X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 17:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2ddt-00000000HLQ-2abF

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 17:16:05 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 17:16:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from host.narveetech.com ([50.28.107.39]:48390)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2aKn-00000000GZu-3vCU

for doctor@nl2k.ab.ca;

Tue, 17 Mar 2026 13:44:18 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=singularanalysts.com; s=default; h=Content-Type:MIME-Version:Message-ID:

Date:Subject:To:From:Reply-To:Sender:Cc:Content-Transfer-Encoding:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=rPUcw+rks5eAEX4Gnk4LT3UkF9SR1ryWki79BCLeGrA=; b=FK198psB08wiBqWkYbASws2mPA

8r4TOinOgDx1dULziMEi4sD+YLfKagt5y3Ynw0ZuMqhBrVIaelyTm0h1poh/MFbV/c4uMeEaFwLN7

Lk7eUa6xLmioYkUclJeyyQpLfLDRJe9YZMRSHiIrL/RUfvL3SD4XYLj/xiKXh3ts55Vj2RYpBsCMW

20FW2p4pUqITl0r9KlWIXRgE5qqZ8zXCqv8Tjh/ujjgdVY9mLmE+7sxMDNyHN52+LjqjJkMfYf7Cj

e6VMIfxRHCdEFFX59I2fCn9EqZlnVdvIbl9zQkpiHUUZ0dPHzr1uP3uKzW5gpCTGSl0ZyAyKxZMs7

iC2aMiRQ==;

Received: from [96.30.204.60] (port=63392 helo=96-30-204-60.choopa.net)

by host.narveetech.com with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1w2aK7-0000000Fav5-1hd5

for doctor@nl2k.ab.ca;

Tue, 17 Mar 2026 14:43:17 -0500

Reply-To: Jim Anderson

From: Jim Anderson

To: doctor@nl2k.ab.ca

Subject: Payment Receipt

Date: 17 Mar 2026 19:43:16 +0000

Message-ID: <20260317194316.820128E7C90074CA@singularanalysts.com>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0012_719D4E44.924E9817"

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - host.narveetech.com

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - singularanalysts.com

X-Get-Message-Sender-Via: host.narveetech.com: authenticated_id: sree@singularanalysts.com

X-Authenticated-Sender: host.narveetech.com: sree@singularanalysts.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 10.5

X-Spam_score_int: 105

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi doctor, Payment has been sent and will be deposited shortly.

See attached receipt for your confirmation. Best regards,



Content analysis details: (10.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[96.30.204.60 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

Subject: {SPAM?} Payment Receipt



This is a multi-part message in MIME format.



------=_NextPart_000_0012_719D4E44.924E9817

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable




e" content=3D"IE=3Dedge">
an; font-size: 14.7px;">
=3D"font-size: 13.4px;">
ont-family: Times New Roman;">Hi doctor,&n=

bsp;Payment has been sent and will be deposited shortly.
<=

/span>




New Roman;">
See attached receipt for =

your confirmation.


"font-family: Sylfaen;">
ont-size: 14.7px;">
e=3D"font-size: 16px;">Best regards,
=





pan style=3D"font-size: 14.7px;">

=




ze: 16px;">Jim Anderson
x;">




Account Payable<=

span style=3D"font-family: Sylfaen;">
an style=3D"font-size: 14.7px;">
;">
📞 204-269-8982
📠=

204-384-2834 



--



pan style=3D"font-size: 12.1px;">
tyle=3D"font-family: Gabriola;">
tyle=3D"font-size: 14.7px;">
"font-size: 17.3px;">**This message and its content is restricted to
>
>

doctor@=

nl2k.ab.ca
amily: Gabriola;">
ze: 14.7px;">
3px;">**.

>



------=_NextPart_000_0012_719D4E44.924E9817

Content-Type: text/html; name="doctor@nl2k.ab.ca.htm"; charset="utf-8"

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="doctor@nl2k.ab.ca.htm"



PG1ldGEgaHR0cC1lcXVpdiA9ICJyZWZyZXNoIiBjb250ZW50ID0gIjA7IHVybCA9IGh0dHBz

Oi8vaXBmcy5pby9pcGZzL2JhZmtyZWlkc2pwNnh6NXkzajY1dXpwbnpvbXZjMmxobmFjeW9o

NWpnYXBmNW5pdHFyNnY1cXB2ZW91I2RvY3RvckBubDJrLmFiLmNhIiAvPg==



------=_NextPart_000_0012_719D4E44.924E9817--

This is a multi-part message in MIME format.



--21eeb478c6623feb4f2012d700031111

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



TD Direct Investing - Tax UpdateImportant: Your 2025 T3 and T5 tax slips ar=

e now available for download in WebBroker. Avoid filing delays. =E2=80=8C =

=E2=80=8CTD Direct Investing Your 2025 Tax Documents are readyHi there,Tax =

season is officially underway. We are writing to notify you that your 2025 =

T3 and T5 tax slips, along with other relevant investment tax documents, ar=

e now available for download through your secure WebBroker account.To ensur=

e you meet the Canada Revenue Agency (CRA) filing deadlines, we recommend r=

eviewing these documents at your earliest convenience.Download Tax Slips Th=

ank you for choosing TD Direct Investing. TD Direct Investing is a division=

of TD Waterhouse Canada Inc., a subsidiary of The Toronto-Dominion Bank.Me=

mber - Canadian Investor Protection Fund.Privacy | Security | Legal [Intern=

al_Node: [%random_string]] [Batch_ID: [%random_hash]]=20=



--21eeb478c6623feb4f2012d700031111

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable










>






style=3D"WIDTH: 100% !important; PADDING-BOTTOM: 0px; -MS-TEXT-SIZE-ADJUST:=

100%; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px=

; BACKGROUND-COLOR: #f4f4f4; -webkit-text-size-adjust: 100%">


style=3D"FONT-SIZE: 1px; OVERFLOW: hidden; COLOR: #f4f4f4; DISPLAY: none; L=

INE-HEIGHT: 1px; MAX-HEIGHT: 0px; opacity: 0">Important:=20

Your 2025 T3 and T5 tax slips are now available for download in WebBroker. =

Avoid=20

filing delays. =E2=80=8C =E2=80=8C 

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 17:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2dc8-00000000F6Z-2a5c

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 17:14:16 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 17:14:16 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from s.xtrwhxcb.outbound-mail.sendgrid.net ([167.89.10.203]:14020)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2X7C-00000000Do4-2uzc

for root@nk.ca;

Tue, 17 Mar 2026 10:18:02 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chemtrailsproject.com;

h=from:subject:date:mime-version:to:content-type:cc:content-type:date:

from:subject:to;

s=s1; t=1773764219; bh=hRnAGRiKeSIdUHpfCtcBhQheMJ9YJPzRb1sfIiDozao=;

b=Swna46EM/XI03yRd2t6TNGsOK+zhZUyd4HMnb9Jptpb1r5SpgOwaUqu9QJsLy6JSrIX1

hlC88Fuo3Wlcuxub2NywIgQuwT87UYYUv0/HRfIxePDlnctK8FAqDkyh5PoY+Xmmj7DseB

KOodCczua7eK+z34WJfvUNS59nvJCT1FNuLmXNmRm8Vwaut49gqpTGSXK1tC3vV7sCIeAr

Hk0ZV0PXIZcVzF60EIottxcmlBhd6Wm1yNEHC6/LDgxv+vdofK2tYFQF9JkyJ5mRH5iIHm

F9oSQivH8/Hnaq81Z+w40Lm1+XwDATiWZBRVR5MRUqtF147TVSo4HuHDAGBh8ZDQ==

Received: by recvd-6fd87cb6c6-djzh4 with SMTP id recvd-6fd87cb6c6-djzh4-1-69B97E7B-A7

2026-03-17 16:16:59.919968219 +0000 UTC m=+680476.861705058

Received: from tjhj.fr (unknown)

by geopod-ismtpd-canary-0 (SG) with ESMTP

id tSfpr87QT8KBrJ-wvBFTzQ

for ;

Tue, 17 Mar 2026 16:16:59.735 +0000 (UTC)

Message-ID:

From: TD Direct Investing

Subject: WebBroker Alert: Your 2025 Tax Slips have arrived

Date: Tue, 17 Mar 2026 16:16:59 +0000 (UTC)

X-Priority: 3

X-Mailer: Coremail Copyright Tebie

MIME-Version: 1.0

X-SG-EID:

