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.1 TW_RW BODY: Odd Letter Triples with RW

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.1 TO_IN_SUBJ To address is in Subject

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} =?UTF-8?Q?Pozv=C3=A1nky=3A_Geek_Squad_Renewal_Transaction_Record_=40_s?=

=?UTF-8?Q?t_3=2E_j=C3=BAn_=2D_=C5=A1t_4=2E_j=C3=BAn_2026_=28cynthiaperez389903=40groups=2Eoutl?=

=?UTF-8?Q?ook=2Ecom=29?=

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?S3B4c0lzaXlvcDJUcUJzc3d4dVg0MlVLYjRtSHZrcWQ3TEo5am9XazhJYmlV?=

=?utf-8?B?bFBRUXJSaG42Q2pEdFIwQjZhZUxvTDNNK0tnYlNlUERLVmdKT0FFd21CVFla?=

=?utf-8?B?c2M3bzZRTURhWVdKT0w3YzZicU5ERGFEa0o3YndTRFZzSWhjWVhUVGZ5ek9a?=

=?utf-8?B?ak1KZklOR0VtakhGNnk3cTVlVzFyYWxxTGJNRTBYZGY5N3Nzekg5cG9na1Ft?=

=?utf-8?B?NHZpeVlrSjUwSzJ5d0VSa2M2SlFtZy9Tcmp3NjVXcHNLdTlPaTVVdC9NZElJ?=

=?utf-8?B?Ui94K1k1b0NoTkIzZnE5L0MzMmlzajh6MFhLdDc3TUxWaVUyTG8rcUJIcG9p?=

=?utf-8?B?ajB1VWgrckY5bDdOdzBMR2pqbkREUEJrZDB2UzNGMnlYclFJZFNVWDBXSWZJ?=

=?utf-8?B?U0NZVlhZRjByUUVWU05Gc0k2Rmx2ZEM2OWV1bE1OdWhEZW8yNWROTlRpSmVu?=

=?utf-8?B?RU1SRVZWU28zZlRoR2k0N0doc0UrY2ZiK1lHaExmd21NWjlkd2Z2U2FMZmx0?=

=?utf-8?B?V0JkVlplcFJac2ZRVGFkc1Y4SmdieEUxbFJZZkNQMzZRN2ZnTHExWXNoZjJo?=

=?utf-8?B?QnNwam9HNCtaN0Uvc2ZoVDcwWElCdzBzSmlvS3FpU1lpNUpTZkxLSnVjbnBX?=

=?utf-8?B?TThPdzM3OEpIMU5CNEZGWnc3MUZ5cjlnUlZUSENoQTlWMmVVL1VtUFFCT3l0?=

=?utf-8?B?N3V0c1BrYWJKa3hGQVRuS0NLNEZVVWtLOThBeVBCMmp6eXZMVHZqbW91ZnBs?=

=?utf-8?B?cG9DUG9VOS9EVENOM2J6T3Q0SmMyeXRqb3F2OVZvQ0lyendQUjJ5Z1ZLQUFL?=

=?utf-8?B?aCt2dkoxZHFuL3cxdWgxYmJnM25aN1hJbWNZWXNqVHg1L1FKZ2VMdGhCczJQ?=

=?utf-8?B?VkF3SzRKUktxTEtSdjRoNU1RNmFQMU5YTXVFc3ZOQlg1OGJkc1o1L2xKVG1P?=

=?utf-8?B?SnQrTGNjV1dldlpIQVVYSnJrRlZ6aXlIRUk1RmFUOHVkeUFjaVprbTVacVRL?=

=?utf-8?B?K0t4R2dBVWNSNjBET0gxSzdCUEpuRWVDRFdBanNTVE9xWU94OFhnTFJ3RVA4?=

=?utf-8?B?OVJNeW8wSy9GTy93R2xaMnBDODdYeVU0K3ViaGh6TDNwV0ZLdXByNnpablRk?=

=?utf-8?B?ZFFhbGpoVVlad2lxTmdlUVF6dmwzSVhHeExYc3drVUZNNklzTEhkVWRhemd4?=

=?utf-8?B?S2ZMM29OaUFiR1FlRnNYSitmd1pPMjFhMDFXU0lyNzIyQXZQM29leWNyNEJ0?=

=?utf-8?B?ck1QM0NVV0dxUXRpZ2lveTdDUjRPVklmaHROYW4vdmxpSVp0YjJiRVpuSElZ?=

=?utf-8?B?c3U3T3pWblE0WnM3UnEwMHhiK2xwbWFUQWtSbG9hdFFXV2RQZHI4QVFVMTkw?=

=?utf-8?B?dTZUTExWZzA0T3A2M3IxeUNDajE0V2pyY0FLM2ZDamJDaEovVkx3djl3Snlu?=

=?utf-8?B?Q1RDaFhtTHNhYUJJNVBlR2dPUmpWSGllRVUyUHR0NENqVWxZRVd3YzZieU9T?=

=?utf-8?B?eUxNQ1RIS3VYVWZSeU50Wmp1NmJ0bHBGU0N6eGlPdWRWY041eHY2ZW13ZlZv?=

=?utf-8?B?ZlM0RlRoRmVBQ2ZWdVg1ZmxpTmI0YTNhUTliai9aT01xV2cyUGxWWHdSSzdv?=

=?utf-8?B?YUxqNWd3dkl6azJlUkRCd3JPQ1I1RzBpRExFb3VrOFRIdWJyVEoySTFaUE9l?=

=?utf-8?B?MS9mdnBqN1VLVmNhNHBQU0NUMy85TmhQQ0RrdjhvTkhLNWw3WHdEREVFRGhs?=

=?utf-8?B?MFRHcG1UcUl1cVdaMXZ0dlVRNDN1dUlGZVdsQUlQRGFEZDJjUjhrOEVhdG5D?=

=?utf-8?B?YlpiWCs3MkE2N1B1UXhqSzdhaFp6cXZGdloveE9BQVRhaEdIMFF2TDhVaXVK?=

=?utf-8?B?KzQ5eGVUTmRKaWkvQ1NHOFpwc0lmeWZvSDN5VnF0WFlrVk84OWQ5VXRoKzNR?=

=?utf-8?B?Q2xxZS9CbEUvYUlSakF4VUhxeFpsYzlSbit2MCtWUGpmTFVoWC9CYkpVakpo?=

=?utf-8?B?bzZLUjJRWWlYWE5ianlUYTI4dDduRWlFRnFpZ1ZZTjlqaUxmQ015NzdtSmYv?=

=?utf-8?B?MEVMV2VZVUM1Z2I3Q3V1K0pCUVdNK1J2aHlVM3RtM2psblliL1hHMHdDTHd2?=

=?utf-8?B?UHJheG5NRkJwZHJFM21hbWJPN3Yxak5YdWpub2J5dXMraVhFNmRnOGxpVzBS?=

=?utf-8?B?Zk1IalNHSGc2SExCZlpOclM2V1RMNUo2QnJTYUhjNHhpcUVBUnBtNnVMQUxy?=

=?utf-8?B?MEhIT0JwYkVWVTRrMzR3MEVFUTM0UkFlZ2dwQzB0bGIxSGVVVzJ0eFYwZlpQ?=

=?utf-8?B?UlZhRExQeFRIT3ErOEg3emhsM3g1aUFsaVJTNm5hK0ZKZm1oNmdaL2RINEkr?=

=?utf-8?B?RkdldkV2STdQSGcxcFl1ZW9TSEtvcXorcTZDOWNZZ092OUx0M0JwSVdBT3M0?=

=?utf-8?B?bnR3OEJuLy9KQzExZ3QxcHZCZGVzZld5SXlmQVZRbVVBeUZGcjNIZFQ1WFB1?=

=?utf-8?B?WlovSGdJenR3WEdESVJxNDhMMDd3bXhQUUFSTzJmWjZDYzJJejNYeHY3MTVa?=

=?utf-8?B?SVpLQ2pSSDFtVTgxeGlKUEtEbXNmblhNcERjT241L3NTZVlCSnFpU3Yzckxj?=

=?utf-8?B?SC9DYld1aGpoZU1ZdEpPelRuNGF6WjV3YUpwLzZHZUpBNGZFNTVlcDhIUFpy?=

=?utf-8?B?OEtEb21pbXhhYTgxaWoraGxZRnRPNkdBYkRoUWUvZGRBQjVUTTMrQmN3VnBW?=

=?utf-8?B?SDdpRmhLZ0FVS0tuaEJjcTVoMi81YVIwQmtTeW1OdVZYUndWWFI0RnlWNXo0?=

=?utf-8?B?Qm00WCtpRmo1S003TGpTQ0xVWDk3ZW5MVzl2RkpFUEZxdURHeUd1T1ZiUXRy?=

=?utf-8?B?YTBIQmU0L01Yb0hROXJyU25yd05vS09rdnQrRWtya3FCUlpNN0l6aFIxNTYv?=

=?utf-8?B?RmVncjk3VmErbUdxV1h1Rng3bjF6elFaSE1LV2czV2NaSHlRRGZSMVlTdW5G?=

