NetKnow Corporate Blog

Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 09:04:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRAMV-00000000EBx-2IVW

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 09:03:31 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 09:03:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19013075.outbound.protection.outlook.com ([52.103.43.75]:53861 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR8iW-000000004l8-0son

for sales@nk.ca;

Sun, 24 May 2026 07:18:18 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=AV3sYmhREMPWGNK6MS/caWFPwGxu2sdmVmdQzfgsP1uCRJRHueRHgHAQmaet8HZgTx1uloOQzfDCbop0Nir9LGhwtGfI41te0KCeNstlUnHrBqiiE2Z/ilOiMp08kUs0TJd1w/TzQEvJMyZZg0QQww3g1rYLPdoUoYt786uo0cqpaeTyIbxUNEKtLWeYI7h4T9nqaNS6icTZ4OJeS7NiVkVELd7v0TX9OG2R/79ywdpeEtuijIR2wVPd8eGfqZJRXOqdNO+SLga/kF8Af+H2zii8UWQig4fQu9BTG3KXxhC1HI+eSlEEDQGBVCBQKQSk45dr9RYQE5jQRA2aEyp8iw==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=tpXBVqj6dcbWm9uISriD9cb70ne94LUkP4RJU3lb79g=;

b=OpELoFnFMOkPmM/RjZzY0ROMGRf98MamSJWPPBIZxTnSs+IsSKQVFaak2TkhsMAqExbmSNfGTEVugBbHp+Lx6B7blv+W8kdu48Nap0Bf/7qf/xgFnDDnYsIA2HHYXDoU9RxXlKPcKjEiTB/kWXThnTkG4XYsdWvsjs6eXywQ1wE6lF6SvT0UjzhZ7H5urdt4uwx+ij3i0t05V/Frh1pSiIUL/vThUSXPr78oEdMxT/25tZiBeaP84Tqez8aBe0DRw5438FMDUdCSSxDrJu+19/jEZ21UoEssf19eYQFznynMKdeJzxljoKt6iskFVdK6SpGQbHbivTe4RakEud4DyQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=tpXBVqj6dcbWm9uISriD9cb70ne94LUkP4RJU3lb79g=;

b=ecKhDGZT61M9S6LVTijZgIYc4dcwr8lOjJncd2oL0SNgV1olbY2RpFXmxzO3Xq4twStJ/+hYJmYv10SRYRe90QsBWQP37s6wNnIejTgFIX0yKxzoO+emfQ+Yao3BXU7XZnRXjCxAW90iHwXPFt6L7OKlfy7GK8JyraCo7ltBSBbKORaCsRL2kbcruaA2jYvmttzmc3chbpbfgU3K5YPxrqkSfw/XdlUUHSVQ8cXWmp61NK4ET4Zuzgwt5EY1csQ039CpaSULPBSrfZW+Mih4Ow+3rK1oUNSR9smflsnuwcoLALFRk7x67+XtyPz1JrB6fakHOMj0Rg7pBYUiaglZZg==

Received: from SEZPR04MB8263.apcprd04.prod.outlook.com (2603:1096:101:244::10)

by TYSPR04MB7965.apcprd04.prod.outlook.com (2603:1096:405:8d::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.48.19; Sun, 24 May

2026 13:16:42 +0000

Received: from SEZPR04MB8263.apcprd04.prod.outlook.com

([fe80::22a6:badd:69c0:11a4]) by SEZPR04MB8263.apcprd04.prod.outlook.com

([fe80::22a6:badd:69c0:11a4%4]) with mapi id 15.21.0048.016; Sun, 24 May 2026

13:16:41 +0000

From: Tubal Paul

To: Tubal Paul

Subject: Yes, go ahead...?

Thread-Topic: Yes, go ahead...?

Thread-Index: AQHc63+EdPNKAxLzJkKYnCrohjQGCw==

Date: Sun, 24 May 2026 13:16:40 +0000

Message-ID:

Accept-Language: en-US, en-IN

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEZPR04MB8263:EE_|TYSPR04MB7965:EE_

x-ms-office365-filtering-correlation-id: 86600db9-b9a0-4e05-873f-08deb996b18f

x-microsoft-antispam:

BCL:0;ARA:14566002|48001999003|8062599012|8060799015|19110799012|15080799012|15030799006|31061999003|39105399006|24121999003|22091999003|37011999003|55001999006|24021099003|3412199025|440099028|18071099003|102099032|41105399003|40105399003|39145399003|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?/nRKmQxUcs9ONX5577UpmvPgeCh6BRdz4pWxx8IVMffuV9YKqo+kvt8a5h?=

