Aeroplan phish from Sendgrid Part 1

Posted by Dave Yadallee on



r:#333333;">

Expiry Date: June 5, 2026








t:1.8;">

To keep your points active, simply complete an =

eligible Aeroplan activity before the expiry date, such as:












/click?upn=3Du001.IrujB1yoCwvlYIVfFuPD2b2D75HYEblTiivH7PL-2Fx-2F4-3DhUeV_Ym=

NPztx4miJCrnDYqcF7jfR8yISc1B2YMcURCB95RzH7v-2FAlqusd9Q2l6rZumiG-2BKDbmL6ETK=

FvupUGdMmnHpZ8xnfswBgDv56ULRc6Ej7kJm-2BGqZQL6DqzqUNPNV7238ktb63re1Vuvzgscbm=

jh6A-2BTPNpLHCRz4taCfSCnepNaASThVhNyWW7Te-2FWnIk8IbouOVHWIE-2BLPhNMQOrtmOhF=

HLKclbPbf4Sycgo3-2F2a-2F1vk31qyw51239bzHtbNVO-2F1QmnUHPhs1aQmui3p4VM1EEQr4t=

D4Xt-2BBaMP1fevvhJq9VG-2BGWD5Hi1oRGAa4oMAK5yFraWMh8Tr2OmO36COSsmMj54aU51CD-=

2F5CvnncpWubKIbMwpOu2OwSoOhCx9aNK8ewFp4yeL-2FGCiPtJG54J-2BWLlTTfX7RJX-2BQGj=

qfi7QUv7hi-2BVdqJwixLXRsMxbvisqzIJD46DW2qmOOP-2FuJ-2BVrMwxCkjubFZ5ebd9-2F-2=

BfbGiVzOOzAvUzom4YcA96ftfjt2V2z3xDesCJuhLTcYS9uUp0Zj8rrtyxRMWfMglZUGLOcervb=

4-2Fyq-2FyvhK-2Bm5Hi39LmRMzNi1ExqhD-2Fu818DBaq9-2FRIGZHs5ylW3kLqN-2FHrA1B8b=

cZTgAicQgSgD8wXAwNNO9tuJ2Djv1BbLE7TNUVM6Fho-2BllmkYIoNi6c-2BuezXqirZBbI6198=

0Ie645FLsSsfdzoCbCtKWH2CJ6uuiEviUxnbnefIxdYh1SI9FKafuROQAXf67iEEKey-2FQIaWh=

ZPq2UlPfZ0PL-2F689MjLZYjXXQYL9JiF4jnSfdsE8oFggA239C6lZXH-2B5kRHtokSGB-2Btrx=

RD96f4bAL0gExPtZkZoxioghCelBplN7G1fpA-3D"

style=3D"background:#d71920;

color:#ffffff;

text-decoration:none;

padding:15px 40px;

border-radius:4px;

font-size:16px;

font-weight:bold;

display:inline-block;">

View My Aeroplan Account








t:1.8;">

Log in to your Aeroplan account today to review=

your balance and take action before your points expire.






t:1.8;">

Thank you for choosing Air Canada and Aeroplan.







Sincerely,


The Aeroplan Team
















:center;">


>

Aeroplan=AE Loyalty Program






aaaaa;">

This is an automated message. Please do not rep=

ly directly to this email.






aaaaa;">

=A9 2026 Air Canada. All rights reserved.






















GZYDmBykh8zSgppscrG1a9-2FbnUZspF0av6mdLTg7APu65Yl-2FlT7gYWIWvlofAwKkY-2F2pt=

fbkc7w8h-2FPFa6xEfU55tVw9pxqAkjKcoCM5xYrUadMDhNOM92fWIv17g9YhozDkR7CnSOMJ0r=

nZ5hQ1GgZoVocaDQ0uA-2F5dQBLGzxrjAlIVUROgpZAfjCJeKxRlzSRzgWYmJ-2F4xU2e-2F2XL=

0cCOM0zNEQUZt2WxsmXWLhdG4cecVps9UEFcpp9oFfFXNtvrOOB36-2F2hVVGxxH6DfyI7eFTnh=

g-2B6-2FATbyq0SGV-2BKazk9TY5xzpshobs-2BsrWYKsraFZ5cIpo5v4Um0thU9JiFOPrNQTxO=

LbI86QpNgQRGWNrHW6dyHzU-2Bvx-2BVd7a4G1vJJRLL9x3XxpISXW32HrxUlaLPPvsfpn0Q-2B=

Zdbr-2FwS-2Ba-2BvX3nVbQFyugBDeNI-2BL0FZs2jTYA86l6tx2os9VIRzNNf-2BqnX6o-2Bu5=

yg59VcsDvs3ijT9Q0Z2LHyzuqYOKJl59bPfThIIG-2FK4SmCmOyGBhnbEcPxgGSp0gWzM9FqdPd=

Ud2QYNubN-2BKztsbLU57DPPqzlBlW-2FcIKPQbG9azhyyNFXM9mqQl6HcLayPlGhZ-2BRj9Qhm=

e5NxAc-2BPJe2kdOvAMYPZd2By-2BOMsRHaL15SEWCqkGgC2h1h9cMPyxqmPxKzV16Yhhk6Yu4Y=

10-2BnRLNF6LX5anAZOquEWUI8mcz00Djjvqj-2FyNiZN4Whod3Q7rSFZb5DXMpgkCi7Qjj1tGx=

GisOd5Ef-2FbwkTz-2F9BS7GG9TLAqzyXGApff8mAzhmQzVIEa7zOsVeWc1w8LtAlyKBxgy-2Bn=

n4udzrrRFA2EquzLYDJ1J0-2FqHtx0c-3D" alt=3D"" width=3D"1" height=3D"1" borde=

r=3D"0" style=3D"height:1px !important;width:1px !important;border-width:0 =

!important;margin-top:0 !important;margin-bottom:0 !important;margin-right:=

0 !important;margin-left:0 !important;padding-top:0 !important;padding-bott=

om:0 !important;padding-right:0 !important;padding-left:0 !important;"/>
ody>



--8dace98af8dc3247defdd50653b565544fe5d2563ed636b11827e20f1c9c--

Aeroplan phish from Sendgrid Part 1

Posted by Dave Yadallee on
Content preview: Your Aeroplan Points Are Expiring Soon Dear Valued Member,

We noticed that some of your Aeroplan points are scheduled to expire soon.

Don't miss the opportunity to make the most of your rewards.



Content analysis details: (33.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[134.128.109.88 listed in dnsbl.ahbl.org]

[134.128.109.88 listed in dnsbl.ahbl.org]

[134.128.109.88 listed in dnsbl.ahbl.org]

[134.128.109.88 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[134.128.109.88 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[134.128.109.88 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[134.128.109.88 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[134.128.109.88 listed in dnsbl.ahbl.org]

1.1 URIBL_GREY Contains an URL listed in the URIBL greylist

[URI: sendgrid.net]

-0.0 SPF_PASS SPF: sender matches SPF record

15 GR_DOMAIN_SENDGR1 Received contains spammer id (sendgr)

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

[134.128.109.88 listed in will-spam-for-food.eu.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[134.128.109.88 listed in bl.score.senderscore.com]

15 GR_DOMAIN_SENDGR6 URI: Body contains known spammer URI (sendgr)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

Subject: {SPAM?} Your Aeroplan Points Are Set to Expire Soon



--8dace98af8dc3247defdd50653b565544fe5d2563ed636b11827e20f1c9c

Content-Transfer-Encoding: quoted-printable

Content-Type: text/plain; charset=iso-8859-1

Mime-Version: 1.0



**************************************

Your Aeroplan Points Are Expiring Soon

**************************************



Dear Valued Member,



We noticed that some of your Aeroplan points are scheduled to expire soon. =

Don't miss the opportunity to make the most of your rewards.



Available Balance: 3,250 Points



Expiry Date: June 5, 2026



To keep your points active, simply complete an eligible Aeroplan activity b=

efore the expiry date, such as:



Redeem points for flights

 Book hotels or rental cars

Earn points through Aeroplan partners

 Make purchases using an Aeroplan credit card



View My Aeroplan Account ( https://www.shqbco.com )



Log in to your Aeroplan account today to review your balance and take actio=

n before your points expire.



Thank you for choosing Air Canada and Aeroplan.



Sincerely,

The Aeroplan Team



Aeroplan=AE Loyalty Program



This is an automated message. Please do not reply directly to this email.



=A9 2026 Air Canada. All rights reserved.

--8dace98af8dc3247defdd50653b565544fe5d2563ed636b11827e20f1c9c

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset=iso-8859-1

Mime-Version: 1.0












0">

Your Aeroplan Points Are Expiring Soon






l,Helvetica,sans-serif;">




nd-color:#f4f6f9;padding:30px 0;">








=3D"background:#ffffff;border-radius:8px;overflow:hidden;">


















:center;">


font-weight:bold;">

Your Aeroplan Points Are Expiring Soon





t:1.6;">

Dear Valued Member,






t:1.8;">

We noticed that some of your Aeroplan points ar=

e scheduled to expire soon.

