NetKnow Corporate Blog

Web/SEO/App spam from Google Gmail

Posted by Dave Yadallee on Wednesday, March 11. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 11 Mar 2026 05:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w0I4Z-00000000PKy-420j

for dave@doctor.nl2k.ab.ca;

Wed, 11 Mar 2026 05:49:55 -0600

Resent-From: The Doctor

Resent-Date: Wed, 11 Mar 2026 05:49:55 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f200.google.com ([209.85.128.200]:44327)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w0CQm-00000000MIb-1noG

for root@nk.ca;

Tue, 10 Mar 2026 23:48:38 -0600

Received: by mail-yw1-f200.google.com with SMTP id 00721157ae682-79885818011so221231987b3.1

for ; Tue, 10 Mar 2026 22:46:54 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1773208008; x=1773812808; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=YXlQM/SHJuj7Y9nqlK3GIU0uUyj3V5Aa75PtvpqmArk=;

b=eE0Msmeu1bMDcFoBK6boszWlww2nh+DqXcHsWwf0iXXkRmvFKST6FBkM33lWPKfYpw

Wy0yiNXAVK6mUrFiNy87K4h5/S+CwLmkZrjQNloUOuhF3AAyHQbGJ1d4UvaO4kLYKjc5

aXWwz2TyCW7VDllC3kwvSOHOfJco7zu2Rk7y4XWUGLJoeBA+dB33D1m1V+qzjXPeOSVS

YXHXla1MrfOVF7RwConwgWGNFfQtAkbIRWgh+0eikxJtzOgpSxi+s2qBWLP1enU6WsAx

EgPnaTWNX53HQ2M4/7pruJ2Gr0PBcu6J8dk9k4EtPhJH4p1w/CMvU2y+0CJXzjHs/BX0

1a2g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1773208008; x=1773812808;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=YXlQM/SHJuj7Y9nqlK3GIU0uUyj3V5Aa75PtvpqmArk=;

b=o8Iz6/R7+AVeuUqL8AKC4+4EDvLNgxBvR1TY0tj/VQ+o2Xax9s87hFEHf+HfYadPhC

eiKWU0JFPyHxzeRG/yImdJ8vV43rUe+xtv3JDX0oIceYagUcdLuys0DpmvJ2vmFCzhzq

Qb624zazqz3bRXXWQGrH3Tc9XzxTNGDxS6ZQ0m17/TYOUAwj4LwERmFgyhqzP7bPkPa7

Lu/aUa3bHfCwehi/P3TfpBpA617t/0ZU63YIIc68u14DKMdTpczD4NqFwRGwWwXOZzJz

2q1xwPtOGjGuz77fsdeUjR/dnn3IIoJttAU6/hEL+n3/328n90BHCHJ6wW2Be3BvMH0c

rdmw==

X-Gm-Message-State: AOJu0YwqUaOXrazoBdNALu1D1AEMAau9th8Li4TxAQVep2+v7OsXGy9j

vz67DSbl5/8YmKQ4TtF0xHYVCJelPRmKV+kTfjEcwEhv7uuQlM+zxjVSUrhfPqAWBJSsP4MvHiz

tyRz3zQ==

MIME-Version: 1.0

X-Received: by 2002:a05:690c:f08:b0:798:e620:c4c9 with SMTP id

00721157ae682-79917faed04mr12322847b3.50.1773208008206; Tue, 10 Mar 2026

22:46:48 -0700 (PDT)

Message-ID:

Date: Wed, 11 Mar 2026 05:46:48 +0000

Subject: Re: Quick SEO Cost.

From: happysinghidhdkd@gmail.com

To: root@nk.ca

Content-Type: multipart/alternative; boundary="000000000000713065064cb92945"

X-Spam_score: 6.2

X-Spam_score_int: 62

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Good Morning, I sent you an email on Friday, but didn't get

any response from your side Please let me know if you are interested so that

I can share some of our price list.

Content analysis details: (6.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

[209.85.128.200 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

[209.85.128.200 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.128.200 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.128.200 listed in list.dnswl.org]

1.1 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.200 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

0.7 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.200 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.128.200 listed in wl.mailspike.net]

0.4 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.128.200 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.128.200 listed in bl.score.senderscore.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[happysinghidhdkd(at)gmail.com]

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} Re: Quick SEO Cost.

--000000000000713065064cb92945

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Good Morning,

I sent you an email on Friday, but didn't get any response from your side

Please let me know if you are interested so that I can share some of our

price list.

Thanks,

Happy,

On Fri, Dec 26, 2025, at 9:51 AM < > wrote:

Hello,root@nk.ca

Are you interested in growing your business with SEO? Let us help you get

on Google's 1st page.

Share your website and target city for a proposal and quote.

Sincerely,

Happy,

--000000000000713065064cb92945

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Good Morning,

I sent you an email on Friday, but didn't get any resp=

onse from your side

Please let me know if you are interested so that=

I can share some of our price list.

Thanks,

Happy,

On=

Fri, Dec 26, 2025, at 9:51=E2=80=AFAM < > wrote:

Hello,root@nk.ca =

Are you interested in growing your business with SEO? Let us help y=

ou get on Google=E2=80=99s 1st page.

Share your website and target c=

ity for a proposal and quote.

Sincerely,

Happy,

--000000000000713065064cb92945--

Chinese Productus Spam Part 4

Posted by Dave Yadallee on Wednesday, March 11. 2026

l;color:rgb(0,0,255);font-size:12px">Tianjin Zhongying chemical
an style=3D";font-family:Arial;font-size:12px"> has professional sup=

ervision personnel and operation team to provide quality inspection and qualit=

y
2px">after-sales service
x"> for each batch of orders.

