Nigerian Spam from Microsoft Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 06 Apr 2026 13:48:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9pv3-00000000JQQ-3w7P

for dave@doctor.nl2k.ab.ca;

Mon, 06 Apr 2026 13:47:33 -0600

Resent-From: The Doctor

Resent-Date: Mon, 6 Apr 2026 13:47:33 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-swedencentralazolkn19010036.outbound.protection.outlook.com ([52.103.35.36]:44631 helo=GV3P280CU013.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9phL-00000000Ihv-36X9

for root@nk.ca;

Mon, 06 Apr 2026 13:33:34 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=W6PdewGrv6EjssQkP/25PFpRD74ua6zqH+/AhZ3EVcuuf/YWhLRFjfvEs5MRc3VVlSxYdS9vgYdLmnVEoWS/rQxRRAS+zfpbTm9jq/Xq7UbO+/p8Lmv0A84/cHno6eQb/al8o79WXmU/lOv+IES+jaVoLaG85TZjOEte3A3DjcKF0K8pESww79+nlkOBCHAtn6WV0BhWIhBWXSjzcnIe91uDO59FH1fsvEj2YnkFyOuGwdh2SHMhRPTXt0ZOg/qaUeX87PWHz55/m9oJ+Tf3Smrfvja2bNJdASKDRl9W8UPLprf7jVihM5Ma7aE7Dfr+l9w7UqcKsumMZhRjgNvowg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Ao2h2v0yophPG/1/QP2z48gqgTiY9ZKwqFvFxYjgSKE=;

b=tJzNjQ/z4C2/dcW/7hItdRn8TvKtjtkCzWzHskc+cqbCGVYgtC7g5UGNF16DoUxeoYpJdi81fiq6DpmCycId7urymN2t7xcUom0e+nTr1u3uEg2e4botLIkYVAmUjj4jZXMgkGG+r6hE6su42Z/qmOp6wvGKNVW/R0meVlhha3XxI1LLe6QnDRr8kdKZWmneie90VRJJAKM7LYFgMpdX1AofQdRj752Jc3KlghTqjZSHEGJZ/oNa8yNAeyne+A1cS2g1+c94iBvL18DeCGGgH+7Cv+YLzd+Cznnt/akP4/lZEtAXn75MCpJElE6SPfeOHMG9K7N2G9UpIb7KsJMx1g==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Ao2h2v0yophPG/1/QP2z48gqgTiY9ZKwqFvFxYjgSKE=;

b=Wf3neFQivsqW44s8m/Nam1YZd7ZCzigk5v70bGPKh2+Xuejt4tfEB78z6vHBBh6f7BTRa2elvaFgrXFIA0GZhO5c42gKJuY1QG13V6UtFzR1sKgEEUqCjtwE4xhZCP7oBRZX2YHZDyXinrM3q4tjkCSQZowhO8eSQvrIk+tgXsR/lmf1YDQWVjN4Tn0s3GK8rB0yoT6t0iYXCkRDPStFLdcw8vv0Co51wEUYXR0j2Clzw0J6fm4NC31Pw9ssF21IIIm8v/7yAGmUhvjwcwVr4C6Cd+1PkSF9tS3WWw3c1CIY9PoGB22tCfbtUgSHTviGJ1z8pg/OCNSAsyrLTFApAw==

Received: from GVZP280MB0838.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:f5::16)

by GVYP280MB0463.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:36::17) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.20; Mon, 6 Apr

2026 19:31:50 +0000

Received: from GVZP280MB0838.SWEP280.PROD.OUTLOOK.COM

([fe80::8651:891d:631c:491d]) by GVZP280MB0838.SWEP280.PROD.OUTLOOK.COM

([fe80::8651:891d:631c:491d%2]) with mapi id 15.20.9769.020; Mon, 6 Apr 2026

19:31:50 +0000

From: "Mr. Ammar Hussain"

Subject: MY TRUST

Thread-Topic: MY TRUST

Thread-Index: AQHcwffeDEwaBnsINUKY5BNgl8PhWLXMTg5cgAFqm16ABLWBHw==

Date: Mon, 6 Apr 2026 19:31:50 +0000

Message-ID:



References:































































































Cloud storage phish Part 2

Posted by Dave Yadallee on












Payment Failure for Cloud Storage Renewal































Cloud storage phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 06 Apr 2026 13:48:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9pun-00000000JQD-2KwL

for dave@doctor.nl2k.ab.ca;

Mon, 06 Apr 2026 13:47:17 -0600

Resent-From: The Doctor

Resent-Date: Mon, 6 Apr 2026 13:47:17 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from veovideoconverter.com ([45.124.64.68]:39997)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1w9oZk-00000000FRj-1USR

for root@nk.ca;

Mon, 06 Apr 2026 12:21:37 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nk.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version; i=root@nk.ca;

bh=An+4X3XSek3iA9XPrU7nXIRfP4c=;

b=HtJTpKR3KIpH+Ngau7cCoSoaZnSlmO0K4oiUWf/q3pfdcBzANn67cVG+CfeXKCPsrqtWbz8cmgFN

eRzjgRfCYA7FZBJ359npuouiceiX0X7PKLhUeRKWNQt5QHzTjIWJldnlHyuroyRgLOgwXo6D1N4V

8QR0sIuYoMDYwsvQfTxFEqrBvLeVxWNA3LYJZw54ZufSJk4N9mCinaLFgDBjsxz3mtVhaJylTig9

mJ7w+QX6OLo7wXl0d3o8VXChoulMph0hYYQ4C+qHYrlMidec7lom5t/l/ppK1yYB/agoPdjYDWEO

5V7319vadSBHHfAnWE4FGgfQdDeHcSq1sUVHOg==

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nk.ca;

b=S2YPwvWyt9iKcmek+LMsOydY9WsOO9dmKH8kVf36UC6lq3zUek4HBDLDlRAJDFnNrSKFSu4spULD

inMn5bge/LhXd6oJVlMVF5cwMnKAJWMxCIUHgP90nHcmIjami7UCmim7G2WF6JiRde+rqERy8OR2

skLLNwPGqxQwyqSlPELLtZe5r+eG4fDeCW958cPqvqWLST6CrJMr4i0ypL9RvSMhl2aFl7Z+IDJ6

JNFE3ol5omxlk2Qh2dIeSNQ9BpYcuG8/Wf29hVsiyvg4prieg7Hh97HzTLe0s58rMo1tWcN8Es+7

SyhgJFq1/o5DDfHXMxJAUmZX1yNRSyom6hmo0w==;

Date: Mon, 06 Apr 2026 18:19:57 +0000

To: root@nk.ca

From: System Alert

Subject: root: Uploads Paused: Storage Full.

Content-Type: text/html

Mime-Version: 1.0

X-Spam_score: 9.3

X-Spam_score_int: 93

X-Spam_bar: +++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Payment Failure for Cloud Storage Renewal Payment Failure

for Cloud Storage Renewal



Content analysis details: (9.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.124.64.68 listed in dnsbl.ahbl.org]

[45.124.64.68 listed in dnsbl.ahbl.org]

[45.124.64.68 listed in dnsbl.ahbl.org]

[45.124.64.68 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.124.64.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.124.64.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.124.64.68 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.124.64.68 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

[45.124.64.68 listed in will-spam-for-food.eu.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.124.64.68 listed in sa-accredit.habeas.com]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.124.64.68 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: ni03hfph.com]

0.7 LOCALPART_IN_SUBJECT Local part of To: address appears in Subject

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.124.64.68 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[45.124.64.68 listed in bl.score.senderscore.com]

1.0 OFFER_URI URI: Offer in link address

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.1 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} root: Uploads Paused: Storage Full.

Office 365 phish from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 06 Apr 2026 10:13:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9mZN-0000000009a-49BB

for dave@doctor.nl2k.ab.ca;

Mon, 06 Apr 2026 10:12:57 -0600

Resent-From: The Doctor

Resent-Date: Mon, 6 Apr 2026 10:12:57 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ot1-f73.google.com ([209.85.210.73]:61740)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9luf-00000000NfW-4A8U

for root@nl2k.ab.ca;

