Web/SEO/App Spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on
--_000_GV2PPF4E9D6E92A104259C4669361D6485FD99BAGV2PPF4E9D6E92A_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








=3D"elementToProof">


ack; line-height: 107%;">Hi,




=3D"elementToProof">


ack; line-height: 107%;">I

apologize for the email again.




=3D"elementToProof">


ack; line-height: 107%;">I think you might have missed my last email - I un=

derstand you're busy




=3D"elementToProof">


ack; line-height: 107%;">Would you like to


; color: black; background-color: yellow; line-height: 107%;">see our wo=

rk samples
size: 12pt; color: black; line-height: 107%;"> and

learn more about us?




=3D"elementToProof">


ack; line-height: 107%;">Thanks,




=3D"elementToProof">


ack; line-height: 107%;"> 




ntToProof">


ack;">From: Taniya




ntToProof">


ack;">Sent: Sunday, December 21, 2025 11:15 am




ntToProof">


ack;">Subject: Design and Development innovative Apps
>


=3D"elementToProof">


b(0, 0, 0); line-height: 107%;"> 




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">Hi,




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">I represent an

App Development Company from India. We specialize in app develo=

pment across

industries such as Health, education, finance, retail, e-commerce, trave=

l, real estate, and others.




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">We have built many apps like:






  • ltr; line-height: 107%; margin: 0in 0in 0in 0.5in;">


    -height: 107%;">Fitness Apps

  • ont-size: 12pt; color: blue; direction: ltr; line-height: 107%; margin: 0in=

    0in 0in 0.5in;">


    -height: 107%;">Social Media Apps

  • ol; font-size: 12pt; color: blue; direction: ltr; line-height: 107%; margin=

    : 0in 0in 0in 0.5in;">


    -height: 107%;">Ecommerce Apps

  • font-size: 12pt; color: blue; direction: ltr; line-height: 107%; margin: 0=

    in 0in 0in 0.5in;">


    -height: 107%;">Property Rental Apps

  • ymbol; font-size: 12pt; color: blue; direction: ltr; line-height: 107%; mar=

    gin: 0in 0in 0in 0.5in;">


    -height: 107%;">Dating Apps

  • nt-size: 12pt; color: blue; direction: ltr; line-height: 107%; margin: 0in =

    0in 0in 0.5in;">


    -height: 107%;">Food ordering apps

  • bol; font-size: 12pt; color: blue; direction: ltr; line-height: 107%; margi=

    n: 0in 0in 0in 0.5in;">


    -height: 107%;">Chat Apps

  • -size: 12pt; color: blue; direction: ltr; line-height: 107%; margin: 0in 0i=

    n 0in 0.5in;">


    -height: 107%;">Ride Share Apps

  • ; font-size: 12pt; color: blue; direction: ltr; line-height: 107%; margin: =

    0in 0in 8pt 0.5in;">


    -height: 107%;">OTT Apps



=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">If you have any requirements, please share =

with me.




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">Would like to


; color: rgb(0, 0, 0); background-color: yellow; line-height: 107%;">rev=

iew our past projects and see our pricing options
font-family: Calibri, sans-serif; font-size: 12pt; color: rgb(0, 0, 0); lin=

e-height: 107%;">,

let us know.




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">Best regards




=3D"elementToProof">


b(0, 0, 0); line-height: 107%;">Taniya,




Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">












--_000_GV2PPF4E9D6E92A104259C4669361D6485FD99BAGV2PPF4E9D6E92A_--

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (7.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

[52.103.32.20 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.32.20 listed in dnsbl.ahbl.org]

[52.103.32.20 listed in dnsbl.ahbl.org]

[52.103.32.20 listed in dnsbl.ahbl.org]

[52.103.32.20 listed in dnsbl.ahbl.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[dnsbl.ahbl.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[dnsbl.ahbl.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[dnsbl.ahbl.org]

[2603:10a6:158:401:0:0:0:8cd listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.32.20 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.32.20 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.32.20 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.32.20 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.32.20 listed in list.dnswl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[taniyaranawatq(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.32.20 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

Subject: {SPAM?} Re: Design and Development innovative Apps



--_000_GV2PPF4E9D6E92A104259C4669361D6485FD99BAGV2PPF4E9D6E92A_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



I apologize for the email again.



I think you might have missed my last email - I understand you're busy



Would you like to see our work samples and learn more about us?



Thanks,







From: Taniya



Sent: Sunday, December 21, 2025 11:15 am



Subject: Design and Development innovative Apps







Hi,



I represent an App Development Company from India. We specialize in app dev=

elopment across industries such as Health, education, finance, retail, e-co=

mmerce, travel, real estate, and others.



