Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 13:05:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFcsU-000000002YA-2zVM

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 13:04:50 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 13:04:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westcentralusazolkn19013083.outbound.protection.outlook.com ([52.103.7.83]:38866 helo=CY3PR05CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFcJd-000000000xz-3sZ7

for sales@nk.ca;

Wed, 22 Apr 2026 12:29:00 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=fj/tVOECwdetmLq4xRg4f4OEKQgXSHTovjF4ygkmTi76qVBhGZoykP+QdGuHX+kcuWB5467gM3ZjzAupeo8YP87pdBoxkX5K+D3y4+qJ5V8IzrfNLbctx3hbtWv187aO+jYQloTW1RHFflo5Tp4OgUbqM2IMfuk1DAlDCiQ23HHAVbBdfPIHDOBsLlnGo2dWl1wUoTt/IfdTb/1Sxxt+qKa09VkYJCqqjYyrAZq58XbTGHF9R7lNMDBZRo0S8bIfLGJiTL1yMCRJADp+cuHBlRt8JW0ZhGwPXGEO6XBttQwrdelzWZC3mZl50vFrVpuHZ9GA1RNz+STm6j9f6Od4TQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=uiFjd1Gy7cqW8lzUCcAz7U/9T5QDF7Mo2Sxwcindm3o=;

b=eclfjeIoTDz8o3xEJM190KD+h1mMO919hpnmyIEW0p6zydrB+PJyVc6+Ps0kKzE4UnW8ZWdwh3z4KdoARsV1aJmkEA929CiTfRXHFbj6ZfccPWkd+LUlKzuE0/hzZWSmdtxzFMKG4TfaQkmPlhmIK1UGVNtLC3/TJQUgVNM+FYifPWK4GCzIUcqQZTo9qCiXNJYN7yT/o6xjUJGl8YyYUbyqiGP/HQY6xMtG0wpfAyAbqWth/fYrZc9obh+FDHuj6/qh9VwjkGX635CI3YOXPVw1njk9cF3QwAJOn1ZRBofxxGt4wCpsa8ln9UfWCsVQ+e+S6+NIozna6kmuIjoWiA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=uiFjd1Gy7cqW8lzUCcAz7U/9T5QDF7Mo2Sxwcindm3o=;

b=jPcqrKJnbANwr8ANEZJ/vEqHzvLKn1LzDbrkrNmd/k9cl/8xaeXV1yL7rvXLQ8F3wxLuF/uWpgk3mvfB8G8T4Q4+uWRhih/9sMbZ04uWFbCw5bNlaCLA0K9jjoDwC570G8tz2B86Tl0bDl9rM2vFWgXYiBDg2XWQNXrAeYBbExf0FMj/+8HEY6gzt8298Ua3/dWcU40ICSLJ8YXEiHXfsM3jZqNdE23qMGokEphzkEYv9xW0IMy3siVGRWF52StlJNveK1kiQTurvLZAjA0lLBdjGOsAYLcV6oAXPkUYogbVUqX5Wxhja+O2pVsanmbHCZBx3omlwK3rYlA/iT2mHA==

Received: from CH3PR17MB6388.namprd17.prod.outlook.com (2603:10b6:610:145::17)

by DS4PR17MB7553.namprd17.prod.outlook.com (2603:10b6:8:320::16) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.32; Wed, 22 Apr

2026 18:27:54 +0000

Received: from CH3PR17MB6388.namprd17.prod.outlook.com

([fe80::c3bc:4959:db5b:8485]) by CH3PR17MB6388.namprd17.prod.outlook.com

([fe80::c3bc:4959:db5b:8485%5]) with mapi id 15.20.9846.019; Wed, 22 Apr 2026

18:27:54 +0000

From: Jemmy Moss

To: Jemmy Moss

Subject: Re:

Thread-Index:

AQHcyCSHZSsib2qMck2VzmdTk8ZBM7XWuPL5gAAAaEOAAAAvDoAUwA5HgAABH+eAAABxow==

Date: Wed, 22 Apr 2026 18:27:53 +0000

Message-ID:

References:

In-Reply-To:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: CH3PR17MB6388:EE_|DS4PR17MB7553:EE_

x-ms-office365-filtering-correlation-id: 625ceac3-7d34-4e32-b6ed-08dea09cde63

x-microsoft-antispam:

BCL:0;ARA:14566002|10112599003|15030799006|15080799012|31061999003|461199028|2604032081799003|2604032031799003|16051099003|55001999006|39105399006|37011999003|704163111799003|8062599012|19110799012|2604031031799003|8060799015|440099028|3412199025|102099032|51015399003|40105399003|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?MGLCEel5RIZRquysOvzexkK1cjJ/i6+c+/itfPzWVWj6odAWQhLmPiBZFG?=

=?iso-8859-1?Q?GHytPcIOkaZJ6P6ik0UXnrWSL6EhHETLRWLhlO7D+ZNzQqx44ySkNl1fl+?=

=?iso-8859-1?Q?HZWTeSugCjTZCtU7wcF/SnbEJO9txC9DWKDa6N0QaXyjzR14eI/9+QlRxE?=

=?iso-8859-1?Q?3ybnGBa7dBnxpawbrmZVE8jcInk7pdR7EceJbaejahGpRF7ZtX1vqDyLWo?=

=?iso-8859-1?Q?PE3Nmvbgl1EL5vvny7besIc1qshf+ABP8Hw9C40E1weYCzlpuQDXqbHwvc?=

=?iso-8859-1?Q?rWYlELN6KFNXWOkVQNBt9NOzhe0a3ZY2JJ19KkCn/GUZXJWmbGjwciCZSc?=

=?iso-8859-1?Q?jLh3HtIKz5/OGyjjy5LfXAw6tmpH2YVp6I/FI2V2EVu1zS+fhPjglXRP+/?=

=?iso-8859-1?Q?qLPjpkv3XHxTaADYgbr9lcFh0BXliIG58p4As5ITiF6OSoVnPBVVBoin0n?=

=?iso-8859-1?Q?Rzf3SQ2TyYwn8w0CMZ6alIspxWsvwrYIBdOo3mY3BYb8bmocBGZYuYpF3V?=

=?iso-8859-1?Q?YAgvw6eBqgOML4lnRTe4JQKIKARI5zAR3OBFLsEqAxcVKb76XC7viBwH3A?=

=?iso-8859-1?Q?JY4vrIVDHDbuuPdjqxGLWkPf0qo0mk8PjdxqyUXXBz4Fc4CgVF9SgwfuvR?=

=?iso-8859-1?Q?D7M4saQ2Cb/w5XUYZoTjhKrClrTPCaVYEuJKAlhrNB6FANmSC+AxeKV2F8?=

=?iso-8859-1?Q?mk6gSq7fCldLitQdsSgPsF3RcG5QZ7bGPhbjjWT5rWhpbnL1JyhU+MWYwh?=

=?iso-8859-1?Q?UEewotshgfur3pN28aJ/OrRrrs1erXo3wkvTXgsGSkn2fwpuy+7v2fuaMz?=

=?iso-8859-1?Q?1ga/JFE7+WSt0+U9HuwL6ck0bWSU4UViroyVQnvUmlEaFQH6rjz2x/B9vP?=

=?iso-8859-1?Q?xJR52EyLdMmBHphlGGWBjpMe+lJZH92KHuSaukEkJ6lAKNTDLqnYMh9S0t?=

=?iso-8859-1?Q?hRLn3JrSXx7NtLL1fEb6s+IXfiJPBSeR+aJgDF1BCK6ab3gMFf1CwGiTuS?=

=?iso-8859-1?Q?Lh4g9b979aKb20KONr8cHttZNVkOhXF1hId9xQBeuUXuMbZtXXZqp6RH4N?=

=?iso-8859-1?Q?h/4VkPzFmuZgpIylrizNTiKnDCGmftfHbKCIIpCEPsb6lcDUrB8xEEa92L?=

=?iso-8859-1?Q?9ibZoCo8OJ962B9CoQ3uhuU2aY7y0QsEup3M0inxjzGRmy0TARpuuD9XWh?=

=?iso-8859-1?Q?AKA+XThW2LEiuWYJGV4N9SQ1+JrQ0wTCgJy5CW5EdVbqdBDrfABj9osWc+?=

=?iso-8859-1?Q?A0sXiy4tv9lnHsBGGBGNLKQ4879bmsk0w6aYm3U4qG5cL6NKVtyXo7bZ8p?=

=?iso-8859-1?Q?QXgOtfbNKHfxpKY1AXvOP1I+9sVUhMoGEg/2Ik6qeWIQOy8=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?Br9Tap21d1KUIlIN7rKQ6Rl2ogU4bMPIbhB7K7vNzqHHuWxYfvFibZkP4I?=