Don't miss the opportunity to make the most of =

your rewards.






lid #d71920;padding:20px;margin:30px 0;">


33;">

Available Balance: 3,250 P=

oints

Aeroplan phish from Sendgrid Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 05 Jun 2026 07:09:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVUIG-00000000EOz-2RBT

for dave@doctor.nl2k.ab.ca;

Fri, 05 Jun 2026 07:09:00 -0600

Resent-From: The Doctor

Resent-Date: Fri, 5 Jun 2026 07:09:00 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from vsvhsdrv.outbound-mail.sendgrid.net ([134.128.109.88]:28206)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVQmd-00000000DwR-321I

for root@nk.ca;

Fri, 05 Jun 2026 03:24:19 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tyrerm.com;

h=content-type:date:from:mime-version:subject:reply-to:list-unsubscribe:

list-unsubscribe-post:to:cc:content-type:date:from:subject:to;

s=s1; t=1780651394;

bh=mfReOKTYkvTdSWD61BBu6JKLIh5HCikdlBYxsVU5yok=;

b=Etd60T65xZzw9uA4yh42y09r/oIGhlNG/PChJMCKG1bVckWBLT0VnseHVYpVjj/u7z5r

xpeWW1z8MDZMzYr4lOMuvT03gMGv/Lb7wWwsetoIvhjFM72o691nP0enJgTocL268WCp+C

Wq9dc7StizjRA87/LtLi6DlpRWA+chjRFdvlSorY4egN0MTrX++BDMxENiiIKrideoSStx

2szUlybOnhTmFX43zxo9+8mKvxBCt+u74vby8cWGpGNg1m3ccvjNF4y/ke3pVgvdByM7Wy

e8IJ6CRFURGW46Cu/pVFo4mNwZOeKLIjgAqXSLnpXGQmgb6l2TfPURRvpUplSJaA==

Received: by recvd-6d75975858-zlbtg with SMTP id recvd-6d75975858-zlbtg-1-6A229581-8

2026-06-05 09:23:13.131005754 +0000 UTC m=+3239990.390923936

Received: from NTM1NDgwNDg (unknown)

by geopod-ismtpd-88 (SG) with HTTP

id wASyXRART0OTHlVbv5GQpg

Fri, 05 Jun 2026 09:23:13.118 +0000 (UTC)

Content-Type: multipart/alternative; boundary=8dace98af8dc3247defdd50653b565544fe5d2563ed636b11827e20f1c9c

Date: Fri, 05 Jun 2026 09:23:14 +0000 (UTC)

From: Aeroplan Loyalty Programme

Mime-Version: 1.0

Message-ID:

Subject: Your Aeroplan Points Are Set to Expire Soon

Reply-To: aircanada@tyrerm.com

List-Unsubscribe:

=?us-ascii?Q?=3Chttps=3A=2F=2Fu53548048=2Ect=2Esendgrid=2Enet=2Flu=2Funsubscribe=3Foc=3Du001=2EUAMw?=

=?us-ascii?Q?SJug4tPnOe1OqaC03-JiayYmX40n7cntx0hcwsF?=

=?us-ascii?Q?DAMkHOWRTvHh4e6d8aNpJNdBVjvyAud070cxMuz?=

=?us-ascii?Q?1PLdQy6uVelTPI7negbGbOqHjSgPQgh7RLGczxK?=

=?us-ascii?Q?INs3hXJoNV0aU7ae66gApytu=5Fj9Re3EqiTXpi2u?=

=?us-ascii?Q?EeF48Wz79MkdnWr6Prdaw9mg0Mzr4APTazhfdhz?=

=?us-ascii?Q?1ORF2kAHYklZEE1JdBzLSHKgMgnERUlGnAqTZej?=

=?us-ascii?Q?1CB5j4JP3BSd6l2xu1Tvw4jX7qjhcJvJl0sM=5FY-?=

=?us-ascii?Q?S49UskPx5MBiYmTTUyeug8Ls5B0bysGKT761B3Q?=

=?us-ascii?Q?9R-7wr7rTxMnGYoQVK9oCxAOSy9yn63asm1v2iz?=

=?us-ascii?Q?Vj5=5Fb34ZnexIabVg5X4q5ySw9vGWMNH1VwZ=5F=5FSz?=

=?us-ascii?Q?qOtEXmyU4w4xohsrpJueWlmhk5qpwswuRgU2P9v?=

=?us-ascii?Q?t3nfB5DCVop3zLqQE=5F=5F1Foi7lyu5DimtBEmly58?=

=?us-ascii?Q?z4B-rEbl-xlHx3Ekm6ELNzru-WH=5FaNplU2P4f0p?=

=?us-ascii?Q?qLpAbfYq801VR3AZZ=5FT3Tin6DIsBHXIKDfpCUFn?=

=?us-ascii?Q?nJMCddWOu9umvB5zaho31d7E2x9pt=5FoLf60YN53?=

=?us-ascii?Q?x2zNMxsHbzVZ9FkmvJ8yfHLESXp-R-pZBRkEPTg?=

=?us-ascii?Q?d5KIT5M8rckuerpaXCPqHD0qCRQB1PYvo=5FBT9GP?=

=?us-ascii?Q?W9z4Urcs=5FuXkJtPIdB8KYvjA3HdXBWSoRs7-9V-?=

=?us-ascii?Q?oKG5dwo1BlC7YZ8o1XxaWaGx9xqcVAR=5Fm0zE6yG?=

=?us-ascii?Q?c88kVtU-9F1ZSm6NdDFTS-f1U9OcH=5FA11qipD2=5F?=

=?us-ascii?Q?85b9zgPBRa5Q5zV1c-9g1bHb6SkBX00So=5FWEm0-?=

=?us-ascii?Q?wP9TPrg-Vo1=5FTkYjloPQiKSBRC71eJv9JG6eObd?=

=?us-ascii?Q?VluNq3YLXmEb=5Flak=5FGTE0GUTYV52nmUJtd8NRE=5F?=

=?us-ascii?Q?BLTPFNKf4qK99q=5Fy1jjZAL8Kk250qn2O-uplGMg?=

=?us-ascii?Q?KuEVcKK48yZq9LohVU1CDDCzqbetJojM6hzgcHF?=

=?us-ascii?Q?VkaGDKXJMLMDtPrjLlGYp8IH0dwqmRXS8ZQ115J?=

=?us-ascii?Q?RcgCrWGzFDe5iGaelEFhsAqSb5z4VRHalddTf3c?=

=?us-ascii?Q?A=5FgGE0Nff3NROzTpA1LGelNSK6s9o2P2GBbJZGr?=

=?us-ascii?Q?1eRDLG4yJ4qDR7SGIRgLwxljuIqe3dSm3GXPWCc?=

=?us-ascii?Q?YwLZN74pCEWeabqfb3Jcwt31cYMAvMjva6wqccr?=

=?us-ascii?Q?YxJMzVGEobIQ0Pdja9jLiqSF=5FW-svM47uh5U9BG?=

=?us-ascii?Q?53oApsOTqSiNWlJmoCwIC7FfKhzZxYhccR0Jcue?=

=?us-ascii?Q?zgQzEosr8T8K2LcVTrq3BYiEdiRI5YTT-QhmaMe?=

=?us-ascii?Q?7=5FezsC=5FeXw5Tdyu1FG-L6pnEJXp6zZ0qbwg-=5FaV?=

=?us-ascii?Q?MfonSJoiu=5FJoufBEaw--bEp2Xgsf70hrcYlZAdQ?=

=?us-ascii?Q?hsI3FNOAwvZHYbmkCU=3E=2C=3Cmailto=3Aunsubscribe?=

=?us-ascii?Q?=40em8517=2Etyrerm=2Ecom=3Fsubject=3Dhttps=3A=2F=2Fu535?=

=?us-ascii?Q?48048=2Ect=2Esendgrid=2Enet=2Fmt=2Fu=2Fu001=2En2yHv16?=

=?us-ascii?Q?PhznxMojG483avM8H6E2EYGYlhL267pKX4N4=2F4r?=

=?us-ascii?Q?8=2Fu001=2Eaja8szC5=2Fu001=2Ep7ggpGYbNHJ4vKUM-2?=

=?us-ascii?Q?FW9CPnBeZzyxd2AM24oVDqSCQyQ7okK2WzCPTSF?=

=?us-ascii?Q?NqQsNV-2Bhnyn6RBim2FZZumwwXnXhGRPZiy4Zx?=

=?us-ascii?Q?RJBNggaUHCprb5gjLScH6svxP0KcOqZmfx501Ay?=

=?us-ascii?Q?Xk4Bl7xXxNz4OA-2FQoKRNwuZXBWNgdD7VCnZvz?=

=?us-ascii?Q?FiM9j4m25agPJopokRt7y23qlfi5Fc9VPbWqddR?=

=?us-ascii?Q?7stphAP3m53qavg79DoxA-2BXTv2foAi5G8bST3?=

=?us-ascii?Q?UZPj-2B7Ak5OsJV2p3KdqTImvGhAuefESIM2t9y?=

=?us-ascii?Q?obS03uL3pnoVGBHS0spXuUESrLsT-2BHCfPO15W?=

=?us-ascii?Q?MKBNuz1pvHZgsIIKxlojNTb0dhLMgz43Et65rvy?=

=?us-ascii?Q?BL8cA95pC4jU-2FINHIgPxA6QEaUlePccIU0K-2?=

=?us-ascii?Q?BYOo9j7sQe2-2F9v3JuE-2BN6r07E20goOrCrYS?=

=?us-ascii?Q?pI-2BB43ZpUjZvia5W28yvB45uqztpf2SURIWFs?=

=?us-ascii?Q?CA9PIMZDSkQCA2R8cB-2FpmSANaYPBw7EYdgqnd?=

=?us-ascii?Q?GKXzk-2BVxnIiV94a1n0QxN5dvlrdnwVQTHHtnr?=

=?us-ascii?Q?5ceLX-2FaNU-2BPjnP6xq6rs82yHBCr-2FCP6ug?=

=?us-ascii?Q?MajD9XiA8k3U4gz7Ja1DYwKEw84fLvPDuqr4Rww?=

=?us-ascii?Q?F4xHJH1tTMGHXe1iyVYZvWv9xF8uz6-2Bj9nYQ4?=

=?us-ascii?Q?1prgb94HuHo-2Fo83LuTuZqaulC1P5Acr8kH1ea?=

=?us-ascii?Q?L1UQcuGeuvl0ZtWbPB2LMxqQPTNl9zL1qQzZNr7?=

=?us-ascii?Q?7J7yRKWwl-2B-2FXhew-2Bq-2FESyf9XRAjGYdT?=

=?us-ascii?Q?bXeZnL7u1vpnX40GtcdIUpfYp4UuDNrvQLmMJ8P?=

=?us-ascii?Q?zQe-2BLsYFojwars6XEm4ptFVuTPoKcWG3R5hEh?=

=?us-ascii?Q?vrETihZ1toojQQmN4kAliD2DeMkMJLmUSTD2CDP?=

=?us-ascii?Q?EHClXjxJJGuVrdKnJwcpgMnuxBF=2Fu001=2Ew7oBYu?=

=?us-ascii?Q?Xq=3E?=

List-Unsubscribe-Post: List-Unsubscribe=One-Click

X-SG-EID:

=?us-ascii?Q?u001=2EkPCokVTLpzOQN11CnW+qjuyC87ChIBV2x=2FKAcbSrUrlmzytryEpTyvNZC?=

=?us-ascii?Q?qdbs=2Fv+CNTu=2F51Yunv0FjVlTlJFAl7wxsOr9ZED?=

=?us-ascii?Q?e2kH9xaPVUWyDBRCLhni96etS9GsacLCBGiFvR3?=

=?us-ascii?Q?M9TftQpbyk85pIrEXveRxrNaabWiQQzdw6sswPG?=

=?us-ascii?Q?E9PtII0=2FVDfVBPnxy64m84Ixhy9KXiE5xpMJrr+?=

=?us-ascii?Q?SKPqzrpPcA7A9vk2Ce9v3qG7aGYTUo9nin2b=2FAm?=

=?us-ascii?Q?W=2FrB?=

X-SG-ID:

=?us-ascii?Q?u001=2EXwhBPNhCejkv4+fVosb2QVfR16Qxp9CrA7PjDe5zzeI=2F0IZCBsPXtgHbA?=

=?us-ascii?Q?oGIj+RskLxA4N2rJjSWrHfgX07tLOm0v5BUQcd6?=

=?us-ascii?Q?w3knjorGi7Hwu0WCOA5AFSvy0=2FwlG32=2FxLUUrjg?=

=?us-ascii?Q?ZfnIaj1mQKcP2v08aOJ3kePzFF8UZInrC9GZu0B?=

=?us-ascii?Q?P8g7ds8qz3z5ZhZWbYs0=2FB2ZTdMixNuA0U1vTr4?=

=?us-ascii?Q?Lx6ES0teH74AU6WPBuNbMZijMJy=2Fk0l+sPx12ao?=

=?us-ascii?Q?TucDmwl3aM09H0pW8ZiRpaAJVyd0xfg2DWe5MSq?=

=?us-ascii?Q?D4HgabUu3BW49CcIhAbAHmx3qVkbIAaK9A2iZzN?=

=?us-ascii?Q?5XQ01=2FRUwdf4O1XUKHZKuwXEdYiY0RCr+Vwb1ku?=

=?us-ascii?Q?dWC6Z8Kx+6U1fYzN4wVwkZY0vWRSSPOZzWtLPO2?=

=?us-ascii?Q?DYS5mNcqPl=2F3WAOKinmkNSdzGM=2F0601VYpNzIYu?=

=?us-ascii?Q?Hj7UlAkh=2F8IZRwVkQIJ35mRF8m93HkDNviH5Ab0?=

=?us-ascii?Q?O=2FlTzvmU5jBCyvVIW9dTMiU1O8JWx6DFc9vCuMG?=

=?us-ascii?Q?bRkoO4UhslOzOpYBa01dUfkECNikc7SggtBaqsP?=

=?us-ascii?Q?OvPt9otzQsjp3hv3Uw4q1Ec3Kz=2F4a5OfL6XEbkY?=

=?us-ascii?Q?RIieGTUsgIyTjRa+Vha9Zrq5WCupA3LeAXIMftj?=

=?us-ascii?Q?RBp3uHqMF9p0Wts5uJIv7av3IkAZ8c8FYklN6lF?=

=?us-ascii?Q?rRLrBLLugPNtdffitqML2k=2F?=

To: root@nk.ca

X-Entity-ID: u001.F7EYrA00nAE1u/t05N8EfA==

X-Spam_score: 33.4

X-Spam_score_int: 334

X-Spam_bar: +++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Loan spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 23:09:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVMmr-000000007P8-0iDI

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 23:08:05 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 23:08:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.wconect.psi.br ([179.125.60.102]:36346)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVKRX-00000000JSO-2fep

for support@nk.ca;

Thu, 04 Jun 2026 20:38:04 -0600

Received: from [43.228.157.123] (unknown [43.228.157.123])

by mail.wconect.psi.br (Postfix) with ESMTPA id 9F33D20A173

for ; Thu, 4 Jun 2026 23:35:20 -0300 (-03)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=needbr.com; s=default;

t=1780626921; h=from:from:reply-to:reply-to:subject:subject:date:date:to:to:cc:

mime-version:mime-version:content-type:content-type:

content-transfer-encoding:content-transfer-encoding;

bh=WZZVlNA7xIoGXw9ERZAEoX/5hOgKImhiR2lh7/NCOz4=;

b=IwCr1Qrv+imamijPS6PG9gwYzwtGMiCry9IjSLe+IknV3Pf1iKV7A5P1EjvPdt704nFcw9

84nigHIzX4IdiSBnjOfaseOxBaJwoTp6F9g3wIuPW+YIwA4NP7ROYdMvZZ2/CaDM/ybPNu

hUvglLDpqlr1DGM3moLgdAJXHOcWXCw=

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: We are Offering Low-Cost Loans>

To: support@nk.ca

From: AG

Date: Fri, 05 Jun 2026 03:35:19 +0100

Reply-To: gabmit92@gmail.com

X-Spam: Yes

X-Spam_score: 11.9

X-Spam_score_int: 119

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: We are Offering Low-Cost Loans for PERSONAL & Investment PURPOSES

Fixed rate: 5.9%. Flexible repayment: up to 30 years. Bad/Low rating is welcome.

For more info and application, do reply. To un-subscribe please reply with

"un-subscribe" as subject.



Content analysis details: (11.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[43.228.157.123 listed in zen.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[179.125.60.102 listed in bb.barracudacentral.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[gabmit92(at)gmail.com]

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[179.125.60.102 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[179.125.60.102 listed in bl.score.senderscore.com]

Subject: {SPAM?} We are Offering Low-Cost Loans>



We are Offering Low-Cost Loans for PERSONAL & Investment PURPOSES

Fixed rate: 5.9%.

Flexible repayment: up to 30 years.

Bad/Low rating is welcome.



For more info and application, do reply.



To un-subscribe please reply with "un-subscribe" as subject.

:oan Spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 23:09:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVMmr-000000007P8-0iDI

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 23:08:05 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 23:08:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.wconect.psi.br ([179.125.60.102]:36346)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVKRX-00000000JSO-2fep

for support@nk.ca;

Thu, 04 Jun 2026 20:38:04 -0600

Received: from [43.228.157.123] (unknown [43.228.157.123])

by mail.wconect.psi.br (Postfix) with ESMTPA id 9F33D20A173

for ; Thu, 4 Jun 2026 23:35:20 -0300 (-03)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=needbr.com; s=default;

t=1780626921; h=from:from:reply-to:reply-to:subject:subject:date:date:to:to:cc:

mime-version:mime-version:content-type:content-type:

content-transfer-encoding:content-transfer-encoding;

bh=WZZVlNA7xIoGXw9ERZAEoX/5hOgKImhiR2lh7/NCOz4=;

b=IwCr1Qrv+imamijPS6PG9gwYzwtGMiCry9IjSLe+IknV3Pf1iKV7A5P1EjvPdt704nFcw9

84nigHIzX4IdiSBnjOfaseOxBaJwoTp6F9g3wIuPW+YIwA4NP7ROYdMvZZ2/CaDM/ybPNu

hUvglLDpqlr1DGM3moLgdAJXHOcWXCw=

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: We are Offering Low-Cost Loans>

To: support@nk.ca

From: AG

Date: Fri, 05 Jun 2026 03:35:19 +0100

Reply-To: gabmit92@gmail.com

X-Spam: Yes

X-Spam_score: 11.9

X-Spam_score_int: 119

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: We are Offering Low-Cost Loans for PERSONAL & Investment PURPOSES

Fixed rate: 5.9%. Flexible repayment: up to 30 years. Bad/Low rating is welcome.

For more info and application, do reply. To un-subscribe please reply with

"un-subscribe" as subject.



Content analysis details: (11.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[43.228.157.123 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

[179.125.60.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[43.228.157.123 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[43.228.157.123 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

[179.125.60.102 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

[43.228.157.123 listed in sbl-xbl.spamhaus.org]

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[43.228.157.123 listed in zen.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[179.125.60.102 listed in bb.barracudacentral.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[gabmit92(at)gmail.com]

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[179.125.60.102 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[179.125.60.102 listed in bl.score.senderscore.com]

Subject: {SPAM?} We are Offering Low-Cost Loans>



We are Offering Low-Cost Loans for PERSONAL & Investment PURPOSES

Fixed rate: 5.9%.

Flexible repayment: up to 30 years.

Bad/Low rating is welcome.



For more info and application, do reply.



To un-subscribe please reply with "un-subscribe" as subject.