We have built many apps like:



Fitness Apps

 Social Media Apps

Ecommerce Apps

 Property Rental Apps

Dating Apps

 Food ordering apps

Chat Apps

 Ride Share Apps

* OTT Apps



If you have any requirements, please share with me.



Would like to review our past projects and see our pricing options, let us =

know.



Best regards



Taniya,



Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:33:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM8r-00000000NMd-1Ori

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:32:53 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:32:53 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-northeuropeazolkn19010020.outbound.protection.outlook.com ([52.103.32.20]:36129 helo=DB3PR0202CU003.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnLk4-000000007WJ-2Eg1

for root@nk.ca;

Tue, 03 Feb 2026 12:07:27 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=KB66UJUANMX+I5MwjlC+l3oukv6b9Akmr4XvVZqCBqEJMRWJBIP41nwJa5gdvzHjezaI+LeDZzsHc4PyYU1evt3dkWcqjMZQtNN0UnsYwI26sSq4TrM0Rp3Rud3d7X0rbQ4lnIvlfjR53dB/umZLHU72Cgbm24t5GCT7hokHsOo8Kvyz5Guu5oeS9W8ONShLg0yDG2HxFCUOGpMIOcIAKDRwXqHHM6SouV80EN5YnyCwn2WktyNaL9koDUiHfR9ZH/vF2EKmqK4XEobxIujN7V/tbm72BCMDNSMSHorYOD6lu3zmzl/ujpajoML2nJHW3RlAL9TiFtmjn65z6CABbA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=ZCFjt6XBV17JQSyTQAuqvxbmzdvzzLs+Nb+5tbtGmhs=;

b=hnjU4gLmZjCf8pg/B9Us/pqYd0KMVPf/2+3NniL0HCQU798QT2Ie7fe2Lzy+JurirDm6/jWKLtoVcxIrJ6poMksvISlg+DtKDK7wM1QYiaM34izUQWU1TnbDtMvGPWRXjNfkGNKSUT8lg9Pv+gC72y0Ic+V9nXEnoUD7xStJxVEvGqKFfxFusgR6zlfjo3qbEvBcNrvGDUKG3zzR0S3FfC1P6CDgy+WoDcPGyUY+H9nORX+d2k3Otd7SsRaZ1RqPCj0cQ4/QWIn1bviIIvoChDIYFDrSEDXSR4oZ2F2iC7+UyOo27vbm32sH9FU4zNzgkhKNHDhS6pQU2g3IbCNzOA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=ZCFjt6XBV17JQSyTQAuqvxbmzdvzzLs+Nb+5tbtGmhs=;

b=Z3pBENd+vAv/We+Hp5LoOS59yk0ZFmM1A+n2idlySLviQ9/9GB3USbhiHFbPVJ1HZ17eNdNPyN/ZkFb0EwKNXR7S0VVnn/gG2ShQkb3cSW9ikFvgBBD98Y9K1YNTnLjBcPVpuxW6djjqaldJm6rgtuaJP9QW/0dnhOfQG3haf+INpa1zj8bYm8c8sM8Epezcj/T+lv59bTisBV6DwIglvdWWkHwD2N4lbBWDp3uuhicE4z/zACEFOigA8BHCAiqnTuauhmX4IH1OpInmI92iAPC2iAD2s3Gha8FCyY6EjfmeFqv5EmrCDo9KRBpRHrMfyxVl27D+7l1W0KM5rTuJUw==

Received: from GV2PPF4E9D6E92A.EURP195.PROD.OUTLOOK.COM

(2603:10a6:158:401::8cd) by PR3P195MB1006.EURP195.PROD.OUTLOOK.COM

(2603:10a6:102:aa::12) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9587.12; Tue, 3 Feb

2026 19:06:15 +0000

Received: from GV2PPF4E9D6E92A.EURP195.PROD.OUTLOOK.COM

([fe80::bfe9:33e:d3f:9091]) by GV2PPF4E9D6E92A.EURP195.PROD.OUTLOOK.COM

([fe80::bfe9:33e:d3f:9091%4]) with mapi id 15.20.9564.016; Tue, 3 Feb 2026

19:06:14 +0000

From: Taniya Ranawat

Subject: Re: Design and Development innovative Apps

Thread-Topic: Design and Development innovative Apps

Thread-Index: AQHclT8tQIvhd8kZDUK5qxX9cJWRIw==

Date: Tue, 3 Feb 2026 19:06:13 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: GV2PPF4E9D6E92A:EE_|PR3P195MB1006:EE_

x-ms-office365-filtering-correlation-id: aaba3634-a9ae-4f3f-8736-08de63574cfe

x-ms-exchange-slblob-mailprops:

gMiuAN0LASIPtJFHWBzvUtRfhjUdI+tGSLk97KNjMYumCg1ZJUjkQWNGsuJUHL/TXCIiwM22L9DPgI+fzgsqJKK7QSBTmf++Rt1cRdrdw5U3TsJpL0SHxt9QnFa2KmX2jayRWq9ricUQIPZJkRqMVe4yOinLWsz4lKZqDV6xoxj7h7LFSvF4TEofdPsYiqMAmuMeql9Y3Xbcgb0Cpnh2iVMn+B3FwV+418P9VxOJG3FTM0r3htRDxrmk3IQHN2I4oC0tCYyi/CPFjNPC05E8uyOTvYb6D39dk8vH6yNBnMzCIikRoYpgKRarBlTXqamahkQLyYk/QYtG/dEQpGSFnai8Np2GAFDPf/JkjL9AuALe+dM64V+XWjl7dt3GuM4aP8YmSqh9Co4uqEjXbaYjD4QAl+LaADySI7xlDhveVNGwDmfrKd7k8tckqzEXQ7sSpTlAdurMSkHC9DOoB1W6rpZTpwX2u6S45Ie0SYULBdvQEiBdiDH2qr9SylFwOuAcd+tywdmvsfY0MSCOkaZ9vyWDKrat2OVwTDkM8wBldHGActZV5j6Xeob+R04IUKaqbN5BGrGUXtTzcWhPpg7Mr0JYWli1pi/NzzsiwMZcmqyBR6K5CC1l0XouiVXyCNNUZUUSpBWuemC7UDUb60b+812r3tEAjZL++HVX+pwQEIgF6hGgQ6064VbnI6uq5c+SxphcD/wHD6yBl8MKt0JYNw==

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|15030799006|8062599012|461199028|20031999003|19110799012|8060799015|39105399006|31061999003|12121999013|3412199025|440099028|102099032|35041999009|39145399003|40105399003|41105399003;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?DGn5Ikl1dBCiNJakYaxBVlKlrzIIW3oCc00CHEEDXkf65xiSElXClm//zx?=