=?iso-8859-1?Q?Pu9fQAYCIGC409veVTbtjtp64HzbGCoAwWAwJZrWWay28LVHejeQ4WNc2l?=

=?iso-8859-1?Q?P5axCiQmX+K8tj2gp1I9q0zmuid/qAYgvPn2t3DH/jfiO00VHAiZdkyU01?=

=?iso-8859-1?Q?qth/l3AzfAOZqjxvL4oehSMWj7Q16dSHGmS8s9zhvg8a76IOeFFU8H4UvG?=

=?iso-8859-1?Q?+RGHxk1h+/D51+W19Xw7aVjEq9v2jcCHN5UYMOR4MPyYDHAKpRGOu2ebrY?=

=?iso-8859-1?Q?YtJQny2twF8S4j7TFKAwUl96BqrQ3FR5/4B86QXaC7n9JWsFmbNa9N4mef?=

=?iso-8859-1?Q?Wldnl3aJscIWcrz/nSBVUgsoL+dtDWeu/qIqOf3lukovWu4wxjseZV8Kzc?=

=?iso-8859-1?Q?4bNITE4vlSFPx234ASMThCLHCjk/TXexuhLnHcCRBSN4hJdIL+9xEMbqN5?=

=?iso-8859-1?Q?W4Npz0nuoiJh/1Z34VAFVlzZY7SAUbrF7VTkC9ZOwte6JC+/Eq2rs+TmLZ?=

=?iso-8859-1?Q?xtN5yL5TjJv5pL3x92W9F5mPHYRq7zi80X04js4BTxU0dG3ANSO0LajE2Y?=

=?iso-8859-1?Q?3BFcDcPep3QkVlRb6sEWczwxkDUWe18336GjMt7kxpIadhAtkPnXasYydz?=

=?iso-8859-1?Q?lVSmRY8Zu1AQeHr58VkTmlzheQTBXseUvfvI5KfoTsVIGAWDokAZkaUZ/f?=

=?iso-8859-1?Q?jELdMh6pu3b/t9PqNs755svhR05JH/mbFgnnGZVZZuS+1rc3nWM5M4FjCZ?=

=?iso-8859-1?Q?dTh+yf+ekJoXL987q3jEkBXJib4dJAfn/dBcUDyChh3qd/sko5133vGwl7?=

=?iso-8859-1?Q?MBLouJYlELcgot/DtkghesnoJeD+nn38g2jsjOTG6bcdes75i3UqxEwJ4g?=

=?iso-8859-1?Q?EVZrX1jIpY3YMJLdiOEJ2yUbddHgONam7tk+3jlQyfZl+mmcVAJ426CuMv?=

=?iso-8859-1?Q?WDXkgkB35zM5c6c77Fkhe95f9WVzCrqwCseGPwrEYkqJK4nNfAlHt1PD3a?=

=?iso-8859-1?Q?4Yot2SCk2aGO2zOLgWIC6YqRqC43qH7z1WnJKbnKHyiEqCYGrFRFloH80m?=

=?iso-8859-1?Q?gxABS4VowUzGsdCpNxb+u6CYsFWpgRyNyproZoeI/4DXbf9N13Nqo1CmCu?=

=?iso-8859-1?Q?buO9RBpzQxu6HzYr++4om9teE0wvGMBqsxdDGzEHqBwob6c22cW6/SDOhF?=

=?iso-8859-1?Q?tR1kzAaKoym0OFQKTD4Ax7kOHkSi4leoqO4YMIYySK8fSW5P24PgVfejYg?=

=?iso-8859-1?Q?ZPoV24uj7GoXFWjvJ/0gO3ewCa+0xliad/p9Cept9yntyhvgNXgawAvGa0?=

=?iso-8859-1?Q?FOJoil1R5ASlZ+Jh50tnSdVAeFTXFYGUZi5NFYJy73l/4k0n8o0NkilyQE?=

=?iso-8859-1?Q?AXsefbDkS6/8YA7K7XNHmXDOvgyLQSprSbrtYHnyq79vNuFR9O71N978AB?=

=?iso-8859-1?Q?ELERLtNS1Q0P7bUO+gF0QjdiIHwBoRjTRtB4AzezsCYXF5b8A5rJiyOhf6?=

=?iso-8859-1?Q?3yznGc683dOHoqVyTtkSY8?=

Content-Type: multipart/alternative;

boundary="_000_CH3PR17MB638806E08B4296FEB9A43284FD2D2CH3PR17MB6388namp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: CH3PR17MB6388.namprd17.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 625ceac3-7d34-4e32-b6ed-08dea09cde63

X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Apr 2026 18:27:53.9005

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS4PR17MB7553

--_000_CH3PR17MB638806E08B4296FEB9A43284FD2D2CH3PR17MB6388namp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

Hello,

I found your website on Google and can help improve its ranking to page one=

, bringing you more customers.

Can I share a quick SEO Proposal and Pricing?

Thanks,

Web/SEO/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

--_000_CH3PR17MB638806E08B4296FEB9A43284FD2D2CH3PR17MB6388namp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

1">

nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Hello,

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I found your website on Google and can help improve its ranking to page one=

, bringing you more customers.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Can I share a quick SEO Proposal and Pricing?

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thanks,

--_000_CH3PR17MB638806E08B4296FEB9A43284FD2D2CH3PR17MB6388namp_--

Chinese Products spam Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

color: windowtext">

16px">Manufacturing Mode

: 1px;border-width: 1px;border-color: windowtext">

y:=E5=AE=8B=E4=BD=93;font-size:16px">Fully in-house design, machining, welding=

, assembly, and testing

"padding: 1px;border-width: 1px;border-color: windowtext">

nt-family:=E5=AE=8B=E4=BD=93;font-size:16px">Core Engineering Team

<=

/td>
: windowtext">

>Senior engineer leading development projects since 2007

<=

tr>
windowtext">

=

Export Markets

er-width: 1px;border-color: windowtext">

=E4=BD=93;font-size:16px">Middle East, Europe, Asia, South America, Africa
an>

1px;border-color: windowtext">

;font-size:16px">Main Machine Categories

style=3D"padding: 1px;border-width: 1px;border-color: windowtext">

le=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">Roof & wall sheet rol=

l forming machines (IBR, trapezoidal, corrugated, tile)

r>
windowtext">

S=

tructural Machines

border-width: 1px;border-color: windowtext">

=8B=E4=BD=93;font-size:16px">C & Z purlin roll forming machines (adjustabl=

e & fixed size)

ding: 1px;border-width: 1px;border-color: windowtext">

amily:=E5=AE=8B=E4=BD=93;font-size:16px">Sandwich Panel Production Lines
>

-color: windowtext">

:16px">Rock wool, glass wool, EPS and PU sandwich panel lines

<=

/tr>
olor: windowtext">

6px">Auxiliary Equipment

: 1px;border-width: 1px;border-color: windowtext">

y:=E5=AE=8B=E4=BD=93;font-size:16px">Decoilers, hydraulic punching systems, fl=

ying cutters, automatic stackers

style=3D"padding: 1px;border-width: 1px;border-color: windowtext">

yle=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">Structural Processing
pan>

der-color: windowtext">

ize:16px">13m gantry milling machine ensuring frame precision =E2=89=A4 0.05 m=

m

idth: 1px;border-color: windowtext">

=BD=93;font-size:16px">Machine Frame

e=3D"padding: 1px;border-width: 1px;border-color: windowtext">

"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">Heavy-duty frame using 200=C3=97=

100 mm square tubes with CO=E2=82=82 shielded welding

=

ndowtext">

Sur=

face Treatment

er-width: 1px;border-color: windowtext">

=E4=BD=93;font-size:16px">Shot blasting and electrostatic powder coating for d=

urability

border-width: 1px;border-color: windowtext">

=8B=E4=BD=93;font-size:16px">Electrical Control

enter" style=3D"padding: 1px;border-width: 1px;border-color: windowtext">

pan style=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">PLC system design =

and programming completed in-house

r" style=3D"padding: 1px;border-width: 1px;border-color: windowtext">

style=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">Assembly Process
>

-color: windowtext">

:16px">Complete machine alignment and full testing before shipment

<=

/td>
der-color: windowtext">

ize:16px">Production Integration

"padding: 1px;border-width: 1px;border-color: windowtext">

nt-family:=E5=AE=8B=E4=BD=93;font-size:16px">Ability to design and supply comp=

lete roll forming production lines

n style=3D";font-family:Calibri;font-size:16px">Rather than supplying individu=

al machines only, we focus on providing stable and integrated roll forming sol=

utions that support long-term production requirements.

e=3D";font-family:Calibri;font-size:16px">If you are planning to expand your p=

roduct range or introduce new roll forming equipment, we would be glad to lear=

n more about your production needs and explore how our manufacturing capabilit=

y could support your projects.

i;font-size:16px">Best regards,

ri;font-size:16px">Jarvis
16px">
Xinnuo M=

achinery

What=

sApp: +86 188 3070 9860

Chinese Products spam Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 09:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZpk-00000000EBJ-0mZL

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 09:49:48 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 09:49:48 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out197-85.us.a.dm.aliyun.com ([47.90.197.85]:24135)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZGe-00000000AUE-44PF

for root@nk.ca;

Wed, 22 Apr 2026 09:13:42 -0600

X-AliDM-RcptTo: cm9vdEBuay5jYQ==

Feedback-ID: default:vip@vip.rollermachinery.ltd:vip_edm_WebBatch:454356

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=vip.rollermachinery.ltd; s=aliyun-cn-hangzhou;

t=1776870701; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=ItIwiRGMNQlsdNgtAIkDNb8M+m0R9kvChuR0LK8DgFA=;

b=bJOl787asjKOp6knX2FhUs8/8eWUDbGhujXqyeOWrpDgm+OwsL1SmoVdZbbmoDHYlwKPapBelsNmlx5f/Zd9leI1T/PTEyU1yRkRp0KdE8wiaLBmrcqvQb9WNwJN4ZCWaJWu7ycgWSiUsu6nHRNx6vRn6DJ7fGukhg9onbWcja8=

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=dm-fbl.aliyuncs.com; s=feedback;

t=1776870701; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=ItIwiRGMNQlsdNgtAIkDNb8M+m0R9kvChuR0LK8DgFA=;

b=pPYbp1vfpha7txHlgORg+lZuZjlQ5dovB6oPX+9A5u6fnrNrcWVG7x3WeTVi+7kmItUSsFKbw6QknBerNIrID0DbFLbOoUxS0ggSRGoM+HdACVI0PTnRzevNaGYc2Z6vyT6LcCz0PB4fg2ouyCgKtNHJVT5nBgkFWuU2lShNaQ0=

Received: from chitu-hsf(mailfrom:vip@vip.rollermachinery.ltd fp:ma_600000297384119787 cluster:AY35D)

by smtp.aliyun-inc.com(127.0.0.1);

Wed, 22 Apr 2026 23:10:31 +0800

Date: Wed, 22 Apr 2026 23:10:31 +0800

From: "JARVIS"

To:

Reply-To:

Message-ID:

Subject: =?UTF-8?B?Um9sbCBGb3JtaW5nIE1hY2hpbmVyeQ==?=

X-Priority: 3

MIME-Version: 1.0

X-EnvId: 600000297384119792

X-AliDM-Settings: eyJPdXRib3VuZElwIjp7IklwTGlzdCI6W10sIklwUG9vbElkIjoiIn0sIlVuc3Vic2NyaWJlIjp7IkZpbHRlckxldmVsIjoiZGVmYXVsdCIsIkxpbmtUeXBlIjoiZGVmYXVsdCJ9LCJWZXJzaW9uIjoiMS4wIn0=

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 9.1

X-Spam_score_int: 91

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear Sir / Madam, I hope you are doing well.