Chinese products spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 19:48:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVJev-00000000Dvf-00NE

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 19:47:41 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 19:47:40 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-m478512551.xmail.ntesmail.com ([47.85.125.51]:64654)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVFJJ-000000005y5-2IIs

for sales@nk.ca;

Thu, 04 Jun 2026 15:09:22 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_143483_2052860099.1780607285954"

To: sales

Reply-To: sales23@abiscircuits.com

Subject: =?UTF-8?B?U3VwcG9ydGluZyBJU08gMTM0ODUgbWVkaWNhbCBQQ0JBIHByb2plY3Rz?=

X-Priority: 3

MIME-Version: 1.0

Received: from daniel@easetradefund.com( [10.139.0.42] ) by ajax-webmail ( [127.0.0.1] ) ; Fri, 5 Jun 2026 05:08:05 +0800 (GMT+08:00)

From: Abis-Diana

Date: Fri, 5 Jun 2026 05:08:05 +0800 (GMT+08:00)

X-WM-Tid: 0a9e9476fab60696kunm6296f1842f0bf

DKIM-Signature: a=rsa-sha256;

b=DH1WxpxHj9Xprtz8rMrW8wYgQMiTRBZUpSME3gm7vreLW9W2cXchkW+n57bJBD1lnnwZ9LUB+ad0pxzxOOk/imSj4FRiQzMr0zx+c7nvCSSHdMkm0PHlMBenSnnqx6kFCPua37QGL9Q6cuv3WEmb61MFP6zL1uyNTD4PZscFBD4=; c=relaxed/relaxed; s=default; d=easetradefund.com; v=1;

bh=fsC7WqS+q1BKiIWRGwFp0h7tnDOXB94FnesiBN+SnzM=;

h=date:mime-version:subject:message-id:from;

Message-ID:







Hi Sales,



For medical device manufacturing, compliance is often more critical than cost.



We operate under an ISO 13485-certified quality system, with full documentation control, traceability, and process validation aligned with medical requirements.



Our customers typically engage us when they need a manufacturing partner who understands regulatory expectations, not just PCB assembly.



If you are working on any regulated products, I’d be happy to explore whether we could support your team.





Best Wish& Regard



Diana Dai

Project Representative | ABIS Circuits Co., Ltd



Rigid PCB, Flex PCB, Rigid-Flex 1~32 Layer PCB, Metal PCB, HDI PCB, PCBA

Mobile / Whatsapp / Wechat: +86 13510754753

Email: sales23@abiscircuits.com / diana@abiscircuits.cn

Website: abiscircuits.com





Nigerian Business Proposal Spam from Google Gmail Part 2

Posted by Dave Yadallee on




--0000000000005db61606536be5d8

Content-Type: text/plain; charset="UTF-8"



Hello,







Proposal: Partnership for Allocated Funds - Urgent Situation With a limited

timeframe due to the nature of the Fund USD$41.6. Million Dollars. Seeking

a reliable partner to handle allocated funds for a late Business partners

legacy Funds and ensure their meaningful impact. Reply to this email for

more details if you are interested, I pray that you remain abundantly

blessed. For further communication kindly get back to me through this Email

Address (ahmeddallas102@gmail.com)







Thank you



Dallas



--0000000000005db61606536be5d8

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable










































ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Hello,=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Proposal:

Partnership for Allocated Funds - Urgent Situation With a limited timeframe=

due

to the nature of the Fund USD$41.6. Millio=

n

Dollars. Seeking a reliable partner to handle allocated funds for a late

Business partners legacy Funds and ensure their meaningful impact. Reply to

this email for more details if you are interested, I pray that you remain

abundantly blessed. For further communication kindly get back to me through

this Email Address (
102@gmail.com" target=3D"_blank">ahmeddallas102@gmail.com)=C2=A0

=C2=A0






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Thank

you






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=C2=A0=

=C2=A0

Dallas






ize:11pt;font-family:"Calibri","sans-serif"">



















--0000000000005db61606536be5d8--

Nigerian Business Proposal Spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 10:40:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVB6s-00000000I56-4AT7

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 10:39:58 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 10:39:58 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f44.google.com ([209.85.218.44]:53298)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wV6Ka-00000000Ohy-3iSm

for doctor@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 05:33:59 -0600

Received: by mail-ej1-f44.google.com with SMTP id a640c23a62f3a-bec49f7e35eso76074866b.2

for ; Thu, 04 Jun 2026 04:33:02 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1780572776; cv=none;

d=google.com; s=arc-20240605;

b=ljHJJcPIT1Y17WabEDtCS6qNdOeo/P1T7HmrftNtFIqPcQTmYhcJRraZXg42QtA/7A

Ct2WK23N9/KE3L9pS49nk92yctvBzhdmUJT+iE2Po2P6/ZCS9cBpP4mMVnicte2LGsW4

Vc+y52kLfdBbar1/M+ICl54syKetjWEPbknvp5MBp8gKaKZkDGKd+DUUx+reVwoozg+9

BqSOvMVFsMXNItsqwUC30CGvin7yBpnvf+TDllsaJ94QqQhfXAia2Jda5Vw4GK9W9CuT

8nZg3ZY1Gs9qI2Fiauc6c0HweCl/xxVy79WAeTZdoLCy0HUbRqtaSOWNfSTw4RDCdYMW

FRxA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

fh=ylCQgoJTLumT3IV1DO48EK6IG0UtU2MxVydvGGHaK7g=;

b=fNTVhDvverozn7WvgA3a+6JiNECT0RrA51H+2MgKvgIRXDDajwA+nZgU2XMq32SW5v

TWk7eoANd/jL5c28ZHHNrDwlAMRspVHckzKzWJ7cU5XvM4v0hu+AbqE+3ptEK0bKfCxU

vmgFhZajtfhjThodL4+P5DIj/iOuvMUbF193mmy91Xe8RjOBudOxrSquVOqg4W5kL6F+

VGsFvuqpAkb48yV5BRQT5QpquLlnCCtGKEpd58sTXha1x6M2p+KnCtbMIumGgsiDurG7

NtoGJYq11ZLsCX0LKC6Z5Q5pT7KrdwA5pTymWJSCrIpGWDTOPTXq2RlHRoOCIyYJ2vaE

L7hQ==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1780572776; x=1781177576; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=PxKJMXJMNAvey7Q8jzEfep97xwTSNMiIZTASN/YRjT+a5dmXGiHSqH8uTNirjFDnsv

g5bcrR96KH73ccVPO3fLkqmrimtVzqgPlzSb6vtqpPpXvpxw0e0JHtq1EejCD/xNA0D5

8i5cqMbTX5BzqiqIprrQ18ZwstO7VTJR3VHrVpqh7mLY8H/eWikCxPkhcuXRaeN8c8Eh

2gyZhB3QYGLwreeKsrQKgub1memIXRou4t+q+DKCfj7lg5gJhPMm6U4Ie6v6SVlgPOLB

ngMto8CS3KLmoauaR4JhpipQHpz+xbCCD6gIB1/AFEXLe98m2VV2ntTvNTWbXYPPyvof

27yA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780572776; x=1781177576;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=D4R5ANJlRgtjKiZhg8WU5mAk8RPL6VIWmV7JxtrtSlkLHcZKsfKud9dRZClAGBz2D6

mSkn3D2g76suui6i3/yfOrzJUonYKDBv1WoFA2WVsQE61vwcTFheK14khdHA7CmHLiiv

6aZwidPD6JL+472d5RFdc+82OrmehgZNw3xH/FZtb1FeSMN3Qo9uCS+1QfA8nQ5IwhNw

gMCpH7DgmJD1JDRwQVtnnk1OATNcQWZh2NFm8MiRY5RocQdjiJ8X0f/7zAgZHn8qEfID

1rVr6SCHYXI1lqH+V9jb/hel06LxltGh5J4Ksh1GKjd12jQUq2BhZ4gMqEWpRQLBTwzx

KpPA==

X-Forwarded-Encrypted: i=1; AFNElJ85KDGA4HAZco0XanD4EYwHyApUDKEd1WsIhk9ZWL28Rl/Ob+VcmGOcdGh9gLwU330eyC3RsLI=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yy016d+VTXjoEXijoTm8621DFsNaufe6JPl4spy4RvMhSvDNDRG

OwNeFxAy6WxuPWiHhyPrZvozOvQWSn0yOyvfVvPmHhOgjnjIx3a65GR7+WnaYdvrOu53SR6oCo7

CnLrJoGp+eaKq0oppfnt0dn7xxUI3QFk=

X-Gm-Gg: Acq92OEsDNnkeISTfXhOzAlxyV/3pec4OjZ0DDJNsygKzggNSRwXd4dDotACyUk6cYS

MSNF6AIxGKf8qhM6sNxSZcC8iaLp0g8LlJeDORduA4iWtXkMzwmQ66V17syBYSMLxT/fb7Tphi0

1SQjSWIYOj6RUtKBkt2N1up2X788wzt2PGxwMdwP9YeI8ABTcS92SwTJdDWt1VylAQKJPMzAtQx

nMMuZFmWdaLFzuOt9U8hgVIyC4C6+CtbDua/LEvF7yJxHD07U7Duqq1hnA4gN9XeazJ+VlevH9g

qfuwWAncJqQ9HX5zDVpDeF1gixbRQnBhd0535ahGDrFxHedCxiyy

X-Received: by 2002:a05:651c:508:b0:396:74ed:a7b1 with SMTP id

38308e7fff4ca-396af4366c1mr23513441fa.15.1780572734992; Thu, 04 Jun 2026

04:32:14 -0700 (PDT)

MIME-Version: 1.0

From: Business Trans

Date: Thu, 4 Jun 2026 11:31:56 -0700

X-Gm-Features: AVHnY4LAwvppJyt6LSj6YaH5Gt5p_P7Im5T71SqeF0lPUmMfy_cwWaM94vw5xZ8

Message-ID:

Subject: Fw: Information,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000005db61606536be5d8"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Proposal: Partnership for Allocated Funds - Urgent

Situation With a limited timeframe due to the nature of the Fund USD$41.6.