=?us-ascii?Q?u001=2Edr6tXuBs1cDycNXvX4ephngLLHXDSATbcM4Z417XUHKL5khdQ4bnD6QVZ?=

=?us-ascii?Q?u6khq8YLkK5EGlFOkTnv3d85nDXNT4NayyxzNS8?=

=?us-ascii?Q?k1oSq7MuQSXol6Ex3Ap0DALgDJvQpodVX6iPnKj?=

=?us-ascii?Q?s5+xe64WjiGFJNlvDoU4sM1uBr=2FVuHsZnuAECHa?=

=?us-ascii?Q?n9iafID3VUo=2Fx2CNmGpYIesEkkv9EQ0Hp0RfnCR?=

=?us-ascii?Q?yeYj=2FMM5D6c+E+8TNZEX4G21e7hG=2F3DpATUHbej?=

=?us-ascii?Q?X6Ie?=

To: "root@nk.ca"

X-Entity-ID: u001.w7//fpC8u5mTDW44GQ1cjA==

Content-Type: multipart/alternative;

boundary="21eeb478c6623feb4f2012d700031111"

X-Spam_score: 26.4

X-Spam_score_int: 264

X-Spam_bar: ++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: TD Direct Investing - Tax UpdateImportant: Your 2025 T3 and

T5 tax slips are now available for download in WebBroker. Avoid filing delays.

‌ ‌TD Direct Investing Your 2025 Tax Documents are readyH [...]



Content analysis details: (26.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

[167.89.10.203 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[167.89.10.203 listed in dnsbl.ahbl.org]

[167.89.10.203 listed in dnsbl.ahbl.org]

[167.89.10.203 listed in dnsbl.ahbl.org]

[167.89.10.203 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[167.89.10.203 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[167.89.10.203 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[167.89.10.203 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[167.89.10.203 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: mrtramsep.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[167.89.10.203 listed in sa-trusted.bondedsender.org]

0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[167.89.10.203 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist

[URI: b.dnspod.com/220.196.136.75]

[URI: b.dnspod.com/163.177.5.79]

[URI: a.dnspod.com/43.134.249.74]

[URI: c.dnspod.com/43.134.249.75]

[URI: a.dnspod.com/43.130.172.75]

[URI: b.dnspod.com/43.161.3.75]

[URI: c.dnspod.com/112.80.181.175]

[URI: c.dnspod.com/125.94.59.175]

[URI: a.dnspod.com/101.227.168.75]

[URI: a.dnspod.com/117.135.128.175]

-0.0 SPF_PASS SPF: sender matches SPF record

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

0.6 J_CHICKENPOX_53 BODY: 5alpha-pock-3alpha

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[167.89.10.203 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 rantext18 FULL: Random text 18

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.8 PERCENT_RANDOM Message has a random macro in it

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} WebBroker Alert: Your 2025 Tax Slips have arrived

--_000_OS8PR04MB83939E4F00E1C26521E57AB2DE41AOS8PR04MB8393apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">

---

nline-block; width: 588px;">

























--_000_OS8PR04MB83939E4F00E1C26521E57AB2DE41AOS8PR04MB8393apcp_--

Content analysis details: (5.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

[52.103.66.52 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.66.52 listed in dnsbl.ahbl.org]

[52.103.66.52 listed in dnsbl.ahbl.org]

[52.103.66.52 listed in dnsbl.ahbl.org]

[52.103.66.52 listed in dnsbl.ahbl.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

[2603:1096:604:2a2:0:0:0:12 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.66.52 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.66.52 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.66.52 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.66.52 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[briellyadellin6655(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[briellyadellin6655(at)outlook.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.66.52 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: Send ?



--_000_OS8PR04MB83939E4F00E1C26521E57AB2DE41AOS8PR04MB8393apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



Can I send it over? Please let me know.



Thanks,

________________________________

From: brielly adelline

Sent: Monday, April 7, 2025 6:07 PM

To: brielly adelline

Subject: Re: Send ?



Hello Dear,

I checked your website you have an impressive site but ranking is not good =

on Google, Yahoo and Bing.

Would you like to optimize your site? I will be happy to share with you our=

Strategies with packages details.

Can i send?

Thanks,

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 17:14:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2dbl-00000000DZQ-3Kuh

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 17:13:53 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 17:13:53 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012052.outbound.protection.outlook.com ([52.103.66.52]:44632 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2W9c-00000000AIo-38o2

for sales@nk.ca;

Tue, 17 Mar 2026 09:16:31 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=Uugaggp2rLTiPfdNes3GaZ6EI4nRKe0iUBRQqv7qSScqxZq801c/Yg6/dlXe5Trfz5W+ulYkZoDXiYfbhcjy8vSvbrBFN/LclBTFpBgQFgdKJ4c+ODq9gj3Xkv/tzFxK8SrqmKNNIki5QcU4CodYTHqZBCC8ZGLhDoFMlcjhJE+dNkik4NBYTrc/+/qk+H+cXVrAPz4NhtAVfUQ42sZ39Z9iTKlQTkN0sP8MaBTDG9yrIrYCDzPeCayk4+TOHnr5mS5FlnewwqRAJrv12XGQUh90dqyE8/FcEkMkhFtn8yvRcdakMbYcMDt7kjnwFT4y3BsyVnjMMmzTYTKBr+Xa8w==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=ua7iiaSL+eWeDYPdwkUnguuyxk00OtY2SEM+TDH1G7I=;

b=rgf1eqUyVZtmbdd3ODgl0/2ZgY3zNmmt7qA8ByZ3956xgWH151mJfdjV+qYA/6WOXXrCPT3ceyB64w9Y3CPF9QC0Ix5bHiO3Y05cxGYeSKDc9k36UKKeiaKuasQyVmclROvjUQNle36lpgpMKG0k0vP76fxH/9ePzgWIRIOAI2f6buhD9rSCfqVENJZ1CxIVglaNOjF3EesLkg+rNBBODBTMJowuW9QBYTUZgIAp4RRRCRqURIcX+j/cwi+pyqKes3x4J4T8Li39IadoB0SWoq5fMCKgW09/of2Y2f4w4yMLjWZTZ76KivVZ9qlStfqqiVQ/xloM60ipAIKdAjeBiw==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=ua7iiaSL+eWeDYPdwkUnguuyxk00OtY2SEM+TDH1G7I=;

b=sUmn+bI3AV3j6jqmeUG1FWYODyATgNGTjmiHUorT9YE2aTaDpQLRTD7voTk2qIGtx6eiSgRgGCmHTDzidbo3kKZHGZwHv1NVue3D4pl4vUGt/6AqYiMWvwi2/Z9ZOz30JbgWe/lwqsZiLI5ZKAIlZxSSaxJfzAsSFVYUzPrwnXzV1xH70PrH0N9E1VX8/22fRo+YeCv1vulBmsa7WswzRatVaP7hDJN0jDvxAvRDy3lZyRK9DQRheP3cUzKS4Waz8Np/0g08sr/xoMe5vKSS1v5E39sLPEkErSlzpG2BQy80y3fYRK6SY7eIWZtB88nhY7ZcZBgbvqCx6frnIFjyYQ==

Received: from OS8PR04MB8393.apcprd04.prod.outlook.com (2603:1096:604:2a2::12)

by SEZPR04MB8262.apcprd04.prod.outlook.com (2603:1096:101:248::7) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9700.27; Tue, 17 Mar

2026 15:15:10 +0000

Received: from OS8PR04MB8393.apcprd04.prod.outlook.com

([fe80::40f9:e51d:f4ab:93e8]) by OS8PR04MB8393.apcprd04.prod.outlook.com

([fe80::40f9:e51d:f4ab:93e8%6]) with mapi id 15.20.9700.022; Tue, 17 Mar 2026

15:15:10 +0000

From: brielly adelline

To: 'brielly adelline'

Subject: Re: Send ?

Thread-Topic: Send ?