=?utf-8?B?TGdpZnVqNVUyWktsM0FZVHFoYk9xK2p3d1lGNkp4SXFacW1GOUF1ZGVMaWZp?=

=?utf-8?B?VENtbExOaGJnMFErMjZQNHZsbUZnMkJOQXdJendCdnZDaEc1NnhNaHcxSVNy?=

=?utf-8?B?ZG9kQm1tRVNUSVZzM0xheENrV1Y3V2oxY1BZWDh1endUcTVEeXBrcENHT1p2?=

=?utf-8?B?ZFlsdTE2eU1VRDRjNTRYbCsxS3E2V3BDZTR4eHZ4K20zRGVidVRGUVYzS2xq?=

=?utf-8?B?WHB4WUQ2ZEN6OWJWblI3VkdXNmhkREF4YkpBNlZKT1VYcm52ajVlcTRkNFlN?=

=?utf-8?B?RWZ2MFZzV3ZJK0FEZTF0VnFnZXRIbmpnWHFvQk1QQnpEeVZ2cldWUGxCZjdJ?=

=?utf-8?B?NGFpZWFrN1BkRXNNN0tsTUtyMWwzVnR2dnBDc2sxdTBFa2owYmUxSVlJd0Ri?=

=?utf-8?B?THVBWk55bnhyYi9jZ1hZREZPN1ZWd2IySGlwdHhZZFBPTmE2UDNiZWtmQTFW?=

=?utf-8?B?aWFOOFphNzh1aWZwTnZaM3c9PQ==?=

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-090a5.templateTenant

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Jun 2026 17:05:34.8517

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: d44c84cf-baf1-40b4-10fc-08dec19253d3

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-AuthSource: BN3PEPF0000B070.namprd21.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PPFBD61E95DF

X-Spam_score: 13.7

X-Spam_score_int: 137

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Geek Squad Renewal Transaction Record streda 3. jún – štvrtok

4. jún 2026 Pripojiť sa cez Google Meet https://meet.google.com/kjr-gvik-rir?hs=224

Dear Client,



Content analysis details: (13.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[40.93.20.59 listed in dnsbl.ahbl.org]

[40.93.20.59 listed in dnsbl.ahbl.org]

[40.93.20.59 listed in dnsbl.ahbl.org]

[40.93.20.59 listed in dnsbl.ahbl.org]

[209.85.221.69 listed in dnsbl.ahbl.org]

[209.85.221.69 listed in dnsbl.ahbl.org]

[209.85.221.69 listed in dnsbl.ahbl.org]

[209.85.221.69 listed in dnsbl.ahbl.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:cafe:0:0:53 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[dnsbl.ahbl.org]

[2603:10b6:408:106:0:0:0:29 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[40.93.20.59 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[40.93.20.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[40.93.20.59 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[40.93.20.59 listed in dnsbl.ahbl.org]

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 11:24:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUpJK-00000000ByD-1xNL

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 11:23:22 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 11:23:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-northcentralusazlp17013059.outbound.protection.outlook.com ([40.93.20.59]:47803 helo=CH4PR04CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUp36-00000000B1F-1Yuk

for doctor@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 11:06:48 -0600

Received: from BN9PR03CA0624.namprd03.prod.outlook.com (2603:10b6:408:106::29)

by IA0PPFBD61E95DF.namprd18.prod.outlook.com (2603:10b6:20f:fc04::c3b) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9891.15; Wed, 3 Jun

2026 17:05:35 +0000

Received: from BN3PEPF0000B070.namprd21.prod.outlook.com

(2603:10b6:408:106:cafe::53) by BN9PR03CA0624.outlook.office365.com

(2603:10b6:408:106::29) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.21.92.7 via Frontend Transport; Wed, 3

Jun 2026 17:05:34 +0000

Authentication-Results: spf=pass (sender IP is 209.85.221.69)

smtp.mailfrom=gmail.com; dkim=pass (signature was verified)

header.d=google.com;dkim=pass (signature was verified)

header.d=gmail.com;dmarc=pass action=none header.from=gmail.com;compauth=pass

reason=100

Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates

209.85.221.69 as permitted sender) receiver=protection.outlook.com;

client-ip=209.85.221.69; helo=mail-wr1-f69.google.com; pr=C

Received: from mail-wr1-f69.google.com (209.85.221.69) by

BN3PEPF0000B070.mail.protection.outlook.com (10.167.243.75) with Microsoft

SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.21.92.0 via

Frontend Transport; Wed, 3 Jun 2026 17:05:34 +0000

X-IncomingTopHeaderMarker:

OriginalChecksum:4393FAFFF573B6344E0942E1A3E986FE019F76EEA5C027EBBE854F8478FD43C4;UpperCasedChecksum:6C48A0AE42715420D9BAAF9ACF7C6428DB02FDB6AFC9B8F42A4CDC5DF256BFD8;SizeAsReceived:3416;Count:15