-right:0;margin-bottom:5px;margin-left:0">
l;color: rgb(0, 0, 255);font-size: 12px">Tianjin Zhongying Chemical dispose d'=

un personnel de supervision et d'une =C3=A9quipe d'exploitation professionnels=

pour assurer un contr=C3=B4le qualit=C3=A9 et un service apr=C3=A8s-vente de =

qualit=C3=A9 pour chaque lot de commandes.

er=3D"1" cellspacing=3D"0" style=3D"width: 568px;margin-left: 9px;border: none=

">

7px;border-width: 1px;border-color: windowtext">

rgin-right:0;margin-bottom:5px;margin-left:0">
rial;color:rgb(0,0,255);letter-spacing:0;font-size:12px">Win-win cooperation i=

s our tenet.

le=3D"width: 568px;padding: 0 7px;border-left-width: 1px;border-left-color: wi=

ndowtext;border-right-width: 1px;border-right-color: windowtext;border-top: no=

ne;border-bottom-width: 1px;border-bottom-color: windowtext">

n-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
family:Arial;font-size:12px">Own production facilities(Automatic and semiautom=

atic production lines)

gin-bottom:5px;margin-left:0">
>Delivering cargoes to over 100 destinations in 40 countries every month<=

/span>

eft:0">Taking care of all kin=

ds of special documents requirements

in-right:0;margin-bottom:5px;margin-left:0">
ont-size:12px">Hustle
-size:12px">=EF=BC=8Df=

ree dealings

:5px;margin-left:0">Provide y=

ou with all those chemicals with flexible packaging options. Name your require=

ments, and the best products.

margin-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
;font-family:Arial;font-size:12px">

acing=3D"0" style=3D"width: 568px;margin-left: 9px;border: none">
d width=3D"568" valign=3D"top" style=3D"width: 568px;padding: 0 7px;border-wid=

th: 1px;border-color: windowtext">

rgin-bottom:5px;margin-left:0">
0,0,255);letter-spacing:0;font-size:12px">La coop=C3=A9ration gagnant-gagnant =

est notre principe.

op" style=3D"width: 568px;padding: 0 7px;border-left-width: 1px;border-left-co=

lor: windowtext;border-right-width: 1px;border-right-color: windowtext;border-=

top: none;border-bottom-width: 1px;border-bottom-color: windowtext">

"margin-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
e=3D"font-family: Arial;color: rgb(0, 0, 255);font-size: 12px">Installations d=

e production int=C3=A9gr=C3=A9es (lignes de production automatis=C3=A9es et se=

mi-automatiques)

ht:0;margin-bottom:5px;margin-left:0">
lor: rgb(0, 0, 255);font-size: 12px">Livraison mensuelle de marchandises vers =

plus de 100 destinations dans 40 pays

in-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
font-family: Arial;color: rgb(0, 0, 255);font-size: 12px">Gestion de tous type=

s de documents sp=C3=A9cifiques

:5px;margin-right:0;margin-bottom:5px;margin-left:0">
amily: Arial;color: rgb(0, 0, 255);font-size: 12px">Transactions simplifi=C3=A9=

es

ttom:5px;margin-left:0">
255);font-size: 12px">Nous vous proposons une gamme compl=C3=A8te de produits=

chimiques avec des options d'emballage flexibles. Faites-nous part de vos bes=

oins et nous vous fournirons les meilleurs produits.

<=

/td>

om:5px;margin-left:0">Do you=

have any demand recently? You can contact me anytime, anywhere, and I will an=

swer your questions quickly and professionally.

op:5px;margin-right:0;margin-bottom:5px;margin-left:0">
mily:Arial;font-size:12px">By the way,if you have other chemical product needs=

or concerns about domestic companies, you can also contact me, I will provide=

services for you
ze:16px">.

: =E5=AE=8B=E4=BD=93;color: rgb(0, 0, 255);font-size: 12pxfont-family:Arial">A=

vez-vous des besoins particuliers ? Vous pouvez me contacter =C3=A0 tout =

moment, o=C3=B9 que vous soyez, et je r=C3=A9pondrai =C3=A0 vos questions rapi=

dement et avec professionnalisme.

5px 0">
);font-size: 12pxfont-family:Arial">Par ailleurs, si vous avez d'autres besoin=

s en produits chimiques ou des questions concernant des entreprises locales, n=

'h=C3=A9sitez pas =C3=A0 me contacter =C3=A9galement. Je serai ravie de vous a=

ider.

-bottom:5px;margin-left:0">&=

nbsp;

rgin-left:0">
ter-spacing: 0;font-size: 12px">Elegance Zhou (Ms.)
=3D";font-family:Arial;color:rgb(0,0,0);letter-spacing:0;font-size:12px"> =

;

margin-left:0;text-indent:0">
);letter-spacing:0;font-size:12px">Whatsapp/Wechat/Moblie: +86 15922116213
an>
ing:0;font-size:16px">(24hours)

ght:0;margin-bottom:5px;margin-left:0">
t-size:16px">

:14px">

Chinese Productus Spam Part 3

Posted by Dave Yadallee on Wednesday, March 11. 2026

der to
8, 160);font-size: 12px">shipping you the cargo within 7-15days.
g>
<=

span style=3D"font-family:Arial;font-size:12px">Rich exporting experience=

,we have exported chemical products over 1
=AE=8B=E4=BD=93;font-size:16px">5
size:12px"> years.

in-bottom:0;margin-left:0">As=

sist in transportation with rich resources of freight forwarders.

td>

m:5px;margin-left:0">
font-size:12px">

yle=3D"width: 469px;margin-left: 9px;border: none">

valign=3D"top" style=3D"width: 85px;padding: 0 7px;border-width: 1px;border-c=

olor: windowtext">

in-left:0">
ze: 12px">Material
;color: rgb(0, 0, 255);font-size: 12px">=EF=BC=9A

tyle=3D"margin-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
an style=3D"font-family: Arial;color: rgb(0, 0, 255);font-size: 12px">
span>

84px;padding: 0 7px;border-left: none;border-right-width: 1px;border-right-col=

or: windowtext;border-top-width: 1px;border-top-color: windowtext;border-botto=

m-width: 1px;border-bottom-color: windowtext">

right:0;margin-bottom:0;margin-left:0">
olor: rgb(0, 0, 255);font-size: 12px">HYDROXYDE DE SODIUM=