=?iso-8859-1?Q?nHTZFw9gsgTyPS0FpQbDvysNiNCGnXQcjKQdjhJJ6Ptv9sMFYft+T1siwo?=

=?iso-8859-1?Q?naOVMEL/rzckOrqnt1nuzMpAnSSPGWaZF/9R0U1zFtQ+WYhFFTpg+lIN68?=

=?iso-8859-1?Q?GZq4kGS3+wnezunf89ekUjwG85Z7vqsbmDadLWAN3OyaQ0vvq7upYMYuW7?=

=?iso-8859-1?Q?e76jVqmenCwP0VpvG9AlcU+7mwCqiFEbfzLAQmiNb2v+lSbydcp5NZhVLF?=

=?iso-8859-1?Q?eBJEqR3Zzwqq+PRUnwzhYTc4A8gfkS3mtDH8h2lR+4Gc8jDKZ33zzL2rZe?=

=?iso-8859-1?Q?3MyDJ0tDdUR75cIpfzQpe2mq6dzi1NccxVTN73f82JwysjeCDhxGlYULfa?=

=?iso-8859-1?Q?aVgBvF8FHCEa8l9x9QpCFb4wKhr25V4wOTJ0989VOtKQQOjefGYWz9JZwF?=

=?iso-8859-1?Q?N6AX1uPD+uniIUCKe94RZxhzhOFAxlsnvZtaydxXW2R1UBV3yVT1cIrWkr?=

=?iso-8859-1?Q?mwggk7HiaHds3sj9fL6uoAsjONd6n4Vn3+p1RIJXggFRz4JyfBxUJta34z?=

=?iso-8859-1?Q?2L78CrIr3jQvnXbKITOH5RihetNNF6qD8O32LcpSqL6lhscBifoN60AER/?=

=?iso-8859-1?Q?pitUG6YEKsybWbptKr9hwIu7EsKfj1Re+L3Aw8cAqLasR597LRU/5MGksm?=

=?iso-8859-1?Q?Hlks5ydL4RIepBqqL5swdQbCJ1a3PRexbYNKZGvJY5ROPDyEJJy0M+0cpE?=

=?iso-8859-1?Q?AFZlnGWv/pXJHUVBw6cPt7tx56h6r/2mtIUmghd1/ZRk81rlW0uzzdd0T8?=

=?iso-8859-1?Q?lUb1RQ+wMnLh5VZBz8DK4y2I8PYpuZq43CtfA/kkrVrjsFAMUrHBaHWQQo?=

=?iso-8859-1?Q?/71SsreXPTAeP0KDoA1LAxbDYXTcUoLru2FlnbeN+quXaiGXts1khfJaWL?=

=?iso-8859-1?Q?KE/fNCizCVSaLFsA7Z4w8p9DugAVPL4Z0vAZSXpkBeYSm4R6aT2FlmauXM?=

=?iso-8859-1?Q?zMOh1F2EGQdakjGYwqQGia6JrL/TImOgoL1TyPAZnNJXrr1VWS03o1besK?=

=?iso-8859-1?Q?gfmnopeifTAJZpMTbMaYtfllTmm7psKDcI2Ouyq6K+Rp3LEdxyg6WQahJM?=

=?iso-8859-1?Q?dfTg5+oyzzBkU7F/FLRNirxZePJBQkqqRqgYDvsosNdIyLLVP+lZezwW06?=

=?iso-8859-1?Q?PWfj515WnO/fchYkp9Gf4p7V78OBhAKi4hBwRkiGo1crmH5HjOU+lXpHo3?=

=?iso-8859-1?Q?hkrWYKKv9WOklPNpBMQV5SjNDudkvMImGfjTW7sUrGFMFXfCnwsgj+4fVm?=

=?iso-8859-1?Q?V3Ay?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?McPsCypcaoSck00zWtwUhgMCQHht+5mpTNwLD0+GQSFwwhvupu/gZ0iWmG?=