Mon, 06 Apr 2026 09:31:04 -0600

Received: by mail-ot1-f73.google.com with SMTP id 46e09a7af769-7dbb4f8b314so8486552a34.3

for ; Mon, 06 Apr 2026 08:30:07 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1775489401; x=1776094201; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=hRDo+JqK19JNBk6pMXb/7QYwK5fEnhzu0Bed+Jk3AOM=;

b=p+Gno7OFzEDZzaHyZFfsCFw4oASg9lP8INt/VjfJNcrNSindAu1akkt0jim3xqihI6

NkQsZE9EJtH7aU2dt1SUUZa0hdjaTcM6CJiZdLq1Ik27ADifE106LBhXaU7t0dumJkt5

XhzQO+QHWMsi68ofmcdsXU6WMO63L6/rcmCvzX89RnSqcV2QcAAa7Tw+E9bMkPGleoKH

slgO236TYTD0GPmwUKRY95MY9cu8oXngwaj/DJE/0Cv477S6qE/VoRHljdbmZQM72+aP

FA4pc5MfVjEj0vQtgl+G7pKgLCr/8nkdTJaMLsvUAUkg3sB5zqZ/EuRGMwVaiq/DTLOs

s62A==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=meutiim-com.20251104.gappssmtp.com; s=20251104; t=1775489401; x=1776094201; darn=nl2k.ab.ca;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=hRDo+JqK19JNBk6pMXb/7QYwK5fEnhzu0Bed+Jk3AOM=;

b=aV7Ys5emtm6Vwvtiq2GDcyji25zZ2Uo6K8CaE+451INXD+aD0lKxkisq8kpiXoF2T7

LDXJD6Hh1vPJ61kpQeaI0Bd/jK00uZnAwSixb8IBKqoQHblJlIzWctKa0yCLp9PzjuXI

atcbqBqYm9gS+TZ0uTAZ0J19egQtfQ9rvCvdyjRNjIzGHaDQwoHhHl5tjMKcWAw66HNf

becHXf29KGfcVqRe0WgbHWvobw7LRUPHzrXFeizjRPfqTFT1kwFlumbiNrKZ/dElrp4M

YrfemTeEL6eSVGhoiG3x1eBkgxcijIa77uxRKIXy1vwIJkg91wQrgkoti6QogBnT3UDx

evAg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775489401; x=1776094201;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=hRDo+JqK19JNBk6pMXb/7QYwK5fEnhzu0Bed+Jk3AOM=;

b=aqSHkNkNHf72pjRBni4GbVv0lYU5IrO09VW+QPKp8pwJ/nwZ8R1kuArZIlfExja+2L

60d8vMM3cGzWziXPSlqtEX2O4H/PP/IGE7Hof3qaQaHfUktSURHbjQOtxlu8Hkb+nZ7C

ngFZG88EIcpiLyVQDsg6bpo3tJDkfzL7nv/46N7uJLU6eTksVqD5M06jozwWQu4+JfXQ

Cluh25vWri0C/kOa5JB5/LO3rTjtOtb4VZ1/27o1mPa2zXpisvnZt0KwKhOB6fjnVfiJ

/NffA4RM6YwuL4npveUNMT8boCphBguk7uatLzxg7m9W5k4ORii1P45LL2CQEXAWtwa9

4B7g==

X-Gm-Message-State: AOJu0YzqRX8evZM2cx4ovTkewy+R8udQrGtxewDpumaM4Yqtew1+PIHQ

J9DDsbJXdD6uV7To2zXa5ubLl8qTN8ZSlgYyPzAptlFzh6bNTF2rqjSXn21PDyTGDCLQmHYrNFo

uM1LERYa6QPwCKRaJo1u54gKH00XdYT66gCLIhOCnDbYYXgfqiuSvu1LP

MIME-Version: 1.0

X-Received: by 2002:a05:6830:700f:b0:7d7:e792:b98e with SMTP id

46e09a7af769-7dbb738ac2emr9341949a34.8.1775489401029; Mon, 06 Apr 2026

08:30:01 -0700 (PDT)

Reply-To: Allstates Yaunke

Sender: Google Calendar

Message-ID:

Date: Mon, 06 Apr 2026 15:30:01 +0000

Subject: Invitation: Notice: Your Plan is Due for Renewal Soon @ Mon Apr 6,

2026 9:29pm (GMT-7) (root@nl2k.ab.ca)

From: Allstates Yaunke

To: root@nl2k.ab.ca

Content-Type: multipart/mixed; boundary="0000000000000d105e064ecc5797"

X-Spam_score: 10.0

X-Spam_score_int: 100

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Notice: Your Plan is Due for Renewal Soon Monday Apr 6, 2026

â‹… 9:29pm Pacific Time - Los Angeles Good morning, This is a reminder that

your Microsoft Office 365 subscription will renew on Monday, 06 April 2026.

A charge of $495.47 will be applied automatically as per your agreement.



Content analysis details: (10.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.73 listed in dnsbl.ahbl.org]

[209.85.210.73 listed in dnsbl.ahbl.org]

[209.85.210.73 listed in dnsbl.ahbl.org]

[209.85.210.73 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.73 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.73 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.73 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

[209.85.210.73 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.73 listed in list.dnswl.org]

0.3 LONGWORD BODY: Uses overlong words

0.6 MEGALONGWORD BODY: Uses really overlong words

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.73 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Invitation: Notice: Your Plan is Due for Renewal Soon @ Mon Apr 6,

2026 9:29pm (GMT-7) (root@nl2k.ab.ca)





Allstates Yaunke has invited you to Notice: Your Plan is Due for Renewal Soon

Title: Notice: Your Plan is Due for Renewal Soon

When: Monday, April 6, 2026 at 22:29

Organizer:

Allstates Yaunke

Description: Good morning,



This is a reminder that your Microsoft Office 365 subscription will renew on Monday, 06 April 2026. A charge of $495.47 will be applied automatically as per your agreement.



**Invoice Data Dashboard:**



Quantity: 3x Device

 Product: Secure Core

Service Term: 5-Years

 Payment Option: Auto Debit

Total Amount: $495.47



Client ID: XGWKPFIJ61

Activation Key: 2d4a6166-29ef-486c-b79b-ed0fb8b98a4f



To avoid renewal or make changes, please contact us at least 24 hours before the scheduled date.



For assistance, reach us at 1 810 219-4231.



With ongoing thanks,,

Microsoft Defender Plan

Accounts head: Cynthia Byrd

Assistance Phone Line: 1 810 219-4231

Finance Team: 252 9Th St - San Francisco Orlando Fl 32801-3728 Usa

Helpdesk Hours: 6 AM – 6 PM

Attendees:



root@nl2k.ab.ca





Good morning,



This is a reminder that your Microsoft Office 365 subscription will renew on Monday, 06 April 2026. A charge of $495.47 will be applied automatically as per your agreement.



**Invoice Data Dashboard:**



 Quantity: 3x Device

Product: Secure Core

 Service Term: 5-Years

Payment Option: Auto Debit

 Total Amount: $495.47



Client ID: XGWKPFIJ61

Activation Key: 2d4a6166-29ef-486c-b79b-ed0fb8b98a4f



To avoid renewal or make changes, please contact us at least 24 hours before the scheduled date.



For assistance, reach us at 1 810 219-4231.



With ongoing thanks,,

Microsoft Defender Plan

Accounts head: Cynthia Byrd

Assistance Phone Line: 1 810 219-4231

Finance Team: 252 9Th St - San Francisco Orlando Fl 32801-3728 Usa

Helpdesk Hours: 6 AM – 6 PM

When

Monday Apr 6, 2026 ⋅ 9:29pm (Pacific Time - Los Angeles)

Organizer

Allstates Yaunke

allstatesyaunke@meutiim.com

Guests

(Guest list has been hidden at organizer's request)

Reply for root@nl2k.ab.ca

Yes



No



Maybe

More options



Invitation from Google Calendar



You are receiving this email because you are an attendee on the event.



Forwarding this invitation could allow any recipient to send a response to the organizer, be added to the guest list, invite others regardless of their own invitation status, or modify your RSVP. Learn more

Blackmail phish

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 05 Apr 2026 20:52:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9a3N-00000000Mvk-24V9

for dave@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 20:51:05 -0600

Resent-From: The Doctor

Resent-Date: Sun, 5 Apr 2026 20:51:05 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mta-sp-e02.jcom.zaq.ne.jp ([222.227.81.162]:58592)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9WK2-000000003ZW-2TvH

for doctor@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 16:52:11 -0600

Received: from mta-or-e02.jcom.zaq.ne.jp by osmta0002-jc.im.kddi.ne.jp

with ESMTP

id <20260405225110327.QNTR.35798.mta-or-e02.jcom.zaq.ne.jp@mta-sp-e02.jcom.zaq.ne.jp>;

Mon, 6 Apr 2026 07:51:10 +0900

Received: from yurgv by omta0002-jc.im.kddi.ne.jp with SMTP

id <20260405225109892.ECZV.35830.yurgv@mta-or-e02.jcom.zaq.ne.jp>;

Mon, 6 Apr 2026 07:51:09 +0900

Message-ID: <86864e9460a48e85a60900ab5ab4beb4ad3322e6@ioctv.zaq.ne.jp>

From: "You've been HACKED"

To: you

Subject: Information about your online security

Date: Sun, 5 Apr 2026 15:50:53 -0700

MIME-Version: 1.0

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: 8bit

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ioctv.zaq.ne.jp; s=default-1th84yt82rvi; t=1775429470;

bh=5kR36n33qc3wfHVKBYN5pBjlKDYsUjoKOy3cKvxK+gs=;

h=From:To:Subject:Date;

b=SQs0hR7exEWTLPdFOilQvFAV/D/gdo3bhaFMZWnGMa6Bgey9SFB1p31gEbMstUEaiV7dWG74

yJpjLo9q8xRZNgfphuYklNujH5agbi6rzZoBMInK/1Ea1BV+rVpQpuehembPoI6YHiJ06mu+7+

xGMSk6mmERlJVviPrOlb7IjfdXOs7R3anwAW47dJSHKwjIpcViBA3dIK8JwVC1TiToe0mJV3sp

tBDWI8PFzLyhcRiMhVTxr5tynwFI1E90+w8xD/tjHgy936emP/sIlPPjTTTrLANU9+fx/5V681

YlWxgQOLrO3+qCF58e2C0Lif3bnL32BMOKH23bgPSNxo+Lgg==

X-Spam_score: 11.9

X-Spam_score_int: 119

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, We are ShinyHunters hacking group. We've known each

other for a while, at least we know you. A few months ago, we gained access

to your devices and started monitoring your online activities. What happened:

We got access to the database CarGurus.com where you had an account with

and easily accessed your e-mail. You weren't very careful about the links

you opened. A week later, we installed [...]