Million Dollars. Seeking a reliable partner to handle allocated funds for

[...]



Content analysis details: (5.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.44 listed in dnsbl.ahbl.org]

[209.85.218.44 listed in dnsbl.ahbl.org]

[209.85.218.44 listed in dnsbl.ahbl.org]

[209.85.218.44 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.44 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.44 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.44 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.44 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

[209.85.218.44 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.44 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[agaliboss5(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ahmeddallas102(at)gmail.com]

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.218.44 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.218.44 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Fw: Information,

Proposal spam from Google Gmail Part 2

Posted by Dave Yadallee on




--0000000000005db61606536be5d8

Content-Type: text/plain; charset="UTF-8"



Hello,







Proposal: Partnership for Allocated Funds - Urgent Situation With a limited

timeframe due to the nature of the Fund USD$41.6. Million Dollars. Seeking

a reliable partner to handle allocated funds for a late Business partners

legacy Funds and ensure their meaningful impact. Reply to this email for

more details if you are interested, I pray that you remain abundantly

blessed. For further communication kindly get back to me through this Email

Address (ahmeddallas102@gmail.com)







Thank you



Dallas



--0000000000005db61606536be5d8

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable










































ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Hello,=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Proposal:

Partnership for Allocated Funds - Urgent Situation With a limited timeframe=

due

to the nature of the Fund USD$41.6. Millio=

n

Dollars. Seeking a reliable partner to handle allocated funds for a late

Business partners legacy Funds and ensure their meaningful impact. Reply to

this email for more details if you are interested, I pray that you remain

abundantly blessed. For further communication kindly get back to me through

this Email Address (
102@gmail.com" target=3D"_blank">ahmeddallas102@gmail.com)=C2=A0

=C2=A0






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Thank

you






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=C2=A0=

=C2=A0

Dallas






ize:11pt;font-family:"Calibri","sans-serif"">



















--0000000000005db61606536be5d8--

Proposal spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 10:41:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVB6z-00000000I6l-1JCg

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 10:40:05 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 10:40:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f43.google.com ([209.85.218.43]:52693)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wV6K7-00000000Ofx-0QSJ

for doctor@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 05:33:28 -0600

Received: by mail-ej1-f43.google.com with SMTP id a640c23a62f3a-bec429c2bb1so86165966b.1

for ; Thu, 04 Jun 2026 04:32:32 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1780572745; cv=none;

d=google.com; s=arc-20240605;

b=SK6JDmbQ3omp/Zj8vYwg2TyRMnDWQbGs0nRK3WwQhLXkT94btsgEkFi7BSp9n7D3NA

pN48mzvQ8zmCDg/BPdfMJ2UF1u4BAaNqSRsK8Mozsd6MucqXTIf4VTWGPCeytOVBIXna

vcUfoC0bcQ/E7SZ8fqOWJ+NK6qc8pv1lILItpED42JuTgElbQ/IP9PIcr6n9d8CbkdnZ

UtXJ3VjNdyys3HzpnAuB6fy1p4v/HLDM1a/QPzrgsrYVxnry46DFeCeExwG/KMhJLjmZ

L4kBdBcFHHm5//kDRETExF/q4W9M41D4L+EmhV7vZUNNMVHSDdApO1TLb3b8r5DnPWsM

MV9w==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

fh=hb9I2rkLBpUfArLAcqeVpLV8ra0v3YY4NEqFsW95CqI=;

b=WoyQGBz+VMMVhRnBeHhHgFyLn54DHU64BkFSr4yKYSOLTUpsOCKRxr15DeFfoHAyhj

oP2Gla2zjmK3CcXDdrpUOsHTtKJ3/ZDEQTo73NI46c3VUl3O5rCU6mhPOKDx/4uFPwTy

KB+C9+rm1YenQyJWP0D3AUbRqbPh43DqHWbvFVDxicObizerSV7pl3jMc0xzJD4X6Zv8

YLcIteSDdr/bIdcCbNwXlsbR9VA6qX0rFKPPoq6jvw58qdocMBWchyBPm8IDDMwMJMtG

BFH6kp/EIRFguZlC4Yr034APc5n0UI8fc8EQuqh1q9qVnHYFVH4qoyaWL7HUXpuE1lYY

Wpkg==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1780572745; x=1781177545; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=Dm6aOOtkfHWahf/c7cdyYBvIFrUmBJmy1Gk7DxoJoO/JMhAr20CXa8AcwrUvzvL1NT

/FXbDacl+fQKAIfdma8eNuQVXMOOqvXVAhXpHPUjd+Xvp4Rg5XDSVs76EqL3lmj8cc80

xMmA79JUfAK3zJjgl/rjB4LUDwNYS7SNvJRJ/7ks+SUc2Iys+WWe3Uu1NaC4BBdklwX7

Cjzc293SK/UYsqXgRIQ/hgiAlsrJA/LBlmdPs3V7+ZfSmc0af26pltjyhpKgucgQhaV6

RhCqhx6xopHgV+mt33hYk0ILDJU1FkG5EDIzFs+bVyIIcXj1aL6hTEWN63asiksh6MPl

Iy7g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780572745; x=1781177545;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=nF1VcAoYQZ1VZJZwPpSzOHMhprIWB+w5Sxz9QDsXVkkcngwvdjtww+VMvsJ85N2EhR

lO+j9DBilaE8Rgd4WzhgDAz8aKs2LE89CVfx8RUn3Lw2OQ8WM9iodBbP2qyNh54NbgFA

XpLGZsKMiFECle07XIn1IfQJzL30taoPExBxNdRRQ6RVqF9IWNYeXojFBI8YPZS6+gXP

KN369YoSrjzt9P2udXxjv4K8hZCxSnAnohXdz0anvcf0afObdyrBSTleB8uXqzEl5e2b

8sAUVbWoiyuy1lQObOU+vn+Sw2SOm7hvDZMA/qPr60/ZFrvJHpw+Is9FRE75dfPgzEz9

cHbA==

X-Forwarded-Encrypted: i=1; AFNElJ8B4J0e9qhAbvssJ9o2YRlJt7UqnM8/dFkZgOxIzvS4TY6nlmGLB9WwSVtm/L6tE6s0SvdCTOc=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxtEv62wgrXeSyP1tzwO+fYgMM0pZaWfhfAn+DdYcxFcmgq3NUv

whe48z6tFD4j+ymI5D+vnOpK45JMtKrqdwDIh3F2DKnMGknMblBkjLFYtbvLG6GoVTbed0qBpZb

oNCe1jbwQTWn3Lr77Ly/bWK6NLMrYQkj7eV3BJreMLHMt

X-Gm-Gg: Acq92OHEquLeRhk7xx5vOTabPhq9NP2R1JblAJ9rEssPkTaJrloMqDFDkAikAr3Ia3a

nlehIMvWyJg+wRc/toDlcIc3Cj/kOlqBAcPsTCF1qqfv9QXSGHqX7iSHFRqBRHogaONyaPDT83R

4abGPMLYRR668czOYMQ3XAR7wbm5g0qMPVKUSSdp9uXLT2eyImlr8R9isNmvGG8Nu9CQWfDr4Dt

FmJU5R+s3+U32Ys8CeGCr4Lz/RM3L6B/FU9+TCzmiPslQ955h+MDYZSMMr158CIQPHptg64YNoS

TCkHxLSY4Y+ym2zjoIV5wA2R902AnaviDonRbWn+KXR9CHQ0+YXn

X-Received: by 2002:a05:651c:508:b0:396:74ed:a7b1 with SMTP id

38308e7fff4ca-396af4366c1mr23513441fa.15.1780572734992; Thu, 04 Jun 2026

04:32:14 -0700 (PDT)

MIME-Version: 1.0

From: Business Trans

Date: Thu, 4 Jun 2026 11:31:56 -0700

X-Gm-Features: AVHnY4LAwvppJyt6LSj6YaH5Gt5p_P7Im5T71SqeF0lPUmMfy_cwWaM94vw5xZ8

Message-ID:

Subject: Fw: Information,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000005db61606536be5d8"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Proposal: Partnership for Allocated Funds - Urgent

Situation With a limited timeframe due to the nature of the Fund USD$41.6.

Million Dollars. Seeking a reliable partner to handle allocated funds for

[...]