=?iso-8859-1?Q?3rx/fwWsaQBjz5atJ9GB1NX8rc4Lys0VqyKQIwKnlqJVkHP4p10uFz56LS?=

=?iso-8859-1?Q?7AKi8wPk/Noasl8aJXIXPFF03UGD3P/Yn+E7GcXyfjmftChCyAX1DEv/Kg?=

=?iso-8859-1?Q?o8RfP63gCWe0IfGBOwnI76N/8fVAu7m6b3Q5yAPpIsoBXRFeTJWF1yhIZ7?=

=?iso-8859-1?Q?1RO+eqJiPk8O+tW6M4uSIeVNFajHYB3xTKNY6RQ2xFCpBWKjcFSlPdSD/K?=

=?iso-8859-1?Q?lGnlo3TBo7l7upxpDvvvCeUongeNEHPczZvvVlkiKz93tNSbEiaDYF9K8D?=

=?iso-8859-1?Q?Vb36NGi9SEPKvzXwHGvmDXV68gG72MsVY94z4SNKcyWofDql8CmnJIU2rD?=

=?iso-8859-1?Q?1zOB38pfPIMRcK0FENtwK9PnoI1dffdMa2n7wjyoBGfXpaX1G5/CQOvwJ0?=

=?iso-8859-1?Q?iCdtgcW1xrLcV0JMiBZHZZlqtA/AaB/Hy30puW0Nt9CL4rH2p/YUig0Cg5?=

=?iso-8859-1?Q?/pw2lL6/Z5DVNI87ts020o9UQYcOacDyJIb/XA8GhfaA25Yw292n3lMtdV?=

=?iso-8859-1?Q?zbAkXyv4UUK/4/OIQJ+vkO/qDKKB1BduZ+JBeXOQ0iu5eqGIauZoG5WgtG?=

=?iso-8859-1?Q?wdr4nAqiUEP73W1QQmxeeliBH8i68gnb6YK8zJ8mKwZbd2D96OhXLMQzjE?=

=?iso-8859-1?Q?74J7Et/HhM0EuzE6Wk2OwrbVLxcPe0jV1o+tnbL2dOiBcMR2cIlv3w6xhp?=

=?iso-8859-1?Q?Kkli4GNxpHQTd0uXiSniE2k7Tic1jkXggSNIKHAZC+3YzbJgZ8M0SlHK88?=

=?iso-8859-1?Q?QbNKtIxzz2NL4g67UYypNTn4zy3L9iC51XYy8CLVSP7bsmDICx9LHQe9Fm?=

=?iso-8859-1?Q?u7FYq+hqTYlJvjEzn1HX1VuBUzNz1dSCmIrNrcTZ6GtWuBmKu6sa5NJgkD?=

=?iso-8859-1?Q?JxMr1x2Y+horqGC7Kc4ymSgR3dhkD7Nj2WGDb4+unmVL0MF0f6YP4X0MHL?=

=?iso-8859-1?Q?fBmXPU0GGRvU3tAtucwQwPeDpqOKw/0jWxIpDrrHLPgJSGa8TGSQ6AiLmT?=

=?iso-8859-1?Q?6gbUN/OegCGbdlKh7uxeGNN3Rb3uH7EUHBzKtUunnp26vaGFcetwgktN/F?=

=?iso-8859-1?Q?PsIqgy2dTkFIPIrSs0mnndw76qCrjuLuReDzjV7YY/wwHcdbZ8g5GkN7Cm?=

=?iso-8859-1?Q?p8RK0F2VAbiZLFgsJrrUs9b/Irw8ZMRSsj02xxK5/Wy+8ffAasOPfIUODU?=

=?iso-8859-1?Q?UFQJ7e6l4ENmZe0rF9I3Nsq32MD5pL7Fx/P3NGI/oyCjbV21Y+RifR/gQg?=

=?iso-8859-1?Q?TU/FXRmyLKSoUdyeIvg/EvJeBUbuhh9/CoYVgXpWLx5WAM+2dQRCj5kku+?=

=?iso-8859-1?Q?DpqLjC//WwqsHyFhcyQDLPRRtipSKb9TNWWkNc1HPESsdEkBExChNfUYlL?=

=?iso-8859-1?Q?8yf+kXLNfa1ZFHOb?=

Content-Type: multipart/alternative;

boundary="_000_SEZPR04MB82631CB867808191C39C6202BA0D2SEZPR04MB8263apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEZPR04MB8263.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 86600db9-b9a0-4e05-873f-08deb996b18f

X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2026 13:16:40.7934

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYSPR04MB7965

--_000_SEZPR04MB82631CB867808191C39C6202BA0D2SEZPR04MB8263apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

Hi,

May I send you quotes with portfolio?

Please Reply

Thanks

From: Tubal

Sent: Sunday, February 22, 2026 11:01 PM

Subject: inquiry

Nice day,

If you were on page #1, you'd get so many new customers every day.

Should I send you quotes with Proposal?