Content analysis details: (11.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[222.227.81.162 listed in dnsbl.ahbl.org]

[222.227.81.162 listed in dnsbl.ahbl.org]

[222.227.81.162 listed in dnsbl.ahbl.org]

[222.227.81.162 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[222.227.81.162 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[222.227.81.162 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[222.227.81.162 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[222.227.81.162 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

[222.227.81.162 listed in will-spam-for-food.eu.org]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[222.227.81.162 listed in bb.barracudacentral.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

1.2 TO_MALFORMED To: has a malformed address

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.3 LONGWORD BODY: Uses overlong words

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.2 PDS_BTC_ID FP reduced Bitcoin ID

1.5 IMPRONONCABLE_2 Too much mixed numbers and lower-case letters

1.0 BITCOIN_DEADLINE BitCoin with a deadline

1.0 BITCOIN_ONAN BitCoin + [censored]

Subject: {SPAM?} Information about your online security



Hello,



We are ShinyHunters hacking group.

We've known each other for a while, at least we know you.

A few months ago, we gained access to your devices and started monitoring your online activities.



What happened:

We got access to the database CarGurus.com where you had an account with and easily accessed your e-mail.

You weren't very careful about the links you opened.

A week later, we installed an exploit on your devices including your phone, giving us access to your microphone,

camera, keyboard, and all your data.

We have your photos,browsing history, conversations, and contact list.



Besides other things, we discovered that you frequently visit adult websites and watch explicit videos.

We managed to record you and created videos of you pleasuring yourself.

With a few clicks, we can share these videos with your friends,

colleagues, and family or even make them public.



Proposal:

Send us $2000 in Bitcoin to the following wallet:

bc1qwd4rfmy39pfs58kgs95knx3v0xw47g3rtkud5j



We'll delete everything immediately.

You have 48 hours from the moment you opened this e-mail.

Once the payment is received, we'll remove the malware from your devices.



What you should NOT do:

Do not reply (email is sent from a hacked account).

Do not contact the police or anyone else—we'll release the videos along with other stuff all over the internet.

Do not try to reset your devices—everything is stored on remote servers.



What you don’t need to worry about:

Will see your payment immediately—The wallet is generated specially for you.

Will not share your videos or other things after payment—There is no reason to keep causing problems.

Nigerian Spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 05 Apr 2026 13:08:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9SoJ-00000000FJ9-3OMY

for dave@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 13:07:03 -0600

Resent-From: The Doctor

Resent-Date: Sun, 5 Apr 2026 13:07:03 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-yx1-f53.google.com ([74.125.224.53]:48610)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9Pvb-000000006Q7-2fiJ

for doctor@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 10:02:33 -0600

Received: by mail-yx1-f53.google.com with SMTP id 956f58d0204a3-64ef161129bso2562583d50.1

for ; Sun, 05 Apr 2026 09:01:36 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1775404890; cv=none;

d=google.com; s=arc-20240605;

b=jRTk1sVe0rabkPTcwcCsJOXywTOG6f1TM4/yUiM3c1uN7uuuy2xxtzZusAfpgg6DiP

H5XJpxsi4FiMeNq6XGi+ysLFw9FZgTfd7hBKXjMzuPgQdVHwhwwoVPJuA2R/q9xcgQlu

leYuSHPTiUGwFg9uueDi/fwGMAwwkZhZ2cNMpBqENLML8nsOTi4aV1J50cTkmt0YhLfX

CTxjh3xNd9OQilN77o6x0F+4KNgV4riJjSKEb2V/2rPoRVzsQSbqnGQEeVi+MvArX9/N

mMzBOPZ7WrWItSbDcMeFiVYKTYtvoSqYGBhP1hUhET2kvOKYxc9IoBkHvwpnIcRkf4cw

CyuQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=OzAuvCXaR8VtgAo2YlN3HOaSVK/FgiFFi3Ga2aGkE8s=;

fh=b+UGVVQofpdbvjMvi60mvv7ySk/qKKWEme/8ac+byQg=;

b=DuSUbpu6iGeagWIH1mCWkSlVCVo6xXEdWv10xdRnd6Oy/khskzLkCpoA2GrU/dFZpq

LvR5a6uaVZEtqNFO0bKpVNkQk2ebPDYMxYUgY/65BaMu4YUl/3clw8K37ahWdBv/CrqA

UiCGNxI4FrssD0QewDzU+ITfQEkhSQ9vAcJR6bgtjDTZxc9xeL85d9JpwRoIjy3+jzH7

Szq5Lk3PCMeDdKPuq+3wV2rWTtvzP3ftRzrXuKxH4YfXAEfbC74MUnx87ZcGdQ0kbhfj

LyKcESjzV9EPFkE+hfO6w7ktFvW/AgFtUnABwh7mLqepSLW9CgZirKTCYX+UQeS0sbbv

/Rmw==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1775404890; x=1776009690; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=OzAuvCXaR8VtgAo2YlN3HOaSVK/FgiFFi3Ga2aGkE8s=;

b=miqh0l65tv25XjmN4hMJSyjpEqm50hOhiSJ67a44SCGZsArNFqyvwtZN0/WUhjSzz5

CzEizZ2qUSB5f+xpb4Sz8WTab02pOlCL/tcT8LlOtsEvDs7WGp0CDrTrSLdrr5rX9X2Y

ES5EgSeKWlgquAL5haOHQTWJn5JtLA5Wo5YzRHYwX5JWdAkDBYdmKUjPLs3y0cyptcU7

5vsYjcAQtz43E6Noeb3qYNqjsfCzib+HspHbrIu9VGeeeEzj3eHVrO3MJSxKPtARd1Kt

6K2nmqHFHt4y/XHxjFMaMMkzHKnr5nEpdgrnOKOqvGNqoT0oQHDSJa3i3WzKFzkbN9r0

vCVA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775404890; x=1776009690;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=OzAuvCXaR8VtgAo2YlN3HOaSVK/FgiFFi3Ga2aGkE8s=;

b=cnmsrF2V9PEfVx+7g05E+Q/xqtwp1Vvjcod7zVdCRQa1EoyQh+7lXxePk7V7i0PHpj

qYKMZv5/uiUuvyj7hPDN+jqj0XPjcfsOHww4nqAQQ1RH5Q5SCmxJ7BcAQD1n9WC4dFzE

QzeKG/EoD/BunFcsqm/IalFamEfO1W++oLghHGtBKCY5mt6H9x1B5AiRy2AlgQs1uy8Z

c97ILNHHKGWdGEW3Ye2f9TF/WrDfZb6LhqjYv60UU9EcO95bZ/uLfZmcVndqZndW48/c

4ZnDWO9HcbnwWm41VMok3SbnR7Re1hUsRYCuHtCIu5QacZoKlJdt/BhFvvJnletQDObc

DGeg==

X-Forwarded-Encrypted: i=1; AJvYcCVPtHmE7T6/iq+E6Hjv3sfJIzkvcM5K0Bv3688hSf5+1mFMVslGMV4+9w3SPzOsg682AMFuXxM=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YwpYEp/TkgaYPErajvj+I4JZzxjawdTH6wK8s/PA+/nnbwFB+JA

aQjyiu8f4onZre0ZD3IQzHhrHMix2SOyy6lqPWbmCRFTz/82uh+Cwjyczea5fHtFMj0kGBHSQVd

n5L347Hyh+YUzR1er9NIRCNA/vKNe6GQ=

X-Gm-Gg: AeBDiesVHbufCN97qFpQbaa9bpY9+IjqT34gnst3uHy5JTywZx9foy+4IsToXVaLyfk

H7U7oqUbXZyNVHcUyT2E1rEnzsBtvCdJnQ7qonwUEANF6h3lHf0WBte+6swycTmc9OLSSH60QPn

kInaQhoINAhrzZXSVtpXtLILW9vWu3XN2qxxTXFS9ml8ZDvhWHGQ8gejq5VQMZQk2/mo2OSxUka

DsKoPhMuczVNFekJKhC9YUkcgoB59MyTqbHOwwDSg/6RJoJYLkOC7bBWr7ML/W8GKu9ulpo0Xda

s9DCTADrSB56iipN+9ZYCU77a4xsH5P/A31hA3NBcgCbBUAV7cF5gI7Ph/RmvW3+JQypkB+hfVz

5+47GWTiXIuw=

X-Received: by 2002:a05:690e:1591:10b0:64e:a853:624d with SMTP id

956f58d0204a3-650486e4273mr7260236d50.19.1775404889694; Sun, 05 Apr 2026

09:01:29 -0700 (PDT)

MIME-Version: 1.0

Reply-To: selassie.abebe@yandex.com

From: MR OLIVER

Date: Sun, 5 Apr 2026 09:01:24 -0700

X-Gm-Features: AQROBzBbGnmvpOAdEex1enL2PHZPdMcghXFbIPylt-OCgIOmoAPVAHF-wXZSRx0

Message-ID:

Subject: RELIEF TRUST

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000c86648064eb8a908"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 24.3

X-Spam_score_int: 243

X-Spam_bar: ++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Sir/Madam, I am Mr. Edward Stave, a representative from

the British High Commission, focusing on Compensation Matters for fraud-affected

victims.British Government has allocated $2.8 million each to those affect

[...]