Content analysis details: (9.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[47.90.197.85 listed in dnsbl.ahbl.org]

[47.90.197.85 listed in dnsbl.ahbl.org]

[47.90.197.85 listed in dnsbl.ahbl.org]

[47.90.197.85 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[47.90.197.85 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[47.90.197.85 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[47.90.197.85 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[47.90.197.85 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

[47.90.197.85 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[47.90.197.85 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.4 SALES_REPLY Your parents named you sales?

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[47.90.197.85 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} =?UTF-8?B?Um9sbCBGb3JtaW5nIE1hY2hpbmVyeQ==?=

Dear Sir / Madam,
>

I hope you are doi=

ng well.

In t=

he roll forming machinery industry, the long-term performance of equipment dep=

ends not only on the machine itself, but also on the manufacturing capability =

behind it =E2=80=94 including engineering design, machining precision, structu=

ral stability, and production integration.

amily:Calibri;font-size:16px">Allow me to briefly introduce our factory and ou=

r manufacturing capabilities.

style=3D";margin-left:3px;margin-left:9px;margin-right:9px;border-left:1px sol=

id windowtext;border-top:1px solid windowtext;border-right:1px solid windowtex=

t;border-bottom:1px solid windowtext">=

Domain for Sale Spam from Google Gmail Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

> On Fri, 10 Apr 2026, 5:22=E2=80=AFpm , wrote=

:

>

>> Hello,

>>

>> I wanted to let you know that the premium domain

>>

>> VoipEdmonton.com is available for purchase at Godaddy.

>>

>> This domain would be really good for attracting clients looking for your

>> VOIP IN EDMONTON.

>>

>> If the domain is developed or redirected to your current website, it

>> would be extremely beneficial to your company and services in terms of

>> catching more leads and clients while retaining your brand identity.

>>

>> You can get this domain for $650 at www.VoipEdmonton.com right now.

>>

>> Best Regards,

>>

>> Nicholas.

>>

>

--00000000000048bd0c06500da616

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello,

>

We sent you an email recentl=

y and never heard back. We=E2=80=99ve scheduled a 24-hour discount for the =

domain name, and we would like to know if there is any interest here.

=

T=

he domain can be developed or redirected to your current website to increas=

e visibility with its keywords in EDMONTON and its environs.

=3D"auto">

We have a=

lso reduced the price of the domain to $550 only.

r>

To get it now, go to=

=C2=A0

www.V=

oipEdmonton.com

Do let me know if you have any q=

uestions!

dir=3D"auto">We await your response.

dir=3D"auto">

Stay Safe.

ass=3D"gmail_quote gmail_quote_container">

ttr">On Tue, 14 Apr 2026, 5:18=E2=80=AFpm Nichoas Louis, <
lto:nicholaslouis.co@gmail.com">nicholaslouis.co@gmail.com> wrote:
r>

-left:1px #ccc solid;padding-left:1ex">
=

Good morning,

=

What do you think about the website domaihn name=C2=A0
iv>

nk" rel=3D"noreferrer">www.VoipEdmonton.com?

>

Do you have any intere=

st?

=3D"auto">Will you be considering this offer?

div>

You can also let me know =

your best offer, and we=E2=80=99ll work together to find a mutually agreeab=

le price. If no interest please let me know so I don=E2=80=99t follow up fu=

rther.

r=3D"auto">We sincerely appreciate your response.

r>

With best wishes,
v>

">On Fri, 10 Apr 2026, 5:22=E2=80=AFpm , <
s.co@gmail.com" target=3D"_blank" rel=3D"noreferrer">nicholaslouis.co@gmail=

.com> wrote:

gin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

Hello,

I wanted to let you know that the prem=

ium domain

VoipEdmonton.com is available for purch=

ase at Godaddy.

This domain would be really good f=

or attracting clients looking for your
VOIP IN EDMONTON.

v>
If the domain is developed or redirected to your current w=

ebsite, it would be extremely beneficial to your company and services in te=

rms of catching more leads and clients while retaining your brand identity.=

You can get this domain for $650 at
tp://www.VoipEdmonton.com" rel=3D"noreferrer noreferrer" target=3D"_blank">=

www.VoipEdmonton.com right now.

Best Regards,<=

/div>

Nicholas.

o_gmail_com-dot-mmanalytics2.appspot.com/em_oBUPlK7Pew7e5btd2Kul/comet.gif"=

style=3D"display:none!important">

--00000000000048bd0c06500da616--

Domain for Sale Spam from Google Gmail Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 09:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZpe-00000000EB1-0RaM

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 09:49:42 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 09:49:41 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f170.google.com ([209.85.128.170]:53369)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFYuy-000000008hN-2ksE

for root@nk.ca;

Wed, 22 Apr 2026 08:51:16 -0600

Received: by mail-yw1-f170.google.com with SMTP id 00721157ae682-79a2ee65171so73455507b3.2

for ; Wed, 22 Apr 2026 07:50:21 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1776869415; cv=none;

d=google.com; s=arc-20240605;

b=CMNsUprueFZJa3Q6/HENCxDIvzkLxB5U9F3lXjqLniPMgfI8eTPaqkpRVBPsV7Yqwk

jznywDNN9cO8Bzk+/jdoEX61ot5rKsc0FzLrhfPmao0TrrrVncTADs1c4/KowzsQvtaB

DiUYzwa3vzek7NqcMwilh9pY80co9KW7Gsb3P+0zxJkAGTyVlA8Rj6LJEq97SgC9+nUq

svo28xJNoG7bV+Woma1c91yBwdASbTwojsMjLjrXpS8zkdCUFE61x4QK9TA0JAja5RTY

8MARSswabrrmUvmIhdxEMqlZ/fZPlidVALYuALsEKxK7aMpOGEhhcN5wIlJUOUPNwaLZ

9yOg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=EEcmsmi5Ig/CZHwr430b+LKypvX6Q/EdKQVRx6fdtkk=;

fh=ny7+SATv4n6lSNl0rVMQyaj6POVJTUZJLShjjgjSTJg=;

b=WAnRH363NO6YCpDDDIseIC80xdwFwEWDCUwVif32jeYmDRpCk6XAy71KyW/C6QZq9v

Hf2qNCm4XjAp67cqWbXaYgOTNYCM4Sozin24/8Mhza4JPg/B1heC3cuzuomSjm/xZSyR

JpSovapnGFK4hQQvTzZv6lliSJrpRpYqHq3P0WTgDCjbEiwyEYp4hm9eop8OlLZ1djX7

FS/JvB5iUaiYyt2gMvXsBrKibMckTjdJ5Iw65pgRTeA8kueyMBE40GJ9QBSjcgKXT5In

ilHQCUP1s523s5c6VLPFSvyyrD6yozUBehF8gMWz3D4K0UGdu+n/dLiinX2uqQaKdnAl

jWPA==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776869415; x=1777474215; darn=nk.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=EEcmsmi5Ig/CZHwr430b+LKypvX6Q/EdKQVRx6fdtkk=;

b=Tln7agSWRUBBAb6f8CVsAF8okNtKDETdxTDSMezKwv7W3E2TEzrKfy1n6hqtjUvQ5H

0m/2kxkAQxsQaTom9QJ1jQckiN9bL0e3fYgB+MxwByK0OimwpmCWU7dY7J2owcK+qLDE

ap+7EqywB5RKLdejaX9TU8QwX18KNMfNZ7vVcrzk4N1U2+Fdmg4urbd1a6STr4adRz2f

SQzN8kTjyy/X6prfAQ1hM9b8KY5DL13WTm41QnzJ2DVzkmHqyYBi2jSUJPoissMfz27h

SAsytSpJjsqBK57+zzfC4+1CyW1ajvYkeJRHEaaBuH//0AT5hl9/RUA304YbXywyOOgD

i3cg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776869415; x=1777474215;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=EEcmsmi5Ig/CZHwr430b+LKypvX6Q/EdKQVRx6fdtkk=;