Content analysis details: (5.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

[209.85.218.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.43 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

[209.85.218.43 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.43 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[agaliboss5(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[agaliboss5(at)gmail.com]

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.218.43 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.218.43 listed in wl.mailspike.net]

Subject: {SPAM?} Fw: Information,

Proposal spam from Google Gmail Part 2

Posted by Dave Yadallee on
--0000000000005db61606536be5d8

Content-Type: text/plain; charset="UTF-8"



Hello,







Proposal: Partnership for Allocated Funds - Urgent Situation With a limited

timeframe due to the nature of the Fund USD$41.6. Million Dollars. Seeking

a reliable partner to handle allocated funds for a late Business partners

legacy Funds and ensure their meaningful impact. Reply to this email for

more details if you are interested, I pray that you remain abundantly

blessed. For further communication kindly get back to me through this Email

Address (ahmeddallas102@gmail.com)







Thank you



Dallas



--0000000000005db61606536be5d8

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable










































ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Hello,=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Proposal:

Partnership for Allocated Funds - Urgent Situation With a limited timeframe=

due

to the nature of the Fund USD$41.6. Millio=

n

Dollars. Seeking a reliable partner to handle allocated funds for a late

Business partners legacy Funds and ensure their meaningful impact. Reply to

this email for more details if you are interested, I pray that you remain

abundantly blessed. For further communication kindly get back to me through

this Email Address (
102@gmail.com" target=3D"_blank">ahmeddallas102@gmail.com)=C2=A0

=C2=A0






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">Thank

you






ize:11pt;font-family:"Calibri","sans-serif"">
e=3D"font-family:"Helvetica","sans-serif"">=C2=A0=C2=A0=

=C2=A0

Dallas






ize:11pt;font-family:"Calibri","sans-serif"">



















--0000000000005db61606536be5d8--

Proposal spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 10:41:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVB73-00000000I6t-1LHi

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 10:40:09 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 10:40:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lj1-f174.google.com ([209.85.208.174]:53690)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wV6Jy-00000000OfS-1ZAm

for doctor@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 05:33:20 -0600

Received: by mail-lj1-f174.google.com with SMTP id 38308e7fff4ca-3965f215817so5123961fa.3

for ; Thu, 04 Jun 2026 04:32:22 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1780572736; cv=none;

d=google.com; s=arc-20240605;

b=iLERulwCb2fi/C+ITD0fzenXu1Ukdiwzxb0hWJbfpgpXJRPAKEuY8xEwX7Tn8xUuph

5PWevRtctv1H463BG97Zl5aQJQEDVqTldPikmKhKJvZpXxv+/q9Cr1wf7EFqpOTBH6Ib

52wo92xFbzfi/f1ykmlSQ+tx++hh3oTT+MX6FRKXyMtrB73kpfwU5ZNG1cdFJCbUmAWg

yshIbiEIaTVSEQLz74vIy71/TfCHHuDHvQh+aUejxIWJwwDQvQLBt+4zdqGJP7LaK2a8

57oI3mTiVUYm5Xyd/VRkextRBk3UIC93ISqdQQTjkHpeOR2NgwO2X0tA06U05dq3x2Z3

jSNw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

fh=76WTWYrh5+FUcdykzdOxB+u0pUdOM75xjiZ8qS4R8lA=;

b=QdH/4fCcaWPuBm7ECnJrOKi+qYkJ9OQWv9ixhwvs6sinll8taEy/z8sNkBsImsyVwD

OQyrz940TTJIo6jLdHgJVpPDKvKYUNR8xCf93URdCaFjkvTLHek+KRAYgCGy0ScvR62e

r7cYNgjADpO39QRTcky6Qfor84GwaK3KOwRBj+q4Li341FEtngdXspbBJoFpNJn3qYSh

zjqZTmx54gu23bvt9cHGSo8A+ntYQU5aagowtyFit32i+hW49r6gsQiMehGPU5uOhj3k

GBJcenSmYhE5CSXbMbHQAhgLD1klMn1DiVQ4FmzB1GSm6zn1qgMTODw5H4Wabm7fjUIU

c6UA==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1780572736; x=1781177536; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=dh0ViE+W54/VB47mE8IL+v5o+HTHxgYHispVpE401BtemA7hS/WlXvrQLoMt1osL1i

2kZHKfXOEyAeCX+F55yh1+2AcC14/LiSJeLkqwZKHMDuCPQ3GD5rCX2k4pH0BWFWYRLh

OMolsva81ytcBe2GgUS1mwsbJ1CvseN/IrAQq42gdGS+Myc4AStc9WYHLAwbAr/36gvN

ao58bXLdsPfSAnckC83VyNTA9uPaV0uHIIeSzxnbUUppo3puN0a4uKkptbva0vlJkX1a

kvY6dxDg/smFuDNtuw1srjg+jW3oSjyyKW8jFBgshN+wco/R57aWk3LmlKhmqVxN5Feq

Jszg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1780572736; x=1781177536;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=RaIokgljZHW/WdUAP5V2bNapySfZ7QAhDgnweomiIjI=;

b=cmyvHkP3R+o/rL5sHNz+8AGk1bZweKwi4nkIQZ+4NI9KNoniFiK7fJrQe4vxAoCXoT

sdXk4fae02plsCa9J/afylE8TGF3VppBx9vG4hu9btBqAoYWy4P4AO0ApJeK8/U6VYrr

PNceGbucDb4n+VnFvtYJ7FIdLWl6Ge+hVBgDBILSOa8WAH3PdmCPzd30xLP1tPbEpdKl

Yee5owc+GCWltkY9+rLiOJ2I5oQFaruJ6qjdWOlh1NJmaMgGhJaGHlZlKZkh8WKkCdd8

E8t4sKmKtljz/Pzh0lIfzpIrkT6zIM+HSEDQfFaqG0TuMpPiq0pNRnnTfvVvi+tF4sR0

D8dw==

X-Forwarded-Encrypted: i=1; AFNElJ8BIRNhShKzdqUS8mwgnzesHjpitXyD5Noxh90eXtprfK3/u0e/7NzYfPvq6wqqTa2g29XnO84=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yy5FcjOAEve8jrzhp9q70BNl9Vtp/QkT0t/xxUORq/YVqTVd8B9

YkyzVPap9/tbE8okZKmH+fSvceYFYXq5T7LxD6q4sIAchan/CHJVEtNKMors9tKTdb8jhT5j06F

3J/wUDJyoRKCouYjv8oR6CH9eOU6j+Bw=

X-Gm-Gg: Acq92OGU0unmAgWMizg8frBRRbkCZ3s96Asu9oGCkONEkA2bt9iTX0/KDjuZcDN069w

yqy/UJZX7ydBOUczGh2hwTy74YDXU45iYduVzD9l14Ef0YjsU8tCJGd0oCAws4mItq1Z1Nre4lX

/Q6n03+zBvbWM2beITABP2E9Xqoqt3dH+4GH7VFNGn4UHqept40HUpq6Nr7a+TZDf+aDCLHK716

tpWz4/1LBQstRtYWceq2gaWi71RlK0aML+8Csga8X5Dxv45q/8Oe2cTAmlnsN42cvo5P07MLCGu

x5P3Bse5LQ12EL9e1c2FXsfzdZ4dO/mrWy9njYeQdphdQKybGg6U

X-Received: by 2002:a05:651c:508:b0:396:74ed:a7b1 with SMTP id

38308e7fff4ca-396af4366c1mr23513441fa.15.1780572734992; Thu, 04 Jun 2026

04:32:14 -0700 (PDT)

MIME-Version: 1.0

From: Business Trans

Date: Thu, 4 Jun 2026 11:31:56 -0700

X-Gm-Features: AVHnY4LAwvppJyt6LSj6YaH5Gt5p_P7Im5T71SqeF0lPUmMfy_cwWaM94vw5xZ8

Message-ID:

Subject: Fw: Information,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000005db61606536be5d8"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Proposal: Partnership for Allocated Funds - Urgent

Situation With a limited timeframe due to the nature of the Fund USD$41.6.

Million Dollars. Seeking a reliable partner to handle allocated funds for

[...]



Content analysis details: (5.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

[209.85.208.174 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.174 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

[209.85.208.174 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.174 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[agaliboss5(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[agaliboss5(at)gmail.com]

0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.174 listed in bl.score.senderscore.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.174 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Fw: Information,

PRoject quote spam from Microsoft outlook

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 11:48:00 -0600

Received: from mail-eastusazolkn19011000.outbound.protection.outlook.com ([52.103.1.0]:28968 helo=BL2PR02CU003.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVC9t-00000000LZu-3mDZ

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 11:47:20 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=oGRS+CaM8VReWsF4zD6HtQjZObBo1REGE4bPf4qeWvPjyOoIHY2viyiRsohPaR1XSaFWKIOAlGMvUJx5PxMS2K+yZWrJJSQE83+8KM9aQcY3NwCXaH81fwI6nJI7GSx8ZN9kY8oq6+k3hUQr25Ysm9Z9y6eD+LCVYCWqe1NC9ldBLDsXOta6sH15QFk/pyfqMhJFFj91MIwpciU7MNSWNDbYpYhOxUdROjdtoON4LJVBVOTfXV2zw27SvzgijSQqHpVDXRxWDEYrfB9QzArBtQo9LK9Ko58XdQR2zWidVPBlnE6GwIEo5/mQFp8RXua35C5Cu9SI4zH63H70u4sVAg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Qd23yBavEybZsH2+DDOr0Q/Zin3H5ZbysHKIteE0WRo=;

b=bFEbnGtTNY4gAMh2gMKip1cUAJVO/B8Bvys/wj1KzzATtJiq+HYUObxx3B65OKRBFByoDQ+STOxhRK6uHU8qLDeVpPEq242oExrFOonDfebspTX2vZ6GsMutHqsBwmlRy+NIFEqbT7C9hHxle4TiyE3q1owWuiM+oDNxzpNHwNqylxYlaKcIZpZrOi9iA6Cbo6A0rm3wQmKzRGckAeZZbhPpJKxXGfulkdx7vlzhFS+WuKydll6jxg8XaMBMG2KC9LgyiZvYcfl10Wz6NCY3VFeEtSMnGdKBGsPkkc1WEWS8pqHygVNEshcsReHLwHHaTj3tlLnp0ddw3vLj0apb9A==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Qd23yBavEybZsH2+DDOr0Q/Zin3H5ZbysHKIteE0WRo=;

b=fDutYIFZIZsYCZVyIU4yYkYWfU1Y3bJEkQNhGBrmTJkaXjt1sv98oNuCDm8MPww6XpZSECdEQZeuHdVKpqk+pP5xNUHQg1C1iJJGcmIl9hqHsjtf7uVV7gRl2rsonstW36Ig5pKPE4haO/6h8BbAcQxXG5bNmUVmA+bxUMTjxj2CuzXIN3wu0au3ubTYAy+ci+fnLn9DCpG9VY4fxBRCdBI/z5vjWFAec9tsdcoZgJwwuWnTNCeALvhxuQkeJoVXQH6nD1pv5G+kpg+nl9aE/EwSVnajGzBBC2fOT/Qak8q/Bqgb57gK9JEnfbIS2uI/P8q58Y7bGz22ZowANpep2Q==