Content analysis details: (24.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.125.224.53 listed in dnsbl.ahbl.org]

[74.125.224.53 listed in dnsbl.ahbl.org]

[74.125.224.53 listed in dnsbl.ahbl.org]

[74.125.224.53 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.125.224.53 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.125.224.53 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.125.224.53 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.125.224.53 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

[74.125.224.53 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[74.125.224.53 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[lynnkate071(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[lynnkate071(at)gmail.com]

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[74.125.224.53 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

1.5 HK_NAME_FM_MR_MRS No description available.

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.8 UNDISC_FREEM Undisclosed recipients + freemail reply-to

0.1 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

0.0 T_FILL_THIS_FORM_SHORT Fill in a short form with personal information

1.3 MONEY_FORM_SHORT Lots of money if you fill out a short form

3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases

2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money

2.5 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} RELIEF TRUST



--000000000000c86648064eb8a908

Content-Type: text/plain; charset="UTF-8"



Dear Sir/Madam,



I am Mr. Edward Stave, a representative from the British High Commission,

focusing on Compensation Matters for fraud-affected victims.British

Government has allocated $2.8 million each to those affected victims to be

compensated



1. Your full name

2. A form of identification

3. Your contact address

4. Your phone number or Whatsapp number



I await to receive these details to enable us to do the needful.

Yours Sincerely,



Mr. Edward Stave



--000000000000c86648064eb8a908

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable





=C2=A0
>Dear Sir/Madam,

gnature">

I

am Mr. Edward Stave, a representative from the British High Commission,

focusing on Compensation Matters for fraud-affected victims.British=20

Government has allocated $2.8 million each to those affected victims to=20

be compensated

1. Your full name
2. A form of identification
=

3. Your contact address
4. Your phone number or Whatsapp number

I=

await to receive these details to enable us to do the needful.
Yours Si=

ncerely,

Mr. Edward Stave









--000000000000c86648064eb8a908--

Nigerian spam from Google Gmail Part 2

Posted by Dave Yadallee on
--000000000000824158064eb6c53e

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello, I am Mr.Michael Adama, and I work with UNITED BANK For AFRICA.

Please Can you use an ATM Visa card to withdraw money at ATM cash machines

in your country?



I want to transfer money to you from my country; it=E2=80=99s part of money=

taken

by some old politician that was forced out of power.I will change the

account details to yours, and apply for a visa card with your details in

our bank,



they will send the visa card to you and you will be withdrawing money with

it and always send my own percentage of the money,



and the money we are talking about is $9.5Million us dollars. Whatever

amount you withdraw daily, you will send 50% to me and you will take 50%,

the visa card and the bank account will be on your name,

you can contact me with your private email I.D (

mr.adamamichael2005@yahoo.com)



I will be waiting for your information as soon as possible.



Your name.........................

Age..........................

Sex...........................

Country.....................

Occupation....................

Whatsapp number....................



Best Regards.

Mr.Michael Adama



--000000000000824158064eb6c53e

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello, I am Mr.Michael Adama, and I work with UNITED BANK =

For AFRICA. Please Can you use an ATM Visa card to withdraw money at ATM ca=

sh machines in your country?
=C2=A0
I want to transfer money to you f=

rom my country; it=E2=80=99s part of money taken by some old politician tha=

t was forced out of power.I will change the account details to yours, and a=

pply for a visa card with your details in our bank,
=C2=A0
they will =

send the visa card to you and you will be withdrawing money with it and alw=

ays send my own percentage of the money,

and the money we are talkin=

g about is $9.5Million us dollars. Whatever amount you withdraw daily, you =

will send 50% to me and you will take 50%, the visa card and the bank accou=

nt will be on your name,
you can contact me with your private email I.D =

(mr.adamamichael2005@yahoo=

.com)
=C2=A0
I will be waiting for your information as soon as po=

ssible.

Your name.........................
Age...................=

.......
Sex...........................
Country.....................
r>Occupation....................
Whatsapp number....................
=


Best Regards.
Mr.Michael Adama




--000000000000824158064eb6c53e--

Nigerian spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 05 Apr 2026 09:12:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9P8D-0000000041c-3jjm

for dave@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 09:11:21 -0600

Resent-From: The Doctor

Resent-Date: Sun, 5 Apr 2026 09:11:21 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pf1-f195.google.com ([209.85.210.195]:43378)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9NoX-00000000PBD-3II9

for root@nl2k.ab.ca;

Sun, 05 Apr 2026 07:47:07 -0600

Received: by mail-pf1-f195.google.com with SMTP id d2e1a72fcca58-82748257f5fso2442864b3a.1

for ; Sun, 05 Apr 2026 06:46:11 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1775396765; cv=none;

d=google.com; s=arc-20240605;

b=FCduBtW6ht/t4PlGupIM1PtpzafuxQojBnPW32Gv9ULX9TkMqYYRmttpL+zkgZqpwn

5FbMvjTBRpDztc6XeFRwa578rJdGfxIRcnR2UeG6fLZAlh6Us0Kc+blL8MgAPJCUkuFm

xQEgVDI49p6TVxohemzZwgJDGIALyUz/Y6Kj7XnRBG+xjPLpxDcoBZptjWs/jwtlXVMI

yeh0rBrDIH8q5KnGE/L9Q0YpRIdXAIZHI46q90rkGWkMqekQmF+E5W7LUqMOkEzgshkD

d+zEdVHztIqnad3MjwxLjpu6oBsGueTR2ItBMBfo1gMxE5vFU7A6e2Quhr4mePHl4nS4

jE2Q==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=EmkD46zGjAj5ZIR/R2aK2hL+2pdXR32zXBGzb/y/hg0=;

fh=/B80ccZkeOcSPva4GFuEGZFIHK0pvPVy0qSpZr61LuA=;

b=Us+W/gJDRnEQ66MszMaymNrm8Ae4f1Gv6I4UkxMOGsnHIPafB8A0QGh5tlhD2dJAWo

Nk6kNwfLZimRPAsgK+OiU77hs3q/dMMQL2g5uOU3pfdsekUpuB81p/ENMYGXLsY+Vwre

RKwZj4oCQst8QR056pt2K7DkGreSaoQbiuB4zVWN6tu93R79f+Q2q6Fjl9oLiekT0ypO

jqo7MxCU59BTDVd/em7v5ZBniuQCmZZRHXHimxGw5RF9KIt37EwHVYEZraCmmi8gaydO

lIbQ8BlnG4pmjM49/CRgyt9OLiYvUTNx8/PZTZkdqm3sNQBZ30Wj+2ZQ5SVM2FWTt81D

AdNg==;

darn=nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1775396765; x=1776001565; darn=nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=EmkD46zGjAj5ZIR/R2aK2hL+2pdXR32zXBGzb/y/hg0=;

b=e+o67QVq9nJzcrY5dlcH2R7bQrZvMlYMCXEb7jBWjVoIEUcu04gI32wABWwhCNKKsh

4tEbRp9FDt2+bk+u0vAPfB12qZgGQZEBV2p15NWPdhpYK79b+Avj9dMirkhl9tbYQtiY

msb8cMHFdzmpXvCfxt3Ad0KeLvGi+VNzRpG+/mg9sDbSKsG1axtvE3eK+7yQfWsk98aN

YsW49EaZyUGj8DySSFmU0WiPchGJq9CiL7ulERgedNZ+PwdNcyTTbcXJqWN666Tg75iD

jXF282mok5XBj2nnbW47TFWFp58UURvcVxtAEhIsP9k0gy3xjAznBvHlHEJFiixwyUK9

UYew==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775396765; x=1776001565;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=EmkD46zGjAj5ZIR/R2aK2hL+2pdXR32zXBGzb/y/hg0=;

b=qwpef3iJR6lPC7QIJusxSa39/ULJKx/lj3C0EupJ1Ef1R4xfwhXX52ObYp0IgrqSI/

fiCxIYG+SVc9uIr82o0z8mj6okobnjrtjIlcUJ2MZUQim8ze/7CblKXPNTc9FArbe7a1

jEd424x8DRJB1SpGQxtxkPcvBmBC0VN1+KyD4RlSktUZx4B5UCPpvkg/CKSbMSFlEvhz

NP3NjDFQerWlFRBJLvuywrI/fMljsg7SgPv1xappT3HoUiqDGk1Vkn8LITJ5sP+u8hjN

0nUJoEZ/Buvndt+8W8Zeq5jh1+bI3zVO3T4GgoiUNm1B8yab/FxVEmMI8rYJaLZ6CUbk

q2kg==

X-Forwarded-Encrypted: i=1; AJvYcCXA/0PJnqs/MAB4N0bewvPTPhSkXi3CDD7NyLPYz3JELK+oIuCnHx7t3b84PAn6uuhaShCR@nl2k.ab.ca