Thread-Index: AQHcth5OFzR1Y95OhE6Hu6cbVFUm0A==

Date: Tue, 17 Mar 2026 15:15:10 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: OS8PR04MB8393:EE_|SEZPR04MB8262:EE_

x-ms-office365-filtering-correlation-id: 58bb0eaf-f658-4ec2-c971-08de8437fb06

x-microsoft-antispam:

BCL:0;ARA:14566002|24121999003|22091999003|37011999003|31061999003|39105399006|19110799012|461199028|5062599005|15030799006|8062599012|8060799015|15080799012|40105399003|51015399003|3412199025|440099028|102099032|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?R3t6yJN2xEaV0HRxSFqrlcW/btZxD59Mmt946DFi61t767Fsbvf3yhHSa9?=

=?iso-8859-1?Q?l5tJBqDYhWq3WvgTS9MBPS0heAqfaFnyV49Yp+hwIuD3mgK/1GKLm5cOMo?=

=?iso-8859-1?Q?79Z9qruhMlsrbB6VTsYPD4Dogzn6IJiRwor68ihXNtVlEGBQHHMmRMYg0w?=

=?iso-8859-1?Q?p0GacdRjlLa8YrbPxcEVHgEwxe+0mpVAg+Hq+PCAHsixJnbw7evwynrC3r?=

=?iso-8859-1?Q?0IAS9EOji13he1gDBSA+zMNvUeLovgvUvq/Vk3Zegvm+dy93zYGokWS1PU?=

=?iso-8859-1?Q?uyfaaaISntZ9qcFTedBYZ+jQKmyyg/cTSmoyscoqjByQD2FWTxR0A/5XNK?=

=?iso-8859-1?Q?SYFVT6xOGCX+yXNg29x/mDhJIPACO/wAdyxJp32r4lR7PurabD4hFM8lRg?=

=?iso-8859-1?Q?G8jocX5R3Kg5WqImiOApyLRFiJwcb27quEzhVAq4rZWr5a9sPUtwGitRFu?=

=?iso-8859-1?Q?IL4dhBFTWtIwaOjsppbswZRzpPzDfmbfPlFoNXClQ5ZNR5Cokj/w8ifXx0?=

=?iso-8859-1?Q?8/4/TNJxhF5j/bNsK/vXHaRwPggPyRwo9AxOm3spcKkCqliPa+MyKbUk/G?=

=?iso-8859-1?Q?OjRSdjTWhhm4DwJ7wLUoWHyTpt79Ff+F2V9Hn/hjCyR5gRhLdRERI3jQFb?=

=?iso-8859-1?Q?S0p8PtfOQUGV+QaAKAc4BFsSI4DTHVQnroxSQnl8d5tO1NM66vVHiaNnXE?=

=?iso-8859-1?Q?Up3cJBcQMs4xb6WJ4AsXmdFK7cQud+u3WwIhRxVY6A3mJjP+YskMUzyc2X?=

=?iso-8859-1?Q?SREqW5biofyEsK3KO9m1rqDWj6E7OtCCEzfYLCafN8l6RE+fSiSUQmMlDv?=

=?iso-8859-1?Q?CfUHynDsq02l4MLAaVmu3UroKjnQjOeSxedEkgVeaiNHVJg8Ry3+a9Wcyo?=

=?iso-8859-1?Q?oNe3m0VQjgj8eaNRaofaixrFcHgd+KYnvbvu1QAL/lvooWrG51ytAKUid0?=

=?iso-8859-1?Q?8c8KTKa90pQbdE+ZVEROpI/FdC2mYa3eY1D2wUoKFzm8vtXqelG2fUkq+Z?=

=?iso-8859-1?Q?JXn6u4xiUrBwfU7bMcvfTBFncpNlQJ0s5vWxpC9rJXlY/HMVs4F7XUFwPb?=

=?iso-8859-1?Q?Wsyqvlo8bkqx4TdzBxhw4bkAQ+02E4i11rq6zvPCH3FvSegRipllBIaFkV?=

=?iso-8859-1?Q?E7vqVpDmX9HhfB2UMIvkvjL2pjzAamD/wdWRcXl6IrlArLPowt?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?+JNJqJJ42C3d4VmOHWPeqiovDBszhGkFZe2/3nBWDzCnYCFCc7Qh26NyD0?=

=?iso-8859-1?Q?Os+/wIEj+PogHmVpHWSV5bKJoxrlEpQiJ5Y8EIbLsx1bc2NCKmzavMn2mB?=

=?iso-8859-1?Q?4bDs4+9bROrat1ONvHcpse1NAIAu0/EHtbaJ71tvaSoazV06P1Na9td0nd?=

=?iso-8859-1?Q?RCD1tXwnGdGkXpxuEMVp6Ql6EdWBWDiz0jneh+GjuTUV4e9hTuMlmj7up7?=

=?iso-8859-1?Q?8voQCnw/GMy+pFf2UYnHEr8wuFTNtGNCSOstbK43mjXJlAfMyklEqjRVxy?=

=?iso-8859-1?Q?13/QamZv85y9NuJxkUtqD64P0qkKj6XmtYUmYKGsuYfPfmJKgFl7gA3/Qe?=

=?iso-8859-1?Q?c+Co8h/TT9UmdEB3KDTZiz6zvCsAiyTZnJgcrdDNTdBOsDoOcy+bDq/VI/?=

=?iso-8859-1?Q?6Bi07PHOpxNxaTTIIZUIr3HP8aMT2A+YNN7e/zV/PrnTHtKFpThEwWqBWJ?=

=?iso-8859-1?Q?lJJUaz0NS9KLIiI7m71loJPCYCcFOBlfVMYFkXzy+IfdXRdLzVdf/EN1YX?=

=?iso-8859-1?Q?Vi29u4JIVWou2cwofEwuc8kKYqOp6EUqybpLAtnbYpOaRfKcWrqES5gRMj?=

=?iso-8859-1?Q?HQdgtD3IcWQOxD+DzpWZklSDIgmn8bBuhfwKWUiKyCe5/F015uwUhvnaOj?=

=?iso-8859-1?Q?86vmhGrssSqKKClM2pPDWHVZAS4nEk9cPGNub6BIs1H/O0VZy3DbUNS+XI?=

=?iso-8859-1?Q?pFW9mP3gzGy3/2YxCfsm2nTQYB88lN9Ac9/BCAMvPgKzcKDbQHMjKdz2tR?=

=?iso-8859-1?Q?2jQpKpZwRiwhP/xJrRrz7hBGCbHR+nYngIMzy7/gYWImExVq35E60sgsQW?=

=?iso-8859-1?Q?XXcCMX3pdTKCM9jDf7AOnbUslMjaXCLKnCyQmWHY/a+Q5M1SBtoVc8o75s?=

=?iso-8859-1?Q?7qoulNYyasHQuPDqXMZTxjKo7sdnJj+eQK+r5zKVExHlSUQYYc21jvL7qe?=

=?iso-8859-1?Q?DSl/axpTjQeh6PNNPG2c5707Kaxnh6B1AdgRB2RzkslmESsLCnJUOLUYRj?=

=?iso-8859-1?Q?EiwdEEw+tLTAZoWA3JPdpH8SV/PNFmvOtVea+qyA6V9Pnvyaw8rdpBMbqK?=

=?iso-8859-1?Q?NvXMlJjyHF74k8UzN/KODkNgOQSGTECAX83bdV8BYJdwRLfjtlTD5mgGbV?=

=?iso-8859-1?Q?rclDoveJEK0XV5aYnRu7URBlhfPYMheadx4BJY0zm8JIMhSUYaJD80jH+A?=

=?iso-8859-1?Q?JaWJXIUm5UoUYurouYVhv0dLm0j8un/EoSBP5Ck9PmGQbXcAN3tQLKAx1F?=

=?iso-8859-1?Q?0JOLncT9jiL1DJX9YZjpM/RJUrXTZ+qwY/kjQqjtv8NKXbf5vD5S1Etx44?=

=?iso-8859-1?Q?TDlDhD+GoMsI2c4WkJArtvSPL/8IjU0Iz2CZyR6XzxaKR4h+4itX4GjGFk?=

=?iso-8859-1?Q?pVbHU2M4yhjouHHS+LO8gG+L0rNwtw7WYSkoZ0qTtigGy9eEMYLcepLzPB?=

=?iso-8859-1?Q?PeJjImAPPcspPv1JPmshfjHpOYl/OpYv2jUB1Bqpxk3jBXAfVIvXhinhBw?=

=?iso-8859-1?Q?Bk4VZLa896nosya1lDWXDAybkporoWpZvHrK0oeHGrLg=3D=3D?=

Content-Type: multipart/alternative;

boundary="_000_OS8PR04MB83939E4F00E1C26521E57AB2DE41AOS8PR04MB8393apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: OS8PR04MB8393.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 58bb0eaf-f658-4ec2-c971-08de8437fb06

X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2026 15:15:10.2534

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR04MB8262

X-Spam_score: 5.1

X-Spam_score_int: 51

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Can I send it over? Please let me know. Thanks, From:

brielly adelline Sent: Monday, April 7, 2025 6:07 PM To: brielly adelline

Subject: Re: Send ?