>(Pai=

llettes de soude caustique/Perles de soude caustique)
=

7px;border-left-width: 1px;border-left-color: windowtext;border-right-width: 1=

px;border-right-color: windowtext;border-top: none;border-bottom-width: 1px;bo=

rder-bottom-color: windowtext">

n-bottom:5px;margin-left:0">
, 0, 255);font-size: 12px">Appearance:

"384" valign=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;bo=

rder-right-width: 1px;border-right-color: windowtext;border-top: none;border-b=

ottom-width: 1px;border-bottom-color: windowtext">

gin-right:0;margin-bottom:0;margin-left:0">
al;color: rgb(0, 0, 255);font-size: 12px">Flocons blancs et granul=C3=A9s blan=

cs

=3D"width: 85px;padding: 0 7px;border-left-width: 1px;border-left-color: windo=

wtext;border-right-width: 1px;border-right-color: windowtext;border-top: none;=

border-bottom-width: 1px;border-bottom-color: windowtext">

op:5px;margin-right:0;margin-bottom:5px;margin-left:0">
-family: Arial;color: rgb(0, 0, 255);font-size: 12px">Package<=

/em>

7px;border-left: none;border-right-width: 1px;border-right-color: windowtext;=

border-top: none;border-bottom-width: 1px;border-bottom-color: windowtext">

style=3D"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0">
style=3D"font-family: Arial;color: rgb(0, 0, 255);font-size: 12px;background: =

rgb(255, 255, 0)">Emballages et marquages d'exp=C3=A9dition personnalisables
span>

"2" style=3D"width: 85px;padding: 0 7px;border-left-width: 1px;border-left-col=

or: windowtext;border-right-width: 1px;border-right-color: windowtext;border-t=

op: none;border-bottom-width: 1px;border-bottom-color: windowtext">

"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0">
"font-family: Arial;color: rgb(0, 0, 255);font-size: 12px">Advantage:
em>

rgin-left:0">
size: 12px">

p" style=3D"width: 384px;padding: 0 7px;border-left: none;border-right-width: =

1px;border-right-color: windowtext;border-top: none;border-bottom-width: 1px;b=

order-bottom-color: windowtext">

-bottom:0;margin-left:0">
rgb(0, 0, 255);font-size: 12px">Prix direct usine : 5 =C3=A0 10 % in=

f=C3=A9rieur au prix du march=C3=A9
ong>

>
: 12px">Certifications : COV, CRIA, SGS, INTERTEK, ISO
g>

-bottom:0;margin-left:0">
rgb(0, 0, 255);font-size: 12px">Photos du chargement disponibles
strong>

argin-bottom:0;margin-left:0">
lor: rgb(0, 0, 255);font-size: 12px">Commandes d'=C3=A9chantillons possibles
span>

in-right:0;margin-bottom:0;margin-left:0">
ly: Arial;color: rgb(0, 0, 255);font-size: 12px">Tests par un organisme tiers =

accept=C3=A9s.

" valign=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;border=

-right-width: 1px;border-right-color: windowtext;border-top: none;border-botto=

m-width: 1px;border-bottom-color: windowtext">

y: =E5=AE=8B=E4=BD=93;color: rgb(0, 0, 255);font-size: 12pxfont-family:Arial">=

Entrep=C3=B4ts : Tianjin, Qingdao, Dalian et autres entrep=C3=B4ts situ=C3=

=A9s =C3=A0 proximit=C3=A9 des ports de chargement en Chine afin de vous exp=C3=

=A9dier votre marchandise sous 7 =C3=A0 15 jours.
>

ont-size: 12pxfont-family:Arial">Forts d'une solide exp=C3=A9rience =C3=A0 l'e=

xport, nous exportons des produits chimiques depuis plus de 15 ans.
>

: rgb(0, 0, 255);font-size: 12pxfont-family:Arial">Nous vous accompagnons dans=

le transport gr=C3=A2ce =C3=A0 notre vaste r=C3=A9seau de transitaires.
>

-right:0;margin-bottom:5px;margin-left:0">

Categories: Chinese Phish Spam

0 Comments

Chinese Productus Spam Part 2
Posted by Dave Yadallee on Wednesday, March 11. 2026

an style=3D";font-family:Arial;font-size:12px">Dear
-family:Arial;font-size:12px"> friend,

px;margin-right:0;margin-bottom:5px;margin-left:0">
:Arial;font-size:12px">This is Elegance Zhou from Tianjin Zhongying =

chemical co.,ltd Which is a leading
t-family: Arial;color: rgb(0, 0, 255);font-size: 12px">manufacturer
n>of
an>
50, 192, 143)">CAUSTIC SODA
ont-size:12px">(FLAKES,PEARS ,SOLID AND LIQUID) from China. We have more =

than 15 years experience in this chemical field, and export to Southeast Asia,=

Middle east, Afirica and South America.

margin-right:0;margin-bottom:5px;margin-left:0">
: Arial;color: rgb(0, 0, 255);font-size: 12px">Cher ami,<=

/p>
=

J=

e suis Elegance Zhou de Tianjin Zhongying Chemical Co., Ltd, un fabricant lead=

er de soude caustique (en paillettes, en granul=C3=A9s, solide et liquide) en =

Chine. Forts de plus de 15 ans d'exp=C3=A9rience dans ce secteur chimique, nou=

s exportons vers l'Asie du Sud-Est, le Moyen-Orient, l'Afrique et l'Am=C3=A9ri=

que du Sud.

e=3D"width: 469px;margin-left: 9px;border: none">

align=3D"top" style=3D"width: 85px;padding: 0 7px;border-width: 1px;border-col=

or: windowtext">

-left:0">Material
style=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:12px">=EF=BC=9A
<=

p style=3D"margin-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
n style=3D"font-family:Arial;font-size:12px">