Thanks

Urgency spam

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 12:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRDSo-00000000A51-3X9d

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 12:22:14 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 12:22:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from newfau.fau.unlp.edu.ar ([163.10.28.130]:44611)

by doctor.nl2k.ab.ca with esmtp (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRCXN-00000000071-34mx

for mailer-daemon@nl2k.ab.ca;

Sun, 24 May 2026 11:23:02 -0600

Received: from localhost (localhost.localdomain [127.0.0.1])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTP id CBF3F1E7133;

Sun, 24 May 2026 14:20:35 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779643235;

bh=tP7J5R1Ni2d64aEqKZMcXRzc3l6m9h5Kl25BufhUPMw=;

h=Date:To:From:Reply-To:Subject:From;

b=WF3+pfQwEenWdwKKOs91z0gObGiMIs7UaztUWI9l+MpVI3aUqpLk4v3ZDHzYM4+XI

aM1qSyp5lOIiia+Zrv+1JfTYJLdfbVEqOe/ZSqosRCpkAegxD4s4qlArDdkMTKCcYC

bUTz4bOGON0ICaFmxuK3ARiKgOXPTlWCvFC0iQtc=

X-Virus-Scanned: by amavisd-new-2.6.5 (20110407) (Debian) at fau.unlp.edu.ar

Received: from newfau.fau.unlp.edu.ar ([127.0.0.1])

by localhost (newfau.fau.unlp.edu.ar [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id 8hYfrRIuxM+y; Sun, 24 May 2026 14:20:26 -0300 (ART)

Received: from 127.0.0.1 (unknown [89.249.73.40])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTPSA id E44361E711D;

Sun, 24 May 2026 14:19:57 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779643210;

bh=tP7J5R1Ni2d64aEqKZMcXRzc3l6m9h5Kl25BufhUPMw=;

h=Date:To:From:Reply-To:Subject:From;

b=lv7mg+3hAbXeQ1nbdiTnBKvRiyCm9bzPxLvttzK244RuJCrwWiqDFqIvSAoKWKsh+

YJCZadGyCgd7pLXeQr57liCQBzy5S/+G2oS2sUxFa5szh+JgpsWlkS+MHf560FnWA8

DPj4KhWQ9wFzhnTJUlpbQXN+S4qjcEENLdCtd4NM=

Date: Sun, 24 May 2026 13:55:45 +0200

To: undisclosed-recipients:;

From: FaisalA

Reply-To: falhamad55@zohomail.com

Subject: Hello

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="19c141c683b2d1bd5e460ce68daa0f0eb"

Content-Transfer-Encoding: 8bit

X-Spam_score: 10.2

X-Spam_score_int: 102

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, I have an important business matter I would like to

discuss with you. Contact me now via my email for more information Email:

falhamad55@zohomail.com Looking forward to hearing from you. Faisal Al-Hamad

CEO Global Wealth Management

Content analysis details: (10.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[163.10.28.130 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[falhamad55(at)zohomail.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

0.9 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

2.0 US_8BIT US-ASCII isn't an eight bit charset

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[163.10.28.130 listed in bl.score.senderscore.com]

Subject: {SPAM?} Hello

This is a multi-part message in MIME format.

--19c141c683b2d1bd5e460ce68daa0f0eb

Content-Type: text/plain; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--19c141c683b2d1bd5e460ce68daa0f0eb

Content-Type: text/html; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--19c141c683b2d1bd5e460ce68daa0f0eb--

Urgency spam

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@nk.ca

Delivery-date: Sun, 24 May 2026 09:09:00 -0600

Received: from [163.10.28.130] (port=49758 helo=newfau.fau.unlp.edu.ar)

by doctor.nl2k.ab.ca with esmtp (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRAQl-00000000IA1-0e0l

for dave@nk.ca;

Sun, 24 May 2026 09:08:05 -0600

Received: from localhost (localhost.localdomain [127.0.0.1])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTP id 911921EBFBC;

Sun, 24 May 2026 12:07:01 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779635221;

bh=pf9q/TJ9ReMbELWfgFwIMn0S91IE4rGIR6g4Gw3IcCU=;

h=Date:To:From:Reply-To:Subject:From;

b=NkbeVe7uGdiGc9/BMFkvMUJYg9W/erbwWGcfT4jG16dz4rHqTen5R962HufIBhJrL

OGs5+nWsHhX95B7b7Z2jVylVKjpLSsx5npffZELTAhzUpG99EKpYf9pgFhkZi7S4Q6

kH9iEOTjrk39p/M1w1Dv4EfGSxksuOD50wmnEshA=

X-Virus-Scanned: by amavisd-new-2.6.5 (20110407) (Debian) at fau.unlp.edu.ar

Received: from newfau.fau.unlp.edu.ar ([127.0.0.1])

by localhost (newfau.fau.unlp.edu.ar [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id zrOYS3NmB3U2; Sun, 24 May 2026 12:06:52 -0300 (ART)