=?iso-8859-1?Q?H8vtIePa6jprtpv88VtF9CUv5xQPO3/aWquaNeaH5KIZfcjImovJarKgKu?=

=?iso-8859-1?Q?WcN/de/v6cWuiS/SxHb/ihlvE0F4HvRAzO/6lzq4S4cqlFmYGjgTJBXZNk?=

=?iso-8859-1?Q?N4KFK8dWhGEBbUxMHVar6hC9Fa6+dVzUhPhpSSJSJzCxfN/cMIeZiqjr1n?=

=?iso-8859-1?Q?MCYS/JaB78lQUpjhXGqta3jS5Jpa9r1Zv85/QEzDjDyWaWEmHexjYbR7NA?=

=?iso-8859-1?Q?vEdyXLaztuP6Lo0ilcjXXANrvq4xanDMgDR869ZwLnNHS0k0jQoK9+nG0X?=

=?iso-8859-1?Q?SOhrV3Q0h1LPQaLa9esFGCN//ta1rbMgR+6Qy+o49vulhm7D3b49UL3ZxI?=

=?iso-8859-1?Q?RePvO5tr3UXzQHYGHpcGmJaM3g/XMOdhBNQdnosTPhw/o806cUKqVTN8wJ?=

=?iso-8859-1?Q?9eQYRZcBpmXt2IC0gUxMnfvp60QTXx4tFVadau6q2Gj9YGZ90/hTCjPaBv?=

=?iso-8859-1?Q?Pak+Xah6vs3GYusPY4DLTLvl8XN9sQQ/WVKhnJOeIXvmH1YkAyApOBblUk?=

=?iso-8859-1?Q?vOgkSKoXXPEb1TpAKC5ZdxNQAG051RaUpDizTETMaxBn2Q3+iHyFaejTBm?=

=?iso-8859-1?Q?m46bpYrvet6eqoJvJdK9hQB0l/T0sHBolxaN5lszv2IinL0miTpL5dfGFY?=

=?iso-8859-1?Q?P94CNae3b24zoiJOel6EzuQsSTXsSo4rDfklrrPKEcZzCkwVQHzB1j5ZWF?=

=?iso-8859-1?Q?BdEd2J9u3t2QxVnXuJarP3yv7n9Z6Tph+V94xPBY6eKXRjp7CMxXzYDN19?=

=?iso-8859-1?Q?rr1f4rdcyHgc/QV2rfdFg5MkwzyuddLn2XrVG6VhSQMUXUrXyCTJE5K/yV?=

=?iso-8859-1?Q?fcbQQbtwrYtU+rFTu/sLCmgaJNNBa8JTI7f0YUfPrE6D/srBqJe0ztiA0D?=

=?iso-8859-1?Q?3R4pWStRW65kZ1dw3O+4IItQdWhNhdkxmjmSY4N9Q02gOblwMiO33yr9Hm?=

=?iso-8859-1?Q?V0qFYaiFoDG550RTZrzC6XIc117s+SKSktinUmAauK/B9WWJRxmQCeZLza?=

=?iso-8859-1?Q?pVTsB9ECRPsa+19BhkOOKsW5XumBEX6RxqwgD2lcx4zoT5VO5ROTa+IJ8w?=

=?iso-8859-1?Q?EXutyTyMaUdK/TInT8b/ijwK59qOKZHcDS2BlamtGQaf0om/uJN4vN+BBF?=

=?iso-8859-1?Q?LFHq6FE/bg2lNH780LEGb+0nZJ33o4EgsVQWtj7Rmm26xcFt+n2rAZ2v/K?=

=?iso-8859-1?Q?/jpKwZRspvAbWCuH+jAYVqaFnc5fVdZTMiXTfz86b0WeL+rEQ8VuhH/XA2?=

=?iso-8859-1?Q?qXAtKYIKPzO8jadcPm0pDfiUSSw5HcPo8LeQ76EHonLaXQHJ83ePKazKlR?=

=?iso-8859-1?Q?wTFiBun31Yaw3sAmZpakgyyY7Cg0MqlTGwQoCNaYxJSfONBNNeJpk=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?fAxXW2SV1gzDfmCMPLdULAKzSNDFE02Ph8jCgwphwKmYzgddcUthG5b4zZ?=