Received: by mail-wr1-f69.google.com with SMTP id ffacd0b85a97d-45f3d008865so763646f8f.0

for ; Wed, 03 Jun 2026 10:05:34 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1780506334; x=1781111134; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=PBWU+eC0P7pnKJ0K3qMkl+o1ZDueEqy3btmI3kpVTOs=;

b=Kilc2Yf2j1v0zmI7O/K+kluhbrQNw9EbsRTcJ3AWsG8k5Yu5uimk7MShtw07u/iZD7

/yGhtYkdTHLwtb24kD/u6KXrjk//Gf6GvFRiTfSKop4pegawYd7KraHgnfCB+b+bIYJz

HCwIAQDmpBQ18kmyE5ld9fNfjmbqB/2VwU5m6UsHPvxeZplpwepOvheH9IIasWdVSOmw

cLOXlLXYRseMnKG6hUw4DX6yfAYTPGI/OhaP2zCOFkb1AQxd827PzcLAn0k1IXUMHm+h

OyR1c3m4g0EqwQFOKA6HZtQDgZPm9bKPSl4lI+j8PO1v42kjzrFm20lvc92Z/pJeOofR

x06Q==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1780506334; x=1781111134; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=PBWU+eC0P7pnKJ0K3qMkl+o1ZDueEqy3btmI3kpVTOs=;

b=XZqi/rLtpgXBixnP1OUxPf8Zb3vte7gUPGjS7rsHKIDvWTA32x73i1yexUablTAnzY

p/bJvVG8UOil7ad7elLbffvrLHqDwSQkSQE/W4uXw4SlPLlf3G3M/jyb/UgIOcj6OCoq

YDVIzotYcP0Tr+TwotigPgx6srVoU7Ei7Zs/rLIY4oWB1V3fEgqGuPVUzVDV0jo1kUfo

Hf/uxoWzfKlGF5Zq0OIJ+eI+MeD09JdUFM/ujhUpfKXADEC/WE9vL96Cfm1j0EbV1Gkw

kUj3C1MXsrZXwtTBw7pCeZ+G1J1z2tCz4ztJ1UiBd8fo8sP0hTa9lvls/KEPPcrI63op

t7Wg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780506334; x=1781111134;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=PBWU+eC0P7pnKJ0K3qMkl+o1ZDueEqy3btmI3kpVTOs=;

b=qU10m/oV1WHaldD126B7qDkbGGymmMKeanJDnTlh25MtLPm0rkiL9E0pcjfKZDwUME

NmFDqn7w7lkmHIYp+wdhuKT/9uhka3sQKTxG/qHlP3B0RpQ6zJv79PzuECGfC1QnzHEh

DE5HE7js70o+k72ToLvEVlfSqSM8QvbSEDmITb+bBGcvhJzjs5vrNqefwmTT1dUHvFA8

8vABUMEBZplisU7wqQMfJVMQ1F9ProunS71R4EU3LgUitVvjVhhxU9LITsr/E0WaR7ru

EAlDrgE+86PqBV1qqkO7opbP5eeXWhfa+xj4wvT1vntVZ5ObrxoAuVTptPiabldYeZ0y

G20Q==

X-Gm-Message-State: AOJu0Yy87BKxALg91RcOe/3udk4fEG/Wjp8UlhHnCJtYPIpvRyNFKzt7

rDtLt2nRnC4tDSi3Oe6KDKvZo4ImfeCBtgodq0c925KKye84KpGrE0OXIcC1eADOO26r+Z46DOH

bYlAo9Ed9Q0e9RH6+Vg4eh+DVDphrJHnuT0A=

MIME-Version: 1.0

X-Received: by 2002:a05:600c:5488:b0:489:32b:ac0b with SMTP id

5b1f17b1804b1-490bc4d2697mr4131715e9.6.1780506333141; Wed, 03 Jun 2026

10:05:33 -0700 (PDT)

Reply-To: Haresasz Nxysarwsa

Sender: =?UTF-8?Q?Kalend=C3=A1r_Google?=

Message-ID:

Date: Wed, 03 Jun 2026 17:05:33 +0000

Subject: =?UTF-8?Q?Pozv=C3=A1nky=3A_Geek_Squad_Renewal_Transaction_Record_=40_s?=

=?UTF-8?Q?t_3=2E_j=C3=BAn_=2D_=C5=A1t_4=2E_j=C3=BAn_2026_=28cynthiaperez389903=40groups=2Eoutl?=

=?UTF-8?Q?ook=2Ecom=29?=

From: Haresasz Nxysarwsa

To: cynthiaperez389903@groups.outlook.com

Content-Type: multipart/mixed; boundary="00000000000081e1e506535c6f68"

X-IncomingHeaderCount: 15

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: BN3PEPF0000B070:EE_|IA0PPFBD61E95DF:EE_

X-MS-Office365-Filtering-Correlation-Id: d44c84cf-baf1-40b4-10fc-08dec19253d3

X-MS-Exchange-EOPDirect: true

X-Sender-IP: 209.85.221.69

X-SID-PRA: HARESSAZNZXRRSXAXZ321@GMAIL.COM

X-SID-Result: PASS

X-MS-Consumer-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-MS-Exchange-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-Microsoft-Antispam:

BCL:0;ARA:1444111002|5149299006|9020799019|6019299003|24102599021|9400799043|6092099016|1680799066|22000799015|5139299004|3069299007|9000799056|3151999006|16200799027|29080799009|34130799006|26000799027|970799063|4040799016|26130799012|32020799003|440099028|3412199025|4302099013|18021999003|26104999009|2145499017|30041999003|1380799030|1370799030|1360799030|21002599022;

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 11:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUpIj-00000000Bwc-1PQh

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 11:22:45 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 11:22:45 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-m83212.xmail.ntesmail.com ([156.224.83.212]:24690)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUoJc-0000000099r-43ts

for sales@nk.ca;

Wed, 03 Jun 2026 10:19:48 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_2004951_755439476.1780503520464"

To: sales

Subject: =?UTF-8?B?RWxldmF0ZSBZb3VyIE91dGRvb3IgQnVzaW5lc3Mgd2l0aCBQcmltaXRpdmUgT3V0ZG9vcuKAmXMgUHJlbWl1bSBTb2x1dGlvbnM=?=

X-Priority: 3

MIME-Version: 1.0

Received: from carson@ysr.cn( [10.139.4.160] ) by ajax-webmail ( [127.0.0.1] ) ; Thu, 4 Jun 2026 00:18:40 +0800 (GMT+08:00)

From: carson

Date: Thu, 4 Jun 2026 00:18:40 +0800 (GMT+08:00)

X-WM-Tid: 0a9e8e47a4c30511kunm3815fd1e2828de

Message-ID:



Dear Sales,



I hope this email finds you well. My name is Carson from Primitive Outdoor, a leading manufacturer of high-performance outdoor furniture, tents, and wagons. We specialize in delivering durable, innovative products designed to enhance any outdoor experience—from family camping to commercial events.



Why Partner with Us?

✅ Advanced Manufacturing: Fully automated production lines with laser cutting and robotic arms ensure precision and efficiency.

✅ Certified Quality: BSCI and ISO 9001 compliance guarantee rigorous quality control at every stage.

✅ Market Leadership: As a top-tier brand in China, we consistently lead in sales and customer satisfaction.

✅ Custom Solutions: Flexible OEM/ODM services tailored to your brand’s unique needs.