"384" valign=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;bo=

rder-right-width: 1px;border-right-color: windowtext;border-top-width: 1px;bor=

der-top-color: windowtext;border-bottom-width: 1px;border-bottom-color: window=

text">
<=

span style=3D"font-family:Arial;font-size:12px">SODIUM HYDROXIDE

style=3D"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0">
e=3D"font-family:Arial;font-size:12px">(CAUSTIC SODA FLAKES/CAUSTIC SODA PEARL=

S)

x;padding: 0 7px;border-left-width: 1px;border-left-color: windowtext;border-r=

ight-width: 1px;border-right-color: windowtext;border-top: none;border-bottom-=

width: 1px;border-bottom-color: windowtext">

right:0;margin-bottom:5px;margin-left:0">
-size:12px">Appearance:

"width: 384px;padding: 0 7px;border-left: none;border-right-width: 1px;border-=

right-color: windowtext;border-top: none;border-bottom-width: 1px;border-botto=

m-color: windowtext">

argin-left:0">White flakes &a=

mp; White Granuler

le=3D"width: 85px;padding: 0 7px;border-left-width: 1px;border-left-color: win=

dowtext;border-right-width: 1px;border-right-color: windowtext;border-top: non=

e;border-bottom-width: 1px;border-bottom-color: windowtext">

-top:5px;margin-right:0;margin-bottom:5px;margin-left:0">
amily:Arial;font-size:12px">Package

"top" style=3D"width: 384px;padding: 0 7px;border-left: none;border-right-widt=

h: 1px;border-right-color: windowtext;border-top: none;border-bottom-width: 1p=

x;border-bottom-color: windowtext">

gin-bottom:0;margin-left:0">
ckground:rgb(255,255,0)">Customizable packaging and shipping marks
<=

/td>

x;padding: 0 7px;border-left-width: 1px;border-left-color: windowtext;border-r=

ight-width: 1px;border-right-color: windowtext;border-top: none;border-bottom-=

width: 1px;border-bottom-color: windowtext">

ght:0;margin-bottom:0;margin-left:0">
e:12px">Advantage:

bottom:5px;margin-left:0">&nb=

sp;

ing: 0 7px;border-left: none;border-right-width: 1px;border-right-color: windo=

wtext;border-top: none;border-bottom-width: 1px;border-bottom-color: windowtex=

t">

ong>
x">Direct factory price:5%-10% lower
ont-family:Arial;font-size:12px"> than the market price

e=3D"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0">
"font-family:Arial;font-size:12px">Certificate:
"font-family: Arial;color: rgb(255, 0, 0);font-size: 12px">PVOC,CRIA,SGS,INTER=

TEK,ISO

-bottom:0;margin-left:0">Phot=

os of cargo loading can be provided

right:0;margin-bottom:0;margin-left:0">
underline;">
: 12px">Sample orders
ont-size:12px"> are available.

right:0;margin-bottom:0;margin-left:0">
underline;">
: 12px">Third-party testing
rial;font-size:12px"> is acceptable
=8B=E4=BD=93;font-size:16px">.

n=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;border-right-=

width: 1px;border-right-color: windowtext;border-top: none;border-bottom-width=

: 1px;border-bottom-color: windowtext">

;margin-bottom:0;margin-left:0">
color: rgb(255, 0, 0);font-size: 12px">Warehouses
yle=3D"font-family:Arial;font-size:12px">:
amily: Arial;font-size: 12px">Tianjin,
ont-family: =E5=AE=8B=E4=BD=93">Q
amily: Arial;font-size: 12px">ingdao
t-family: =E5=AE=8B=E4=BD=93">,D
mily: Arial;font-size: 12px">alian
rial;font-size:12px"> and other warehouses
"font-family:Arial;color:rgb(255,0,0);font-size:12px">near the loading port
pan> in china in or=

Categories: Chinese Phish Spam

0 Comments

chinese products spam part 1
Posted by Dave Yadallee on Wednesday, March 11. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 11 Mar 2026 05:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w0I48-00000000PGA-3ggj

for dave@doctor.nl2k.ab.ca;

Wed, 11 Mar 2026 05:49:28 -0600

Resent-From: The Doctor

Resent-Date: Wed, 11 Mar 2026 05:49:28 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out208-122.dm.aliyun.com ([140.205.208.122]:46288)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w09nS-0000000039B-16Ti

for root@nk.ca;

Tue, 10 Mar 2026 20:59:51 -0600

X-AliDM-RcptTo: cm9vdEBuay5jYQ==

Feedback-ID: default:vip@vip.chem-zy.ltd:vip_edm_WebBatch:310185

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=vip.chem-zy.ltd; s=aliyun-cn-hangzhou;

t=1773197925; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=hm0OzGOyeuVMjpp3AlrekpSDzJ7rywXNrpzJLSs0Row=;

b=sxII3dOYLQR4zcy4gFWEbA10OW2SEBWuFs5gt46frUMFg/3vdDVhjQl0nw2L25JVpUyc5TN0bzJYDI3rdc/Qo5rqtrG1UEtvgWStr7uwVwTWroxGEbq7sVn5Z8tmD+u4X39UwyHsYbFVIeeJwDcDjH+aiWyC42u7SnxQezsFBpE=

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=dm-fbl.aliyuncs.com; s=feedback;

t=1773197925; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=hm0OzGOyeuVMjpp3AlrekpSDzJ7rywXNrpzJLSs0Row=;

b=EDvvmYXgeDpxTFRXPfHX/J0pPOHWcc1G6q7zpV4x0iEiukUsh/y9YvaFM+j62b8T9GkIsGWGD+SCRWHH8NR58qy3T+lG1SBYKnx0DuKkLd+RQdZ6NnhTOrn/Z8KuAfqsMjC4nfljE4+Cp4Z1Ho+qnkZR8AjaIFCr1GQm3ZMj948=

Received: from chitu-hsf(mailfrom:vip@vip.chem-zy.ltd fp:ma_600000280087830053 cluster:AY35D)

by smtp.aliyun-inc.com(127.0.0.1);

Wed, 11 Mar 2026 10:57:24 +0800

Date: Wed, 11 Mar 2026 10:57:24 +0800

From: "Elegance Zhou"