=?iso-8859-1?Q?8+C/mUR1WsQaSAPuiC8IMpNCVbzmigbf3uFgry9Iqw8ZiFupQ6ywkHOcwq?=

=?iso-8859-1?Q?PLRbzywC57O9o87Esa+fk5+nP7Pc+seIliLCuJSSztofGdfg60v77tBdzU?=

=?iso-8859-1?Q?DcK4YhtP8DxZIKH2wqcQMQ/UeDnlZfLExNNmHYA8DRpN0TJg+knIhKSa03?=

=?iso-8859-1?Q?qlCYNhkFdLwft2ThMvyf3NOlKU5B9d3KjLXc+zQ9Px9BpcRHNmePmfnNPu?=

=?iso-8859-1?Q?Kgfzb48pg2ozBthQ10UMSTbdxvj63c3yJk6P3S3vvoR2ai/hqvOz3dGyB/?=

=?iso-8859-1?Q?8bpPIWva6cCYvem/A7cj7JWs4MO505m/BwUciLaLnlTRkX0ZZWLtHNQY6m?=

=?iso-8859-1?Q?cKFjwRpWEjKL6zVJbPotBXQZQha4qtm09dS8ytoUalRYMCFB2+cK7vLblU?=

=?iso-8859-1?Q?OEjZWRdJAqchqdeBzz+QspH5uCP8CfS/Ta7ifLzTxe/fTuc6GZxPAKHk33?=

=?iso-8859-1?Q?WFqnS3wi/OXugrIfd1jcOimHMxfyA0H2gqVkD9k0gE8WtM3NFI5tu0Tw3b?=

=?iso-8859-1?Q?PBhdlyAQe2WdlXqZfgrlgI1l3Ue2PyEyDYfmgXfk0K0GcdvTZEteHAcCab?=

=?iso-8859-1?Q?qTVbQmyn9Cw++F2sRPN4cpuM9FpGkxJts/JYClshUxA8W2RcuHeV2yF6PL?=

=?iso-8859-1?Q?yUTyRL5I4HDFyKxOzlnYGKI0FN4kstoQI3f21W6hMneCFHe/UKyEP4H9dv?=

=?iso-8859-1?Q?1vw1h3l5xQ8cRsXxe4rR9HUJdRFjI+Wo4TXC/sR+XW2fpuwHcZadkgKTOA?=

=?iso-8859-1?Q?WPKXebslZhCUMIse4Wh3nDnr4ZZk8Y/LVpR+CxhmLR5SDlKpvzzSRjmYSA?=

=?iso-8859-1?Q?JWVUg2xln9frMhcI/+CvtR4OFATv5t9At8wYP99IsZkKTAnz4XVh6swpSx?=

=?iso-8859-1?Q?8JXqRaGONOmbg0fCYPIMMmGZPJJ1tqlngggWqguirkXH89lUtqa5yV3p+T?=

=?iso-8859-1?Q?b719hM+9sZS18WoZCgW4CRGDCZ5XNNfvJ1eMXwmCZlp2JlFtd2sBzyOffJ?=

=?iso-8859-1?Q?E60SW5mqxIHQYNU4RBfMdoh1wxASlO30Ur3wcGSDkV32o/XiaApazB0O0K?=

=?iso-8859-1?Q?CM5//edyyY79w2ublBzDzHvpQSfcdsgyHSUwCletxBRmVkjsjvakxYpzdt?=

=?iso-8859-1?Q?lF7vDgDOh97veg6/y8yNZeMq/WEDPAkreFNtGGjmEKzlrfbr6ZbQPEWglP?=

=?iso-8859-1?Q?F8O5bL9dTZSw9M/cHDWan+OeF6l8lltBGINYK1kkFqfJC42d8Ik5TYKWeM?=

=?iso-8859-1?Q?rzdyb9qg8h4wwJzuGHtKIHTFACRPJWW0DILQMcPRUA06MlSOnZv3Trx7EV?=

=?iso-8859-1?Q?8HQ32FyOkq0z8vjE3BkTXLGwUTJDVLipYl0EKlzUjV7BD2zEK2VKLOGTF2?=

=?iso-8859-1?Q?33jg+VQjIiTRQJITBRyQAbxkP/yuXb1ToVFlfrz3AH4nnlqXw5o46fNKG8?=

=?iso-8859-1?Q?QLzhwVBhu4db7jHd1jcONH?=

Content-Type: multipart/alternative;

boundary="_000_GV2PPF4E9D6E92A104259C4669361D6485FD99BAGV2PPF4E9D6E92A_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: GV2PPF4E9D6E92A.EURP195.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: aaba3634-a9ae-4f3f-8736-08de63574cfe

X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Feb 2026 19:06:13.8104

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3P195MB1006

X-Spam_score: 7.4

X-Spam_score_int: 74

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, I apologize for the email again. I think you might have

missed my last email - I understand you're busy

Nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM7e-00000000FsK-0AdJ

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:31:38 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:31:37 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [140.227.80.133] (port=38948 helo=palmatum.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnKZs-000000003MW-3O8u

for root@nk.ca;

Tue, 03 Feb 2026 10:52:50 -0700

Received: from User (unknown [196.170.51.8])

by palmatum.net (Postfix) with ESMTPA id 839628B8C6;

Wed, 4 Feb 2026 02:09:53 +0900 (JST)

Reply-To:

From: "Sokrith Seng"

Subject: I NEED YOUR ASSISTANCE !!!

Date: Wed, 4 Feb 2026 00:10:13 +0700

MIME-Version: 1.0

Content-Type: text/plain;

charset="_iso-2022-jp$ESC"

Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2800.1081

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081

X-Spam_score: 38.3

X-Spam_score_int: 383

X-Spam_bar: ++++++++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Friend, My name is Mr.Sokrith Seng, a Board Member of

Foreign Trade Bank of Cambodia (FTB). A late investor of our bank died and

left $31,640,000.00 Million dollars in our bank some years ago and there

was no next of kin to claim this fund.



Content analysis details: (38.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

2.1 RCVD_IN_MSPIKE_L4 RBL: Bad reputation (-4)

[140.227.80.133 listed in bl.mailspike.net]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted

0.0 NSL_RCVD_FROM_USER Received from User

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.2 MISSING_HEADERS Missing To: header

1.6 SUBJ_ALL_CAPS Subject is all capitals

2.5 HK_SCAM_N2 BODY: No description available.

2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 FROM_MISSP_USER From misspaced, from "User"

0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority

0.0 HK_SCAM No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

0.6 FSL_NEW_HELO_USER Spam's using Helo and User

1.0 ZMIde_OutlookExpress Outlook Express should not be used anymore

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To

1.2 AXB_XMAILER_MIMEOLE_OL_1ECD5 Yet another X header trait

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool

1.9 REPLYTO_WITHOUT_TO_CC No description available.

0.0 MONEY_FROM_MISSP Lots of money and misspaced From

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

2.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 FROM_MISSPACED From: missing whitespace

2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} I NEED YOUR ASSISTANCE !!!



Dear Friend,



My name is Mr.Sokrith Seng, a Board Member of Foreign Trade Bank of Cambodia (FTB).



A late investor of our bank died and left $31,640,000.00 Million dollars in our bank some years ago and there was no next of kin to claim this fund.



Please get back to me as soon as possible for more details if you are interested in my proposal.





Mr.? Mr.Sokrith Seng

FTB Board Member

Foreign Trade Bank

Nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM7e-00000000FsK-0AdJ

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:31:38 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:31:37 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [140.227.80.133] (port=38948 helo=palmatum.net)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnKZs-000000003MW-3O8u

for root@nk.ca;

Tue, 03 Feb 2026 10:52:50 -0700

Received: from User (unknown [196.170.51.8])

by palmatum.net (Postfix) with ESMTPA id 839628B8C6;

Wed, 4 Feb 2026 02:09:53 +0900 (JST)

Reply-To:

From: "Sokrith Seng"

Subject: I NEED YOUR ASSISTANCE !!!