b=p/hiYwXQd2WlbF7S7VjZ716bADsuWWT7Ll0MNL55sAW2dvnMC/FL8tyD3D7UekUMNy

z2KhdS96KEe8DxVhK87BwOcbscPadrN6cRuI5GGvizWhevL19jFKmbUeSRJILfQIsn4k

hKVDZlQDccqmUfuLaePGB5k+0Xm+On+9mzzOftpl+gJfjmYtKRymBMVbXqEWOMcmoei9

8eqMw2vtPOkQT/cGkD51Go0iDRlTY4KO6c5ZvBTxg6d7luwNC6Q1FMiL4A2ako09LJf4

q9LWuS6NtnXWQsBQSbaqLubqkDNqyNvRs56znMVA3EwNlh8LIp7sgZJ/+c4pDbivRvSR

TOoQ==

X-Gm-Message-State: AOJu0YyrGcK/37QMNh+djK4Fbjdx1kR1L+/xZdQxCrHOvqHaypUZeMds

r/cJPUXR13yBcfYC4Sai5tTIuzyaOePoJNeOb1Nui26AKveSBbPb+kqRnSFLSwIOCxWY8hqT90S

87qa3SJ5quw57v0IUb0ZkYKgjtoWieASpUTSo

X-Gm-Gg: AeBDieuroyOcWliHgjb8+pJs7dl8DOZa0EZ6Ybphz2S4LczIvZ+j/AfJpsrzkx/mule

FTGHN+qG4aIU4fjPJoSzS96BCa/CYCUv5nCnbDUV2UudXg/gOTx1Kx6qn1fZto7dAhzyyzD4vom

/M78BNjwVwCwLJ13KMNiR4iSyStB4oXSLhxKQaFZyz7AOE7aZzMCICCeaxnYXv0fVhDrFEEEdNS

zOhjPg5kKkHTng+AcQ83pBBHm/P5iHPhw+tao/fMDQG5a25ILJs9hCYCPatxDBPPRWmuGrTaOJn

KxXDuws2NGjFQKkGA03Gb5U=

X-Received: by 2002:a05:690c:112:b0:7a2:ce0e:865c with SMTP id

00721157ae682-7b9ecfdb8efmr229845777b3.37.1776869414844; Wed, 22 Apr 2026

07:50:14 -0700 (PDT)

MIME-Version: 1.0

References:

In-Reply-To:

From: Nichoas Louis

Date: Wed, 22 Apr 2026 15:50:01 +0100

X-Gm-Features: AQROBzBpr3USaUYZ3jnsjfrLIJ38YgjvPZtvqXmQj6-IQjh37VXJB-FLSDSONrk

Message-ID:

Subject: Re: VOIP IN EDMONTON

To: root@nk.ca

Content-Type: multipart/alternative; boundary="00000000000048bd0c06500da616"

--00000000000048bd0c06500da616

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello,

We sent you an email recently and never heard back. We=E2=80=99ve scheduled=

a

24-hour discount for the domain name, and we would like to know if there is

any interest here.

The domain can be developed or redirected to your current website to

increase visibility with its keywords in EDMONTON and its environs.

We have also reduced the price of the domain to $550 only.

To get it now, go to

www.VoipEdmonton.com

Do let me know if you have any questions!

We await your response.

Stay Safe.

On Tue, 14 Apr 2026, 5:18=E2=80=AFpm Nichoas Louis,
.com>

wrote:

> Good morning,

>

>

> What do you think about the website domaihn name

> www.VoipEdmonton.com?

>

>

> Do you have any interest?

>

>

> Will you be considering this offer?

>

>

> You can also let me know your best offer, and we=E2=80=99ll work together=

to find

> a mutually agreeable price. If no interest please let me know so I don=E2=

=80=99t

> follow up further.

>

>

> We sincerely appreciate your response.

>

>

> With best wishes,

>

Domain Name Spam from Google Mail Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

>

> On Fri, 10 Apr 2026, 5:21=E2=80=AFpm , wrote=

:

>

>> Hello,

>>

>> I wanted to let you know that the premium domain

>>

>> VoipEdmonton.com is available for purchase at Godaddy.

>>

>> This domain would be really good for attracting clients looking for your

>> VOIP IN EDMONTON.

>>

>> If the domain is developed or redirected to your current website, it

>> would be extremely beneficial to your company and services in terms of

>> catching more leads and clients while retaining your brand identity.

>>

>> You can get this domain for $650 at www.VoipEdmonton.com right now.

>>

>> Best Regards,

>>

>> Nicholas.

>>

>

--0000000000000008b406500da51c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello,

>

We sent you an email recentl=

y and never heard back. We=E2=80=99ve scheduled a 24-hour discount for the =

domain name, and we would like to know if there is any interest here.

=

T=

he domain can be developed or redirected to your current website to increas=

e visibility with its keywords in EDMONTON and its environs.

=3D"auto">

We have a=

lso reduced the price of the domain to $550 only.

r>

To get it now, go to=

=C2=A0

www.V=

oipEdmonton.com

Do let me know if you have any q=

uestions!

dir=3D"auto">We await your response.

dir=3D"auto">

Stay Safe.

ass=3D"gmail_quote gmail_quote_container">

ttr">On Tue, 14 Apr 2026, 5:18=E2=80=AFpm Nichoas Louis, <
lto:nicholaslouis.co@gmail.com">nicholaslouis.co@gmail.com> wrote:
r>

-left:1px #ccc solid;padding-left:1ex">
=

Good morning,

=

What do you think about the website domaihn name=C2=A0
iv>

nk" rel=3D"noreferrer">www.VoipEdmonton.com?

>

Do you have any intere=

st?

=3D"auto">Will you be considering this offer?

div>

You can also let me know =

your best offer, and we=E2=80=99ll work together to find a mutually agreeab=

le price. If no interest please let me know so I don=E2=80=99t follow up fu=

rther.

r=3D"auto">We sincerely appreciate your response.

r>

With best wishes,
v>

">On Fri, 10 Apr 2026, 5:21=E2=80=AFpm , <
s.co@gmail.com" target=3D"_blank" rel=3D"noreferrer">nicholaslouis.co@gmail=

.com> wrote:

gin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

Hello,

I wanted to let you know that the prem=

ium domain

VoipEdmonton.com is available for purch=

ase at Godaddy.

This domain would be really good f=

or attracting clients looking for your
VOIP IN EDMONTON.

v>
If the domain is developed or redirected to your current w=

ebsite, it would be extremely beneficial to your company and services in te=

rms of catching more leads and clients while retaining your brand identity.=

You can get this domain for $650 at
tp://www.VoipEdmonton.com" rel=3D"noreferrer noreferrer" target=3D"_blank">=

www.VoipEdmonton.com right now.

Best Regards,<=

/div>

Nicholas.

o_gmail_com-dot-mmanalytics.appspot.com/em_GrGDVVfCnSWAX8pOmpL6/asteroid.gi=

f" style=3D"display:none!important">

--0000000000000008b406500da51c--

Domain Name Spam from Google Mail Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 09:50:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZpZ-00000000EAg-3bUz

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 09:49:37 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 09:49:37 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yw1-f169.google.com ([209.85.128.169]:43462)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFYue-000000008ej-0rVe

for sales@nk.ca;

Wed, 22 Apr 2026 08:50:57 -0600

Received: by mail-yw1-f169.google.com with SMTP id 00721157ae682-79db5e18ac6so67625497b3.1

for ; Wed, 22 Apr 2026 07:50:00 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1776869393; cv=none;

d=google.com; s=arc-20240605;

b=YoUdU330u8w1BuyfJqYVdoEM1ZgPGk5EJhZoLy1y4NJstcC9vQzXKEn7FCq5YnmiSX

lSTwXmYaAEs2FhyxnKAGedmkUaTS44pTSMWhGy7U/zt7X7UiUAUgmsxt5rE4TkhU22B8

Aaz7U5P2f83hsaYFOl9e7+VI0S6Dkw5/Js/y4y1FXMaEqQLgk5AJAUIQwv/GMiNM/CZW

vqBL7PVfZkTDbiOGa4nAW46iLwsEACu5GUSOOPk1uamxfyQ5GPOiHu0owqG7+IGaKk1p

MuF8kOh/YedtDXeezZ71UjjAjNOu7n2yf+a2fzX94jBCyuI0p9SFHhae3xC4yNzw19FJ

3oKg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:dkim-signature;

bh=bPAaLiYbvRpEVGFCu/wTZlqwSC7G4/OUkGOJOCQxhLg=;

fh=C4vsnDG7cTH8aa/8f7sygxKSfblX4MPDg6mph8A3jUw=;

b=DRY8+akh52Ngatee0ErPrTs9oKrjMeL50n6PqcIJJpXEfaJIzj7HFd6TXX+vmgmO92

+hmDFoRu04RT64tsCdI7g38IGHb74JspR3h1eDFJE38CLnxnOiYU/tbUDSFvl2I9kJsH

UbByl6Z0V4UlVhwCPWO+0ypRPg5GJYJcPt1A9wg77DDKmcnEwd/jYNS8HYi7e+9cYkor

6KNJG9zeyXRsOZ/FNO7+0UDcCbnw2h1dHKJ9SHgAxWaSh+K4pQ+yeyh5qKY6dNyEP/VD

iB7sxy11YMvTxad5+IxMCvdAJTY4fyIYdRElnU4R+9E8iuVm+flsb3TgqJdxaFVGq6sd

a/UQ==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776869393; x=1777474193; darn=nk.ca;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:from:to:cc:subject:date:message-id:reply-to;

bh=bPAaLiYbvRpEVGFCu/wTZlqwSC7G4/OUkGOJOCQxhLg=;

b=FEkDHZD5dn7cI8Lx42iJ+VDc6nNRAA/RK+Bqu1uiBd+l9YDjvcUoHxE2yQgTodcjrV

b6Tz1sDhGczQ+m177aPX7kH9a05egNi5Xjy6ToOJiD5cOdr6bx1+odJpuqil2wwSMgMn

KbomxgXvfC25FFGGNfuWe2mxnabaWdsVGeDx7rPc/UQ3UgC5VmAgK8h14gdkr+g1hATu

/MVj+nXKyohxve5vqSFcdIEE1Ded06F9bT9FDDsM8lXfn9SfMpBUnD6pPqwgdvieNSig

G1KxUA56ztW5eJ3g4ffXhHtyq/Y0Ixed6Gb+XYLX2jWTSSXItTzJS3oeV8nruQhyfOPc

KFuA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776869393; x=1777474193;