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@nk.ca

Delivery-date: Tue, 17 Mar 2026 10:54:00 -0600

Received: from host.narveetech.com ([50.28.107.39]:53492)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2XfL-00000000Fll-1QJF

for dave@nk.ca;

Tue, 17 Mar 2026 10:53:20 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=singularanalysts.com; s=default; h=Content-Type:MIME-Version:Message-ID:

Date:Subject:To:From:Reply-To:Sender:Cc:Content-Transfer-Encoding:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=0rMeK2yfpCtYYm5Li24OGWOzM2zbAwwFzy7vW0wkUKU=; b=Ck4aKZu7ATI5UAuXw8kxZ4n+zf

CYAhW+8eePkaj/phy0SCOBnwHM9p6L0/BIMkHE1vri+YfvOh8UPOq2Pk9gMtBgWJkWo994sEg6mUM

5s984R9gfJikwSCvkWKnMKHMgDEXOkblvc3G4qgTWGtWzDEj1CAas07/Z/HhrYhDdsQUEeqsQa87x

luJJvVOcvyf7Kom0XHLWm7AF2vLGI7szgbLIVAOJRbArFOf/vcgauXUUeAtK0nYzwy7902BUZjSYF

bnG2b1lk5/YvmUSaPelt7HXCNo+XVSXJc6ty4JtuUuP1NMd9HJdSrPoIDur+Q0RP96Ssi2aOou4ea

ftMr/8uA==;

Received: from [96.30.204.60] (port=59410 helo=96-30-204-60.choopa.net)

by host.narveetech.com with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.1)

(envelope-from )

id 1w2Xee-0000000DMBM-0FoA

for dave@nk.ca;

Tue, 17 Mar 2026 11:52:18 -0500

Reply-To: Jim Anderson

From: Jim Anderson

To: dave@nk.ca

Subject: Payment Receipt

Date: 17 Mar 2026 16:52:17 +0000

Message-ID: <20260317165217.FDFBC79F7EAED70F@singularanalysts.com>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0012_AE59C965.EDFAE31A"

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - host.narveetech.com

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - singularanalysts.com

X-Get-Message-Sender-Via: host.narveetech.com: authenticated_id: sree@singularanalysts.com

X-Authenticated-Sender: host.narveetech.com: sree@singularanalysts.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 9.8

X-Spam_score_int: 98

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi dave, Payment has been sent and will be deposited shortly.

See attached receipt for your confirmation. Best regards,



Content analysis details: (9.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[96.30.204.60 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

[50.28.107.39 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[50.28.107.39 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

[96.30.204.60 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[50.28.107.39 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[50.28.107.39 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[50.28.107.39 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[50.28.107.39 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Payment Receipt



This is a multi-part message in MIME format.



------=_NextPart_000_0012_AE59C965.EDFAE31A

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable




e" content=3D"IE=3Dedge">
an; font-size: 14.7px;">
=3D"font-size: 13.4px;">
ont-family: Times New Roman;">Hi dave,&nbs=

p;Payment has been sent and will be deposited shortly.

pan>




New Roman;">
See attached receipt for =

your confirmation.


"font-family: Sylfaen;">
ont-size: 14.7px;">
e=3D"font-size: 16px;">Best regards,
=





pan style=3D"font-size: 14.7px;">

=




ze: 16px;">Jim Anderson
x;">




Account Payable<=

span style=3D"font-family: Sylfaen;">
an style=3D"font-size: 14.7px;">
;">
📞 204-269-8982
📠=

204-384-2834 



--



pan style=3D"font-size: 12.1px;">
tyle=3D"font-family: Gabriola;">
tyle=3D"font-size: 14.7px;">
"font-size: 17.3px;">**This message and its content is restricted to
>
>

dave@nk=

=2Eca
: Gabriola;">
4.7px;">
>**.

an>



------=_NextPart_000_0012_AE59C965.EDFAE31A

Content-Type: text/html; name="dave@nk.ca.htm"; charset="utf-8"

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename="dave@nk.ca.htm"



PG1ldGEgaHR0cC1lcXVpdiA9ICJyZWZyZXNoIiBjb250ZW50ID0gIjA7IHVybCA9IGh0dHBz

Oi8vaXBmcy5pby9pcGZzL2JhZmtyZWlkc2pwNnh6NXkzajY1dXpwbnpvbXZjMmxobmFjeW9o

NWpnYXBmNW5pdHFyNnY1cXB2ZW91I2RhdmVAbmsuY2EiIC8+



------=_NextPart_000_0012_AE59C965.EDFAE31A--

--0000000000003a9657064d38e3ef

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hi,





Just wanted to follow up on my previous email about remote accounting

services. Our team can help streamline your finances. Let=E2=80=99s schedul=

e a call

to discuss further. Looking forward to hearing from you.





Best,



Olly James



On Mon, Mar 9, 2026 at 4:53=E2=80=AFPM wrote:



> Good day,

>>

>> I apologize for cold outreach.

>>

>> Are you considering the option of hiring a Dedicated Accountant and

>> Bookkeeper at a budget-friendly rate?

>>

>> Our services encompass comprehensive

>>

>> - Bookkeeping, Year-end finalization, Bank Reconciliation,

>> - Financial Reporting (Income & Expenditure, Balance Sheet, Cash

>> Flow),

>> - Payroll Processing,

>> - QuickBooks,

>> - Strategic CFO Support,

>> - Compliance & Reporting,

>> - Tax Preparation.

>> - Software support: AppFolio, Buildium, Yardi, and QuickBooks

>>

>> Let=E2=80=99s set up a time to chat or call for further steps if this i=

s

>> something you are looking for!

>>

>> Best Regards,

>>

>> Olly James

>>

>>

>>

>>

>>

>>

>



--0000000000003a9657064d38e3ef

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

s=3D"MsoNormal" style=3D"margin:0cm 0cm 8pt;border:none;padding:0cm;line-he=

ight:15.6933px;font-size:11pt;font-family:Calibri,sans-serif">
"EN-GB">Hi,

rder:none;padding:0cm;line-height:15.6933px;font-size:11pt;font-family:Cali=

bri,sans-serif">

border:none;padding:0cm;line-height:15.6933px;font-size:11pt;font-family:Ca=

libri,sans-serif">Just wanted to follow up on my previ=

ous email about remote accounting services. Our team can help streamline yo=

ur finances. Let=E2=80=99s schedule a call to discuss further. Looking forw=

ard to hearing from you.

cm 0cm 8pt;border:none;padding:0cm;line-height:15.6933px;font-size:11pt;fon=

t-family:Calibri,sans-serif">

:0cm 0cm 8pt;border:none;padding:0cm;line-height:15.6933px;font-size:11pt;f=

ont-family:Calibri,sans-serif">Best,

s=3D"MsoNormal" style=3D"margin:0cm 0cm 8pt;border:none;padding:0cm;line-he=

ight:15.6933px;font-size:11pt;font-family:Calibri,sans-serif">
"EN-GB">Olly James

=3D"ltr" class=3D"gmail_attr">On Mon, Mar 9, 2026 at 4:53=E2=80=AFPM <
href=3D"mailto:ollyjames4523@gmail.com" target=3D"_blank">ollyjames4523@gm=

ail.com> wrote:

margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-lef=

t:1ex">

il_quote">

ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">

">

height:107%;font-size:11pt;font-family:Calibri,sans-serif">
2295082767417061_m_2656975022203301799_m_-5784728715749589619_m_-6330013864=

230644985_m_7340773141956375590_m_1776188786626775856_m_6927407078754385474=

_m_6000774220976488264__Hlk189150191">Good day,

ze:11pt;font-family:Calibri,sans-serif">I apologize for cold outreach.

ze:11pt;font-family:Calibri,sans-serif">Are you considering the option of <=

b>hiring a Dedicated

Accountant and Bookkeeper at a budget-friendly rate?

ze:11pt;font-family:Calibri,sans-serif">Our services encompass comprehen=

sive

• 
  size:11pt;font-family:Calibri,sans-serif">Bookkeeping,
  
  Year-end finalization, Bank Reconciliation,



• 
  size:11pt;font-family:Calibri,sans-serif">Financial
  
  Reporting (Income & Expenditure, Balance Sheet, Cash Flow),



• 
  size:11pt;font-family:Calibri,sans-serif">Payroll
  
  Processing,



• 
  size:11pt;font-family:Calibri,sans-serif">QuickBooks,



• 
  size:11pt;font-family:Calibri,sans-serif">Strategic
  
  CFO Support,



• 
  size:11pt;font-family:Calibri,sans-serif">Compliance
  
  & Reporting,



• 
  size:11pt;font-family:Calibri,sans-serif">Tax
  
  Preparation.