Date: Wed, 4 Feb 2026 00:10:13 +0700

MIME-Version: 1.0

Content-Type: text/plain;

charset="_iso-2022-jp$ESC"

Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2800.1081

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081

X-Spam_score: 38.3

X-Spam_score_int: 383

X-Spam_bar: ++++++++++++++++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Friend, My name is Mr.Sokrith Seng, a Board Member of

Foreign Trade Bank of Cambodia (FTB). A late investor of our bank died and

left $31,640,000.00 Million dollars in our bank some years ago and there

was no next of kin to claim this fund.



Content analysis details: (38.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[196.170.51.8 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

[140.227.80.133 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[140.227.80.133 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

[196.170.51.8 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[140.227.80.133 listed in dnsbl.ahbl.org]

2.1 RCVD_IN_MSPIKE_L4 RBL: Bad reputation (-4)

[140.227.80.133 listed in bl.mailspike.net]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted

0.0 NSL_RCVD_FROM_USER Received from User

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

1.2 MISSING_HEADERS Missing To: header

1.6 SUBJ_ALL_CAPS Subject is all capitals

2.5 HK_SCAM_N2 BODY: No description available.

2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 FROM_MISSP_USER From misspaced, from "User"

0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority

0.0 HK_SCAM No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

0.6 FSL_NEW_HELO_USER Spam's using Helo and User

1.0 ZMIde_OutlookExpress Outlook Express should not be used anymore

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To

1.2 AXB_XMAILER_MIMEOLE_OL_1ECD5 Yet another X header trait

0.3 FROM_MISSP_EH_MATCH From misspaced, matches envelope

0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool

1.9 REPLYTO_WITHOUT_TO_CC No description available.

0.0 MONEY_FROM_MISSP Lots of money and misspaced From

0.7 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors

2.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.0 FROM_MISSPACED From: missing whitespace

2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook

1.5 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} I NEED YOUR ASSISTANCE !!!



Dear Friend,



My name is Mr.Sokrith Seng, a Board Member of Foreign Trade Bank of Cambodia (FTB).



A late investor of our bank died and left $31,640,000.00 Million dollars in our bank some years ago and there was no next of kin to claim this fund.



Please get back to me as soon as possible for more details if you are interested in my proposal.





Mr.? Mr.Sokrith Seng

FTB Board Member

Foreign Trade Bank

Intelcom Phish Part 2

Posted by Dave Yadallee on


This is an automated email, please do not reply.











Â





















--156022dbf86b2eff94998ea32530133f6

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit































Hello,





⚠️ We need you to confirm your delivery before it expires and returned to the sender !


















Â


































Â
Â
















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.





However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:





Confirm my delivery





Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).





Have a great day!


Â


































Â





















This is an automated email, please do not reply.


Â














--156022dbf86b2eff94998ea32530133f6--



Intelcom Phish Part 2

Posted by Dave Yadallee on




This is an automated email, please do not reply.











Â





















--18ff0224a4567a77bac59cdbf3ae3d7c0

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit































Hello,





⚠️ We need you to confirm your delivery before it expires and returned to the sender !


















Â


































Â
Â
















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.





However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:





Confirm my delivery





Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).





Have a great day!


Â


































Â





















This is an automated email, please do not reply.


Â














--18ff0224a4567a77bac59cdbf3ae3d7c0--



Intelcom Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM7H-00000000EBx-45B0

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:31:15 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:31:15 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [83.167.253.232] (port=56490 helo=rentstorage.ca)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnKCz-00000000Idt-1cG7

for bin@nl2k.ab.ca;

Tue, 03 Feb 2026 10:29:10 -0700

Received: by rentstorage.ca (Postfix, from userid 33)

id C582C6BD80; Tue, 3 Feb 2026 16:47:23 +0000 (UTC)

To: bin@nl2k.ab.ca

Subject: Last update: Confirm your delivery before it expires and returned to the sender.

Date: Tue, 3 Feb 2026 16:40:17 +0000

From: =?UTF-8?Q?Intelcom=C2=AE?=

Message-ID:

List-Unsubscribe: mailto:bounce660-GPWeAHI6CSVIiRY@rentstorage.ca?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="156022dbf86b2eff94998ea32530133f6"

Content-Transfer-Encoding: 8bit

X-Spam_score: 13.5

X-Spam_score_int: 135

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: intelcom-dragonfly@intelcom.ca | Hello,



Content analysis details: (13.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: jii.li]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: ctmsapp.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: ctmsapp.com]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: jii.li]

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.8 A_HREF_NOWHERE A link tag with empty href

0.0 HREF_EMPTY_NORDNS Empty href + no rDNS

0.0 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

Subject: {SPAM?} Last update: Confirm your delivery before it expires and returned to the sender.