X-Gm-Message-State: AOJu0YxuusQNncvl8PE7kbrtLyoBR9oAiUSzG3VCrrNdj7pbwxs90Luf

Q+T7WBfPkhqNhGmYN7CfXtWapIXV1UMZc2cdyS2YUdWVwFJijRebYzgS0d7h5AkZ++DczhPSMDT

4ZffeIb0GLu64VU8IOKlm//Qpu9iHTM0=

X-Gm-Gg: AeBDievYSPPdkUckTlXhGatLT4rX+m1mvsXl1QAr2Uml3MyvfjUEvqL/rVrIf9OX0vD

7rTgFDA8AKz1Afj1Xy2R4hee7rJo0blso1KSegLLrRz5TxiR7tGAKWRs5z7ybMQs6TrB4i9Qn2Q

9zrj1qV7BxD7Gebc0/E9hn7XnSUrc5+Yu8MgT4IePjgoyovuAx6i1c8uI2TFwxAECMg1AwsoS6z

kJRYAikDeTZPB6jJeLqVcEJTEmx2fYqznjfiTHdNDYEGwyKXPGUC3ccaVsPJyW458tLRW1Qbt58

T7YRiAtgqUySobADXsqxXhOCOprDJHZvNkc2/FRU

X-Received: by 2002:a05:6a00:c90:b0:82c:2104:ccb3 with SMTP id

d2e1a72fcca58-82d0031f927mr11402748b3a.17.1775396764925; Sun, 05 Apr 2026

06:46:04 -0700 (PDT)

MIME-Version: 1.0

From: "Mr.Michael Adama"

Date: Sun, 5 Apr 2026 06:45:51 -0700

X-Gm-Features: AQROBzBjQ0K61LUFX7OwMiJ_dK5dobkXpzJjI2Ka5tWlvarPVogaRvFKM1v7xUg

Message-ID:

Subject: Hello, v

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000824158064eb6c53e"

Bcc: root@nl2k.ab.ca

X-Spam_score: 22.8

X-Spam_score_int: 228

X-Spam_bar: ++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, I am Mr.Michael Adama, and I work with UNITED BANK

For AFRICA. Please Can you use an ATM Visa card to withdraw money at ATM cash

machines in your country? I want to transfer money to you from my country;

it’s part of money taken by some old politician that was forced out of

power.I will change the account details to yours, and apply for a visa card

wi [...]



Content analysis details: (22.8 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.195 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[leom81561(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[leom81561(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.195 listed in wl.mailspike.net]

1.0 MONOTONE_WORDS_15_2 BODY: Many lowercase words (15+ words, 2+

letters)

3.6 NA_DOLLARS BODY: Talks about a million North American dollars

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.5 HK_NAME_FM_MR_MRS No description available.

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 FILL_THIS_FORM_LONG Fill in a form with personal information

1.0 FREEMAIL_REPLY From and body contain different freemails

0.0 T_MONEY_PERCENT X% of a lot of money for you

0.0 FILL_THIS_FORM Fill in a form with personal information

2.3 ADVANCE_FEE_3_NEW_FRM_MNY Advance Fee fraud form and lots of money

0.0 MONEY_FRAUD_5 Lots of money and many fraud phrases

2.2 FILL_THIS_FORM_LOAN Answer loan question(s)

0.0 MONEY_FORM Lots of money if you fill out a form

0.0 T_FILL_THIS_FORM_LOAN Answer loan question(s)

0.0 FORM_FRAUD_5 Fill a form and many fraud phrases

2.5 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} Hello, v

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
--_000_SI2PR01MB40101B512D820F2E53D09455F85CASI2PR01MB4010apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hello!



Your website looks great, but it=92s not Rank well on Google.



Can I send you a free analysis report and price list?



Looking forward to your reply!



Thank you!



Mark Brown



--_000_SI2PR01MB40101B512D820F2E53D09455F85CASI2PR01MB4010apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Hello!



xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">







xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Your website looks great, but it=92s not Rank well on Google.



xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">







xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Can I send you a free analysis=

report and price list?



xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">







xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Looking forward to your reply!



xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">







xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Thank you!



xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">







xt-indent: 0px; line-height: normal; background-color: white; margin: 0px; =

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: black;=

">

Mark Brown








--_000_SI2PR01MB40101B512D820F2E53D09455F85CASI2PR01MB4010apcp_--

Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 05 Apr 2026 06:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9MgI-00000000Ga7-3sUd

for dave@doctor.nl2k.ab.ca;

Sun, 05 Apr 2026 06:34:22 -0600

Resent-From: The Doctor

Resent-Date: Sun, 5 Apr 2026 06:34:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012052.outbound.protection.outlook.com ([52.103.43.52]:62039 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w9M5t-00000000F4i-3HMV

for sales@nk.ca;

Sun, 05 Apr 2026 05:56:56 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=JDWLPWJvV+ZMYVRpj2CVuRDSvMSPa5c8P6sMX85AKTaoa+Nbr0Rj/Nu6ACOXDci8Z7A0OQkkkdKVVVyzsPkcILA3PtsZzstUBIb1mgAqZlM62UrPeGVXn5FRFgZ9hCXqUoDSR3iDRn6yEDeWiztXk0Z6V3GoYTWTOMSAuPB0gzBbv3ygrLVW+iVv+Hclt6gUIAJQZU0hJocP/ObZfgMs7PgtjcgLBhLjTjl8dNIjPeZI33I40QxZEw4tCHPuo+kf64b89PD6Qqrs1Wc+ASgaIj5TxUjslKeJnO+b1Go90gwAG5BOfqhIH/sWOjfkrazd2/pvXyomtDZaF9mPWOvzpg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=WoYu/hVFw0BL3d91YbbOAP0fc6Qv8j0GEjYx/9Vl+08=;

b=Ymns9ol3F+GeO30ujF94Vl4bKr5WkdiiALa34oW8WVVyYPmlaM4Ws7jnJ7mZv/8QooATS9I1u7Ng2tQbemMUSCSesYOBApOVursPv06vz/J+Iujy5DnX/JUaFDg7pKqUSnARyegekbjxFPs4lHWZpDHo494yOYBc1LlVp3u/we/IPICN5ljNUTaGgH/F2grBTFBvHuvMNkHKoHLVYoku3ooRDW/s/cljw65AJoMT5GB/X75gJtgjKTt61/BOdT52bi1YCpgFCS4iEYjq5tnvcD8adMXkpBI/rh+ZPxtCJz4PPF8Y8KBo7gwIRYJ/5KuEqep18ycsDkOjMv0X+LCC8Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=WoYu/hVFw0BL3d91YbbOAP0fc6Qv8j0GEjYx/9Vl+08=;

b=MVJ38U3u4SDwEzQT2XNUxi3A3E6KDChCmnFTcHg1CnPZ0ctWcOYTq4ldoBTtW2wQpe1eA+/bRRP57Tx6G4IxouFVX5N3AOp481K0PAz1TU58zGOSRQmqNq5eftGSVL/eBDMNMwVamfCqbZWVCwoH9p5yPARilE39b7h5xTeOTyIG0hHqBlcEi+y7g8VDQbkmQjalg+NDtRaPEs+6URFLLE113KAR5Yd6qsicLqTj0ALWh3DZHDc2YIz7shYHj8ymwZLmhAM8aNbnce3KY//efmcY7j27Ug0uiGS+BBdhHppPw2x76P2IvPKOSeknH9nr9TXcQlXU2w6K0s9SP3n+Lg==

Received: from SI2PR01MB4010.apcprd01.prod.exchangelabs.com

(2603:1096:4:109::7) by SEZPR01MB5942.apcprd01.prod.exchangelabs.com

(2603:1096:101:1f5::13) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.17; Sun, 5 Apr

2026 11:55:11 +0000

Received: from SI2PR01MB4010.apcprd01.prod.exchangelabs.com

([fe80::42a4:2134:aa82:8498]) by SI2PR01MB4010.apcprd01.prod.exchangelabs.com

([fe80::42a4:2134:aa82:8498%3]) with mapi id 15.20.9769.017; Sun, 5 Apr 2026

11:55:11 +0000

From: Mark Brown

Subject: YES

Thread-Topic: YES

Thread-Index: AQHcxPKvNG2eL5kWF0iVEP+cTbtbyg==

Date: Sun, 5 Apr 2026 11:55:11 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SI2PR01MB4010:EE_|SEZPR01MB5942:EE_

x-ms-office365-filtering-correlation-id: 10f4d4c9-3e5a-40b5-12b9-08de930a3115

x-microsoft-antispam:

BCL:0;ARA:14566002|37102599003|461199028|7071999006|19110799012|24071999003|37011999003|39105399006|8062599012|8060799015|20031999003|31061999003|15080799012|15030799006|102099032|440099028|3412199025|12091999003|26121999003|40105399003|39145399003|41105399003;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?MFImjG+L5PDWA/D+wuqihBD8E6oCQS6sf2f5ytIKdEZ95XddXeslqXpE?=