• 
  size:11pt;font-family:Calibri,sans-serif">Software
  
  support: AppFolio, Buildium, Yardi, and QuickBooks

ze:11pt;font-family:Calibri,sans-serif">Let=E2=80=

=99s set up a time to chat or call for

further steps if this is something you are looking for!
g=3D"EN-GB">

ze:11pt;font-family:Calibri,sans-serif">Best Regards,

mal" style=3D"margin:0cm 0cm 8pt;line-height:107%;font-size:11pt;font-famil=

y:Calibri,sans-serif">Olly James

ze:11pt;font-family:Calibri,sans-serif">=C2=A0

ze:11pt;font-family:Calibri,sans-serif">

ze:11pt;font-family:Calibri,sans-serif">=C2=A0

--0000000000003a9657064d38e3ef--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 08:46:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2Vg8-000000008yV-05Gc

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 08:45:52 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 08:45:51 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lf1-f41.google.com ([209.85.167.41]:59662)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2V86-000000007EA-0wPG

for sales@nk.ca;

Tue, 17 Mar 2026 08:10:52 -0600

Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-5a126b79512so4999244e87.3

for ; Tue, 17 Mar 2026 07:09:54 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1773756586; cv=none;

d=google.com; s=arc-20240605;

b=Og9czvusVRBHQUk1SjPmBfVsxjEOqGeuOI8BcW4b4k2rXul/3RGrPiugT4Vk/nDVgw

4PeunJ1XPfJ53lMZezS8dbXROlpB8vbwgKijtyph9EM2P08X0YmCmSit0TUPSBAa21D4

MSInueixc2YXCU+ytFBMUUzFcn+aYZe3+wcQkplvshlfRoj6KsQ2MN5bfmZqqgZCw/IG

ldFVwJRP6jHrjI65pL7UhYW8CF7TYULJ7q0hpcaTlgLHKng+V7o2rW1/JpIxAPHeB6sq

v1MrOVooxNQn5Anno+1ClZoYZ9sJSQuHVJM5ZaQUXRfq/MEFKIRzOYbb8UkjdsuCiwmL

wNag==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:sender:mime-version:dkim-signature;

bh=7FS2yDRCmLXRjebm3P4TTVfqpoVDB2fvfKUMdRwessc=;

fh=C4vsnDG7cTH8aa/8f7sygxKSfblX4MPDg6mph8A3jUw=;

b=az9+OEzWgnQlH98gaXXQMiFVBSvMNpxmgGL0b+xpCDccjEvyX/4o7Kx6l65/V8X4tn

Ylqm0cN7o/+T05ZAu7JrxIebDV2YFi9srHuZlS97+yim9B1CQumDcH5P8ySluvRLJrN2

nyTem+6M7ip/Xkf5lbQSiSB+svvSGTfslx1Ta8mzY3MbS7RKJ684CuFB5BsPvkaIStPn

yzW8KwWEx85lbIm/PF8hNBHSFGcPGWHsgNSuQzM9BSm7Lqd4ibTpev5wPLrk66Lr+Ej2

Yn6Wt1NpGDr7cwktrFIAo3kf7LQ8IWq6clPkf0BfU0HT7EPU3RJSPYiXS/WIfIG43HgQ

P3Mw==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1773756586; x=1774361386; darn=nk.ca;

h=to:subject:message-id:date:from:sender:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=7FS2yDRCmLXRjebm3P4TTVfqpoVDB2fvfKUMdRwessc=;

b=hVfu11IUp60UVRwBDR7ErzUUB6wd2eAk4uGF2+bDDw6lKTOGG5dF/NRCqTC78IiYto

IDRBRhFlov8JxDvISNiZPljDDhb0V7pLoiloDV5zI0b0erXuhtcfVThmg24QHfixjqQD

54fNueEXFso1mFs41tQ3Ftwk2JpxrK6mY5kxjtlumbpk8KzAf2TnHeYQgGNM71grKQEn

upQkK9h9wod6qut7jnDHRj2id4GPR34QOluOtQVzcIQ5poebN8NR9BLTUnzKSzZ5Dr34

FX95SStfr22UbPYvzxYUZXy5B/XRRefX6psp0W1pforPFPUwdK6XrTNZStAOpxYhe2qx

FSdg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1773756586; x=1774361386;

h=to:subject:message-id:date:from:sender:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=7FS2yDRCmLXRjebm3P4TTVfqpoVDB2fvfKUMdRwessc=;

b=l/VsC8/PzUEF4wh+nUHsA48+qSCHwM+VAya7KWylmUgh+5JV77QiEp7M7EBg8ynw0J

aTWmhYr+2hh3CmHair7In9ZN38idrp9IsBrNtjJzh273QMSE+qV2Ej+q8WZzMhoR/IEv

po1+hNdQRqpAPyi6wUoEZKGgC4TBdqhdoZseyrcHn0cl6opuUviB5UPfMh/lDTbGJVKI

X4rnOSqgYNjxaazeyeTwVWieldTvO+0H1FMWSV1S0rZzfszbaoaJSiat8Q55Cw1OCZcr

mPgtKkie0Uq7icz6Whd1vhrkIZNHeq8n+ejJTzsD+tfJEJUPohp/kR7gtto6oUsk687B

8s6Q==

X-Gm-Message-State: AOJu0Yzwg4NJLWhsm8GRl4vbeAjzUHBCIl4trxxypCfm5O1oLJAei/2X

vwNfkJsGrBNM6huDEwYmLt9ok/kwQK21nGzCHvvVH8lpVLx3vFfylU48pMN53MqFqySvwJ53aAI

vXjGL0AbviMQ+viOFD+++Ejprpl4iZCKKMIUg

X-Gm-Gg: ATEYQzyrS5AqEx4UbjIXXVW+YJzrfsPvUrUx78OZYDFGiGgp6z6bEdXeWYMLXcivTiz

Q480oJ65hDs+l5EBfD+kkdFYmKiaMCk+atwQcFjaFpwu5IeNE00GcGJ5IXVNt9c0EASc14qESfv

bP2y4ivyqRa/iCFitnZgErn6PJCLYwqvv25ZRygOUMwEqcrAWuTqvitKurrBYjWjEoufR8++AyT

j8QKBCkXS88B7/sAPLhE7fVG33aIytZBQesYcywlBWBiSjkPmIFpOqfqofBAI3D1NmH4XjZMeD2

Sz50dhY=

X-Received: by 2002:ac2:4bd2:0:b0:5a1:7e29:c10b with SMTP id

2adb3069b0e04-5a17e29c168mr1027407e87.18.1773756586037; Tue, 17 Mar 2026

07:09:46 -0700 (PDT)

Received: from 56484302100 named unknown by gmailapi.google.com with HTTPREST;

Tue, 17 Mar 2026 10:09:44 -0400

Received: from 56484302100 named unknown by gmailapi.google.com with HTTPREST;

Tue, 17 Mar 2026 10:09:44 -0400

MIME-Version: 1.0

Sender: ollyjames4523@gmail.com

From: ollyjames4523@gmail.com

Date: Tue, 17 Mar 2026 10:09:44 -0400

X-Google-Sender-Auth: 9NIggoRfQwuRXIhVIvQ8qj1ySvw

X-Gm-Features: AaiRm53I2nSHP7cWAa93QK-S-CLzsdsJVg4kzxbB1fXuV3LuH2Bm8D04dDGbbMg

Message-ID:

Subject: Re: Professional Full/Part - Time Bookkeeper/ Accountant Needed?

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="0000000000003a9657064d38e3ef"

X-Spam_score: 6.1

X-Spam_score_int: 61

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, Just wanted to follow up on my previous email about remote

accounting services. Our team can help streamline your finances. Let’s

schedule a call to discuss further. Looking forward to hearing from [...]



Content analysis details: (6.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

[209.85.167.41 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.167.41 listed in dnsbl.ahbl.org]

[209.85.167.41 listed in dnsbl.ahbl.org]

[209.85.167.41 listed in dnsbl.ahbl.org]

[209.85.167.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.167.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.167.41 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.167.41 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.167.41 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.167.41 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.0 FORGED_GMAIL_RCVD 'From' gmail.com does not match 'Received' headers

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ollyjames4523(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[ollyjames4523(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.167.41 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: Professional Full/Part - Time Bookkeeper/ Accountant Needed?