This is a multi-part message in MIME format.



--156022dbf86b2eff94998ea32530133f6

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit













intelcom-dragonfly@intelcom.ca |











Hello,



⚠️ We need you to confirm your delivery before it expires and returned to the sender !



































Â















Â





Â















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.



However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:



Confirm my delivery



Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).



Have a great day!















Â























Â















Intelcom Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:32:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM76-00000000DJq-0gT1

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:31:04 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:31:04 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [83.167.253.232] (port=52992 helo=rentstorage.ca)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnK3J-000000007aL-2Ll3

for root@nl2k.ab.ca;

Tue, 03 Feb 2026 10:19:08 -0700

Received: by rentstorage.ca (Postfix, from userid 33)

id A0E9910C744; Tue, 3 Feb 2026 16:26:45 +0000 (UTC)

To: root@nl2k.ab.ca

Subject: Last update: Confirm your delivery before it expires and returned to the sender.

Date: Tue, 3 Feb 2026 16:25:08 +0000

From: =?UTF-8?Q?Intelcom=C2=AE?=

Message-ID:

List-Unsubscribe: mailto:bounce763-yhDF0a8lGhnQ7T9@rentstorage.ca?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="18ff0224a4567a77bac59cdbf3ae3d7c0"

Content-Transfer-Encoding: 8bit

X-Spam_score: 13.5

X-Spam_score_int: 135

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: intelcom-dragonfly@intelcom.ca | Hello,



Content analysis details: (13.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: ctmsapp.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: ctmsapp.com]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: jii.li]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: jii.li]

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.8 A_HREF_NOWHERE A link tag with empty href

0.0 HREF_EMPTY_NORDNS Empty href + no rDNS

0.0 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

Subject: {SPAM?} Last update: Confirm your delivery before it expires and returned to the sender.



This is a multi-part message in MIME format.



--18ff0224a4567a77bac59cdbf3ae3d7c0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit













intelcom-dragonfly@intelcom.ca |











Hello,



⚠️ We need you to confirm your delivery before it expires and returned to the sender !



































Â















Â





Â















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.



However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:



Confirm my delivery



Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).



Have a great day!















Â























Â













Intelcom Phish Part 2

Posted by Dave Yadallee on






This is an automated email, please do not reply.











Â





















--198f005bbbca4ffa554f83c7632a8ba40

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit































Hello,





⚠️ We need you to confirm your delivery before it expires and returned to the sender !


















Â


































Â
Â
















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.





However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:





Confirm my delivery





Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).





Have a great day!


Â


































Â





















This is an automated email, please do not reply.


Â














--198f005bbbca4ffa554f83c7632a8ba40--



Intelcom Phish Part 2

Posted by Dave Yadallee on




This is an automated email, please do not reply.











Â





















--1bb154b3ef2deeca2c8b097de34df38b5

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit































Hello,





⚠️ We need you to confirm your delivery before it expires and returned to the sender !


















Â


































Â
Â
















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.





However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:





Confirm my delivery





Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).





Have a great day!


Â


































Â





















This is an automated email, please do not reply.


Â














--1bb154b3ef2deeca2c8b097de34df38b5--



Intelcom Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:31:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM6w-00000000CXk-1LIF

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:30:54 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:30:54 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [178.238.43.10] (port=59134 helo=umnatural.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnL6I-000000005bu-2zxc

for games@nl2k.ab.ca;

Tue, 03 Feb 2026 11:26:18 -0700

Received: by umnatural.com (Postfix, from userid 33)

id 6DB4510B30E; Tue, 3 Feb 2026 16:27:37 +0000 (UTC)

To: games@nl2k.ab.ca

Subject: Last update: Confirm your delivery before it expires and returned to the sender.

Date: Tue, 3 Feb 2026 16:23:06 +0000

From: =?UTF-8?Q?Intelcom=C2=AE?=

Message-ID: <42bbf3d3a536287d5170b077b4c0dda2@umnatural.com>

List-Unsubscribe: mailto:bounce322-FokhhsZ61fmDQha@umnatural.com?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="198f005bbbca4ffa554f83c7632a8ba40"

Content-Transfer-Encoding: 8bit

X-Spam_score: 16.2

X-Spam_score_int: 162

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: intelcom-dragonfly@intelcom.ca | Hello,



Content analysis details: (16.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

[178.238.43.10 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[178.238.43.10 listed in dnsbl.ahbl.org]

[178.238.43.10 listed in dnsbl.ahbl.org]

[178.238.43.10 listed in dnsbl.ahbl.org]

[178.238.43.10 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[178.238.43.10 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[178.238.43.10 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[178.238.43.10 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[178.238.43.10 listed in dnsbl.ahbl.org]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: jii.li]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: jii.li]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: ctmsapp.com]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: ctmsapp.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: ctmsapp.com]

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 A_HREF_NOWHERE A link tag with empty href

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 HREF_EMPTY_NORDNS Empty href + no rDNS

0.0 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

Subject: {SPAM?} Last update: Confirm your delivery before it expires and returned to the sender.