=?Windows-1252?Q?g0uzUFw1fEfAnJH2/4E2wUJJcr5eUm38z9dzqfWbJRoXc36V6Sbbp0FN?=

=?Windows-1252?Q?5IaXdCj3Hbspi+CMykajsMdeD8XNklqq4EVQ8noAwNpPihBdh34MyEFe?=

=?Windows-1252?Q?perJkDBU5UgvcPjiASks7ABGOXdZ4yqkAEwNIugIrvSU0dgeWXd7k4aO?=

=?Windows-1252?Q?P7nEcPfkItkkx09ZN2IkbzEAgBRB5Q1RZDXdi88Xy6rTI9+9IywJIO7N?=

=?Windows-1252?Q?EDKTRs6/A0CZVgT2gvo+1y6siTmIouGbnzCw8DP1/PdTLCz9m0g0pKl8?=

=?Windows-1252?Q?JcPrFq3alcPF372aBt/6Ct+3/oCEk65xD2kDcnegIHQP4uJvzxYo5ZkJ?=

=?Windows-1252?Q?Mmi4/3AFcldm1LdUfs04Tb8CQb1LDiVlfxVVyZfvsm2s7oXfCsecLO0H?=

=?Windows-1252?Q?OzFtemQIQG9Pwh0kMIuWhcyZ87JBvqxKZB7fSO3KSekUxxM6QDiK239t?=

=?Windows-1252?Q?W8FmSfu//A8iTHY0q2CCehxK/OaCL3e7DKMFGkvk09lU/QOD9/bCiHor?=

=?Windows-1252?Q?tuxopsJVnP/HPYqzKZVuGG+BOfQH9xygrlH1jkbjle9yXLvyCUhOZsu+?=

=?Windows-1252?Q?Q6znqUaeQeasqhWHUuni9Huvm+6NEew7U2fcLmPxLJxF7Lnf5DRWZQBL?=

=?Windows-1252?Q?7KN0I9DCbXwS90Y1YcOnVAwrRKp7JvxvPLMaUCyyU8cNPtGUekCgHy2I?=

=?Windows-1252?Q?pmOKOfj+Icg05HWQY2vddzwkAxVGkpY0mjixtvdzpW/M0AMiNa1K7Ko/?=

=?Windows-1252?Q?lgJKJ+PhdIwubSMNH4NO93WGVtRYGXU+bjTrB3rpIsnM2VN2TwFlniy2?=

=?Windows-1252?Q?L2Xb5bTQtdDtxoM+yG/0Gd1rAIyMlj8Y8I9LLLZqUbFDAi6FBFFxUFUh?=

=?Windows-1252?Q?DR8P0ESq0lTuNFxzfWCM0y+J+7jZ/yZDCWr6UDQN/QGxUkbJYq2FuPjP?=

=?Windows-1252?Q?qcMLZpQDhVJfAy/iTIObzVGsRWN/z3W+wNiyzW1NLGy9xMYxee+8BO8g?=

=?Windows-1252?Q?Hip3EoGVoolghhmUxwiEvCJ6+zgR7kRxfokCDGnu3LLxbyTygCi807WX?=

=?Windows-1252?Q?1io0rJQxsV38y+x3lEQTwxof4rMyOuzusepa8s68nFPyrkwsMIFqcuT1?=

=?Windows-1252?Q?yksBPsAn2XWiTIbGpDUq5QjhUeTLgR5zAAHnvLzmX/tA3gK6rzudbpOz?=

=?Windows-1252?Q?fQb1k8Qr9VmOMXneN0I8ldoBkFBap4siSJQaR2V9ZeTEpi1ourbpMwpS?=

=?Windows-1252?Q?atJ3OA=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?hx88Rko0RoWdyYUWmQGV2Por2aO9PB75i6QcPC/PIdPdugjsIVZiW9vJ?=

=?Windows-1252?Q?N10nZIcLbCMACWVySKrQEXA+J23q5TMR1W3h+kex4nop5eRpBKOl1076?=

=?Windows-1252?Q?f7TqThoKpyOGAvDeTOzQbuxWj66p14MabhUydI9A8M5pPBCKEI5IJsM/?=

=?Windows-1252?Q?uVsJXkv8VZjAk0f8sUhkV0b42XAaY70eew6lCkMBxaIUhSvtsS7qfLQv?=

=?Windows-1252?Q?ZsYoEmrAzow8NQpPmnk4Ig72gj/Kh5hvJkMZfL/s21w540H8Z9heRQaA?=

=?Windows-1252?Q?w9rCLjID07A9GCjdq0nT12m5sATT5M+NgmGW4GqWNNGQkXnW1/4GoGfP?=

=?Windows-1252?Q?rnZsfkUw9YEGilx7sKoa0EfmV+HPfR1ZR7RcFS81nxWRM0OUdqDlgm07?=

=?Windows-1252?Q?hNZHppHHTva4CM3EylA1XUZlthq+eYmExwmM4PyXjMIu08kKSM9Z4ZG6?=

=?Windows-1252?Q?FOa69vmrFMR2zMHBcqzQubSryRbaBfublRX/qceI76xkaHVllFU5cfc4?=

=?Windows-1252?Q?61aHLdauJ7o7QXpCFrGuu/+xQWK3+T19tfCoFtZBF2BAi1GPePeNWhNB?=

=?Windows-1252?Q?aLHx/44kk6hh6M/a7tEqF7sKdXB9lCL1ozeQS6FBxbAVYutkJHVtJMiM?=

=?Windows-1252?Q?ly+tW6DHF3DqD7s3CFvyxO7cnUIvNd8Cxay+QyBN/sgY7n1iSm83m6AA?=

=?Windows-1252?Q?ghEqGBCFOwRFsKBADvD4Km+fiHQrGrDTAbvzyiMl1XhmQe3zzxIpsvW7?=

=?Windows-1252?Q?491jVK1hyBeVx5J4Jo+caGHX6D9gtl8upc6Spb+mCaDXPwLYFm87McPn?=

=?Windows-1252?Q?tP8QrMwuDHbam3P+FUMB7KD/4xXGWHgZ/B1zOHw4Ji4h/MfqE8Vv0eRJ?=

=?Windows-1252?Q?WK+ChrGswCbIJN9IgY/yAQHHJ7nE78DBNNVkbLyioLbTLaStO8e8tVw4?=

=?Windows-1252?Q?rLycoV/dDgLNa/sYlqdVmjwDQ6jCZArmW1WcpHHKUxkBuDiDvEQlhW5V?=

=?Windows-1252?Q?SOfq6RjUkyOcMCWgJsBpwfc83sxZ9r7djzusRfDSMXhzaNwi8kw76ytB?=

=?Windows-1252?Q?4QyK4K5vxpHQT69UbGR61ZT3OfUknTs9P+G9KxCYf7RHvyn37sfM4Hoa?=

=?Windows-1252?Q?BNAH6/9BhPR+xmPcQFWzcSlFHRUSayUgdmKnUtb2avoaEeNNis29MrUA?=

=?Windows-1252?Q?ax0bJK3FTZiFoO1ULjDhM9igjMYfx9sKcmL7wiEOhwufkL7iu8n/M7SC?=

=?Windows-1252?Q?fmqF/eTqJS2rW7DAhb5XnwoNsxog1adKXTQ6BfsABC6d626MzMNK8Ze1?=

=?Windows-1252?Q?GNfmZNU6zsVTMH/9cGnFj+Gnq0gvWTZxXLNFXWReOItBuW6eG+Zcyuvm?=

=?Windows-1252?Q?wdvfDy3v4HF51Ts18lGAwmu3yKVZO1LsaYbci05IABaUR1qhKzYhYOVg?=

=?Windows-1252?Q?FnTEBv2Of9GbLS0+FSAfoBqq7f9AV4JL7Ec8rFQW+vGbi2TjlmTBgm68?=

=?Windows-1252?Q?i+nyIzfUYillEhAbAfwOrUmWsMBHpq+BQ6SVUvugxYAnJhlub0suouH+?=

=?Windows-1252?Q?jOqF+ts4wYRsDfbZ?=

Content-Type: multipart/alternative;

boundary="_000_SI2PR01MB40101B512D820F2E53D09455F85CASI2PR01MB4010apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SI2PR01MB4010.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 10f4d4c9-3e5a-40b5-12b9-08de930a3115

X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2026 11:55:11.0510

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEZPR01MB5942

Nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 04 Apr 2026 12:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w95pN-000000007wL-0bwK

for dave@doctor.nl2k.ab.ca;

Sat, 04 Apr 2026 12:34:37 -0600

Resent-From: The Doctor

Resent-Date: Sat, 4 Apr 2026 12:34:37 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mx-02.subisu.net.np ([110.34.24.2]:50880)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w94rA-000000005AU-1Tts

for root@nk.ca;

Sat, 04 Apr 2026 11:32:34 -0600

X-Virus-Scanned: amavisd-new at subisu.net.np

DKIM-Filter: OpenDKIM Filter v2.11.0 mx-02.subisu.net.np 3F6D7312E0EC

Received: from mail.pokharainternet.com.np (mail.pokharainternet.com.np [116.66.197.136])

by mx-02.subisu.net.np (Postfix) with ESMTP id 3F6D7312E0EC

for ; Sat, 4 Apr 2026 23:16:25 +0545 (+0545)

Received: from localhost (localhost [127.0.0.1])

by mail.pokharainternet.com.np (Postfix) with ESMTP id E7C0D44823

for ; Sat, 4 Apr 2026 23:11:13 +0545 (NPT)

X-Virus-Scanned: amavisd-new at tilganga.org

Received: from mail.pokharainternet.com.np ([127.0.0.1])

by localhost (mail.pokharainternet.com.np [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id dsHiXb_uttwa for ;

Sat, 4 Apr 2026 23:11:11 +0545 (NPT)

Received: from EC2AMAZ-896QSEP (ec2-54-198-108-54.compute-1.amazonaws.com [54.198.108.54])

by mail.pokharainternet.com.np (Postfix) with ESMTPSA id 610144410D

for ; Sat, 4 Apr 2026 21:35:13 +0545 (NPT)

From: "Viktor Jhangiani"

Subject: Important

To:

Content-Type: multipart/alternative; boundary="uRov4=_8spDurlEP3XpqHbrZxn4jTQOtPu"

MIME-Version: 1.0

Reply-To:

Date: Sat, 4 Apr 2026 15:50:14 +0000

Message-Id: <20260404155013C9A74E092E$962744096A@pokharainternet.com.np>



This is a multi-part message in MIME format



--uRov4=_8spDurlEP3XpqHbrZxn4jTQOtPu

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable





In my earlier years, I pursued a career as an engineer and gold mercha=

nt in Odessa, Ukraine. Now retired and writing to you from my hospital=

bed after being diagnosed with esophageal cancer-with only months lef=

t-I find it challenging to hold onto hope or muster the energy for cha=

ritable activities that have always been central to me. It would truly=

mean a lot if we could discuss this further since helping others has =

consistently brought immense fulfillment and joy into my life.