Received: from 127.0.0.1 (unknown [89.249.73.40])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTPSA id 45D361EBFB1;

Sun, 24 May 2026 12:06:34 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779635206;

bh=pf9q/TJ9ReMbELWfgFwIMn0S91IE4rGIR6g4Gw3IcCU=;

h=Date:To:From:Reply-To:Subject:From;

b=rHAQAkXo1nwAKr7k08i+0a/GeLs50zNjxvSdpVKt2Q7H45D42F6A7+J8V5De7KxdC

yb3Q4gHapHhMT2cl0tbi0jlGdN+lXxftVYxH+dQpbrVBVGGE2GIWb7i+e67ISlDQ4P

yLEOO76bsEzFW2fyF1uVeWsAGN8LKacZw6jdmv0k=

Date: Sun, 24 May 2026 13:55:45 +0200

To: undisclosed-recipients:;

From: FaisalA

Reply-To: falhamad55@zohomail.com

Subject: Hello

Message-ID: <92d7a604334e277356a6290468cad8af@fau.unlp.edu.ar>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1b7ae322df6836b1004f663211b34b5f9"

Content-Transfer-Encoding: 8bit

X-Spam_score: 11.5

X-Spam_score_int: 115

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, I have an important business matter I would like to

discuss with you. Contact me now via my email for more information Email:

falhamad55@zohomail.com Looking forward to hearing from you. Faisal Al-Hamad

CEO Global Wealth Management

Content analysis details: (11.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[163.10.28.130 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[163.10.28.130 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[163.10.28.130 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[163.10.28.130 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[163.10.28.130 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[163.10.28.130 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[falhamad55(at)zohomail.com]

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

0.9 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Hello

This is a multi-part message in MIME format.

--1b7ae322df6836b1004f663211b34b5f9

Content-Type: text/plain; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--1b7ae322df6836b1004f663211b34b5f9

Content-Type: text/html; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--1b7ae322df6836b1004f663211b34b5f9--

Urgency spam from Google Gmail

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 12:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRDSk-00000000A4v-2v8k

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 12:22:10 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 12:22:10 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [163.10.28.130] (port=42256 helo=newfau.fau.unlp.edu.ar)

by doctor.nl2k.ab.ca with esmtp (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wRCUO-00000000Q0D-1DHo

for games@nl2k.ab.ca;

Sun, 24 May 2026 11:19:59 -0600

Received: from localhost (localhost.localdomain [127.0.0.1])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTP id B71F81EC543;

Sun, 24 May 2026 14:18:53 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779643133;

bh=JZBs+TOZFYghlHNSywrH0BoMJUtGRich9U0FwD8u8mo=;

h=Date:To:From:Reply-To:Subject:From;

b=UOOpdkjOmvH0MjrlYv+4HP23TgfG34HtwUkRz1nZyNpQOwEaRtz/aUlXw3CRfWRng

zeBq22jB605D1nYvXxWchTFZRQGVMAAmCpRqagEdsP5nlnEl64jDGdDIztvWg0fVh0

O9VMKPSXiRySvnozW1P2VcWZ+nD+FYHhnrqrf9u4=

X-Virus-Scanned: by amavisd-new-2.6.5 (20110407) (Debian) at fau.unlp.edu.ar

Received: from newfau.fau.unlp.edu.ar ([127.0.0.1])

by localhost (newfau.fau.unlp.edu.ar [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id ORDHQWSJp1hM; Sun, 24 May 2026 14:18:44 -0300 (ART)

Received: from 127.0.0.1 (unknown [89.249.73.40])

by newfau.fau.unlp.edu.ar (Postfix) with ESMTPSA id AF7A01EC538;

Sun, 24 May 2026 14:18:11 -0300 (ART)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fau.unlp.edu.ar;

s=mail; t=1779643104;

bh=JZBs+TOZFYghlHNSywrH0BoMJUtGRich9U0FwD8u8mo=;

h=Date:To:From:Reply-To:Subject:From;

b=N82vbwAGzMmJnaXEPStVljEbx+KK2YG7UOENHbRVF64ZqrOhspZ1tY2B40Wi7R7S+

41OXnKr4ES1j3NXTVeBUGB5ydRH0ZIqW10VMgasuDyNn9HSIPgs2OOxI9TGU7Ud83A

rEiOssEQgf404o8aQwIrPbV0wg8Iazp7ngT02TfY=

Date: Sun, 24 May 2026 13:55:45 +0200

To: undisclosed-recipients:;