h=to:subject:message-id:date:from:in-reply-to:references:mime-version

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=bPAaLiYbvRpEVGFCu/wTZlqwSC7G4/OUkGOJOCQxhLg=;

b=a9xiEzw8jw9mSwssIsSQqy/oK/5ncdq3trHEdYX+Jz1pshj0V+Zaaarg6tmq2BugHg

idmIWRvLd40EOBDoG9jUa8KfS4GXqnJTVa6t5WMazs2ead90JBGn9+XZ0rjNA6wNFV8P

ekszzYCNnrjHBMSCDXxgmiEvYh13cNbns1Wv/SlzhTkNszMTV+aref5/Zk3WKqh4XA0L

xQ97h+Pnm5wUAZU980OV9tf2XropLTs/8e7eupcv/b1kK2Oc5liJVvKsRBhcIeN7BEST

rwMraQ3/W61AC8aduPKu1b/tkn7yyYq3RG212pRrGl6XBwtilaQEuM1AoVuPC9zzp0fq

lQgQ==

X-Gm-Message-State: AOJu0YxerZ+FuvUlAJhFvVk0PPMW8DMdGC2zsbgYN1Qx3CcJEgGypH5p

MCtDkta2Ca/su9i8cV0s7sm8lt181tbTkm0wC76Qv+DzD7+uui9GVZWx+wIGQ4LL5/uEWnUMyl0

bZdheG3CL9B4yuNxceyrXGqnIx4XpO3LnqOCi

X-Gm-Gg: AeBDiet+8isO5L3tKuAUfPtpokQszp8OMMzMeVuGiwScx+EcCuv6zvRMUbaXIoOXstu

xbA0ck8ntwjxLVcuEYhN+9iUJNKFI1h/g51bVBqb/Y0jUftvGB03GW8Vv24p97GYKFiwGF8+lW2

8DUAe2bg1Txt5fY+WzvIpQg0gJJXVHl/sfhVTks4HmrTgifMeRM420UYtIUXhWAUPNHX6K7CE4B

+Bh8R0AfTuAX3UIIlBKKKWzOINtFOsPFStc5zpnqz7dpBcGrOhOcG+0FalrEkvKdU2FxWgiBYhP

IIyo4t052hM7Ut0gjXzDPFk=

X-Received: by 2002:a05:690c:c50e:b0:7b4:1394:4104 with SMTP id

00721157ae682-7b9ed2c71f9mr175103547b3.9.1776869393302; Wed, 22 Apr 2026

07:49:53 -0700 (PDT)

MIME-Version: 1.0

References:

In-Reply-To:

From: Nichoas Louis

Date: Wed, 22 Apr 2026 15:49:40 +0100

X-Gm-Features: AQROBzA0369IotKTAfcM8MsrZDY2P66gNYQhP9ypChbSxAJgOXMugzZ8st1jvts

Message-ID:

Subject: Re: VOIP IN EDMONTON

To: sales@nk.ca

Content-Type: multipart/alternative; boundary="0000000000000008b406500da51c"

--0000000000000008b406500da51c

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello,

We sent you an email recently and never heard back. We=E2=80=99ve scheduled=

a

24-hour discount for the domain name, and we would like to know if there is

any interest here.

The domain can be developed or redirected to your current website to

increase visibility with its keywords in EDMONTON and its environs.

We have also reduced the price of the domain to $550 only.

To get it now, go to

www.VoipEdmonton.com

Do let me know if you have any questions!

We await your response.

Stay Safe.

On Tue, 14 Apr 2026, 5:18=E2=80=AFpm Nichoas Louis,
.com>

wrote:

> Good morning,

>

>

> What do you think about the website domaihn name

> www.VoipEdmonton.com?

>

>

> Do you have any interest?

>

>

> Will you be considering this offer?

>

>

> You can also let me know your best offer, and we=E2=80=99ll work together=

to find

> a mutually agreeable price. If no interest please let me know so I don=E2=

=80=99t

> follow up further.

>

>

> We sincerely appreciate your response.

>

>

> With best wishes,

Paypal Cryptocurrency phishing from Microsoft Outlook Part 3

Posted by Dave Yadallee on Wednesday, April 22. 2026

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[haressaznzxrrsxaxz321(at)gmail.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[haressaznzxrrsxaxz321(at)gmail.com]

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

0.1 TW_RW BODY: Odd Letter Triples with RW

0.1 TW_VJ BODY: Odd Letter Triples with VJ

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

0.1 TO_IN_SUBJ To address is in Subject

Subject: {SPAM?} =?UTF-8?Q?Pozv=C3=A1nky=3A_Order_Processing_Notice_=2D_Payment_Confirm?=

=?UTF-8?Q?ed_=40_st_22=2E_apr_2026_=28cynthiaperez389903=40groups=2Eoutlook=2Ecom=29?=

Haresasz Nxysarwsa has invited you to Order Processing Notice – Payment Confirmed

Title: Order Processing Notice – Payment Confirmed

Location: https://meet.google.com/yqr-oyab-vjx

When: April 22, 2026

Organizer:

Haresasz Nxysarwsa

Description: Dear Customer,

Thank you for your payment. We confirm that your PayPal transaction has been successfully verified and your Bitcoin (BTC) order is now in the confirmation stage.

Transaction ID: X4N8Q2J7T5

Date: April 22, 2026

Amount: $410.00

Payment Method: PayPal

Order Status: Pending Verification

Blockchain confirmation times may vary depending on overall network demand. You will be notified once your order has been finalized.

If you have any questions, please contact our support department.

Customer Support: +1(843) 367-5992

Thank you for your continued support.

Best Regards,

Billing Department

-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-

Pripojiť sa cez Google Meet: https://meet.google.com/yqr-oyab-vjx

Viac o službe Meet sa dozviete na https://support.google.com/a/users/answer/9282720

Túto sekciu neupravujte.

-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-

Attendees:

cynthiaperez389903@groups.outlook.com

Pripojiť sa cez Google Meet

Odkaz na stretnutie

meet.google.com/yqr-oyab-vjx

Dear Customer,

Thank you for your payment. We confirm that your PayPal transaction has been successfully verified and your Bitcoin (BTC) order is now in the confirmation stage.

Transaction ID: X4N8Q2J7T5

Date: April 22, 2026

Amount: $410.00

Payment Method: PayPal

Order Status: Pending Verification

Blockchain confirmation times may vary depending on overall network demand. You will be notified once your order has been finalized.

If you have any questions, please contact our support department.

Customer Support: +1(843) 367-5992

Thank you for your continued support.

Best Regards,

Billing Department

Kedy

streda 22. apr 2026

Organizátor

Haresasz Nxysarwsa

haressaznzxrrsxaxz321@gmail.com

Hostia

(Zoznam hostí bol na žiadosť organizátora skrytý)

Odpoveď na cynthiaperez389903@groups.outlook.com

Áno

Nie

Možno

Ďalšie možnosti

Pozvánka z Kalendára Google

Túto správu ste dostali, pretože ste účastníkom danej udalosti.

Ak túto pozvánku prepošlete, ktorýkoľvek jej príjemca bude môcť odoslať odpoveď organizátorovi, byť pridaný do zoznamu hostí, pozývať iných bez ohľadu na ich vlastný stav pozvánky alebo meniť vaše potvrdenie účasti. Ďalšie informácie

Paypal Cryptocurrency phishing from Microsoft Outlook Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