Our Product Highlights

Outdoor Furniture: Lightweight, weather-resistant designs for all terrains.

Tents: All-scenario models with 3000mm+ waterproof ratings.

Carts: Heavy-duty, foldable carts for effortless transport over rough terrain.

Next Steps

Interested in exploring collaboration? We’d be happy to share catalogs, samples, or a customized quote. Reply directly or contact me at carson@ysr.cn to discuss how we can support your business growth.

Looking forward to connecting!





Carson

Sales Manager

ZHEJIANG PRIMITIVE LEISURE PRODUCTS CO.,LTD

EMAIL:Carson@ysr.cn

TEL:+86 18757825476

ADD:Building 4-2, Yongkang Industrial Investment New Materials Industrial Park, No. 309 Huajin Road, Huajie Town, Yongkang, Zhejiang,China

altarik Yalung has invited you to Membership Billing Confirmation #TJJUPKG6ITO0BY

Title: Membership Billing Confirmation #TJJUPKG6ITO0BY

When: Wednesday, June 3, 2026 at 21:19

Organizer:

altarik Yalung

Description:



Geek Squad Portal » Wednesday, 03 June 2026 22:19:45

Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648



Service records remain current and available



Thank you,



Please accept this automated file notice regarding your upcoming account renewal. In accordance with your default billing preferences, a sum of $595.21 USD is scheduled to execute within 24 hours.



Transaction Review Hub

» System Key: GF7QQKY5MX

» Covered Item: Account Service Hub

» Validity Span: 36 Months

» Settlement Cost: $595.21 USD

» Verification Lock: a112cb0b-ec10-4672-9ac9-702315c30dbb



This communication is dispatch-only. For profile guidance or manual cancellation parameters, please call our team via the phone line below.



Yours gratefully,,

Geek Squad's LLC

Account Rep: Leonard Gil • Customer Service Call: ( 808 909-1703 )

HQ: 7993 Nw 60Th St Winston-Salem Nc 27106 United States

Attendees:



doctor@nl2k.ab.ca



Membership Billing Confirmation #TJJUPKG6ITO0BY

Geek Squad Portal » Wednesday, 03 June 2026 22:19:45 Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648 Service records remain current and available Thank you, Please accept this a





Geek Squad Portal » Wednesday, 03 June 2026 22:19:45

Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648



Service records remain current and available



Thank you,



Please accept this automated file notice regarding your upcoming account renewal. In accordance with your default billing preferences, a sum of $595.21 USD is scheduled to execute within 24 hours.



Transaction Review Hub

» System Key: GF7QQKY5MX

» Covered Item: Account Service Hub

» Validity Span: 36 Months

» Settlement Cost: $595.21 USD

» Verification Lock: a112cb0b-ec10-4672-9ac9-702315c30dbb



This communication is dispatch-only. For profile guidance or manual cancellation parameters, please call our team via the phone line below.



Yours gratefully,,

Geek Squad's LLC

Account Rep: Leonard Gil • Customer Service Call: ( 808 909-1703 )

HQ: 7993 Nw 60Th St Winston-Salem Nc 27106 United States

When

Wednesday Jun 3, 2026 ⋅ 11:19pm (Eastern Time - New York)

Organizer

altarik Yalung

altarikyalung@abutyou.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 11:22:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUpHn-00000000Buc-02EW

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 11:21:47 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 11:21:46 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-vs1-f69.google.com ([209.85.217.69]:60558)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUmTd-000000004O8-27FO

for doctor@nl2k.ab.ca;

Wed, 03 Jun 2026 08:21:58 -0600

Received: by mail-vs1-f69.google.com with SMTP id ada2fe7eead31-6c4335eef08so5068215137.0

for ; Wed, 03 Jun 2026 07:20:25 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1780496419; x=1781101219; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=hMgjrkuSvQd4rCCFhljL6MXXMY8Hm2L1cc4gjyMDoqsHr+KMMj45Q4WtrUYi8mDHOq

9PFr7uI573GzKR70nD761bztIlIgS0hZUNmrWDnn2VbWPlaIihpzDnNd+GnPU6xxBaqO

kz3fnz1LzdukfTZc+H+xXq5RM8LOOGjFnfEXigKOmh1nDkQuHBlJ5hTXal+nrIFIMjjB

2K+0jS68BZNiIK/zj4TbZqHACglghB56b5CYJNZRgjUuy+fc4YFkSczcJoNKzY/e/+vS

7REdKdhO2m3a5uyxEPddZC5DUKMn/WAHFEgVrvyWlCNGunL8Qq7/UdRh46sJluN5A2Cp

HhwQ==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=abutyou-com.20251104.gappssmtp.com; s=20251104; t=1780496419; x=1781101219; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=i+uFMR+NEF5RyNmfBoC+wAhURxkLuYD/rBj8lcNLE1ojM8w4updANZHkEHT+05KgK5

K1UJtnMBv0SVLgG+uZjr89BY+2//3n9F+4An/4GQWxGeanLvy34hNfFDh+fkEVD0F/x8

xKWuXpFIQhl1gC0GcR6bO1XEkYXhBZUpiedteb/UVqqelA3ojQsQfKoIZMSlmcsOEMbd

bp54PKHMhgnTh9LOLxHOiJzpHCbu9EjVUe8xpeOPEnAbyby7kAND3VugLXA51KD6zt1D

gT0WSWOzjhJ/P9gP15GT2zNdyYs6lYcrKYEHmJVANck/I5TEVHz3mc4sB2M9XvgtwRAO

WBBA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780496419; x=1781101219;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=fSh2NiYH2frkfmHE3NUrZY4eCi+5YkfM0racAfW577bMIxmRf066cRJkv96t+Xc1k2

GebwvMj9c6IbcG4oLeZzrUvZAd70ZV3YgTPrmcMXtN58VJQuDD3z5ZeJ/P9iSo6P4B0z

2js4Ld3JuUvcJpH3+9p7toJjWp/3Wfcogd1SUzF8psJ0JAXc9ReR0ojB96FKAuhsxFku

+MXzHzWbDcSnE+0oNdrUtOrVRSrij5/L7Y8GHm1KX1qGILtx2yl046Mhi7PZLAkAsx0r

cm+slTzktRcTIWZBz7KdIuKEasbH6jEzr9RcBnZCJDy71QnL96OxDji62vlC4Ya2NwQ/

54vA==

X-Gm-Message-State: AOJu0YzZAxwulWGv6jNy34Xygn5SOiyU5spqDlncO1nXW1+ZE+6iMbi6

xKlglJkCl7hTnI5wpGSI64OlklsjzEfvSCxA8AoTxyRJ7NaxMwfZm5xZg50DT9218kSWtiDsmBn

6KczGdwiqn3mrlBhl0Am3/cAmvZM4Ryy4Ouj67lh/85GNtsWck3RM/C4p

MIME-Version: 1.0

X-Received: by 2002:a05:690c:9a8c:b0:7cf:e22b:fc49 with SMTP id

00721157ae682-7ea49e6884bmr32214267b3.31.1780496409738; Wed, 03 Jun 2026

07:20:09 -0700 (PDT)

Reply-To: altarik Yalung

Sender: Google Calendar

Message-ID:

Date: Wed, 03 Jun 2026 14:20:09 +0000

Subject: Invitation: Membership Billing Confirmation #TJJUPKG6ITO0BY @ Wed Jun

3, 2026 11:19pm (GMT-4) (doctor@nl2k.ab.ca)

From: altarik Yalung

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="00000000000006cc7106535a2010"

X-Spam_score: 7.1

X-Spam_score_int: 71

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Membership Billing Confirmation #TJJUPKG6ITO0BY Wednesday

Jun 3, 2026 â‹… 11:19pm Eastern Time - New York Geek Squad Portal »

Wednesday, 03 June 2026 22:19:45 Batch Trace: TJJUPKG6ITO0BY • Agent

desk: +1 (808)-909-1648 Service records remain current and available Thank

you, Please accept this a [...]