Received: from DM4PR12MB5373.namprd12.prod.outlook.com (2603:10b6:5:39d::14)

by DS0PR12MB7769.namprd12.prod.outlook.com (2603:10b6:8:138::14) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.92.8; Thu, 4 Jun 2026

17:46:14 +0000

Received: from DM4PR12MB5373.namprd12.prod.outlook.com

([fe80::70c8:c940:37bb:6d4d]) by DM4PR12MB5373.namprd12.prod.outlook.com

([fe80::70c8:c940:37bb:6d4d%7]) with mapi id 15.21.0092.007; Thu, 4 Jun 2026

17:46:14 +0000

From: Security Team Admin

To: "dave@doctor.nl2k.ab.ca"

Subject: Request for Updated Project Quote

Thread-Topic: Request for Updated Project Quote

Thread-Index: AQHc9EnoFsTwV1WY20CipYxsHAG4xQ==

Date: Thu, 4 Jun 2026 17:45:19 +0000

Message-ID:



Reply-To: "project@hoksmandha.com"

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: DM4PR12MB5373:EE_|DS0PR12MB7769:EE_

x-ms-office365-filtering-correlation-id: 38cc1a80-97cc-4b82-9061-08dec2612c6c

x-microsoft-antispam:

BCL:0;ARA:14566002|31061999003|24071999003|37102599003|15080799012|8062599012|8060799015|19110799012|16051099003|38102599003|45011099003|55001999006|704163111799003|2604032031799003|30051999003|37011999003|2604032081799003|20031999006|39105399006|3412199025|440099028|102099032|40105399003|35041999009;

x-microsoft-antispam-message-info:

=?utf-8?B?VjhPT284MlFqN0c4VTcvQzlUN2RSL3NCaWpFRjZuMGJRWDJzditLOEJnRXVK?=

=?utf-8?B?R2NIRk9rdldhYTYvbUZNTVNmclR6K2hsS1l5VTRQbXRjZzRoakhWZFo3WGow?=

=?utf-8?B?VHNIZkdBNVhERCtYdXhyS3Q3NjRrMnVWdElXSU10TTNwRm03R0hibGtDTFBY?=

=?utf-8?B?YTMzQmgzWUgwRXBQZnU3TDZaZHpNY0ZRaHRwVWFvbU1qczhybHIxVDhIbG12?=

=?utf-8?B?V2cweitSNVB0b29JMFEzWENQNkYyWVJzTjRGNkY5UmNKTXl5Yi9Wa3pjM1NU?=

=?utf-8?B?YzBTNnEzQWZpTVhleXR0TnVrSkpWM1g4OFJaT2h0a2w4WW83UmRMYnRGNjN2?=

=?utf-8?B?cFFMcmVVTkwwZHhibEliRWRnRkRUYmorbzFaMFlPUndIeWZQZDdyUWo3SUhP?=

=?utf-8?B?dzREMmtSUEhqZUxGNWJHSE1BNW1PQmZwRlNIOC9sVWc3K0RCKy80dWtJUFc1?=

=?utf-8?B?NjFGVUttWG04KzNXRkJodEZHeEZEQWllRi91a1pQZmgvcHZBQWk0MnFNWFQx?=

=?utf-8?B?VGc2T2pzblhrMGdmS3V6ZWpQTkcvZHUwd29VNUJMdTFtZUgvT21QYkN2enlq?=

=?utf-8?B?a1cyUXBIaldjYkZvUWtGdHY4Q0xVdVJndWQreGF2RHltbTdGSlA5R0t0Tm5p?=

=?utf-8?B?LzZESklqWHkrQmRIdjRXMUZCaFRkUU9zNmJMSVluNWo3OTJiUGNMZnRKTGwx?=

=?utf-8?B?bTdsSERDdUlYVUVqNXNvdkMyZkx2YmhqTVZJSFM5NC9RUWt3cGhwV0s1TXYw?=

=?utf-8?B?SFZ0TCtnTytDZXpBQmlob29lM3pRbFc4MUtOVjBtdmxiRms5bjRHTFB1UW9Q?=

=?utf-8?B?VFN3MG8xSmFPZFJLQ3l3NzhsYWQwUS9TMUdUT0JQSU8wZEVJWVU5ejVyTzhv?=

=?utf-8?B?ZVZWVENOU256c3k3SXpzbTYvQVpBbEhVTFJBOGZMSFJTZnNUcVI2Zld5MDcw?=

=?utf-8?B?MVpLN2tvSFl3Zm9NczVKa0lXaWhZZk8yeEtXbzhQN29DZWpRUmtBamZ2Y1Yw?=

=?utf-8?B?L1FnQlVqa3FIdXJLVGtJVi81QXh5N2ZoZS9mQWNWd2lwdTNSOEprbmYyQUVp?=

=?utf-8?B?cGdyZVA1eWFFMlh0cFhnYkxWNGtQcHA5UjZTdW5QZzVTSzhMMXlTSmk0Vm5B?=

=?utf-8?B?dGdjMjJyME9VMGJWTDZnaEc3L3FCMytvRm9XSHRqQmh2UjUySWIraUVuNC96?=

=?utf-8?B?TldkMWVrdlJBMVFOWmNCcWtIQjlVS1ZxQWFaVmptcmc3Z0tETFQxb1lUeXAw?=

=?utf-8?B?NUR6dktpRmU0c1ZKSVlVWjltN2taa2FaZ1FZRVlqQ3ZMVm5takRHN0UrT1dl?=

=?utf-8?B?QllGRlZwNWdJUFVjVEFuSzQ0UVhNYzJtdEFyeWYvVTVhb0FjS3NLbUZIMlkx?=

=?utf-8?B?L1VlS2lZaGQxSDJQekhNYkgvK2tNaWJYZmJlMWpiMXJQSGRJc3JNOEJPNHFI?=

=?utf-8?B?VDN1SjFjLysrRURHaDVHVDRhNzN5THVmWTlCMkpOOG1ZaEc1Umpha3VRYXE2?=

=?utf-8?B?TmhZWGl5ZFBBS2oxR3VKTzd6UmtvYzBRWVdEUWJJTkFtZFpGemsvTXRteUZt?=

=?utf-8?B?MnpIaDY1K0F1UGZvMGxiK1lSSFREK05VRGpQekx2WkNxVHM1WEppVjVwb0Nr?=

=?utf-8?B?VFpLWU15NVZMWldwRWJPM09ZSDlZYjV4QkJ2a0Z5NlBtelFPMEJYMlgxZ1dj?=

=?utf-8?B?dnpNc3lSUmVORm1LOXdUaWI4b1cwcy9FcHl3U2hQZi9iN3ZhdlZDU2xhOXJy?=

=?utf-8?B?ZFUyMWRwYnRPN3Jia3czYTdmVUlZTW5WdG9qVEJtakI1YlNTTldEOGtibUNK?=

=?utf-8?Q?jm2GzPFermLKVVvJ5TLWfA7BSczom37h4nn5o=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?bStLWnNyNjZ0cER4UGVWanFOT0k3S0ZnNk1iTzRRVkpjVUxUdjIvRGpVR0J3?=