To:

Reply-To:

Message-ID:

Subject: =?UTF-8?B?UmU6VGhlIGxlYWRpbmcgb25lIG1hbnVmYWN0dWVyIG9mIGNhdXN0aWMgc29kYQ==?=

X-Priority: 3

MIME-Version: 1.0

X-EnvId: 600000280087830058

X-AliDM-Settings: eyJPdXRib3VuZElwIjp7IklwTGlzdCI6W10sIklwUG9vbElkIjoiIn0sIlVuc3Vic2NyaWJlIjp7IkZpbHRlckxldmVsIjoiZGVmYXVsdCIsIkxpbmtUeXBlIjoiZGVmYXVsdCJ9LCJWZXJzaW9uIjoiMS4wIn0=

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 14.0

X-Spam_score_int: 140

X-Spam_bar: ++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear friend, This is Elegance Zhou from Tianjin Zhongying

chemical co.,ltd Which is a leading manufacturer of CAUSTIC SODA(FLAKES,PEARS

,SOLID AND LIQUID) from China. We have more than 15 years experience in this

[...]

Content analysis details: (14.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

[140.205.208.122 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[140.205.208.122 listed in dnsbl.ahbl.org]

[140.205.208.122 listed in dnsbl.ahbl.org]

[140.205.208.122 listed in dnsbl.ahbl.org]

[140.205.208.122 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[140.205.208.122 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[140.205.208.122 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[140.205.208.122 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[140.205.208.122 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[140.205.208.122 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[140.205.208.122 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.6 J_CHICKENPOX_46 BODY: 4alpha-pock-6alpha

0.6 J_CHICKENPOX_102 BODY: 10alpha-pock-2alpha

0.6 J_CHICKENPOX_32 BODY: 3alpha-pock-2alpha

2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} =?UTF-8?B?UmU6VGhlIGxlYWRpbmcgb25lIG1hbnVmYWN0dWVyIG9mIGNhdXN0aWMgc29kYQ==?=

Categories: Chinese Phish Spam

0 Comments

Cloud Phishing from Google Gmail Part 2
Posted by Dave Yadallee on Wednesday, March 11. 2026

.h1 {

font-size: 20px;

font-weight: 700;

color: #1e293b;

margin: 0 0 15px 0;

text-align: center;

}

.danger-box {

border: 1px solid #fecaca;

background: #fef2f2;

border-radius: 8px;

padding: 20px;

margin-bottom: 25px;

}

.danger-title {

color: #dc2626;

font-weight: 800;

font-size: 14px;

text-transform: uppercase;

letter-spacing: 0.5px;

margin-bottom: 10px;

}

.danger-text {

color: #7f1d1d;

font-size: 15px;

line-height: 1.5;

}

.files-box {

background: #f8fafc;

border-radius: 8px;

padding: 15px;

border: 1px solid #e2e8f0;

}

.file-row {

display: flex;

justify-content: space-between;

padding: 10px 0;

border-bottom: 1px solid #e2e8f0;

font-size: 14px;

color: #334155;

}

.file-row:last-child {

border-bottom: none;

}

.file-label {

display: flex;

align-items: center;

gap: 8px;

}

.file-stat {

font-weight: 600;

color: #0f172a;

}

.btn {

display: block;

width: 100%;

background: #2563eb;

color: #fff;

text-decoration: none;

padding: 16px;

text-align: center;

border-radius: 8px;

font-weight: 700;

font-size: 16px;

margin-top: 30px;

}

.footer {

text-align: center;

padding: 20px;

font-size: 11px;

color: #94a3b8;

}

Scheduled for Deletion

Your account has been inactive and over-limit. Per our retention policy, your files are scheduled to be

removed.

Permanent Data Loss

If you do not renew your storage plan by , your data

will be permanently deleted from our servers.

Photos & Videos

At Risk

Documents

At Risk

Cloud Backups

Stopped

Keep My Files

Unsubscribe

--0000000000007d256b064cb61704--

Categories: Google Gmail Spam, Phish

0 Comments

Cloud Phishing from Google Gmail Part 1
Posted by Dave Yadallee on Wednesday, March 11. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 10 Mar 2026 20:47:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w09aP-00000000Htl-3mUT

for dave@doctor.nl2k.ab.ca;

Tue, 10 Mar 2026 20:46:13 -0600

Resent-From: The Doctor

Resent-Date: Tue, 10 Mar 2026 20:46:13 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oi1-f198.google.com ([209.85.167.198]:54337)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w08zM-00000000FlP-1hat

for root@nk.ca;

Tue, 10 Mar 2026 20:08:04 -0600

Received: by mail-oi1-f198.google.com with SMTP id 5614622812f47-466f705757bso12585436b6e.0

for ; Tue, 10 Mar 2026 19:07:08 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1773194822; x=1773799622; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=SNrpzYCWyZa6/z6RGb4LFgP1/5b5y989iVf7pzQIH7Y=;

b=IjFNsz/b5UrrpW3OjlcKGaYBkaNuEk5TASsMnMMGiUdR15G327g65TmhhPGIGp0fFw

E4ZOVywJBqTVFsi+dji8Q66GubO6bsLL8o1V8WXO8C4jYmUTU3YE9E1USa6iPIt26gSg

T7Lk0GVaKskPt1QR+mDazboJy5aAyAe85QvheV+CAgZnOZoKg65E1NpTwXNPOEcgRXAm

ZBuGbzAO+my1OhiMjmBitDA+NF6DJXDpf0z3Sh7lEZBB7eOHsYKcKu81YeIBMV9tJAaA

8j12YXB/qywrSIdLPr/RBfHkPkZdvWv8YdAhCwyJsLTlVkBEcZM3vldEa6TWvuTVbcm/

rWCQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1773194822; x=1773799622;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=SNrpzYCWyZa6/z6RGb4LFgP1/5b5y989iVf7pzQIH7Y=;