=?utf-8?B?OXBleHZkNGorK3VQc1ZEbkZXVUZqV0VTdlZiWHFPWktqZGE0c29ac0Z3d3Y4?=

=?utf-8?B?bDBrMHMvMXh0WXBoajVvQ20wZEVwQ1dqSFJLb3N6aTJSOWNqYXdRRDdVVnBt?=

=?utf-8?B?Rkh3V2FJNkZxMTdETlpvUGpTUDRaWUtTc3VJc0dWbU5nR01uMWhLWldVbU1N?=

=?utf-8?B?ZDhacWJZVHBEczk4WkRmaWMwMHFFZWkzam9HY2xCMFlTSURYWjkyUm83dnQ3?=

=?utf-8?B?RDcrN09RemQvVW1qMVhLU0x5N3pNTHBTNzVPcmVEc0pOMTBJLzQxOEpyYURZ?=

=?utf-8?B?VGRoSGdldHB1ckRmZGZSNWhoZkpXdnEyMlVYbjNuVUxKaE1Ic2JtRjRFOFRj?=

=?utf-8?B?V1VKTFljMkl6U1orTkVpTmdrckhQSW5XNTJ5UXh2OEI5UXFBZUVwc0duVGlr?=

=?utf-8?B?dnJBdHkxejMyNkU3Ynorakg2YVlwMUNTRW81MUdPc1RLZnNsME11Y2ROM1My?=

=?utf-8?B?Y3ZzT3NHUWFyUDlibGdFRW9iSy96SVozc3hKNEpJdVdCa2pZZXVkNE1iK3Rw?=

=?utf-8?B?QU1GaEkwRnF2cndhT0Fzd0luWml3eDBUWDBLNGZzUG8xN1d2OWlXMVAzVWVZ?=

=?utf-8?B?WGsrNndFVmI5ZGN4cm5OaE1TRWpZRFdGRkJrbTBEeGgyaXhhdWYxUC9ZUTBF?=

=?utf-8?B?R2l2QmJ0Q052VFdqUmhEZUdYNzNISzBIY0d3c000cnpTOUExOWtmUGZWWnBp?=

=?utf-8?B?cDhNOEhWZFhtK1ZZZWFkM2JNQ0g1R0FWQklrdUdZU2xjeFZJZ3craUp6djU1?=

=?utf-8?B?VUlhSGp4UEZkYTdIeVNualkvaWdNbGpycEswWFIrMFE5eXR6QVdwOGluRmMr?=

=?utf-8?B?bGhIUUxtMXMvNjQwQzlOSjAvc1Q4K0U1cVRhMC96dDlJVTdNaEVLY1RIRVVt?=

=?utf-8?B?ODg4WXhiWDhVeHRQOFZhTmF3RTdrQlNsT21jU0RDb3dNdlY2RnFqYm9MZWpx?=

=?utf-8?B?N2JKZjB6c0FiZnRTc3I1QXpjUE44QVlld09mdDcyZGpTTTEwM1VPYXZSNEky?=

=?utf-8?B?V3VIWUJpQUFOVkd3OVNIRWNqS0FyRStxeXJ6VGVVSHc0V1RoZzJSVmRmUGtN?=

=?utf-8?B?SXlGWkhkUTRoNUh6dG92NVVrOHBzVEI1ZERIcGd1Q0lJN1JsZlBxcmY5MzNY?=

=?utf-8?B?WUppWnBGOE5QUkM5SXZBRGJ3WVhlNlZKaGp0R2Z1NzR3L0pCektXVWYwb091?=

=?utf-8?Q?p0QJ4MclJnyQpFlnodoMpI4MBl6VC5aUt?=

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-090a5.templateTenant

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2026 14:45:21.3282

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: bf3d12cb-f271-4597-be26-08dea07dc79c

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-AuthSource: DM2PEPF00003FC2.namprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR18MB3848

X-Spam_score: 11.4

X-Spam_score_int: 114

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Order Processing Notice â€“ Payment Confirmed streda 22. apr

2026 PripojiÅ¥ sa cez Google Meet https://meet.google.com/yqr-oyab-vjx?hs=224

Dear Customer,

Content analysis details: (11.4 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[40.93.1.2 listed in dnsbl.ahbl.org]

[40.93.1.2 listed in dnsbl.ahbl.org]

[40.93.1.2 listed in dnsbl.ahbl.org]

[40.93.1.2 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[209.85.161.74 listed in dnsbl.ahbl.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[dnsbl.ahbl.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[40.93.1.2 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[40.93.1.2 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[40.93.1.2 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[40.93.1.2 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[209.85.161.74 listed in will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:cafe:0:0:50 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:610:e7:0:0:0:35 listed in]

[will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

[40.93.1.2 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[40.93.1.2 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

3.5 VOWEL_FROM_7 Impronouncable from header (7+ consecutive vowels)

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.0 HK_RANDOM_FROM From username looks random

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[40.93.1.2 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[40.93.1.2 listed in bl.score.senderscore.com]

Paypal Cryptocurrency phishing from Microsoft Outlook Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 09:50:03 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZpN-00000000E9O-41gn

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 09:49:25 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 09:49:25 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-westusazlp17010002.outbound.protection.outlook.com ([40.93.1.2]:43322 helo=BYAPR05CU005.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFYqS-000000008K6-0e9f

for doctor@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 08:46:40 -0600

Received: from CH0PR03CA0240.namprd03.prod.outlook.com (2603:10b6:610:e7::35)

by PH0PR18MB3848.namprd18.prod.outlook.com (2603:10b6:510:2b::24) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9846.20; Wed, 22 Apr

2026 14:45:22 +0000

Received: from DM2PEPF00003FC2.namprd04.prod.outlook.com

(2603:10b6:610:e7:cafe::50) by CH0PR03CA0240.outlook.office365.com

(2603:10b6:610:e7::35) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.9791.48 via Frontend Transport; Wed,

22 Apr 2026 14:45:21 +0000

Authentication-Results: spf=pass (sender IP is 209.85.161.74)

smtp.mailfrom=gmail.com; dkim=pass (signature was verified)

header.d=google.com;dkim=pass (signature was verified)

header.d=gmail.com;dmarc=pass action=none header.from=gmail.com;compauth=pass

reason=100

Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates

209.85.161.74 as permitted sender) receiver=protection.outlook.com;

client-ip=209.85.161.74; helo=mail-oo1-f74.google.com; pr=C

Received: from mail-oo1-f74.google.com (209.85.161.74) by

DM2PEPF00003FC2.mail.protection.outlook.com (10.167.23.20) with Microsoft

SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9846.18

via Frontend Transport; Wed, 22 Apr 2026 14:45:21 +0000

X-IncomingTopHeaderMarker:

OriginalChecksum:0A597A57D272C789A52AE46B09C8BBA62646102A41C8E30A2EB1E83E6A05F3AA;UpperCasedChecksum:0331458022BE88BC4608EB18A567A9D5BB9B0C77D54299CCD77FDD2EB8D0B567;SizeAsReceived:3383;Count:15

Received: by mail-oo1-f74.google.com with SMTP id 006d021491bc7-6946dfca922so4677615eaf.1

for ; Wed, 22 Apr 2026 07:45:21 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1776869121; x=1777473921; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=Qcznrz6dMXfhK6mVdeLuj7BHSjZW9UCiByt6meB7GPA=;

b=TWfE+xcEeLX8aGJK7wxuGkHga1C4qefZp7TalhfS+YUMcgafZuWFqy+6ntMZOQGrZO

A/+gPX8HeDyVzobvlIfVs/rwQXtv0EdQbEr1fEHbSHQtw2VoKa/pl7IwcmX3vGcxnXu/

vXkFXBeLneKtBPatO/nmvHey6BUyg04gZ58f+ecAYqUjSAfwGKK5dpCRHKViFqXMleIK

YHfVMJWFHy+iH9gVJTYyw6Ln0XDjOUTuUu15/UyDc6btSkFRWBhjt7V55Pk62+Dd21ao

O4jysIMbSJG11pMh3xDa/m1EOd65ovtigcdLy1uH3chY+Ks1lX4p89EkcNFkkCfgNr2l

srUw==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776869121; x=1777473921; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=Qcznrz6dMXfhK6mVdeLuj7BHSjZW9UCiByt6meB7GPA=;

b=Cg2v9o5jDXNgKAPf/ZsUD4qeyXSoFGf9Fz8eerHYu59BKbEUIUJNW3afJqofkdwkL1

Pq0sH6Gw6/GtACdVfu7CRSa5d3TwqOTUt/TZlhH0fdPu2aO7A+FzBnvSTtU84Fc7QmN0

I4/tOFIKAsV2uBmSewtKUtDMziCiwpa6fHmL18BgB5pNniBC4KEqkKiWv6vKfJUTZ6fv

BVeowY40Fo6wuCo/GNGIJ5dvKmNFI4XaPaBrxkwmm0FtEADF8r4Z3YlKs4C0jpPFhb9X

rb5vL15x+EcihpeMbAbHIawQph/2WXF61bITMhG6r5SmYdLm8PlfDtT7SfB/Z8MJdjkZ

uS6g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776869121; x=1777473921;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=Qcznrz6dMXfhK6mVdeLuj7BHSjZW9UCiByt6meB7GPA=;

b=a8qZ8wQ0Uj+zyIpTC5IaohI9yRKuj4/FhQpjgzorwOLu/aLJj71aCDHPUbPXaiw+zr

nwmjkfPekz+eoblBzO4j09paA2z/FM3+0fiElFZs/9jTqkmHOyV0wTloFabqZmJmE6Hx

RziBLgrAkLleF41p+HVpOJgryczbF68I2NT67HGQI2J026BNyNoebbva/7ltB4L90nnl

G/yKw1UIc5Jnh+R/11hqaZXWsK+rgwg1oXGwzUU0gygiLfZyDAREhB73IXV3Lp8Da06S

I4YLCVKsvLM9ZJdRecCHVtIyFVA99HMLAm9kMXR/WgnT+g/a1QvKp9yw/WKaLviGQ4LD

HEng==

X-Gm-Message-State: AOJu0YxEtN6M80n+S7JKi9wzxzGHepOJ7wkAdBaO5ukdkdBHScLPic9+

k2gzLbly3kP1+njgqOzXd+//n/4RJrVH5jflcZYvgcM+uTmqDslnrmYK7f3qi2q7chDKMl4q25A

4qrD2zgcaoDbGq9VH20+21aHIZfx+RV9C+QA=

MIME-Version: 1.0

X-Received: by 2002:a05:6820:4c06:b0:694:8f3a:3f41 with SMTP id

006d021491bc7-6948f3a4683mr5431110eaf.41.1776869120784; Wed, 22 Apr 2026

07:45:20 -0700 (PDT)

Reply-To: Haresasz Nxysarwsa

Sender: =?UTF-8?Q?Kalend=C3=A1r_Google?=

Message-ID:

Date: Wed, 22 Apr 2026 14:45:20 +0000

Subject: =?UTF-8?Q?Pozv=C3=A1nky=3A_Order_Processing_Notice_=2D_Payment_Confirm?=

=?UTF-8?Q?ed_=40_st_22=2E_apr_2026_=28cynthiaperez389903=40groups=2Eoutlook=2Ecom=29?=

From: Haresasz Nxysarwsa

To: cynthiaperez389903@groups.outlook.com

Content-Type: multipart/mixed; boundary="000000000000c1c0f406500d94f8"