Content analysis details: (7.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

[209.85.217.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.217.69 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

[209.85.217.69 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.217.69 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

0.1 TW_DB BODY: Odd Letter Triples with DB

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.217.69 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.217.69 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Invitation: Membership Billing Confirmation #TJJUPKG6ITO0BY @ Wed Jun

3, 2026 11:19pm (GMT-4) (doctor@nl2k.ab.ca)

altarik Yalung has invited you to Membership Billing Confirmation #TJJUPKG6ITO0BY

Title: Membership Billing Confirmation #TJJUPKG6ITO0BY

When: Wednesday, June 3, 2026 at 21:19

Organizer:

altarik Yalung

Description:



Geek Squad Portal » Wednesday, 03 June 2026 22:19:45

Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648



Service records remain current and available



Thank you,



Please accept this automated file notice regarding your upcoming account renewal. In accordance with your default billing preferences, a sum of $595.21 USD is scheduled to execute within 24 hours.



Transaction Review Hub

» System Key: GF7QQKY5MX

» Covered Item: Account Service Hub

» Validity Span: 36 Months

» Settlement Cost: $595.21 USD

» Verification Lock: a112cb0b-ec10-4672-9ac9-702315c30dbb



This communication is dispatch-only. For profile guidance or manual cancellation parameters, please call our team via the phone line below.



Yours gratefully,,

Geek Squad's LLC

Account Rep: Leonard Gil • Customer Service Call: ( 808 909-1703 )

HQ: 7993 Nw 60Th St Winston-Salem Nc 27106 United States

Attendees:



doctor@nl2k.ab.ca



Membership Billing Confirmation #TJJUPKG6ITO0BY

Geek Squad Portal » Wednesday, 03 June 2026 22:19:45 Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648 Service records remain current and available Thank you, Please accept this a





Geek Squad Portal » Wednesday, 03 June 2026 22:19:45

Batch Trace: TJJUPKG6ITO0BY • Agent desk: +1 (808)-909-1648



Service records remain current and available



Thank you,



Please accept this automated file notice regarding your upcoming account renewal. In accordance with your default billing preferences, a sum of $595.21 USD is scheduled to execute within 24 hours.



Transaction Review Hub

» System Key: GF7QQKY5MX

» Covered Item: Account Service Hub

» Validity Span: 36 Months

» Settlement Cost: $595.21 USD

» Verification Lock: a112cb0b-ec10-4672-9ac9-702315c30dbb



This communication is dispatch-only. For profile guidance or manual cancellation parameters, please call our team via the phone line below.



Yours gratefully,,

Geek Squad's LLC

Account Rep: Leonard Gil • Customer Service Call: ( 808 909-1703 )

HQ: 7993 Nw 60Th St Winston-Salem Nc 27106 United States

When

Wednesday Jun 3, 2026 ⋅ 11:19pm (Eastern Time - New York)

Organizer

altarik Yalung

altarikyalung@abutyou.com

Guests

(Guest list has been hidden at organizer's request)

Reply for doctor@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 11:22:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUpHq-00000000Buh-2zJY

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 11:21:50 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 11:21:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f199.google.com ([209.85.128.199]:60494)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUmTS-000000004Nw-2Yok

for doctor@nl2k.ab.ca;

Wed, 03 Jun 2026 08:21:48 -0600

Received: by mail-yw1-f199.google.com with SMTP id 00721157ae682-7dcd01ca614so111196777b3.0

for ; Wed, 03 Jun 2026 07:20:15 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1780496410; x=1781101210; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=j1RH0Zj4DEtllC5rozLsHfJVgUb4mKXLJ0WE9Bed64KvU7EydrAuSila0z8F4/0Axh

NT1K48c7/2LwTJcB9FOTzREtlaer9vcIHxLo2W5Yl3gzbBtT8HjAgn0538KQAlqizLvt

zEiBg+yOss3xagdxw24/McTaJh5B0b5gyEWHSZvZzh+j2GDSpE+UnUTEG1iP9kogqJ4H

CCoi1ob2xTokGtaSijL+XqgpQb/rA/vd1nMSQivkhjHqqdZNB496620qHg21r4BU10ET

sj7WmPW+C/d7X31EXyYkk4SRuygdAdAJAL9KTzssKnwZWrSlYM2T2sbPsOlVrKH/xDUB

TfVw==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=abutyou-com.20251104.gappssmtp.com; s=20251104; t=1780496410; x=1781101210; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=e6KN39xEnOQPpUoBpQDxR4/khd8iymNxoPKo1GPNV1m0+r88NAMwr00AIjdhgQ4KBH

7g4yHgKxg7xMyijzYlCkQJRUL4buMe3QMb/oQCF/jUfydrUD9RuCw89BlAEF8zVAAvN6

Dik2aSjVFj/8xV7OII9AWJ3Ttb5VV+sIjr/BpnoWoX/kRlTtkfQo9ys9odlkawl5Xfw+

gzv+j5tElX4OUFCjcvF5kJUBpQmeQADXJjDkNU0Kq1YTMBzjQSu3WiTfRS78EQ+IOk8T

M041B94xyTjqU5CTXSz3llAp2lyYDmum6pmOXocr6YneK9PCLmogQc6tJp4pURjLkPhz

TBIQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780496410; x=1781101210;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=8W2VCyTRphb5YaWo7HPRKRM1vtgoU4VzQA652dz6I/4=;

b=ES1hqOZf9EBldkwoUszV7OYMVwPANPa8VjM6b6TyekgsSf0rxemg2LWA3hOVjhzH8a

ymEn8kedOeXHPy7xxlGKi92gKAADASSW2A5w2UymSSVAbZDz7J+RRf5taVoKc0UliyUl

eftsEFr4jGgxWKQZgcX2h25jb9p4O+XOmJi2ausHxbfuZ9r1DWjETyKl6Bg5tmHTGRjl

USPEqq1SwL4xjWLC6wCBo0Uyi/xLKwAiscp9zZjgAX1jDGKgre4WfEg93jifAVdUjiBB

Su8dXmYVS6tgZzkw5jjM+sSDkY37yv2NZYEQyh+UFaiIptU+rUOMEKU4vlLoQ3g3RSir

JoAA==

X-Gm-Message-State: AOJu0YxItMT7YkQdbqHTN9YULCQxQCGuVRJ+/cI8oJK940h587YnjK3S

F57LjDM8KZc09Z56uDlZ99cADYI6X7He353JvXI9TykAgCdSizj/gw9DBhsiRbf4umbnQNpPb29

u2bQ3mVIwJs0LHyxrzh8Mx1FBcV+POJOa2UBM7NZcbM8Ncap7P9eM9ZHs

MIME-Version: 1.0

X-Received: by 2002:a05:690c:9a8c:b0:7cf:e22b:fc49 with SMTP id

00721157ae682-7ea49e6884bmr32214267b3.31.1780496409738; Wed, 03 Jun 2026

07:20:09 -0700 (PDT)