From: FaisalA

Reply-To: falhamad55@zohomail.com

Subject: Hello

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="186021ab9f4aeea945ac8a05ec3cd11e2"

Content-Transfer-Encoding: 8bit

X-Spam_score: 11.5

X-Spam_score_int: 115

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, I have an important business matter I would like to

discuss with you. Contact me now via my email for more information Email:

falhamad55@zohomail.com Looking forward to hearing from you. Faisal Al-Hamad

CEO Global Wealth Management

Content analysis details: (11.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[89.249.73.40 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

[163.10.28.130 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[89.249.73.40 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[163.10.28.130 listed in list.dnswl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[89.249.73.40 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

[163.10.28.130 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[163.10.28.130 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[falhamad55(at)zohomail.com]

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

0.9 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Hello

This is a multi-part message in MIME format.

--186021ab9f4aeea945ac8a05ec3cd11e2

Content-Type: text/plain; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--186021ab9f4aeea945ac8a05ec3cd11e2

Content-Type: text/html; charset=us-ascii

Hello,

I have an important business matter I would like to discuss with you. Contact me now via my email for more information Email: falhamad55@zohomail.com

Looking forward to hearing from you.

Faisal Al-Hamad

CEO Global Wealth Management

--186021ab9f4aeea945ac8a05ec3cd11e2--

WEb/SEo/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on Sunday, May 24. 2026

Content-Type: multipart/alternative;

boundary="_000_SL2P216MB157847E130BD166B3CA72600DB0D2SL2P216MB1578KORP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SL2P216MB1578.KORP216.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 522e92ac-92e5-41a2-26d8-08deb9919531

X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2026 12:40:05.7334

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SE1P216MB2242

--_000_SL2P216MB157847E130BD166B3CA72600DB0D2SL2P216MB1578KORP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

Hi there,

I was reviewing your website and wanted to say=97nice work.

I noticed a few SEO opportunities that could help attract more qualified vi=

sitors from Google.

Nothing complex or urgent=97just a few improvements that often lead to bett=

er rankings and more inbound leads.

Would you like me to share a short plan outlining what I found and how it c=

ould help?

Best regards,

SEO Executive

--_000_SL2P216MB157847E130BD166B3CA72600DB0D2SL2P216MB1578KORP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

252">

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi there,

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

I was reviewing your website and wanted to say=97nice work.

I noticed a few SEO opportunities that could help attract more qualified=

visitors from Google.

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Nothing complex or urgent=97just a few improvements that often lead to bett=

er rankings and more inbound leads.

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Would you like me to sh=

are a short plan outlining what I found and how it could help?

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Best regards,

font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

SEO Executive

nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

--_000_SL2P216MB157847E130BD166B3CA72600DB0D2SL2P216MB1578KORP_--

WEb/SEo/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 06:42:00 -0600

Received: from mail-koreacentralazolkn19012052.outbound.protection.outlook.com ([52.103.74.52]:1867 helo=SEVP216CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR899-00000000HnT-0SGK

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 06:41:45 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=PUSAGEjpnXNyNcytUXpCtKjOn7gqxIcWt4hT9DF0Gt+okiKYuVgP3eOng1feXHcsQ+Hio/2Wn3EoZNhb0RNf2jy26jLPx5+mDz4ppG0oDkEqZHJ4etGFIVNNBsq4pAB9UbWLXPDaI0dUW4yZTvBV27VJJmDesERgmDqKoR++uNC7X+jV+EjgAp5+Z6/n4quVM3qK5yhZxkeOcDpR/dv2gLK/9xNgGTizyZYQjqcCxaxg7907gkq5tws3uXXk8fIfp/dJ2mSgD21QmlaHsBq+RlPl0LuFku0huP3jueNuxDp2jQYqlI8CKXsqWteekWGNQKgctXjA9J3/GXDYLazujA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=A0bf1Frw1K8oxdw7WUE8NFgHF3GwczYucbmpgFRN/vY=;