Kindly inform me once you receive this message, and I'll share all the=

necessary details.

I genuinely appreciate it.



--uRov4=_8spDurlEP3XpqHbrZxn4jTQOtPu

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








8859-1">


me=3D"viewport" content=3D"width=3Ddevice-width, initial-scale=3D1"> <=

META name=3D"format-detection" content=3D"telephone=3Dno"> Impo=<br /><br /> rtant




e=3D"3">In my ea=

rlier years, I pursued a career as an engineer and gold merchant in Od=

essa, Ukraine. Now retired and writing to you from my hospital bed aft=

er being diagnosed with esophageal cancer-with only months left-I find=

it challenging to hold onto hope or muster the energy for charitable =

activities that have always been central to me. It would truly mean a =

lot if we could discuss this further since helping others has consiste=

ntly brought immense fulfillment and joy into my life.

Kindly i=

nform me once you receive this message, and I'll share all the necessa=

ry details.

I genuinely appreciate it.  
>







--uRov4=_8spDurlEP3XpqHbrZxn4jTQOtPu--



Web/SEO/App spam from Google Gmail part 2

Posted by Dave Yadallee on






------=_NextPart_000_4733_01DCC421.24C24AB0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
http-equiv=3DContent-Type content=3D"text/html; =

charset=3Diso-8859-1">
14 (filtered medium)">

class=3DWordSection1>


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Hi Dave,


class=3Dxfont-claude-response-body =

style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>We've helped dozens of businesses establish =

their online presence with professional websites.


class=3Dxfont-claude-response-body =

style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Would you like to
style=3D'color:#F79646'>see testimonials from our satisfied =

clients?


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Best,


style=3D'background:white'>
style=3D'font-size:10.0pt;font-family:"Arial","sans-serif";color:#000066'=

>wqmaheshsharma22@gmail.com
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>]


style=3D'background:white'>
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>Sent
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>: 08 February 2026 05:37


style=3D'background:white'>
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>To
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>: root@nk.ca


style=3D'background:white'>
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>Subject
style=3D'font-size:10.0pt;font-family:"Helvetica","sans-serif";color:#000=

066'>: Website / Up-date


style=3D'background:white'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Hi Dave,


style=3D'margin:0cm;margin-bottom:.0001pt'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Are you looking for someone to develop a =

tailored business website for your company?


style=3D'margin:0cm;margin-bottom:.0001pt'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>What you get:


style=3D'mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:0cm;margin=

-left:36.0pt;margin-bottom:.0001pt'>
style=3D'font-family:Wingdings;color:#0000CC'>=D8
style=3D'font-size:7.0pt;color:#0000CC'> 
style=3D'color:#0000CC'>Tailored website development


style=3D'mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:0cm;margin=

-left:36.0pt;margin-bottom:.0001pt'>
style=3D'font-family:Wingdings;color:#0000CC'>=D8
style=3D'font-size:7.0pt;color:#0000CC'> 
style=3D'color:#0000CC'>Clean code and documentation


style=3D'mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:0cm;margin=

-left:36.0pt;margin-bottom:.0001pt'>
style=3D'font-family:Wingdings;color:#0000CC'>=D8
style=3D'font-size:7.0pt;color:#0000CC'> 
style=3D'color:#0000CC'>Professional design standards


style=3D'mso-margin-top-alt:5.0pt;margin-right:0cm;margin-bottom:0cm;marg=

in-left:36.0pt;margin-bottom:.0001pt'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Want to discuss your website =

needs?


style=3D'margin:0cm;margin-bottom:.0001pt'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Message me
style=3D'color:#0000CC'> for a =

quick discussion and estimate.


style=3D'margin:0cm;margin-bottom:.0001pt'> 


style=3D'margin:0cm;margin-bottom:.0001pt'>
style=3D'color:#0000CC'>Regards,


class=3DMsoNormal> 



------=_NextPart_000_4733_01DCC421.24C24AB0--



Web/SEO/App spam from Google Gmail part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dae@doctor.nl2k.ab.ca

Delivery-date: Sat, 04 Apr 2026 05:37:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w8zJ0-00000000FxU-1SLC

for dae@doctor.nl2k.ab.ca;

Sat, 04 Apr 2026 05:36:46 -0600

Resent-From: The Doctor

Resent-Date: Sat, 4 Apr 2026 05:36:46 -0600

Resent-Message-ID:

Resent-To: dae@doctor.nl2k.ab.ca

Received: from mail-pf1-f178.google.com ([209.85.210.178]:56517)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w8tTr-00000000N60-3DzV

for root@nk.ca;

Fri, 03 Apr 2026 23:23:46 -0600

Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-82ce09b61beso1108520b3a.0

for ; Fri, 03 Apr 2026 22:22:48 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1775280162; x=1775884962; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=wOnqWM6oqykcMjuz3GcwHG49lBhqjMfklmUCgpWAZ2M=;

b=Gj6Nf1x20b/yz52q896h7tLH4t7upM6FVnGY1LaeFUoRA0tqMjo8ySEYD/T+maObnd

dO2s316Rja7W8ti3VaqGR/Bk9oyks08pxwpMv+J0WdLGzpZeYeJvEZtPF712LP2xLvk+

XqvuFjoCYTBx2AlrtRoGgZkbEmalyZNMGUXcFj7IBNfHcOmU4AVq7ByBeTqdRa3Ocrt9

erGwU+/1OBj6fCWGYzR3b8gs/xiesMCZJEoF9hZ8udq2YpKoU9TlozrWet2j0Rw9w060

wotVoDmx/577w8OxtZqWHx478r8KdfaGzsxAZ80NeEZeiNQN8OlsXC+IbL0kjntpoRLl

sNXQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775280162; x=1775884962;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=wOnqWM6oqykcMjuz3GcwHG49lBhqjMfklmUCgpWAZ2M=;

b=keDNi8MyXKo9HcAZAZoW8N8DNsywFwCEYENFtUrIe7kBNtZi9OYWe6s2n23psanPF1

AlD26iL/MXEP2raeSmOYaje6DUIaspr692LtVcjPX4hji1yKzz851pXlR0/8JywdFE/B

EL45LZSYQpNeXQViX3hKeON6j4C9i91fasD/CurKyeJzJdErQn5l1QPDWv/nPCmMLI6L

248b2yiC9hXUrg565d5Lnzd/CQg3ky+dmBGNfH5haATXT45lHwQqZABSJiy+6QEdLkgq

hxmHhPTXEqdK1YVBnmmIuAYkcmbmYCPBRYdg9LcwLigt9JA0DloUZ81SBAHcKTNOTb0Z

CHMg==

X-Gm-Message-State: AOJu0YwobfEOMjN7n4FcaX1Jjc5vwABj1fEBpUOYnU+flQo5fg5RbV2B

S0IOP+3kpsVKL4orm/Q08sad11NVMpP3bOTnZCo/5i+s+DtX/a5x6jY03R4Qmw==

X-Gm-Gg: AeBDiesi+InZqsDI+SyslS5ejBVGwms9AR3gszkL/K8g+9y+o1u44UWqg5KEaLToxdW

x3WUgetaJZsOIg4efO08k4k3uwR+sDi5NwsxnJAf+CkAyeacY5r4su1nnSUn6uX9m6sakIns/Gt

XX41p0Iq83GEoDU1jPkFHGwA7ca2cdYQtfbu9JXlFhhxSxYFL1dRMQleYqqxDINjIqi1wY2jx+c

mVZOZMnKucFtMqMnZMRDFYo7g0l9nepFOAWYIV75Z+0iFJ2/P3IWUBuh4wIWALXW8QeJTq2QRFk

rjKF0ch8l0Uhu9Pum1EnCzRY2km6yycQp4LoRbBINb3LEAARDxphdx3Hi24qM1XObJzZthNvMay

DfJbVN1aeJZcyov+Ml36lCmLOldFlJYZtYX907hx3F0+PIV692uDOCjGDp9tmPoeQy1ndeG+/av

O1XQve04Zk1okw7N0qpBLKv8xqgZt5GVw7

X-Received: by 2002:a05:6a20:6d9a:b0:39f:3ca8:a31c with SMTP id adf61e73a8af0-39f3ca8b4b2mr2728521637.53.1775280162398;

Fri, 03 Apr 2026 22:22:42 -0700 (PDT)

Received: from PradeepPC ([103.217.132.88])

by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-c76c6561fe9sm6296921a12.15.2026.04.03.22.22.39

for

(version=TLS1 cipher=ECDHE-ECDSA-AES128-SHA bits=128/128);

Fri, 03 Apr 2026 22:22:40 -0700 (PDT)

From: "Vinay"

To:

Subject: RE: Website / Up-date

Date: Sat, 4 Apr 2026 10:52:25 +0530

Message-ID: <473201dcc3f3$0b079db0$2116d910$@gmail.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_4733_01DCC421.24C24AB0"

X-Mailer: Microsoft Outlook 14.0

Thread-Index: AdzD8maVNZ7TwXsxSZKsPUiC6iEg5A==

Content-Language: en-in



This is a multipart message in MIME format.