Reply-To: altarik Yalung

Sender: Google Calendar

Message-ID:

Date: Wed, 03 Jun 2026 14:20:09 +0000

Subject: Invitation: Membership Billing Confirmation #TJJUPKG6ITO0BY @ Wed Jun

3, 2026 11:19pm (GMT-4) (doctor@nl2k.ab.ca)

From: altarik Yalung

To: doctor@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="00000000000006cc7106535a2010"

X-Spam_score: 7.1

X-Spam_score_int: 71

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Membership Billing Confirmation #TJJUPKG6ITO0BY Wednesday

Jun 3, 2026 â‹… 11:19pm Eastern Time - New York Geek Squad Portal »

Wednesday, 03 June 2026 22:19:45 Batch Trace: TJJUPKG6ITO0BY • Agent

desk: +1 (808)-909-1648 Service records remain current and available Thank

you, Please accept this a [...]



Content analysis details: (7.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.199 listed in dnsbl.ahbl.org]

[209.85.128.199 listed in dnsbl.ahbl.org]

[209.85.128.199 listed in dnsbl.ahbl.org]

[209.85.128.199 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.199 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.199 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.199 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

[209.85.128.199 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.199 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.6 MEGALONGWORD BODY: Uses really overlong words

0.3 LONGWORD BODY: Uses overlong words

0.1 TW_DB BODY: Odd Letter Triples with DB

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.199 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.128.199 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Invitation: Membership Billing Confirmation #TJJUPKG6ITO0BY @ Wed Jun

3, 2026 11:19pm (GMT-4) (doctor@nl2k.ab.ca)

Content analysis details: (18.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.49 listed in dnsbl.ahbl.org]

[209.85.208.49 listed in dnsbl.ahbl.org]

[209.85.208.49 listed in dnsbl.ahbl.org]

[209.85.208.49 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.49 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.49 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.49 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.49 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

[209.85.208.49 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.49 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[scholtzpeterson7(at)gmail.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[scholtzpeterson59(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[scholtzpeterson7(at)gmail.com]

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

2.5 HK_SCAM_N2 BODY: No description available.

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.49 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.49 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 HK_SCAM No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.8 UNDISC_FREEM Undisclosed recipients + freemail reply-to

3.0 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} RE



--0000000000007268360653586fe5

Content-Type: text/plain; charset="UTF-8"



Dear Sir/Ma

Good Day



My name is Peterson Scholtz Esq; I have emailed you earlier without a

response, in my first email I mentioned my late client an Engineer who

shares the same surname with you or he might be your relation he died of

Coronavirus (COVID-19), I decided to contact you because you bear the same

surname with him which is the reason, I want to seek your consent to

present you as the Next of kin/heir apparent to inherit his estate. As it

stands if his estate is not claimed before next quarter of this financial

year it will be turned over to the Government treasury as I have been

notified as his personal by the domicile bank last week. If you are capable

of working out this transaction with me please kindly get back to me for

more detail's information.

Waiting

Regards

Mr. Scholtz Peterson

Email: petersonscholtz59@gmail.com



--0000000000007268360653586fe5

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

inherit;font-variant-east-asian:inherit;font-variant-alternates:inherit;fon=

t-stretch:inherit;font-size:15px;line-height:inherit;font-size-adjust:inher=

it;font-kerning:inherit;font-feature-settings:inherit;margin:0px;padding:0p=

x;vertical-align:baseline;color:rgb(36,36,36)">Dear Sir/Ma

"ltr" style=3D"border:0px;font-variant-numeric:inherit;font-variant-east-as=

ian:inherit;font-variant-alternates:inherit;font-stretch:inherit;font-size:=

15px;line-height:inherit;font-size-adjust:inherit;font-kerning:inherit;font=

-feature-settings:inherit;margin:0px;padding:0px;vertical-align:baseline;co=

lor:rgb(36,36,36)">

:0px;vertical-align:baseline;color:inherit">Good Day

My name is Pete=

rson Scholtz Esq; I have emailed you earlier without a response, in my firs=

t email I mentioned my late client an Engineer who shares the same surname =

with you or he might be your relation he died of Coronavirus (COVID-19), I =

decided to contact you because you bear the same surname with him which is =

the reason, I want to seek your consent to present you as the Next of kin/h=

eir apparent to inherit his estate. As it stands if his estate is not claim=

ed before next quarter of this financial year it will be turned over to the=

Government treasury as I have been notified as his personal by the domicil=

e bank last week. If you are capable of working out this transaction with m=

e please kindly get back to me for more detail's information.
Waitin=

g
Regards
Mr. Scholtz Peterson
Email:=C2=A0
sonscholtz59@gmail.com" target=3D"_blank">petersonscholtz59@gmail.com
div>

--0000000000007268360653586fe5--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 06:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUkoB-00000000MRd-15CJ

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 06:34:55 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 06:34:55 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ed1-f49.google.com ([209.85.208.49]:41693)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUka1-00000000HZJ-1t3J

for doctor@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 06:20:26 -0600

Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-68c14ac8ebcso623357a12.2

for ; Wed, 03 Jun 2026 05:19:30 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1780489164; cv=none;

d=google.com; s=arc-20240605;

b=U/a0Qtc6EJY+ARaY1ytf2AWGzdgIT06n0J+DsZgjAtKeKAYaT5KJFDA6O6Zu9JLBym

MQ053fi3m2B657Q04crYgPYTV7PDSDcMkuGVVjA3XtaZhkE6TN01DvBPYwVSZw6nGUWa

fEC22rInGvsnc5RtQB3qQgJqrCjmLjeSVFtVfMXRedGvdbNVUu6O20Dr+1TkI2v9CUvC

jhZPAhwtYnw3aPo0DslBl5S8Z2d0WFA7YU5HM1MS3PfFWUCSFqDRFfbAgir3aCgCpJ18

yZYEkav0IlAWJaDr7KzXqDQuo2kCwBp67mkaap16RBqR+NlIw83bHDhAdmzYCfPZH1FY

iojA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=JGVwFKLDQVoTeVkkoM8rLyXCrbsFJ25+GzvDnhe7p3Q=;

fh=ah4y0tPxZ00nZU5RNfql1Fy9J1OVO+pefJy3zHaLYOA=;