X-IncomingHeaderCount: 15

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DM2PEPF00003FC2:EE_|PH0PR18MB3848:EE_

X-MS-Office365-Filtering-Correlation-Id: bf3d12cb-f271-4597-be26-08dea07dc79c

X-MS-Exchange-EOPDirect: true

X-Sender-IP: 209.85.161.74

X-SID-PRA: HARESSAZNZXRRSXAXZ321@GMAIL.COM

X-SID-Result: PASS

X-MS-Consumer-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-MS-Exchange-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-Microsoft-Antispam:

BCL:0;ARA:1444111002|16200799027|9020799019|24102599021|6092099016|461199028|9000799056|26130799006|3151999006|9400799043|29080799006|6019299003|6149299003|1680799066|26000799027|5139299004|4040799016|4302099013|3412199025|440099028|2145499017|30041999003|26104999006|22062799003|18021999003|1380799030|1360799030|1370799030|21002599022;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?V2dJM0NtdC9Odk9XazJzWGwzaE03V2lwY1E4NG9rdEo1cGZhMVlCTDdYcHhu?=

=?utf-8?B?U1RqWFkxaWN2NWhjQ2NKSHlVajNGZmNXbWdtRlR0ZXV5SENsL2dxZGgwZEMz?=

=?utf-8?B?ZUdQc3dhOHgzSTgxMWtFSUhBOFZhdVN0RHY2YS9kN0h4OTZlcjJ0ellZQVlo?=

=?utf-8?B?OFhNT0d2eTlHOEhqYXRzL1Q4T3hWcy90Z2R1N0UwanFrWHR2YkxUSFZNdU9j?=

=?utf-8?B?ZW5FMWlaMWJRbi83UU1GeHpzVFNWcVV2K1c3WE0ya3dNQkFrSGF2SC9hK0ZI?=

=?utf-8?B?OWd4aEJKQ0M2dmdWWVAwVTFzbmRDNzZqalhYTTB1NVZpQTZuSHVZM1luc2pp?=

=?utf-8?B?cGIwNkhubk1aVisxRjh1VmgzYUFsdDNoMmpyYXJ4S1l5NFZFNDVsWTVmRnRL?=

=?utf-8?B?NG5uWHMwazFBR052dVY0alBTL2Iyak5zRjJsQUQxYWllUThVWlgxTmdpODFr?=

=?utf-8?B?QjgvdEI1dHA1blBwdElzcFVhb0c1NU1sYlN5dzB1bWZvQkRYM0RESTE2aWs5?=

=?utf-8?B?N1p0allPb1owem5BL0w1VGN3ay9ZOEJTN2d2VXplOEMzU0d4ZDNnTWV5OFBx?=

=?utf-8?B?NHlYK2tuS1dOT0hvQzhqQ2hIdXhIQ2hsMldIUyt4KytKQzNyTmRTcU1PQnk3?=

=?utf-8?B?dUY3STVVeXVtYXlsVUwrZ0xwUkxEWUxUMnJ0enExOC9FbGxuakcxN1Y5QnAw?=

=?utf-8?B?T0F6VkhoSklQNmZCNkpNUkRwOWNjY2dEVWlFR0o5TVNmVlJENUFmcjhpK1Z6?=

=?utf-8?B?SkI4NCtrak91QlNsSFZTUE5BTzhzSHRzd2JYYUVVcDV4R244YnpraGVSYjdi?=

=?utf-8?B?aDBVejRrcHdWSnU0WTJJbDAxdXNjcVhCb3ZsZmo0dDlTclhCTXVySmUwYXBC?=

=?utf-8?B?Umw1T21LY3dudmFULzRJQ29RYjRCZWdkemQrTUgxZlhPTTRqR2hHbTBTUEI4?=

=?utf-8?B?eVpWZmoxdFVmdDZRdFBhSHVWSlZFWlZRa3pxV0c3ZVlNSktuU1ZaUzBQeC93?=

=?utf-8?B?NHVsY3RzM3pJVW9DandVKzB1N3V1ODhQaWRjc0dyRUI3RVJKcnM2VDRiWXFI?=

=?utf-8?B?ZStHbzVzUVEwZGRDNmJDb3BXNkNwTHlYcHpTZlNDeXFOczZKSUkzbWxsNU5D?=

=?utf-8?B?OS9xdGwxNFJVdTUxbWhraXJVOVErbURFK3JVRHdIYWJzTzU5cUJ6dGlYd1B6?=

=?utf-8?B?eDVxdHRlcldyV3FKakU5K25tMUI4NjRUU0dzMXVCV3pSeU4vWURhWlJuVHhs?=

=?utf-8?B?ZEtTQ0hrNmpQZzQ1R3JPM0JSbTFJVzJ5b2hWLzI3NFliVHA5NFZvVXdEaVlr?=

=?utf-8?B?R2RkUUtyZ3B0eDZtY1Fnd29QbEpMUlM2V1NER0Fnampua0NRZUZxb3F5Z0Zj?=

=?utf-8?B?Z2JGZEhRYitWUjl1bktFMGdQRjVYcVRlNGE1ZURjTXRSRXQ4emREWk1lb1FJ?=

=?utf-8?B?V01ZT3pTTGw0aDUyaEZKL2RyVHNtTG40UkhKeGhqQ3ljaGxtQXF6R2ZZWE1W?=

=?utf-8?B?QnNDRE9ETEh4QU1xQWN0TTlNdGlGMVBZZm1vS3J6TkorUEhDTFpJbTl5MVdy?=

=?utf-8?B?SVNGMDIrT3RjSUNEQnp1TXhpTFRQVUplOUpGcjNxVVh0cW5qNjE4a284K1A4?=

=?utf-8?B?Qzl2WnU2NkRWaWZ1bW4xT2hycmw4bU5LYk1uUEh4U28wc25qdGIwNnQ1bmIv?=

=?utf-8?B?d2JJdndZK3I4b2pZaElzdVp1SFZWNmJiQm9sQk1FdVNRTXdsM3AvWWlidnN0?=

=?utf-8?B?d3pIUTVRc2x2cFZ0Z3hwdm1TZktkTmo0QjlJVjQ3WTFCOVBDa2lXOWNqdUcw?=

=?utf-8?B?ZG1mWFBJMHlaK1djYVhSaGkwcDB0V3A0Skh4dTJIVitNUlNtcEc2VWlEVDBn?=

=?utf-8?B?N1AzU0Izc2d0Qzh2cTVKTlAxWkR3MXVybnRyUUpjYmo5L0xnbldwcy9tS09S?=

=?utf-8?B?cG5rRHFLVkJVYVBnd3BBRGNFTVQvbnBNc3lUSE9rUHAvNDFwWElWNTZxQ2Ji?=

=?utf-8?B?eEIyNDJCMHJLRG5HMGFidGZYN3lUQW5MSjhHbGpoZDRQdWJKR2pOcy9lcVJk?=

=?utf-8?B?U0VQN3FINWxKTCtoWmhnbkhhbUlzZmRWYkdnNm41elBJbzRvYmhXbkx2NU55?=

=?utf-8?B?enowZXJwS29KRzg0Wmtpb09DU1NJZW1KZE90OThnVWNBTnB6Q3VzanVzQUtL?=

=?utf-8?B?b1VuTTNReUZVNHNXMWxtR2ZJSmNGcEQ5UU05c0UyWUpoRWdXZkJxRWdsRnAz?=

=?utf-8?B?UURNcVA5dUxsUFM1VCtqeWhIemdVNTk1WkxUTU9CcnVqMzk4ellrOUt2TTgw?=

=?utf-8?B?SWVkVDlTazJTd2NNRkYzTTFzQXJINDRlS3NISmZwQVByS1FHOFl0OENHVG5y?=

Norton Phish from Google Gmail Part 3

Posted by Dave Yadallee on Wednesday, April 22. 2026

"padding: 1px;border-width: 1px;border-color: windowtext"> ign:center"> 16px">Category	style=3D"padding: 1px;border-width: 1px;border-color: windowtext"> ;text-align:center"> t-size: 16px">Details
lign=3D"center" style=3D"padding: 1px;border-width: 1px;border-color: windowte= xt"> Company N= ame	px;border-color: windowtext"> font-size:16px">Xinnuo Machinery
style=3D"padding: 1px;border-width: 1px;border-color: windowtext"> yle=3D"font-family:=E5=AE=8B=E4=BD=93;font-size:16px">Factory Established n>	r-color: windowtext"> e:16px">1995
px;border-width: 1px;border-color: windowtext"> =AE=8B=E4=BD=93;font-size:16px">Manufacturing Experience	lign=3D"center" style=3D"padding: 1px;border-width: 1px;border-color: windowte= xt"> 30+ years= specializing in cold roll forming machinery
n=3D"center" style=3D"padding: 1px;border-width: 1px;border-color: windowtext"= > Annual Produ= ction Capacity	er-width: 1px;border-color: windowtext"> =E4=BD=93;font-size:16px">Approximately 1500 machines per year

Subscription Information
Plan: Norton 24/7 Protection
Quantity: 4 device
Activation key: cc834c08-f9fa-45f8-ab5b-af76a7f3bbd6
Billing Period: 1 Year
Payment Method: Direct Debit
Amount Charged: $280.45

If you need to update your payment information, change your subscription plan, or cancel your renewal. Please contact our customer support team is here to help you.

Thank you for choosing Norton. We look forward to continuing to serve you!

Sincerely
Norton Secured powered by symantec
+1 (806) 701-9473
+1 (865) 240-7855

--===============1534604035356672217==--

Norton Phish from Google Gmail Part 2

Posted by Dave Yadallee on Wednesday, April 22. 2026

Norton

Invoice date: Wednesday, April 22, 2026
Invoice No: #38418905
Payment Id: 855K62LLPFJN52

Thanks for shopping with us!