b=RXdghzZ/cuwI3HWRuVFedgkRiCq8e8MmG8qSJ7BOhtjjoigDUbKT0zSSZYf+7+1NsXoFfcUBeRAb91Vxy5jPNnmK6ppWnc7QIPimtR3DAdlsMRcyJ/Y9jJcg7vLc4f/JyKT4FRedSERx0phd9qicaeNCO9WZTHnfcjbKiras+FJf84rvil1fk/vb7/hFtZPSFheLafstpkdP5ysvSEGCBskbeGOm4Qoyz8f1Gi6/QRyN91f4XSHoOdlL9oa9pw4SmBrWe/onr7QvnlvXlTHb6uMsCuVT+XNJeI7W182tumYSbLEFOA92UXBsAwbbmpo/QyBxxdyRFtc/DE7mDBTk6Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=A0bf1Frw1K8oxdw7WUE8NFgHF3GwczYucbmpgFRN/vY=;

b=ulFleB1kz4hDDFhS2SnVDvLPgl+FYAIL7HYcDdC3WT4vW3BnrVzrnzyWMfSP1pJfsU8ZSVyiYuQXGpUaFqMt59n1GP7L98CGkH5sb6a6u4olP5M9fLuFhC66fAESXPT1y0Y89HxxXixfohdYTLj+NArBdz94QAOM9YpJ7C9oEMxsL+W1wufLw9QOnuSUzDw0OVxXk9fGjwQWGhkk0gEpz8J3O653WPdN9D1taBbSJENupfNUaSy+w1ImVwdzSoD9GLdgnA3bt90zkUMz9HXgeyaQAnUZugoG5HVA5QL1HTX99BtQ799wrHcX9WlvHCZdp6JMMf0kzhqRGk4xQDewTg==

Received: from SL2P216MB1578.KORP216.PROD.OUTLOOK.COM (2603:1096:101:30::8) by

SE1P216MB2242.KORP216.PROD.OUTLOOK.COM (2603:1096:101:15d::7) with Microsoft

SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id

15.21.48.19; Sun, 24 May 2026 12:40:05 +0000

Received: from SL2P216MB1578.KORP216.PROD.OUTLOOK.COM

([fe80::c58c:1024:e4de:ef17]) by SL2P216MB1578.KORP216.PROD.OUTLOOK.COM

([fe80::c58c:1024:e4de:ef17%6]) with mapi id 15.21.0048.016; Sun, 24 May 2026

12:40:05 +0000

From: Larkin Beatrix

To: Larkin Beatrix

Subject: Optimize

Thread-Topic: Optimize

Thread-Index: AQHc63mb7EVmvcpoLkW0dcy9n8rTlw==

Date: Sun, 24 May 2026 12:40:05 +0000

Message-ID:

Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-exchange-messagesentrepresentingtype: 1

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SL2P216MB1578:EE_|SE1P216MB2242:EE_

x-ms-office365-filtering-correlation-id: 522e92ac-92e5-41a2-26d8-08deb9919531

x-microsoft-antispam:

BCL:0;ARA:14566002|15030799006|31061999003|19110799012|15080799012|8060799015|8062599012|37011999003|22091999003|7042599007|24121999003|39105399006|2604032031799003|704163111799003|45011099003|55001999006|16051099003|3412199025|440099028|18071099003|26121999007|102099032|41105399003|40105399003|39145399003|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?keBzkkBJzMKmKvDUAa7r2YjH+5IAV+bnSyydEucGP+wjNUPUVKozkRwh?=