b=RcKaxj5ZsYaR7LfqEUVgoYhxWt81wqzLBLQPUSnbIaGU1tB4l3eTqY4oYdQWSe78zZ

Fm5fS+8CkIPX+yzgoCa3+mXlhzV9+wATG/FBtdkpMUhKn1XMPGcDjpolyG1tlolAmUds

XqOTU+cApmSdDLJ1U1vESJzpX4L52Njac8VadoeoTGneJuJ1ZwoH6AnKl+gNBB0ZWY1C

T9ayyd/36zNehVgmqHfYsGJDvcQNYuWgRSzO4hi7Y3LKIz67Y/60EhACBY/x9c3nqh89

jOPFnu4wO/0S/JZv+BuDz5F3lnTI93zreCTDsIGbbdyWfEmLDNfR+8iRwFA07jrU055d

Kk6g==

X-Gm-Message-State: AOJu0YxgMLs+CbVZOOpQsIS06/HShKNlLIR9GePwhYSG3ad5YATIMBsP

bVUYwduaCU3O/dpXs2XvfBdNG/WtcV9bDK6owbRAMEwgOlzeLpz4lB/uByLFAKSKQ1TpC+XwQZ6

YYg9Z/z6Wrw==

MIME-Version: 1.0

X-Received: by 2002:a05:6820:290a:b0:672:9d81:a765 with SMTP id

006d021491bc7-67bc8a6e27cmr859558eaf.65.1773194822099; Tue, 10 Mar 2026

19:07:02 -0700 (PDT)

Message-ID: <0000000000007d2575064cb61707@google.com>

Date: Wed, 11 Mar 2026 02:07:02 +0000

Subject: Service Termination Notice

From: Cloud Services

To: root@nk.ca

Content-Type: multipart/alternative; boundary="0000000000007d256b064cb61704"

--0000000000007d256b064cb61704

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Cloud

Scheduled for Deletion

Your account has been inactive and over-limit. Per our retention policy,

your files are scheduled to be removed.

Permanent Data Loss

If you do not renew your storage plan by , your data will be permanently

deleted from our servers.

Photos & Videos

At Risk

Documents

At Risk

Cloud Backups

Stopped

Keep My Files

Unsubscribe

--0000000000007d256b064cb61704

Content-Type: text/html; charset="UTF-8"