This is a multi-part message in MIME format.



--198f005bbbca4ffa554f83c7632a8ba40

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit













intelcom-dragonfly@intelcom.ca |











Hello,



⚠️ We need you to confirm your delivery before it expires and returned to the sender !



































Â















Â





Â















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.



However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:



Confirm my delivery



Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).



Have a great day!















Â























Â











Intelcom Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 03 Feb 2026 12:31:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnM6h-00000000BDL-3rSE

for dave@doctor.nl2k.ab.ca;

Tue, 03 Feb 2026 12:30:39 -0700

Resent-From: The Doctor

Resent-Date: Tue, 3 Feb 2026 12:30:39 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [83.167.253.232] (port=36164 helo=rentstorage.ca)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vnJkW-000000002RZ-28QD

for doctor@nl2k.ab.ca;

Tue, 03 Feb 2026 09:59:43 -0700

Received: by rentstorage.ca (Postfix, from userid 33)

id A55E26F1B2; Tue, 3 Feb 2026 15:53:31 +0000 (UTC)

To: doctor@nl2k.ab.ca

Subject: Last update: Confirm your delivery before it expires and returned to the sender.

Date: Tue, 3 Feb 2026 15:51:06 +0000

From: =?UTF-8?Q?Intelcom=C2=AE?=

Message-ID: <9bd3218577630f37b3f6f8376d12113d@rentstorage.ca>

List-Unsubscribe: mailto:bounce248-u6lUoVZeJKUClC9@rentstorage.ca?subject=list-unsubscribe

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1bb154b3ef2deeca2c8b097de34df38b5"

Content-Transfer-Encoding: 8bit

X-Spam_score: 13.5

X-Spam_score_int: 135

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: intelcom-dragonfly@intelcom.ca | Hello,



Content analysis details: (13.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

[83.167.253.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

[83.167.253.232 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[83.167.253.232 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_PHISH Contains a Phishing URL listed in the DBL blocklist

[URI: jii.li]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: jii.li]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: ctmsapp.com]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: ctmsapp.com]

0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to

background

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.8 A_HREF_NOWHERE A link tag with empty href

0.0 GOOG_REDIR_NORDNS Google redirect to obscure spamvertised website +

no rDNS

0.0 HREF_EMPTY_NORDNS Empty href + no rDNS

Subject: {SPAM?} Last update: Confirm your delivery before it expires and returned to the sender.



This is a multi-part message in MIME format.



--1bb154b3ef2deeca2c8b097de34df38b5

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit













intelcom-dragonfly@intelcom.ca |











Hello,



⚠️ We need you to confirm your delivery before it expires and returned to the sender !



































Â















Â





Â















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.



However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:



Confirm my delivery



Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).



Have a great day!















Â























Â













Intelcom Phish Part 3

Posted by Dave Yadallee on
Â





Â















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.



However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:



Confirm my delivery



Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).



Have a great day!















Â























Â

















This is an automated email, please do not reply.











Â





















--1bb154b3ef2deeca2c8b097de34df38b5

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: 8bit































Hello,





⚠️ We need you to confirm your delivery before it expires and returned to the sender !


















Â


































Â
Â
















Please be advised that international mail entering Canada is subject to examination by the Canada Border Services Agency (CBSA). The CBSA determines whether goods are admissible into Canada and whether duties and taxes are applicable.





However, you have a package awaiting delivery due to non-payment of customs fees, taxes and brokerage to which it is subject in accordance with the terms and conditions of the Canada Border Services Agency in the amount of CA$ 2.29 payable via our secure form below:





Confirm my delivery





Intelcom - Dragonfly, as a delivery company, is responsible for collecting duties and taxes prior to delivering a mail item to the recipient, but the taxes and duties themselves are imposed by the Canada Border Services Agency (CBSA).





Have a great day!


Â


































Â





















This is an automated email, please do not reply.


Â














--1bb154b3ef2deeca2c8b097de34df38b5--



Intelcom Phish Part 2

Posted by Dave Yadallee on


This is a multi-part message in MIME format.



--1bb154b3ef2deeca2c8b097de34df38b5

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit













intelcom-dragonfly@intelcom.ca |











Hello,



⚠️ We need you to confirm your delivery before it expires and returned to the sender !



































Â