b=HaGdWgwHPESoXyYHIOkuo0nXDZt88Gpv1ETH9Zg3M9ynNgMSVIHxvU5+wEUqzMKfqe

j3QgRGH9Bi952QDo0WTeJX3Tu5otJ4K6PCdotuD6hlrxt4oz8jhaA+DJxkf5Jm+/tYjJ

JwLNLHNRHTRSE1L3p13qfNdzhsemyxu4eaZGDM5pvxdGOHKfaCOU6GqKc6eFZCZjL5JR

FB+4CbY1wOn5LNztHzacWLkFSRV99Or5RN35UTf5i9CZ7Qkchgt3KTwjiD+sS2wauGnm

Ohj+YBPacd/y08NTFNkjvsv2zh10sTm0Wusww+ggaeR/GCT6hTJbQmKJJUsa5w8AO16I

OPnA==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1780489164; x=1781093964; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=JGVwFKLDQVoTeVkkoM8rLyXCrbsFJ25+GzvDnhe7p3Q=;

b=NeSRrrxsBV8NIkusfeo5G6hAm7WUre2g3dNPIzgRAlqoZqH13ny8UrUKCKyIVcFg9b

MxU+WAOzhLAR2rNT5PeG03EEspdGPhO4Qb73zYnsPKKQSMg0Ul9RqAmllExXZN7F6xw2

vRnYVVSr8q4GcEC45oyPw46smDlf2nahUHXA1l3EQLNHVYvhqBFVRV6ikqUQa7MgCvrw

POgtEUdmY2cdmd32JlpSzS0CFR1P5EVcFFCxeu2WlwNjJhbUsZ1wRVIYHfFZ1gZSS+mD

T0TWBF+B2BU3B2sAd6OFIb2qnp6xIYx8Nb/CRMXgPOqnmqTUrmZC8BtgePhvqB8SWnaU

EnTA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780489164; x=1781093964;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=JGVwFKLDQVoTeVkkoM8rLyXCrbsFJ25+GzvDnhe7p3Q=;

b=WpB0eqKml7FerwbQz2SqG8jlQvrgSbs701EW6MBHzQxffJ5zf/uArRy+m77JRJ3nEA

Yhrwc4t46Le8Po4Eu+BeqWIDe6jVaclcP73/oekUzZECfaCnXfbt4wrgz8vxmaP6MJoz

sVgCrufQpLC1NEDtFZs6QfyJCxDlYheuH0CSYcUBkRP+qYa35GDpRbz9jxwH+nCSCrfj

QXaiJRySxIybdA19xMqunsvOwKWRlmsrDbGC5kjeKCrUuEOPMfjf4wVSMC9X5gL2VgRu

Ms6Zmk2GO2JNKXqxjX6ulBOFSsM0Ch6UnBrhKEq/1HOModX8Ef2r7gGmq+MFiSBsCqrF

dFUA==

X-Forwarded-Encrypted: i=1; AFNElJ+r8K/X8GsSC16Kz1yQwAYBF/wDxuol4+b1yS4UstgSh1SyqAbkrOjSk7Z7oSqm++WiUH61rms=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxOhZX2YYlBUbfsS9CzV0ufBpa4AtARv48ltrQPqPoz0IW7c2Yg

a5EwYRCU/iwTlkPJOmo/WA2OhYjeSGcT8PojeOevQ0IS/azze+DEdcWDSNKwv6wTaHQWhZd5Syn

dkwBxTk14IybxNGJmO8HGMD2o1gEkxln5mV9H1MC1Ubm9

X-Gm-Gg: Acq92OGGo3DMa23INQ1yMLZheXXq38XNlY9PSDXgZ/iP4TgD2e5wm/HtfLLbsxFHU7M

6fDPljeYfDio9u1BDq0QMK0PSAUM5eJ4eCaEPfeySi6M8HFj9Hq7WdBFaAlgvtpgPkf4bvAh9OY

rdd1FNqom90sh2H8CdC2npN7uh1wPMzzwDJze3lprwXUAhaTZIRajMrOte1u5JSC33u+GyN5w/D

P+H8mvfn9yt3ZjAsAOvevFtyM9jIXF45Zk//dMfKhTUQGFtvYB3VxhMHE7vLeQZQlfrInjKyFMA

pOCWtkAYWmVJ3F1oUl/pmnUdzA4VNj4bkADt++uQHx3tjeZDIeBMmhvbrR9RFxFQL+xSZilJUGl

NWuM8Y2s=

X-Received: by 2002:a05:6512:2342:b0:5aa:5bb7:ad7f with SMTP id

2adb3069b0e04-5aa7bf7544emr519339e87.7.1780489152257; Wed, 03 Jun 2026

05:19:12 -0700 (PDT)

MIME-Version: 1.0

Reply-To: scholtzpeterson59@gmail.com

From: Peterson Scholtz

Date: Wed, 3 Jun 2026 05:18:59 -0700

X-Gm-Features: AVHnY4IjC_m_1TUFwaUrBikPcQKxWEgpxOaIFR88ONoZA_w83Cx8OgvLG16vZ0c

Message-ID:

Subject: RE

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000007268360653586fe5"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 18.7

X-Spam_score_int: 187

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir/Ma Good Day My name is Peterson Scholtz Esq; I have

emailed you earlier without a response, in my first email I mentioned my

late client an Engineer who shares the same surname with you or he might be

your relati [...]

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 03 Jun 2026 06:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUkng-00000000L1Q-3ZZA

for dave@doctor.nl2k.ab.ca;

Wed, 03 Jun 2026 06:34:24 -0600

Resent-From: The Doctor

Resent-Date: Wed, 3 Jun 2026 06:34:24 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [160.124.75.26] (port=52650 helo=mta75-26.mmglsmd.net)

by doctor.nl2k.ab.ca with essmtp (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wUibT-0000000083e-1EPJ

for root@nk.ca;

Wed, 03 Jun 2026 04:13:43 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;

d=hn.threeway-pipe.com; i=@hn.threeway-pipe.com;

q=dns/txt; s=umail; t=1780481568; h=content-type :

mime-version : message-id : reply-to : subject : from :

to : date : subject : from : date;

bh=HJGbooeqZx8af5mC6vsitTtzIJxi7Ugm2w+85iJRB6I=;

b=M8a6pNQos0VWHu9GqWJMpf0TkyA8An5BNRP0KJMQS6Q8/KI7pS5PZsJd

GXOoQJl3jQTaapIJtYYlUl/29IlYXtHW/OSX4ZFiM8P614sCB5Eztq9APt

T9uB48BorYnP6bCOZ+zQ+qmeJvAamkcoV4W80wCpj+7erlKtRlLQXew9E=

Received: from helo (unknown [127.0.0.1])

by smtp.hn.threeway-pipe.com (Postfix) with ESMTP id cDGrtPNzjIiy

for ; Wed, 03 Jun 2026 18:08:32 +0800

Content-Type: multipart/mixed; boundary="===============0403186260707252385=="

MIME-Version: 1.0

Message-Id: <20260603180832.96345-{13453:20260603180342-13453-57}-0033201@hn.threeway-pipe.com>

Reply-to: sophia@threewaysteel.com

Subject: =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=

From: Sophia-Threewaysteel

To: "www.nk.ca"

Date: Wed, 03 Jun 2026 18:08:32 +0800

Mail-ID: 6a1ffc1ce1382308b4d5e39e

X-Spam_score: 15.9

X-Spam_score_int: 159

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Purchasing Manager, Good day !