Hello Doctor,

We hope this message finds you well! We wanted to take a moment to remind you that your subscription with us is set to auto-renew on Wednesday, April 22, 2026.

As a valued member of our community, we appreciate your continued support and want to ensure you have uninterrupted access to all the benefits your subscription provides. With our auto-renewal feature, you can enjoy a seamless experience without the need to manually renew each time.

Norton Phish from Google Gmail Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 09:49:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFZor-00000000E6h-39i8

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 09:48:53 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 09:48:53 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-wm1-f65.google.com ([209.85.128.65]:52556)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFYFA-00000000GcF-43Cv

for doctor@nl2k.ab.ca;

Wed, 22 Apr 2026 08:08:09 -0600

Received: by mail-wm1-f65.google.com with SMTP id 5b1f17b1804b1-48896199cbaso55428155e9.1

for ; Wed, 22 Apr 2026 07:06:55 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1776866808; x=1777471608; darn=nl2k.ab.ca;

h=priority:importance:subject:from:to:mime-version:date:message-id

:from:to:cc:subject:date:message-id:reply-to;

bh=J0CbxEK62tdMO5t4JCUD32FXk8APsmZgfnAwCQReTvM=;

b=sgOmkeG0peEZ9MmMSYJuiyDI3J0SHkB7BJW+G9ooeLdnBNnZQIIIqQYQ1vs++LtL9e

bgAt/dGrNCe390XwI36PcKvldyxz1VCKXlDcm5QSfVvR3yIkfvFYJwLxXFQEkFww0f16

q+bWDpSFegNGlNzlWhCKg3PZTXAByVEWhX9ho9ZMr+lspprQHAIcIAb4RxIAO37H8bNH

E4M88nmdOpob4wsC1ZN7NVdpOUcj44W/RvM0TZRiJFoDjFOfgV4oZriw7InBg8SSjUqU

jvmf4kLNh9c0UomOjbioyzYIubIZXVBP/zCk4tHUh+UyCXTgWqpVXkAUCn8HazqvvSnz

D8ag==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1776866808; x=1777471608;

h=priority:importance:subject:from:to:mime-version:date:message-id

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=J0CbxEK62tdMO5t4JCUD32FXk8APsmZgfnAwCQReTvM=;

b=m0Tu6XVJV0MtVvksZls4jZFDJsQGbiTDc4vcRI2tBQQg//iRmw1/9Q7RXBm7mKGTYt

mSuNJp5Nlx0m4EgD2QsFa7Q5++7m0iHNazzLOdyAzuoUa1ISfVJq/m4tQOMYIO2/D4py

o0wZnMkeUmcLqkLMPuZG+Gy0bLFaKLtDcla9VmYJ3KSxvUaOgARZ34xspVUT4hpW+yWH

ft8ydqi9V+ArKsa6E4008tr/nXfT8J7H6L502W+RpWhrhTPb8sMFTyOO3lTHoxlW6fQb

YLv/bgpTLxye+4vGPNL4ZzmnEvkVD9XGmtveMLYR8/zBzuL3awxoj8MsyAPqH4oNThVg

c0zQ==

X-Gm-Message-State: AOJu0YwW+VpAv4SBNti5k5wrMPtRZQXboTC1za9GWVHxeTfv+WKDphPD

v+4b55UK3OxNa3+tsz8GGBkkExxgk65fbKWxpl8Xk9YAIPk5RYBjpVQc9yEXnI3NmnLFIGrSeuQ

=

X-Gm-Gg: AeBDiespTCvX1uSqBYBbAMSIE+8+zDswqbpQeZbwCOSPhRT7lCRmK2NwVAXOxHYpFlb

1GKmk25fdJAVLZzMI1gfkA0iYF4u1wGySwWAHIKmJ7E+foc5EHxQo4ZlPvGbAW/qD0iLvhb2wf/

PQL+7sPwLsUtups8MdRopRiVVm8dHiiya3JqCaa+U3Ld0XBiMb8nIB4RhKkWJdXbKMu+3h3eecQ

OaNHCJ3Lb32rtZSUitO9ONz/VkeGr7yEGjpZLiI2UqVMSWDFFKDbDLewdu2bIPyAsZ06wRcsZ4w

gaNRlZUa7NX18G5vW4/eZAcVbq6tp0P2nqh3A5u9A9ZA0fvhHMTW4uB6fLSskEhqXnnw/7fS618

1DQawUN9mOp88rR6349o1DXT5UsQxgnMtAMJdTzPs9kXu/Ohq9v29/4ty1suMFRiTDyFHob2Cpz

RIaByki/iHtqPZm1VCnZAP8o9b3PCe1GAgt26Ivz42bvY0gzZJxqtD0CCSpeaMmDYm9xuV2QAmg

PEYkw==

X-Received: by 2002:a05:600c:1554:b0:488:9bf8:7f17 with SMTP id 5b1f17b1804b1-488fb77810bmr335042635e9.14.1776866807785;

Wed, 22 Apr 2026 07:06:47 -0700 (PDT)

Received: from [172.28.1.103] ([43.157.9.92])

by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-488fb735d3dsm305397475e9.2.2026.04.22.07.06.47

for

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Wed, 22 Apr 2026 07:06:47 -0700 (PDT)

Message-ID: <69e8d5f7.050a0220.18cafd.7bea@mx.google.com>

Date: Wed, 22 Apr 2026 07:06:47 -0700 (PDT)

Content-Type: multipart/mixed; boundary="===============1534604035356672217=="

MIME-Version: 1.0

to: Doctor

from: Doctor

subject: Your request is being processed for you

Importance: normal

Priority: normal

--===============1534604035356672217==

Content-Type: text/html; charset="us-ascii"

MIME-Version: 1.0

Content-Transfer-Encoding: 7bit

chinese products spam Part 1

Posted by Dave Yadallee on Wednesday, April 22. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 22 Apr 2026 07:32:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFXgI-00000000KaI-17qY

for dave@doctor.nl2k.ab.ca;

Wed, 22 Apr 2026 07:31:54 -0600

Resent-From: The Doctor

Resent-Date: Wed, 22 Apr 2026 07:31:54 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from out21-141.dm.aliyun.com ([115.124.21.141]:22694)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wFTUr-00000000KWR-0Rbg

for root@nk.ca;

Wed, 22 Apr 2026 03:04:03 -0600

X-AliDM-RcptTo: cm9vdEBuay5jYQ==

Feedback-ID: default:vip@vip.mg-fertilizer.com:alibabak_WebBatch:306882

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=vip.mg-fertilizer.com; s=aliyun-cn-hangzhou;

t=1776848572; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=dPTYh8KkyUtEUgozb/7qjs2nC4oL6Z+Y57oGF4CD2gg=;

b=b/TZKOfxzJq5cu14omOAusF5v5hUBLOvfRoRkl273WJcm54zzsiBHEqG0kkBtY6vMNlIpSOMtZI/ajCr4CcEaoNZUdWuFSWyUfVVXmmM8JeBkmaEc9VgHJZciA/ojpHBAGCQW8DBD8FwkuAhbTj7G6Qk3ZPptH2wMnpR9EWqBcA=

DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;

d=dm-fbl.aliyuncs.com; s=feedback;

t=1776848572; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type;

bh=dPTYh8KkyUtEUgozb/7qjs2nC4oL6Z+Y57oGF4CD2gg=;

b=essVe8R7VL7g6q0P9axG6rQHx9ZZxqQLsSCwSH7gACWSV3WL+qBN1Bnd18HFNhgVyCcPFOHBXAaEGVyz+1dxAgOCc4ejyntmItcqmSUHczj3gVtpCv6wikxPyP0PEQFPAfwLgp/JU50hAkOjoKu3zP/nVfUD1HUA4UzmXCfT67I=

Received: from chitu-hsf(mailfrom:vip@vip.mg-fertilizer.com fp:ma_600000296748419324 cluster:AY35D)

by smtp.aliyun-inc.com(127.0.0.1);

Wed, 22 Apr 2026 16:58:18 +0800

Date: Wed, 22 Apr 2026 16:58:17 +0800

From: "Amber Li"

To:

Reply-To:

Message-ID: <1b481fd3-bb07-4ce1-86c5-226919214203@alibaba.com>

Subject: =?UTF-8?B?TWFnbmVzaXVtIHNlcmllcyBNZ1NPNCAyODMzMjEwMA==?=

X-Priority: 3

MIME-Version: 1.0

X-EnvId: 600000296748419328

X-AliDM-Settings: eyJPdXRib3VuZElwIjp7IklwTGlzdCI6W10sIklwUG9vbElkIjoiIn0sIlVuc3Vic2NyaWJlIjp7IkZpbHRlckxldmVsIjoiZGVmYXVsdCIsIkxpbmtUeXBlIjoiZGVmYXVsdCJ9LCJWZXJzaW9uIjoiMS4wIn0=

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 5.0

X-Spam_score_int: 50

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi Friend, Nice to meet you.

Content analysis details: (5.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[115.124.21.141 listed in dnsbl.ahbl.org]

[115.124.21.141 listed in dnsbl.ahbl.org]

[115.124.21.141 listed in dnsbl.ahbl.org]

[115.124.21.141 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[115.124.21.141 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[115.124.21.141 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[115.124.21.141 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[115.124.21.141 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

[115.124.21.141 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[115.124.21.141 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[115.124.21.141 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars

0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

Subject: {SPAM?} =?UTF-8?B?TWFnbmVzaXVtIHNlcmllcyBNZ1NPNCAyODMzMjEwMA==?=