Data Deletion Warning

align=3D"top" style=3D"width: 85px;padding: 0 7px;border-width: 1px;border-col= or: windowtext"> -left:0">Material style=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:12px">=EF=BC=9A <= p style=3D"margin-top:5px;margin-right:0;margin-bottom:5px;margin-left:0"> n style=3D"font-family:Arial;font-size:12px">	"384" valign=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;bo= rder-right-width: 1px;border-right-color: windowtext;border-top-width: 1px;bor= der-top-color: windowtext;border-bottom-width: 1px;border-bottom-color: window= text"> <= span style=3D"font-family:Arial;font-size:12px">SODIUM HYDROXIDE style=3D"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0"> e=3D"font-family:Arial;font-size:12px">(CAUSTIC SODA FLAKES/CAUSTIC SODA PEARL= S)
x;padding: 0 7px;border-left-width: 1px;border-left-color: windowtext;border-r= ight-width: 1px;border-right-color: windowtext;border-top: none;border-bottom-= width: 1px;border-bottom-color: windowtext"> right:0;margin-bottom:5px;margin-left:0"> -size:12px">Appearance:	"width: 384px;padding: 0 7px;border-left: none;border-right-width: 1px;border-= right-color: windowtext;border-top: none;border-bottom-width: 1px;border-botto= m-color: windowtext"> argin-left:0">White flakes &a= mp; White Granuler
le=3D"width: 85px;padding: 0 7px;border-left-width: 1px;border-left-color: win= dowtext;border-right-width: 1px;border-right-color: windowtext;border-top: non= e;border-bottom-width: 1px;border-bottom-color: windowtext"> -top:5px;margin-right:0;margin-bottom:5px;margin-left:0"> amily:Arial;font-size:12px">Package	"top" style=3D"width: 384px;padding: 0 7px;border-left: none;border-right-widt= h: 1px;border-right-color: windowtext;border-top: none;border-bottom-width: 1p= x;border-bottom-color: windowtext"> gin-bottom:0;margin-left:0"> ckground:rgb(255,255,0)">Customizable packaging and shipping marks <= /td>
x;padding: 0 7px;border-left-width: 1px;border-left-color: windowtext;border-r= ight-width: 1px;border-right-color: windowtext;border-top: none;border-bottom-= width: 1px;border-bottom-color: windowtext"> ght:0;margin-bottom:0;margin-left:0"> e:12px">Advantage: bottom:5px;margin-left:0">&nb= sp;	ing: 0 7px;border-left: none;border-right-width: 1px;border-right-color: windo= wtext;border-top: none;border-bottom-width: 1px;border-bottom-color: windowtex= t"> ong> x">Direct factory price:5%-10% lower ont-family:Arial;font-size:12px"> than the market price e=3D"margin-top:0;margin-right:0;margin-bottom:0;margin-left:0"> "font-family:Arial;font-size:12px">Certificate: "font-family: Arial;color: rgb(255, 0, 0);font-size: 12px">PVOC,CRIA,SGS,INTER= TEK,ISO -bottom:0;margin-left:0">Phot= os of cargo loading can be provided right:0;margin-bottom:0;margin-left:0"> underline;"> : 12px">Sample orders ont-size:12px"> are available. right:0;margin-bottom:0;margin-left:0"> underline;"> : 12px">Third-party testing rial;font-size:12px"> is acceptable =8B=E4=BD=93;font-size:16px">.
n=3D"top" style=3D"width: 384px;padding: 0 7px;border-left: none;border-right-= width: 1px;border-right-color: windowtext;border-top: none;border-bottom-width= : 1px;border-bottom-color: windowtext"> ;margin-bottom:0;margin-left:0"> *color: rgb(255, 0, 0);font-size: 12px">Warehouses* yle=3D"font-family:Arial;font-size:12px">: amily: Arial;font-size: 12px">Tianjin, ont-family: =E5=AE=8B=E4=BD=93">Q amily: Arial;font-size: 12px">ingdao t-family: =E5=AE=8B=E4=BD=93">,D mily: Arial;font-size: 12px">alian rial;font-size:12px"> and other warehouses "font-family:Arial;color:rgb(255,0,0);font-size:12px">near the loading port pan> in china in or= Categories: Chinese Phish Spam 0 Comments chinese products spam part 1 Posted by Dave Yadallee on Wednesday, March 11. 2026 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-path: Envelope-to: dave@doctor.nl2k.ab.ca Delivery-date: Wed, 11 Mar 2026 05:50:00 -0600 Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD)) (envelope-from ) id 1w0I48-00000000PGA-3ggj for dave@doctor.nl2k.ab.ca; Wed, 11 Mar 2026 05:49:28 -0600 Resent-From: The Doctor Resent-Date: Wed, 11 Mar 2026 05:49:28 -0600 Resent-Message-ID: Resent-To: Dave Yadallee Received: from out208-122.dm.aliyun.com ([140.205.208.122]:46288) by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (Exim 4.98.2 (FreeBSD)) (envelope-from ) id 1w09nS-0000000039B-16Ti for root@nk.ca; Tue, 10 Mar 2026 20:59:51 -0600 X-AliDM-RcptTo: cm9vdEBuay5jYQ== Feedback-ID: default:vip@vip.chem-zy.ltd:vip_edm_WebBatch:310185 DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=vip.chem-zy.ltd; s=aliyun-cn-hangzhou; t=1773197925; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=hm0OzGOyeuVMjpp3AlrekpSDzJ7rywXNrpzJLSs0Row=; b=sxII3dOYLQR4zcy4gFWEbA10OW2SEBWuFs5gt46frUMFg/3vdDVhjQl0nw2L25JVpUyc5TN0bzJYDI3rdc/Qo5rqtrG1UEtvgWStr7uwVwTWroxGEbq7sVn5Z8tmD+u4X39UwyHsYbFVIeeJwDcDjH+aiWyC42u7SnxQezsFBpE= DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=dm-fbl.aliyuncs.com; s=feedback; t=1773197925; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=hm0OzGOyeuVMjpp3AlrekpSDzJ7rywXNrpzJLSs0Row=; b=EDvvmYXgeDpxTFRXPfHX/J0pPOHWcc1G6q7zpV4x0iEiukUsh/y9YvaFM+j62b8T9GkIsGWGD+SCRWHH8NR58qy3T+lG1SBYKnx0DuKkLd+RQdZ6NnhTOrn/Z8KuAfqsMjC4nfljE4+Cp4Z1Ho+qnkZR8AjaIFCr1GQm3ZMj948= Received: from chitu-hsf(mailfrom:vip@vip.chem-zy.ltd fp:ma_600000280087830053 cluster:AY35D) by smtp.aliyun-inc.com(127.0.0.1); Wed, 11 Mar 2026 10:57:24 +0800 Date: Wed, 11 Mar 2026 10:57:24 +0800 From: "Elegance Zhou" To: Reply-To: Message-ID: Subject: =?UTF-8?B?UmU6VGhlIGxlYWRpbmcgb25lIG1hbnVmYWN0dWVyIG9mIGNhdXN0aWMgc29kYQ==?= X-Priority: 3 MIME-Version: 1.0 X-EnvId: 600000280087830058 X-AliDM-Settings: eyJPdXRib3VuZElwIjp7IklwTGlzdCI6W10sIklwUG9vbElkIjoiIn0sIlVuc3Vic2NyaWJlIjp7IkZpbHRlckxldmVsIjoiZGVmYXVsdCIsIkxpbmtUeXBlIjoiZGVmYXVsdCJ9LCJWZXJzaW9uIjoiMS4wIn0= Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam_score: 14.0 X-Spam_score_int: 140 X-Spam_bar: ++++++++++++++ X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca", has identified this incoming email as possible spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: Dear friend, This is Elegance Zhou from Tianjin Zhongying chemical co.,ltd Which is a leading manufacturer of CAUSTIC SODA(FLAKES,PEARS ,SOLID AND LIQUID) from China. We have more than 15 years experience in this [...] Content analysis details: (14.