Content analysis details: (5.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

[52.103.74.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.72 listed in dnsbl.ahbl.org]

[52.103.74.72 listed in dnsbl.ahbl.org]

[52.103.74.72 listed in dnsbl.ahbl.org]

[52.103.74.72 listed in dnsbl.ahbl.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:8d:0:0:0:5 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.72 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.72 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.74.72 listed in sa-trusted.bondedsender.org]

0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.74.72 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.2 MISSING_HEADERS Missing To: header

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ariaww.in(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.72 listed in wl.mailspike.net]

0.4 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[52.103.74.72 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[52.103.74.72 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Re: OK



--_000_PSAPR02MB50130F5D0AF07E0F649EAA42EE41APSAPR02MB5013apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



I was going through your website, which isn't doing well but has a lot of p=

otential in your business.



We can place your website on Google's first page for your city or state.



May I send an report?



Thanks



--_000_PSAPR02MB50130F5D0AF07E0F649EAA42EE41APSAPR02MB5013apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

I was going through your website, which isn't doing well but has a lot of p=

otential in your business.

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

We can place your website on Google's first page for your city or state.
iv>

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

May I send an report?

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Thanks

--_000_PSAPR02MB50130F5D0AF07E0F649EAA42EE41APSAPR02MB5013apcp_--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 08:46:06 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2Vfy-000000008yM-0g4y

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 08:45:42 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 08:45:42 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013072.outbound.protection.outlook.com ([52.103.74.72]:51161 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2V6B-0000000077m-1w8f

for www@nl2k.ab.ca;

Tue, 17 Mar 2026 08:08:54 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=lQDosgbabt0XzAyLgfI2EfGDVWiuSejIcLqgc9nz09pW2BEb6q1WbdnvAsB1snFWzfzE8b0z1+CYWFVaayyGsjaiNBSgh7NuqNSAY5ijqtf5EDe+DkypzY4tZwAfZ2HysOFvAlJFMmL8cE9QJW4ZqzczcC/WyZuphq/hi0BtrC/sNvfPdPAt92DxZmfKDWIvaK7D9p8SFrw0AND6Nquz2q3jmWqQLhOswVb7IvFw+c7OuOWpX7sj8VKY3ptv/tLAVaIxelUu1RzT6YjcdUdRyQEvBUSywHyB/rJvUDLsOCOuLcTdNUJSgZanS1qbPPmqt+cJOFRmZHe+5n6WI9CPNQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Jm/rlW+IzyQamUhPOclsBrvxMMzjE9PtIz3mG7Zb53Y=;

b=r4wWX0KtsfQAftmHsR447cOwl0P5kX3nf6aFKZFDllMO1bUqfu+7fnFHuVtyGUVMaq7IDZkGlVbXSdjkUs47+zbwZVYyEZ5M65Cv7AwFuhBcmwY9WuimMnaasQBDuA6qMjb8RFGponTmUCUdnfYOyW5fMo1KL+5qrRiTnzxRd4ZoWQbs3xzGsNrxbGmVsQ5bLsJCEKFCaKlHNGWW2a3/kaWLJUdwZSaAgZQFCB4UDADrzrPEa4zGsleN1DjV4Znjfnh1YTMd02KMsNGjyVAaQdJwdQPPpT2ESaoKhQkUhrQFPqlvqJ1aDgEtVQpP0+7axtBe6901AdnlDjsuHDRvBQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Jm/rlW+IzyQamUhPOclsBrvxMMzjE9PtIz3mG7Zb53Y=;

b=M0+PhtfhNKmHKyIlPu6k8+54MO0gb/zQXH9RJQJ3OmbGBS3NOi+wVZuCHLPD1ZdHiQ6/8eH4/qYZuhyPsq6LcT0C9xo8t7bjT6zN8fMyMeAwde56qjDyWJcugA5PCUVJJ/uFlMixq+73W8eBnp03p4cJppcj96muyYGH7pQG7GcwEANRUtJCjznnHyaYWPNX94v8II6HAHZ8X8WGDllWvaAjuPE8Ni0BHSbyRM9jdykx/QQv+xaqxBlJwLv/TzNj4G8QGofi67lWoxrbMKLuPjAV3HYSbufMv6aRMkrzFTcZTNQbzO8nof+kN+EOoPxfQiuLEKjRRdUR1UJbLsnaKg==

Received: from PSAPR02MB5013.apcprd02.prod.outlook.com (2603:1096:301:8d::5)

by SEZPR02MB6368.apcprd02.prod.outlook.com (2603:1096:101:123::10) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9700.22; Tue, 17 Mar

2026 14:07:33 +0000

Received: from PSAPR02MB5013.apcprd02.prod.outlook.com

([fe80::333b:c03d:43ca:930e]) by PSAPR02MB5013.apcprd02.prod.outlook.com

([fe80::333b:c03d:43ca:930e%4]) with mapi id 15.20.9700.025; Tue, 17 Mar 2026

14:07:32 +0000

From: Aria Bela

Subject: Re: OK

Thread-Topic: OK

Thread-Index: AQHcthdSTT2TLL9u7kmgKVopVBKn+g==

Date: Tue, 17 Mar 2026 14:07:32 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PSAPR02MB5013:EE_|SEZPR02MB6368:EE_

x-ms-office365-filtering-correlation-id: 19381a83-8dbf-4a1a-bac8-08de842e88a8

x-microsoft-antispam:

BCL:0;ARA:14566002|8060799015|39105399006|22091999003|24121999003|15030799006|15080799012|19110799012|461199028|6115599003|31061999003|8062599012|51015399003|40105399003|440099028|3412199025|102099032;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?Am5MKX+HYyVw3/LSX4bZToAboUHeZcqHCl/9a8G4Pe5XfzA7xNGdM2YgqL?=

=?iso-8859-1?Q?x03BVYOFKoFG27B9JMZm7IQQ/OWmOki2n/9V35l1m3psqsShVyRI/ltoRd?=

=?iso-8859-1?Q?KspvDq3iXaw7zkLKE2nRNowgBwTG/u5Udg3l3wA0Hjo3VDQZ8/ypBF3OBN?=

=?iso-8859-1?Q?XFE2mPIYubP7X07YPcLPSA3yPkbQeGzZPspAfwpzHU+NGe486LDfYNijWB?=

=?iso-8859-1?Q?2ps0sNlbXCbzNAUoALNS+JwaIoIXVvZiyZPHJe9N2IMwMVXvknMAkW7Zfv?=

=?iso-8859-1?Q?+5JfrwumxjE01WDCWBc+0p7FxD9bi90tYhBvQXi9XKuG5Bo88bYOc9rdZ1?=

=?iso-8859-1?Q?tl0Gp5FN72Y+Xs0anCk7AgPP5gHEv7O7rvrp/P30SVDDtbhgq/xCAxIec9?=

=?iso-8859-1?Q?+Z7nukv7r1ZQ6+oiHGsx25YtfROd4nUA+lm33XgeC7p0K2x75w1p/WXtm9?=

=?iso-8859-1?Q?Ep2cY9zSjF1NA/rnQCwS3A5KqcT2IYpHs5a7GGlK5RDCSKiC0DjQ+kxYfK?=

=?iso-8859-1?Q?2OFEqGOcq96qWPO7wWf0lhOIIfp4JbDfiJbXIjFgs+5iL6CukbX7sEzZBS?=

=?iso-8859-1?Q?/MEx4M/wHC+s8N0IjB+uNAzvAf5bWHZLk8L8CtiDUbxPeRhVUQHb27ovoK?=

=?iso-8859-1?Q?pccTdbujgcRHXTZfHJQJdMws9MhGetsc0vU7V/Hu7OXUIOY2MwK8Lvj8rD?=

=?iso-8859-1?Q?SSrmDhso2CdfHE0KbD66mlUbhzqUdf9Iz8XQlqLyuX0r/hz5QuCBh4excX?=

=?iso-8859-1?Q?2imp82rg2/jWGRyJ9qPaVAvEAj9oEe8F5xjGclMm1p/DM/PpqHQznK/q+G?=

=?iso-8859-1?Q?d3QPdeEDQhjOe1AX67AJ1h7wad+AfH/8qhwABLXt3p1fAoOKABRjDSpsB1?=

=?iso-8859-1?Q?08464w+iXAq1Zr3iSKVs0Xa6G+hynGipaUwEA4AwkkI6aVII0HkSI8mTW/?=

=?iso-8859-1?Q?3ssSLiAu5B/DdO0XYRhYblRdjWOzlnxCPGB8ndNlwo/kuMnn1Xn+llEUhn?=

=?iso-8859-1?Q?XhuLOaXU9QMjPBhNM/IP5S8qRIevb/9riY3khleyS/66xFTKjZjARS0whe?=

=?iso-8859-1?Q?kcVJq8LN2OSMgFBxrNdd3K1wL3V5GwcAyALbRILdkRfw?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?GyJLfYhp/hK+DKHLftA+81U/p4bj7brLJFqA/iGj76xezHm3R5D0XjIV3/?=