------=_NextPart_000_4733_01DCC421.24C24AB0

Content-Type: text/plain;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi Dave,



We've helped dozens of businesses establish their online presence with

professional websites.



Would you like to see testimonials from our satisfied clients?



Best,



wqmaheshsharma22@gmail.com]



Sent: 08 February 2026 05:37



To: root@nk.ca



Subject: Website / Up-date



=20



Hi Dave,



=20



Are you looking for someone to develop a tailored business website for =

your

company?



=20



What you get:



=D8 Tailored website development



=D8 Clean code and documentation



=D8 Professional design standards



=20



Want to discuss your website needs?



=20



Message me for a quick discussion and estimate.



=20



Regards,



=20

Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on
This is a multipart message in MIME format.



------=_NextPart_000_2F5A_01DCC41C.33635AF0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hey Dave,



I sent you an email regarding "Web Design" proposal recently to your email

address. I was wondering if you had a chance to peruse through it.



Thanks,



..................................................................

From: Reyan [mailto: riyageg@gmail.com]



Sent: 05 February 2026 21:27



To: root@nk.ca



Subject: Create a Website



Hello Dave,



Do you need a professional, highly optimized, and responsive custom website

that performs exceptionally?



I create fully secured, SEO-friendly, responsive, interactive, and modern

websites designed for conversion and growth.



Get in touch for a consultation, and let's optimize your online presence.



Regards,





------=_NextPart_000_2F5A_01DCC41C.33635AF0

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">
vlink=3Dpurple>


style=3D'background:white'>Hey =

Dave,


style=3D'background:white'>I sent you an =

email regarding “Web Design” proposal recently to =

your email address. I was wondering if you had a chance to peruse =

through it.


style=3D'background:white'>
style=3D'color:#0000CC'>Thanks,


class=3DMsoNormal style=3D'background:white'>
style=3D'font-size:10.0pt;color:#000066'>…………R=

30;…………………………=

…………………………=

230;…………………………=

;…………………………&#=

8230;……………………….....=

.....
From: Reyan =

[mailto: riyageg@gmail.com]


class=3DMsoNormal style=3D'background:white'>
style=3D'font-size:10.0pt;color:#000066'>Sent
style=3D'font-size:10.0pt;color:#000066'>: 05 February 2026 =

21:27


style=3D'background:white'>
style=3D'font-size:10.0pt;color:#000066'>To:
style=3D'font-size:10.0pt;color:#000066'> root@nk.ca
p>


style=3D'font-size:10.0pt;color:#000066'>Subject
style=3D'font-size:10.0pt;color:#000066'>:  Create a =

Website


class=3Dm-2545167797756988205font-claude-response-body>
style=3D'color:#0000CC'>Hello Dave,


class=3Dm-2545167797756988205font-claude-response-body>
style=3D'color:#0000CC'>Do you need a professional, highly optimized, =

and responsive custom website that performs exceptionally?


class=3Dm-2545167797756988205font-claude-response-body>
style=3D'color:#0000CC'>I create fully secured, SEO-friendly, =

responsive, interactive, and modern websites designed for conversion and =

growth.


class=3Dm-2545167797756988205font-claude-response-body>
style=3D'color:#0000CC'>Get in touch for a consultation, and let's =

optimize your online presence.


class=3Dm-2545167797756988205font-claude-response-body>
style=3D'color:#0000CC'>Regards,



------=_NextPart_000_2F5A_01DCC41C.33635AF0--



Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 04 Apr 2026 05:37:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w8zIj-00000000FYf-0o15

for dave@doctor.nl2k.ab.ca;

Sat, 04 Apr 2026 05:36:29 -0600

Resent-From: The Doctor

Resent-Date: Sat, 4 Apr 2026 05:36:29 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f180.google.com ([209.85.214.180]:48207)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1w8sve-00000000LHD-1a0l

for root@nk.ca;

Fri, 03 Apr 2026 22:48:25 -0600

Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-2b2503753efso19906285ad.0

for ; Fri, 03 Apr 2026 21:47:24 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1775278038; x=1775882838; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=8Mawth+KFeW1hfzib2oBalPgmOKBjVUorWtMEyXJcUs=;

b=MbPd6DV9nIEMdDMvMNKEKI+rFuGIRwoXqu3xmJU4gP3xsalKXJg0YsCVv+l8dIl+S4

tELNY9C9eXOi1kBE0+apNuhY98q8JosAtMx3jFlpE/bxBhfsw7srL1agnVGjlLvU0/Sh

ZlaGdrPoq+YDHQXkFP/ig5nAATn7kEXg8S2VIrV0yI7fiH0qbvz62uP09Gv6F3UqPdQc

rwm2l5nlXytZYQV7dqJCuwMxp1aXbISBbR3lp9ZUHY2C2gVIWqfddOnU5Qp0ONhq0G7L

HyLGSb49zWmkOaoB9Is9PX529GCzq8HtHBhZJybXRSDX56U2Y1B1icUOiPzr881bmYq1

4PeQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1775278038; x=1775882838;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=8Mawth+KFeW1hfzib2oBalPgmOKBjVUorWtMEyXJcUs=;

b=pUw81mz2NIG7q9Vf5/jpFBOvJ9Gt0fj3diRcukobU+JWR3VHnP2LtyfE7N4xTYjFuF

H4fGeZK3ipHNHG/oYa3RJty1BwtFBQDN+WemLiMaPoRr9S+0aabS7rwhaBIEi2qIBa4G

gsTTpV3LonYBitHFiSUZl59brkIZOzY7H405x60kCLOiKUHnjRt4aB5Gk586aTguUiBb

b4s/51F+rI+ytQEVnsDvbHApDHduwRbnirXOH9tmNKNK2q5qanrA4k7kR+NSxXVaSNwa

bgZXtlhMM1sl1pXy0uEilMGEl/MPIkyw3wwL41ewSoBoal68/0gABPF7ObomiuneUDvh

Mr0Q==

X-Gm-Message-State: AOJu0YyXLKxM6/boiy+AGk0o4izlfOKFPUHDypuu3JdsuGVZ+Dhk+MTB

g/CpRf1wyDd6Xu6rmY3YwaTXML1i0UfVDzkMiRXK4bGw+sCLaSOeTznLZi2e2Q==

X-Gm-Gg: AeBDietFobNxQQCl2QNyjga7l3bVyeHj1C7qlr++8EMsAGBMf5YlFHf/f/Mpew8Sv+v

AHKRjUSnVsJ6e8c3b6cBCiaXaPbg1r+3ylMg6cuosu7O7Tur0VSTlsUpeO1OXze5o9xSEIW7XdF

+sgCcvQf6oexPJj/yORIvCfM8DlDTqeEJlxkC2M2FKu34mNwqreDzdF2TMrFiLjgqyJJovIxqgh

AwIN9WIuzC48fM4SpI7QjMEBAgieV7MVOxxMlQlIJwUYygyYv0EVkQyCEn2HpLa5PrEjJF9pJAE

+LCvoCPb0ifsP6UKTxD8vTjjiIsBWVnmwM6SCcdLR5wzaRDJYTuoFxUHaNH8P/3bAO8aYdPfT9o

GuLSJ8n1BWK8T5148hnv6xC79AgFrxCNyWCxhHbTO9NiSdeYlwfRb39ZSzzD69fPUGR+QeLubbO

WwFSmODhnF4VTJsw==

X-Received: by 2002:a17:903:2c05:b0:2b0:6475:73d0 with SMTP id d9443c01a7336-2b281854f0fmr60038225ad.12.1775278038386;

Fri, 03 Apr 2026 21:47:18 -0700 (PDT)

Received: from PradeepPC ([103.217.132.85])

by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b2749ecbd1sm112650065ad.83.2026.04.03.21.47.16

for

(version=TLS1 cipher=ECDHE-ECDSA-AES128-SHA bits=128/128);

Fri, 03 Apr 2026 21:47:17 -0700 (PDT)

From: "Reyan"

To:

Subject: RE: Create a Website

Date: Sat, 4 Apr 2026 10:17:02 +0530

Message-ID: <2f5901dcc3ee$19aa3490$4cfe9db0$@gmail.com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_2F5A_01DCC41C.33635AF0"

X-Mailer: Microsoft Outlook 14.0

Thread-Index: AdzD7drOMxbvC85DQ1CWPAtdhgxkDw==

Content-Language: en-in

X-Spam_score: 5.4

X-Spam_score_int: 54

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hey Dave, I sent you an email regarding "Web Design" proposal

recently to your email address. I was wondering if you had a chance to peruse

through it. Thanks,



Content analysis details: (5.4 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.180 listed in dnsbl.ahbl.org]

[209.85.214.180 listed in dnsbl.ahbl.org]

[209.85.214.180 listed in dnsbl.ahbl.org]

[209.85.214.180 listed in dnsbl.ahbl.org]

[103.217.132.85 listed in dnsbl.ahbl.org]

[103.217.132.85 listed in dnsbl.ahbl.org]

[103.217.132.85 listed in dnsbl.ahbl.org]

[103.217.132.85 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.180 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.180 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.180 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.180 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[103.217.132.85 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

[209.85.214.180 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.2 MR_FROM_SHORT No description available.

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.180 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[riyageg(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.180 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 NO_RDNS2 Sending MTA has no reverse DNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} RE: Create a Website