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] [140.205.208.122 listed in will-spam-for-food.eu.org] 1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org [140.205.208.122 listed in dnsbl.ahbl.org] [140.205.208.122 listed in dnsbl.ahbl.org] [140.205.208.122 listed in dnsbl.ahbl.org] [140.205.208.122 listed in dnsbl.ahbl.org] 1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org [140.205.208.122 listed in dnsbl.ahbl.org] 0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org [140.205.208.122 listed in dnsbl.ahbl.org] 0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org [140.205.208.122 listed in dnsbl.ahbl.org] 0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org [140.205.208.122 listed in dnsbl.ahbl.org] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [140.205.208.122 listed in list.dnswl.org] -0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [140.205.208.122 listed in wl.mailspike.net] -0.0 SPF_PASS SPF: sender matches SPF record 0.6 J_CHICKENPOX_46 BODY: 4alpha-pock-6alpha 0.6 J_CHICKENPOX_102 BODY: 10alpha-pock-2alpha 0.6 J_CHICKENPOX_32 BODY: 3alpha-pock-2alpha 2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear! 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge 0.0 HTML_MESSAGE BODY: HTML included in message 0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars 0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines 2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars 1.0 XPRIO Has X-Priority header Subject: {SPAM?} =?UTF-8?B?UmU6VGhlIGxlYWRpbmcgb25lIG1hbnVmYWN0dWVyIG9mIGNhdXN0aWMgc29kYQ==?= Categories: Chinese Phish Spam 0 Comments Cloud Phishing from Google Gmail Part 2 Posted by Dave Yadallee on Wednesday, March 11. 2026 .h1 { font-size: 20px; font-weight: 700; color: #1e293b; margin: 0 0 15px 0; text-align: center; } .danger-box { border: 1px solid #fecaca; background: #fef2f2; border-radius: 8px; padding: 20px; margin-bottom: 25px; } .danger-title { color: #dc2626; font-weight: 800; font-size: 14px; text-transform: uppercase; letter-spacing: 0.5px; margin-bottom: 10px; } .danger-text { color: #7f1d1d; font-size: 15px; line-height: 1.5; } .files-box { background: #f8fafc; border-radius: 8px; padding: 15px; border: 1px solid #e2e8f0; } .file-row { display: flex; justify-content: space-between; padding: 10px 0; border-bottom: 1px solid #e2e8f0; font-size: 14px; color: #334155; } .file-row:last-child { border-bottom: none; } .file-label { display: flex; align-items: center; gap: 8px; } .file-stat { font-weight: 600; color: #0f172a; } .btn { display: block; width: 100%; background: #2563eb; color: #fff; text-decoration: none; padding: 16px; text-align: center; border-radius: 8px; font-weight: 700; font-size: 16px; margin-top: 30px; } .footer { text-align: center; padding: 20px; font-size: 11px; color: #94a3b8; } Scheduled for Deletion Your account has been inactive and over-limit. Per our retention policy, your files are scheduled to be removed. Permanent Data Loss If you do not renew your storage plan by , your data will be permanently deleted from our servers. Photos & Videos At Risk Documents At Risk Cloud Backups Stopped Keep My Files Unsubscribe --0000000000007d256b064cb61704-- Categories: Google Gmail Spam, Phish 0 Comments Cloud Phishing from Google Gmail Part 1 Posted by Dave Yadallee on Wednesday, March 11. 2026 X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-path: Envelope-to: dave@doctor.nl2k.ab.ca Delivery-date: Tue, 10 Mar 2026 20:47:00 -0600 Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD)) (envelope-from ) id 1w09aP-00000000Htl-3mUT for dave@doctor.nl2k.ab.ca; Tue, 10 Mar 2026 20:46:13 -0600 Resent-From: The Doctor Resent-Date: Tue, 10 Mar 2026 20:46:13 -0600 Resent-Message-ID: Resent-To: Dave Yadallee Received: from mail-oi1-f198.google.com ([209.85.167.198]:54337) by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256 (Exim 4.98.2 (FreeBSD)) (envelope-from ) id 1w08zM-00000000FlP-1hat for root@nk.ca; Tue, 10 Mar 2026 20:08:04 -0600 Received: by mail-oi1-f198.google.com with SMTP id 5614622812f47-466f705757bso12585436b6e.0 for ; Tue, 10 Mar 2026 19:07:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=firebaseapp.com; s=20230601; t=1773194822; x=1773799622; darn=nk.ca; h=to:from:subject:date:message-id:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=SNrpzYCWyZa6/z6RGb4LFgP1/5b5y989iVf7pzQIH7Y=; b=IjFNsz/b5UrrpW3OjlcKGaYBkaNuEk5TASsMnMMGiUdR15G327g65TmhhPGIGp0fFw E4ZOVywJBqTVFsi+dji8Q66GubO6bsLL8o1V8WXO8C4jYmUTU3YE9E1USa6iPIt26gSg T7Lk0GVaKskPt1QR+mDazboJy5aAyAe85QvheV+CAgZnOZoKg65E1NpTwXNPOEcgRXAm ZBuGbzAO+my1OhiMjmBitDA+NF6DJXDpf0z3Sh7lEZBB7eOHsYKcKu81YeIBMV9tJAaA 8j12YXB/qywrSIdLPr/RBfHkPkZdvWv8YdAhCwyJsLTlVkBEcZM3vldEa6TWvuTVbcm/ rWCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1773194822; x=1773799622; h=to:from:subject:date:message-id:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=SNrpzYCWyZa6/z6RGb4LFgP1/5b5y989iVf7pzQIH7Y=; b=RcKaxj5ZsYaR7LfqEUVgoYhxWt81wqzLBLQPUSnbIaGU1tB4l3eTqY4oYdQWSe78zZ Fm5fS+8CkIPX+yzgoCa3+mXlhzV9+wATG/FBtdkpMUhKn1XMPGcDjpolyG1tlolAmUds XqOTU+cApmSdDLJ1U1vESJzpX4L52Njac8VadoeoTGneJuJ1ZwoH6AnKl+gNBB0ZWY1C T9ayyd/36zNehVgmqHfYsGJDvcQNYuWgRSzO4hi7Y3LKIz67Y/60EhACBY/x9c3nqh89 jOPFnu4wO/0S/JZv+BuDz5F3lnTI93zreCTDsIGbbdyWfEmLDNfR+8iRwFA07jrU055d Kk6g== X-Gm-Message-State: AOJu0YxgMLs+CbVZOOpQsIS06/HShKNlLIR9GePwhYSG3ad5YATIMBsP bVUYwduaCU3O/dpXs2XvfBdNG/WtcV9bDK6owbRAMEwgOlzeLpz4lB/uByLFAKSKQ1TpC+XwQZ6 YYg9Z/z6Wrw== MIME-Version: 1.0 X-Received: by 2002:a05:6820:290a:b0:672:9d81:a765 with SMTP id 006d021491bc7-67bc8a6e27cmr859558eaf.65.1773194822099; Tue, 10 Mar 2026 19:07:02 -0700 (PDT) Message-ID: <0000000000007d2575064cb61707@google.com> Date: Wed, 11 Mar 2026 02:07:02 +0000 Subject: Service Termination Notice From: Cloud Services To: root@nk.ca Content-Type: multipart/alternative; boundary="0000000000007d256b064cb61704" --0000000000007d256b064cb61704 Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes Cloud Scheduled for Deletion Your account has been inactive and over-limit. Per our retention policy, your files are scheduled to be removed. Permanent Data Loss If you do not renew your storage plan by , your data will be permanently deleted from our servers. Photos & Videos At Risk Documents At Risk Cloud Backups Stopped Keep My Files Unsubscribe --0000000000007d256b064cb61704 Content-Type: text/html; charset="UTF-8" Data Deletion Warning