=?utf-8?B?TWY5OVhCQUpYU3lubWIxNTdhUVpXNzFIYm93WlFSbkh3M0gvUmlRR2VaNVNi?=

=?utf-8?B?ZU5FM0tNMTZuWmMvMm9mMEw4RlZtSHc4dUFWWENoL0gyM3BFLy9JRUREK2RM?=

=?utf-8?B?Ni9MbEpMOGJxS3RKTlE0cU9FbmFmSjZnZXkzbmJhOThWaFlHdkVNU0xUWVJL?=

=?utf-8?B?aGR0aFNGMGs3ODRURkF0dmVlbEU0eHN1R3VOc0hUZ0syd0ZYQ1VzZkdNNUs4?=

=?utf-8?B?RE5FL01hdDN1T3NCdTFENG1IdDdRd3dMMTRBWXRQbVpwN0lYbFFFYnRrVENE?=

=?utf-8?B?TGZRdU82Zmc4eHFRd09rVThaUVZmckltT3VwTkJIbXVETTJTeUlDK3habUxr?=

=?utf-8?B?Z05LRGNGenlEa3p3MnA2SmNHenJ6MGJhTWZhaXJSSlZYRUcwczdOazNXb0xu?=

=?utf-8?B?MDlDazRGRzA3RE95V204Qkk3Tjl1OUUzODNHMThPOERicnl0bm15K0NYU3cz?=

=?utf-8?B?ZzIwWHdrNjV3TGtFZlJmamQ3LytxN090WHRwQm9oZ1AweCt1SkVCVU9Vdnlv?=

=?utf-8?B?ZFFyZ3A0cVFuc25wdzN2ZTkxVlA3L21SUE16ajZNTCtWK0tJK084Q1B3OEM5?=

=?utf-8?B?M2Y1L2pCMHU1bmpsYUd2V2J4T1dhbTJLWTNaUENaQXJEdWMwY1pZYi9xeUt0?=

=?utf-8?B?Kzk0S3ptK2ZMZm5Zc3h6eEZOM2ZKVmROUUN3QlFvTVE5VW9NOFNPeTI0TjJp?=

=?utf-8?B?bVhZVkJwTWk1RnJSNzc3L1JGRFp0VUtvTjVXRUk0Z3BadGc4T01Id2d0Q1Iv?=

=?utf-8?B?ajk5YW9WOXR5bWc5SmRRMjVyOE5CTmhvZ1BkaDZqMStEVWRPNnJIVW54UGFR?=

=?utf-8?B?enZaK1NLUnlVY0R1Z05OQXZlV2J2a3hDZVRXRTRobk5vZThvNGpHeEVqL3d3?=

=?utf-8?B?MGI5YnZBVTBZVjF3M3ZpSk9FM054RnF6RnF5UWxMREhYc3lWYTUreElYZXo1?=

=?utf-8?B?NG5JTFA2N01TVWZ6ZTVwOCthTjlmdUNIWXRTenBJK095eUdIUlIzM0dsM0w3?=

=?utf-8?B?ODFLRXVBRCtVMENINHV6aUNKU2g5U2ZBNXkzSFAyWWpwSC9TRWVnejgvSnF0?=

=?utf-8?B?bnZEMWloWWRiVC93cXJ0U3pxMVdxOHM3WjJoT3J2MVJwRmYyTUV1dEVMS1A1?=

=?utf-8?B?RGxXbndSYm5qOEp6RFJxanVjeFNudG55c2k3VmJ3ekhGUDNFcnNTM2J0UmRv?=

=?utf-8?B?aEt4WUVmL0d1VFBISndNM0FjMTdNWEdycVMybnE1OVE2dm4yODEvMEI2WEZx?=

=?utf-8?B?WXdOVVpTTTlpNCt0eTZIWjM0Zy84a2g3WWpXVWxpd2d4OE16aWJ5SW9SamE2?=

=?utf-8?B?dm12eUQvRU1GN3JuMUZyek9hQnF5Zlp1Z3ZzOTN1MXBhazh4Q1l4cDFSZlJs?=

=?utf-8?B?V1diV1pGZUVxVmgwREFqZ1lVOWV5M3IvMXZLTmRyUFNkQkFpcjRoUGt5L3li?=

=?utf-8?B?SndaM20xSWNTdG11VGgxaDE5K0IwTmhWalYzZ0JsY0JJQmpoT25rbzdmS3do?=

=?utf-8?B?bzZpV3A5ZDk5cTJvU2RLamU0R1lJSnMzZVVUcFlEbWEyZ0NUdUpDRnpGbURa?=

=?utf-8?B?MU5IRlZnK3ZScnBZY0VVeE9IUVh4VldhNXFuM09NMDRxM2Q1cHRGeXJydHJq?=

=?utf-8?B?M1lGM29lSHRCRXdlbnFJL0d6VWZkK2FKQm1QQXg4czA5VnhtVjYzZXd3cW9M?=

=?utf-8?B?K2pBZThLNWxyem4yTkRPQTZzMlR5RldGVlRLUnNhM3BGOFZFL3NlbmpTMkJn?=

=?utf-8?Q?r7WGosUL/Tf9em+k8kH0Txppg5i0xSWMjXM0Q=3D?=

Content-Type: multipart/alternative;

boundary="_000_DM4PR12MB53737BFC5693C8FA1877DCE3DD102DM4PR12MB5373namp_"

MIME-Version: 1.0

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-10359.templateTenant

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5373.namprd12.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 38cc1a80-97cc-4b82-9061-08dec2612c6c

X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jun 2026 17:45:19.1375

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7769







Hello,



Could you please review the attached updated drawings and provide a revised quote for the project?



I have included the latest drawings for your reference. Please let me know if any additional information is needed.



Thank you for your time, and I look forward to your response.



Kind regards,

Martins Farmer

Project Manager

(416) 555-7821









Canada REvenue phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 14:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVESu-000000003kW-1Y5j

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 14:14:56 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 14:14:56 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.quickemail16.org ([57.131.43.70]:58684)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVBtf-00000000Kis-1UMR

for doctor@nl2k.ab.ca;

Thu, 04 Jun 2026 11:30:34 -0600

Received: from vmi3337591 (vmi3337591.contaboserver.net [207.244.246.94])

by mail.quickemail16.org (Postfix) with ESMTPSA id 57C4F8000DA6

for ; Thu, 4 Jun 2026 17:29:42 +0000 (UTC)

DKIM-Filter: OpenDKIM Filter v2.11.0 mail.quickemail16.org 57C4F8000DA6

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quickemail16.org;

s=202603; t=1780594182;

bh=B3bhCdR5rYR31AlLTCk6yTiCFPS67xqo9sYuiKyNOTQ=;

h=Reply-To:From:To:Subject:Date:From;

b=HFYymHRQHzKQoGXOPJdZZe3/WMKhqbEXrwTbTmkKBhlPASDtqjLEG3BKph4r3iagJ

0WcYBshBTYqpaG7hK+zhE75AxEJ+uuzDQzfQKGBbflzKWMVLafjyWQvWWhCDskXnKY

1A6+LMOOhSHbIAbmmPU+a7+OJv0qBn2PnIBP2LDJoUegfI4E0zw1x3fLiJ0mEFLqa8

obxyZdndk/TSLS/7oEAVBpObHGaV2/P6vJV2elAMkDvn4wjvkGTkHaOdtC8EgeWVkE

SEMAxCFmob7LVag09OmaAUzexekN98OXg4dr7VJH2Hucs2JVMFDBqrTkcLkgGb0Dj8

RyOG1HPtg3XYA==

Reply-To:

From: "Canada Revenue Agency (MyCRA)"

To: "doctor"

Subject: New mail from the Canada Revenue Agency/Rappel: Nouveau courrier de l'Agence du revenu du Canada

Message-ID:

Date: Thu, 04 Jun 2026 19:27:45 +0200

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0001_4BBC9A45.BC92B044"

X-Priority: 3

X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (mail.quickemail16.org [0.0.0.0]); Thu, 04 Jun 2026 17:29:42 +0000 (UTC)



This is a multi-part message in MIME format.



------=_NextPart_000_0001_4BBC9A45.BC92B044

Content-Type: multipart/alternative;

boundary="----=_NextPart_001_0002_EB74C983.E0C8F049"



------=_NextPart_001_0002_EB74C983.E0C8F049

Content-Type: text/plain;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable







------=_NextPart_001_0002_EB74C983.E0C8F049

Content-Type: text/html;

charset="utf-8"

Content-Transfer-Encoding: quoted-printable



=0D=0A
TML>=0D=0A
001">=0D=0A=0D=0A

  Eng=

lish version *** La version fran=C3=A7aise suit ***

=0D=0A=

 

=0D=0A

Find Attached





------=_NextPart_001_0002_EB74C983.E0C8F049--



------=_NextPart_000_0001_4BBC9A45.BC92B044

Content-Type: application/pdf;

name="CRA- Document shared with you_ _2026 3_30 Executive Document.pdf"

Content-Transfer-Encoding: base64

Content-Disposition: attachment;

filename="CRA- Document shared with you_ _2026 3_30 Executive Document.pdf"



...



------=_NextPart_000_0001_4BBC9A45.BC92B044--

Canada REvenue phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 04 Jun 2026 14:15:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVESq-000000003kH-1xDd

for dave@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 14:14:52 -0600

Resent-From: The Doctor

Resent-Date: Thu, 4 Jun 2026 14:14:52 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.quickemail16.org ([57.131.43.70]:37760)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wVBtf-00000000Kig-1UPS

for doctor@doctor.nl2k.ab.ca;

Thu, 04 Jun 2026 11:30:34 -0600

Received: from vmi3337591 (vmi3337591.contaboserver.net [207.244.246.94])

by mail.quickemail16.org (Postfix) with ESMTPSA id 441368000DA3

for ; Thu, 4 Jun 2026 17:29:33 +0000 (UTC)

DKIM-Filter: OpenDKIM Filter v2.11.0 mail.quickemail16.org 441368000DA3

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quickemail16.org;

s=202603; t=1780594173;

bh=B3bhCdR5rYR31AlLTCk6yTiCFPS67xqo9sYuiKyNOTQ=;

h=Reply-To:From:To:Subject:Date:From;

b=BxMI73mQWpuSkw+BDk94gFFX84Trg8cC3l1SO5exwtUqu+d+sPm5+Dj1ealEiwXzD

f4XGHCvahL6GyHvqbalZcTEMVjzz13GUdLC6PjrBWe7C1GUkiIty3gZNDMd74LOoMV

tjO2XuN43KLyyc8KGdC5YPltF0NOfDxmb2QMr7QMe3snRta396q804lHJpgWVyChpM

CbDA5/5ZQdHClOVqvwuAVbi5bD7N9Rip8Vais03mGSgMcULY0PCIVkGCkdPGE3/BSi

KlQP/ZwUFJeZeNWaafLh3kqnceQtwUrtdXsPbAmRIGnvaxaVK2KD5iIOrkpb97kbGI

LkrUeh/M3S/3A==

Reply-To:

From: "Canada Revenue Agency (MyCRA)"

To: "doctor"

Subject: New mail from the Canada Revenue Agency/Rappel: Nouveau courrier de l'Agence du revenu du Canada

Message-ID:

Date: Thu, 04 Jun 2026 19:27:36 +0200

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0001_4BBC9A45.BC92B044"

X-Priority: 3

X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (mail.quickemail16.org [0.0.0.0]); Thu, 04 Jun 2026 17:29:33 +0000 (UTC)







English version ** La version française suit **







Find Attached



CRA- Document shared with you_ _2026 3_30 Executive Document.pdf attachment