Content analysis details: (15.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[160.124.75.26 listed in dnsbl.ahbl.org]

[160.124.75.26 listed in dnsbl.ahbl.org]

[160.124.75.26 listed in dnsbl.ahbl.org]

[160.124.75.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[160.124.75.26 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[160.124.75.26 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[160.124.75.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[160.124.75.26 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

[160.124.75.26 listed in will-spam-for-food.eu.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: count.shinestarsteel.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: shinestarsteel.com]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: ns18.xincache.com/112.80.181.111]

[URI: ns17.xincache.com/112.80.181.45]

-0.0 SPF_PASS SPF: sender matches SPF record

3.4 RATWARE_RCVD_PF Bulk email fingerprint (Received PF) found

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.6 J_CHICKENPOX_45 BODY: 4alpha-pock-5alpha

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_KAM_HTML_FONT_INVALID BODY: Test for Invalidly Named or Formatted

Colors in HTML

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} =?utf-8?q?Re=3ASpecialty_Alloy_Steel_Pipes_=E2=80=93_Alternative_Source_f?=

=?utf-8?q?or_Canadian_EPCs?=







Dear Purchasing Manager,



Good day !



This is Sophia from Threeway steel .



We understand Canadian buyers are facing steel import quota restrictions (only 20%-50% of 2024 levels).



To help you navigate this, we offer specialty steel pipes that are less commonly produced in North America:



High-strength alloy: P620 / P690 / 10CrMo9-10



Sour service: API 5L X65/X70 with NACE/HIC/SSC



Marine grade pipes (ABS/DNV/Lloyd's certified)



Our products are not subject to standard TRQ competition. We can provide EN 10204 3.2 and work with your EPC requirements.



Do you have any upcoming projects requiring non-standard grades? A brief call might be valuable.



Best regards,





















If you have any inquiry, pls keep me posted. Thank you.



Wish you have a nice day.



Best regards,



Sophia Zeng

Sales Manager | Industrial Pipe Division



Threeway Steel Co.,Ltd

Tel:+86-731-88736283 Fax:+86-731-88896236

Mobile : +86-13544036536

Email: sophia@threewaysteel.com

Website: www.threewaysteel.com

Skype: zeng.sophia1 Wechat:meiping77



Hunan Steel Industrial Zone, Tianxin Special District,

Changsha City,China

=3D"trebuchet ms, sans-serif">
round-position:initial;background-size:initial;background-repeat:initial;ba=

ckground-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0
span>
ckground-size:initial;background-repeat:initial;background-origin:initial;b=

ackground-clip:initial">=C2=A0Event Apps

rmal" style=3D"margin:0in 0in 0.0001pt">
buchet ms, sans-serif">
osition:initial;background-size:initial;background-repeat:initial;backgroun=

d-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0
pan style=3D"background-image:initial;background-position:initial;backgroun=

d-size:initial;background-repeat:initial;background-origin:initial;backgrou=

nd-clip:initial">=C2=A0Cleaning Apps

" style=3D"margin:0in 0in 0.0001pt">
et ms, sans-serif">
ion:initial;background-size:initial;background-repeat:initial;background-or=

igin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0
style=3D"background-image:initial;background-position:initial;background-si=

ze:initial;background-repeat:initial;background-origin:initial;background-c=

lip:initial">=C2=A0Booking/Delivery Apps

rmal" style=3D"margin:0in 0in 0.0001pt">
buchet ms, sans-serif">
osition:initial;background-size:initial;background-repeat:initial;backgroun=

d-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0
pan style=3D"background-image:initial;background-position:initial;backgroun=

d-size:initial;background-repeat:initial;background-origin:initial;backgrou=

nd-clip:initial">=C2=A0Food Apps like Zomato

soNormal" style=3D"margin:0in 0in 0.0001pt">
"trebuchet ms, sans-serif">
nd-position:initial;background-size:initial;background-repeat:initial;backg=

round-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0
n>
round-size:initial;background-repeat:initial;background-origin:initial;back=

ground-clip:initial">=C2=A0Hotel/Restaurants Apps

=3D"MsoNormal" style=3D"margin:0in 0in 0.0001pt">
ce=3D"trebuchet ms, sans-serif">
kground-position:initial;background-size:initial;background-repeat:initial;=

background-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=C2=A0=


background-size:initial;background-repeat:initial;background-origin:initial=

;background-clip:initial">=C2=A0Healthcare/Fitness Apps

class=3D"MsoNormal" style=3D"margin:0in 0in 0.0001pt">
00" face=3D"trebuchet ms, sans-serif">
al;background-position:initial;background-size:initial;background-repeat:in=

itial;background-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=

=C2=A0
itial;background-size:initial;background-repeat:initial;background-origin:i=

nitial;background-clip:initial">=C2=A0Educational Apps

class=3D"MsoNormal" style=3D"margin:0in 0in 0.0001pt">
0" face=3D"trebuchet ms, sans-serif">
l;background-position:initial;background-size:initial;background-repeat:ini=

tial;background-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=

=C2=A0
itial;background-size:initial;background-repeat:initial;background-origin:i=

nitial;background-clip:initial">=C2=A0Scheduling Apps

lass=3D"MsoNormal" style=3D"margin:0in 0in 0.0001pt">
" face=3D"trebuchet ms, sans-serif">
;background-position:initial;background-size:initial;background-repeat:init=

ial;background-origin:initial;background-clip:initial">=E2=98=98=EF=B8=8E=

=C2=A0
itial;background-size:initial;background-repeat:initial;background-origin:i=

nitial;background-clip:initial">=C2=A0More Apps.

=3D"MsoNormal" style=3D"margin:0in 0in 0.0001pt">
ce=3D"trebuchet ms, sans-serif">

=3D"margin:0in 0in 0.0001pt">
sans-serif">
tial;background-size:initial;background-repeat:initial;background-origin:in=

itial;background-clip:initial">What kind of mobile app do you want? Send us=

your requirements.

:0in 0in 0.0001pt">
">

<=

span style=3D"background-image:initial;background-position:initial;backgrou=

nd-size:initial;background-repeat:initial;background-origin:initial;backgro=

und-clip:initial">
>Thank You!

0.0001pt">
ial;background-size:initial;background-repeat:initial;background-origin:ini=

tial;background-clip:initial">
sans-serif">Anoukua

n:0in 0in 0.0001pt">
tion:initial;background-size:initial;background-repeat:initial;background-o=

rigin:initial;background-clip:initial">
if">
ition:initial;background-size:initial;background-repeat:initial;background-=

origin:initial;background-clip:initial">Mobility Consultant

=3D"color:rgb(0,0,0)">


(0,0,0)">CONFIDENTIALITY INFORMATION AND DISC=

LAIMER:=C2=A0This e-mail message and/o=

r attachments being sent from Mobile App development. is privileged, confid=

ential and directed to and for the use of the addressee only. If you are no=

t the intended recipient of this message, or if this message has been addre=

ssed to you in error, distribution or use of the contents of this message b=

y anyone other than the intended recipient is strictly prohibited.
font>