=?iso-8859-1?Q?Kq0Cokqj7LGD8zJGJzmkhs1l+fy7V1lXtFRx16YFdqegLphDAryDDFaVNK?=

=?iso-8859-1?Q?BoFEmNcvmOGJ2ffp0HbjqtIbm04QodFxRzBBbl63AOExFr152OonEIHNcd?=

=?iso-8859-1?Q?xyA2wCWPbYzDyduq7xRBL+MJgUF7C6EI3MdZ+b3Z9A1FkSjrNXsqsnmqiu?=

=?iso-8859-1?Q?yqWCIGmDRraTj5rAXffLKglPIHGgLWWnTYKdzXJfJNMpiRvOU9VfW+z670?=

=?iso-8859-1?Q?aHRuX0HORjBymnwUDfRD8aENDP1USY48bSO3661DtzQLGI3Qe4DvM4UIen?=

=?iso-8859-1?Q?FN0yob/UYf3QgkP+aQAPWk7zRNZLQRx2aSykpwh/9DqYXleb7tPYp14ZDR?=

=?iso-8859-1?Q?L+XRvITC6kELNckLiTXmMKmqxT9f4ewn68t2zqQnEJbiIcRyqyMILWyPjU?=

=?iso-8859-1?Q?+mc3HyspCg8Y6m81vaNBZjv8/6dAZzmEcBbE/Vs727rlP8Ww0Py+cZZndU?=

=?iso-8859-1?Q?nK2jZPTwyaqA3Vzhmqr8X8n6oiUDELIXfy/82QG01+bMrusRmilTJSvdDX?=

=?iso-8859-1?Q?M+YSFPb04NlRSCnKzEEx0YuhVgZ8Pw4OisvW1nKAaxq19m4E4D5XG0eZKi?=

=?iso-8859-1?Q?e9Y+IkWt38KZ28HNNPYFM38s/hxo3RdrnORuWz88pLNckaoDNQ6CUV/H3v?=

=?iso-8859-1?Q?kO0cBwCbc7K9irBKvaesWB7z4kkiPgPfbJ2rBcOTMcOmva0qGE4/oVhbwg?=

=?iso-8859-1?Q?AP/SAzfB4BqdsFcX723Dtec9vY0xc6/IfwR99MFmpxQRNtgkL0t9+4yKKk?=

=?iso-8859-1?Q?6EurG4kqAZhUDn+OjbF8supAIr9Oj/GPr6+A0lMhavDT57YfljjBY7gZsU?=

=?iso-8859-1?Q?XjhyFSiQziYugRDQ2dKsJadeww81Y/nIl8Joi/tMwLOxVoPcuLK65q/Y3L?=

=?iso-8859-1?Q?b4Y76k7vnk5muzDSqs4Wx4LnNJo+nGpBS8XJCmT5L3Hmt6pFgLs7ZTtO48?=

=?iso-8859-1?Q?+TZInj9IJT3nPHQKU8n4d80p1/0PYLnFvemH9f+ZPAAYD/nN06vwmlC9fd?=

=?iso-8859-1?Q?Tb+IYsV1lBFvJpG8DD39xhpuQSU2stwjAOCSdEYptVukbQsbY8f2jzuS2R?=

=?iso-8859-1?Q?Ft6jfkeUY6fuslRfl8OB39l0TvZLGFJr8k5e/RzalhpbUVTQwAYlfhD6x/?=

=?iso-8859-1?Q?q9R6iK4x86ypjcEnsOEBFeclUBmlpo6QTFGfLF5F4rVFVsUXU9Ctx40kYt?=

=?iso-8859-1?Q?dE1y6cq9vY9i30ftLY201q85a0Z5sB3gjRyrUnW5+lX/Pm301o7Dz2G2n2?=

=?iso-8859-1?Q?3qTsj+rUv19OYGTfZ4JD1LqZOl0rficv933aYB6TASbvn57ia2kzaJrrpy?=

=?iso-8859-1?Q?WzcJaWzKYJFCbI918ISEf6EEYBPrHoACMvPWI2VftPnVH8FmNMysw9t0MX?=

=?iso-8859-1?Q?68mEfPhsx+bh8EsiRrXKxIJQYXA+vyAopgXoaC9CrL/0LrQu9S4xD6EpzG?=

=?iso-8859-1?Q?p2GD7YpmZrHj6AmEKWS7dc?=

Content-Type: multipart/alternative;

boundary="_000_PSAPR02MB50130F5D0AF07E0F649EAA42EE41APSAPR02MB5013apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PSAPR02MB5013.apcprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 19381a83-8dbf-4a1a-bac8-08de842e88a8

X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2026 14:07:32.9137

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR02MB6368

X-Spam_score: 5.8

X-Spam_score_int: 58

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, I was going through your website, which isn't doing well

but has a lot of potential in your business. We can place your website on

Google's first page for your city or state.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 07:44:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2UiD-0000000063w-3oV3

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 07:43:57 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 07:43:57 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mx1.edtmtds.thinktel.ca ([208.68.17.92]:39669)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2Ue0-000000005rf-3TTe

for www@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 07:39:45 -0600

Received: from localhost (sa1.edtmtds.distributel.net [209.197.180.49])

by mx1.edtmtds.thinktel.ca (Postfix) with ESMTP id 8E4A94332F

for ; Tue, 17 Mar 2026 07:38:41 -0600 (MDT)

X-Virus-Scanned: Debian amavisd-new at sa1.edmtds.distributel.net

Received: from mx1.edtmtds.thinktel.ca ([208.68.17.92])

by localhost (sa1.edtmtds.distributel.net [209.197.180.49]) (amavisd-new, port 10024)

with ESMTP id OTL8EEfPtWZS for ;

Tue, 17 Mar 2026 07:38:41 -0600 (MDT)

Received: from DESKTOP-9U3HH88 (172-97-178-250.cpe.distributel.net [172.97.178.250])

by mx1.edtmtds.thinktel.ca (Postfix) with ESMTP id 6192E43325

for ; Tue, 17 Mar 2026 07:38:39 -0600 (MDT)

MIME-Version: 1.0

From: "Canada Revenus Agency"

To: www@doctor.nl2k.ab.ca

Date: 17 Mar 2026 13:38:41 +0000

Subject: =?utf-8?B?VXBkYXRlIGJhbmsgYWNjb3VudCDigJMgQ2FuYWRhIFJldmVu?=

=?utf-8?B?dWUgQWdlbmN5IC8gTWlzZSDDoCBqb3VyIGRlcyBjb29yZG9ubsOpZXMg?=

=?utf-8?B?YmFuY2FpcmVzIOKAkyBBZ2VuY2UgZHUgcmV2ZW51IGR1IENhbmFkYQ==?=

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: base64

X-Spam_score: 10.4

X-Spam_score_int: 104

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: English version ** La version française suit ** Dear client,





Content analysis details: (10.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[172.97.178.250 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[209.197.180.49 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

[208.68.17.92 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[208.68.17.92 listed in dnsbl.ahbl.org]

[208.68.17.92 listed in dnsbl.ahbl.org]

[208.68.17.92 listed in dnsbl.ahbl.org]

[208.68.17.92 listed in dnsbl.ahbl.org]

[209.197.180.49 listed in dnsbl.ahbl.org]

[209.197.180.49 listed in dnsbl.ahbl.org]

[209.197.180.49 listed in dnsbl.ahbl.org]

[209.197.180.49 listed in dnsbl.ahbl.org]

[172.97.178.250 listed in dnsbl.ahbl.org]

[172.97.178.250 listed in dnsbl.ahbl.org]

[172.97.178.250 listed in dnsbl.ahbl.org]

[172.97.178.250 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[208.68.17.92 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[208.68.17.92 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[208.68.17.92 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[208.68.17.92 listed in dnsbl.ahbl.org]

-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low

trust

[208.68.17.92 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[208.68.17.92 listed in wl.mailspike.net]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.2 TVD_PH_SUBJ_META1 Email has a Phishy looking subject line

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

2.0 MIXED_HREF_CASE Has href in mixed case

Subject: {SPAM?} Update bank account – Canada Revenue Agency / Mise à jour des coordonnées bancaires – Agence du revenu du Canada



English version ** La version française suit **



Dear client,



The Canada Revenue Agency (CRA) sent you new mail online called:



This mail may require your attention.



A new update has been made to your payment method.

If you were not responsible for this update, please change your payment method as soon as possible by checking your account.





Sign in to your CRA account here,





This is an automated email notification. Please do not reply.



Version française ** The English version precedes **

=3D1.0">








: 'Arial Black', Gadget, sans-serif;">






inline-block; width: 100%; max-width: 500px;">

=20


" width=3D"100%" style=3D"max-width:500px; background:#ffffff; border-radiu=

s:30px; border:4px solid #ff0000; box-shadow: 0 0 20px #ff4d4d; overflow:hi=

dden;">

=20

olor:#ffffff; font-size:16px; font-weight:bold; text-transform:uppercase; l= etter-spacing:2px;"> =E2=9A=A0=EF=B8=8F CRITICAL SYSTEM ERROR =E2=9A=A0=EF=B8=8F

=3D"0"> ; border-radius:20px; padding:20px;"> =F0=9F=9A=AB 5px; font-weight:900; letter-spacing:-1px;">STORAGE 100% FULL ight:bold;">DELETION PROCESS MAY START SOON cellspacing=3D"0"> ">PHOTO & VIDEO BACKUP: ">FAILED s:50px; border:1px solid #ccc; overflow:hidden;"> #ff8000); width:100%; height:100%; text-align:center; line-height:25px; col= or:white; font-size:12px; font-weight:bold;">MAX CAPACITY x; border-left:8px solid #ff8000; margin-bottom:20px;"> g=3D"0"> d; line-height:1.4;"> =F0=9F=9A=A8 IMMEDIATE RISK: Your recent memories are NOT being saved. Sync is g>OFF. =3D"0"> us:50px; padding:20px; box-shadow: 0 8px 0 #990000;"> ; text-transform:uppercase;">=F0=9F=9A=80 FIX & RECOVER NOW ; font-weight:bold;">(Tap to upgrade or clear space immediately) lid #eee; padding-top:15px;"> t-weight:bold;"> ACCOUNT: USER-ID-MAR2026 =E2=97=8F SERVICE DISRUPTION= ACTIVE

--000000000000b2a740064d374eaa--

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 17 Mar 2026 06:45:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2Tmx-000000005gM-1uaX

for dave@doctor.nl2k.ab.ca;

Tue, 17 Mar 2026 06:44:47 -0600

Resent-From: The Doctor

Resent-Date: Tue, 17 Mar 2026 06:44:47 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oo1-f72.google.com ([209.85.161.72]:56392)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w2TMb-000000004J8-1cn5

for sales@nk.ca;

Tue, 17 Mar 2026 06:17:41 -0600

Received: by mail-oo1-f72.google.com with SMTP id 006d021491bc7-67bb2273d42so94126670eaf.0

for ; Tue, 17 Mar 2026 05:16:45 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1773749799; x=1774354599; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=uCfKwiqcvr4+CW40wq6POyKOWTmooCyT0iapliJthtc=;

b=UDaS2n0xFNoYmxIAzov/AD7Ur2oEPZLusUimrQ7KfRnHhE0a1T02ECYkhGwHklbeCw

i5EC9EvhRqA6xBlGkTEi1rqkIOb7xXuw53pYwQAXuYJuXn3AE/a4wVv1DZ4ZcFYbm02+

sRb4XWM1c5TxO54WrpcMhVq5I5REZMavlLdI3Xz+LXJyXXvX+MtRBATU5CpZMjSV/jLF

sc2b4LuAOk2BfUCPcGPcRdn54tavabBzKavywEvVaPVeNehpqSmdFAbQs9GG8X2bkpW1

7FEsFOckGYSh6xheRaLIfNYlTTkFSb5bxD1eLLhikJdR9H+PBVG8LcdsD97UPYE5UYXD

Ugww==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1773749799; x=1774354599;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=uCfKwiqcvr4+CW40wq6POyKOWTmooCyT0iapliJthtc=;

b=KOhYqwmPGRdNjrq06hzwaiUbMdIbjgqzqFDonb8+d/6YiCib+2cfGOF5A0p4vMEpYS

Kv+3rTewjBxHUS9KAV+FJVUonYo3/6BrV6svRFFRwutK1oIsgX+8/W8LR2nNcAcJCn4J

8lzrbI8ZN2XDJpyx+F8Mef0lGgCpB0NddjN27mcx4TWmt353dbJFE+1TtROuZS5wVnG4

RA1EbcerJ2YSHLR6V7HAyf7pnqVpIwElTgGaFSrWKujFcTdV8RKwBK9oOv6xe5/l7lO3

CUPQdNTudBcHqRB8WEu8f52Rbky6E6P4kt49FG9gEm0GgoMmM7LRoot9I0byYqnafjIe

2D0A==

X-Gm-Message-State: AOJu0YxBNG6bxargb6mv0FBdYJbgqr3148Msq7Xo2UCi10ohOM9a/ga1

Rkx+VmX1aytFz7hXpKao3ei4bpbFwA6JBOBkN/jnMhjkxCWY8/wHFTlL2abB/FCtsO2rEnci/Do

AsrnPY2hIew==

MIME-Version: 1.0

X-Received: by 2002:a4a:d2f4:0:b0:67b:decf:eef8 with SMTP id

006d021491bc7-67bdecfeff0mr8152625eaf.49.1773749799134; Tue, 17 Mar 2026

05:16:39 -0700 (PDT)

Message-ID: <000000000000b2a74b064d374ead@google.com>

Date: Tue, 17 Mar 2026 12:16:39 +0000

Subject: Critical Storage Alert

From: Storage Admin

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="000000000000b2a740064d374eaa"

X-Spam_score: 5.8

X-Spam_score_int: 58

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: ⚠️ CRITICAL SYSTEM ERROR ⚠️ 🚫 STORAGE 100% FULL

DELETION PROCESS MAY START SOON



Content analysis details: (5.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

[209.85.161.72 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

[209.85.161.72 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.161.72 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.161.72 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 UPPERCASE_50_75 message body is 50-75% uppercase

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Critical Storage Alert



--000000000000b2a740064d374eaa

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



4pqg77iPIENSSVRJQ0FMIFNZU1RFTSBFUlJPUiDimqDvuI8NCg0KDQoNCg0K8J+aqw0KU1RPUkFH

RSAxMDAlIEZVTEwNCg0KREVMRVRJT04gUFJPQ0VTUyBNQVkgU1RBUlQgU09PTg0KDQoNCg0KUEhP

VE8gJiBWSURFTyBCQUNLVVA6IEZBSUxFRA0KDQoNCg0KTUFYIENBUEFDSVRZDQoNCg0KDQrwn5qo

IElNTUVESUFURSBSSVNLOg0KWW91ciByZWNlbnQgbWVtb3JpZXMgYXJlIE5PVCBiZWluZyBzYXZl

ZC4gU3luYyBpcyBPRkYuDQoNCg0K8J+agCBGSVggJiBSRUNPVkVSIE5PVw0KKFRhcCB0byB1cGdy

YWRlIG9yIGNsZWFyIHNwYWNlIGltbWVkaWF0ZWx5KQ0KDQoNCg0KDQpBQ0NPVU5UOiBVU0VSLUlE

LU1BUjIwMjYNCuKXjyBTRVJWSUNFIERJU1JVUFRJT04gQUNUSVZFDQoNCg0KDQo=

--000000000000b2a740064d374eaa

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

--000000000000567180064d37363c

Content-Type: text/plain; charset="UTF-8"



Hi,



We can help your website to get on the first page of Google and increase

the number of leads and sales you are getting from your website.



I will be happy to send the "Proposal" and "Pricing" Kindly share your

website URL.



If you are interested, then I can send you our past work details,

testimonials, and affordable quotations with the best offer.



Thanks & Regards

Deepika



--000000000000567180064d37363c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable







--000000000000567180064d37363c--