=?Windows-1252?Q?7MOt7ZOfizLp1UtbEXxwK0QTP8IX8DJMK1J/ttALHmnazUzAXjd8lmeI?=

=?Windows-1252?Q?cOWFamh+1JL86NittuqGjTMudxKBaj8fwWtJH4zzMGVXoRECa4XduFu7?=

=?Windows-1252?Q?m8DJCqf4wNgB6Z2M61ouN/0FCdppMz/2J1isd7RXEIRR5gXeMc0vxjS0?=

=?Windows-1252?Q?wtETEonnHpAbeRoOdCJZS8RF1xGqsF4daQbOX1V4LY5/Y0XtWiP6pjOe?=

=?Windows-1252?Q?nAx6pgyta7tzBNo6jRlJUZDKFqc+S3bPYhhwhh3DBCZcngVzDlnALZzp?=

=?Windows-1252?Q?JaYZ2NIdF55atqm8NGUsppQRZICPAtXBckteYUnxdzCvbuwi8le/Otyo?=

=?Windows-1252?Q?pPMHNNl/ZKkVdyRSq0Min6V4ImGmOn+mkZL99elS2CYOzhS3xpL62sN7?=

=?Windows-1252?Q?gpNNTAhbJkn28rZEn82ihGERoPGaqHUFVe4fmhtXLzqaGR/JA5wBi11T?=

=?Windows-1252?Q?anShKZPigmz/z37xsfExZPaf5CP2SStmWeQOxPsQcHtNKLxYi2X10aFE?=

=?Windows-1252?Q?qKSD4Lw3nRz5OFmu/Q+A1I8Gx2cvYhEOCI+IxBBuXyPPGXGxrUxk7qXr?=

=?Windows-1252?Q?T6hKRaAIiCnTX4bmLzdx0cTkzHtbS9+nenQpJ+7AThP9yZ7tH+goKsbK?=

=?Windows-1252?Q?S0EXwSTUHzEdLAJ+3OjjCaEq6l6RP4wJX3rASqtVwJf6VFG1cS1UVC4K?=

=?Windows-1252?Q?2a4fg82UUmulGaGLkEbm1YqhPQgxl2PxNwnS2Mj3/PYce8hLc05peCpf?=

=?Windows-1252?Q?xmQkMRJ5Ktirt/SIjI//cN7qmAnt/spLwG6UTyFE3caS56cnQpcGgnyw?=

=?Windows-1252?Q?WS2X5Mnb8P7dy8sT3tEmVUv+ynlz5FwBXtEU91F9DmM64H2ihE9ePqHd?=

=?Windows-1252?Q?Y3eFKyugkR9rPZ4AgA01hxXgXb+xj+HL9r/78Y1r4aYDsfsiRTnP/Da7?=

=?Windows-1252?Q?sX6Age1vXyZZwLvUtnsvDRErpR5c6X6I0FlgGWCQI13ngtm03t/5Bev0?=

=?Windows-1252?Q?CJZ7QY0uh2o8Ss+M5NS+R7W5lV6ePEJ83c6iwof24q/x+zLLYTJv3laO?=

=?Windows-1252?Q?YLz1v2coe2kXTPgwXD35NKoDfYDkD7yHIx1uLQ6mqJ+qB2f4FTj47IiQ?=

=?Windows-1252?Q?/Flbf34GysFCh94pVjOvuiZIBNpwaez0zSQUpLy0Lrhjx2oKcln/+q1L?=

=?Windows-1252?Q?enfQVDVTGJs94wpi8XxD7gDvIL5GvBUlYQ5Kz4rFzT2GvkgTPEbrqtLC?=

=?Windows-1252?Q?VZCCvaPxrQQwwjigN/dXQ/n9+IorCOaNuBylDy0GCadadYRMTLnQlO98?=

=?Windows-1252?Q?SDagl4Hg7R5IR1t4aIN7Qzk4w+Ca2/slQ/QPzhMtVmLQOsRbAfWLfCyF?=

=?Windows-1252?Q?jqDvaloYT5cMEgQLvvvIiVM0lOeRiBzvZGZk/9WUlxI9796ryCTn1/NY?=

=?Windows-1252?Q?i06x/F2W7vk9to75rYdLU2lx8XaxyQ=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?ZGPXRvoHnezWFHO/1FZrYt3MiMGT9vKr5srKnD0K3uUnSwp1+iJWhItg?=

=?Windows-1252?Q?xlD60N2VEe/9dy1bl4XidA5DnukFPIN9vLs2kNs4zHBwF0dMPR5Bo3vW?=

=?Windows-1252?Q?lg83cEEWMJ6YlBR5c3qd5IqAmLKuLedPhBDEgGIKOqMjZCesIv3Ohpkt?=

=?Windows-1252?Q?TfFPGNlA9YKG/AWnkX1QXOHHYWmL1PV3+6TXPZysFp/BL9YPVirSDLlK?=

=?Windows-1252?Q?eOaU5jC4IBGgzEjFs0boGWShJEglKzvsW4xiBTnlJlVb8vFvvue8u/H+?=

=?Windows-1252?Q?0c5mUEgBRsrI+9ZkbYeIZzGnNbEk1qDLuA1LjuJmCeIu/H9aWkUqOEzO?=

=?Windows-1252?Q?3RXUSTQfMASd2PgdUZNPizMrV2OuxUlYNyZEFLVJqZjhfwZqUwcvLS44?=

=?Windows-1252?Q?TRLI4FBgMA3Dif62sDbzzMPv1Y4Q+9vYyLb9QWG0qJeC8wONd+QPNj+S?=

=?Windows-1252?Q?ttuQGMwVbuA4qO5dB2rZI+yWsTwu84rliUywVWUsC3NTfZgnbKgYbvgM?=

=?Windows-1252?Q?SlVjC4otoKW7h/sDF87dwrEoY1djGPnr4vOCJOauBVHUuNYSytmutV5K?=

=?Windows-1252?Q?bVtwYYxS2AC+ANpRouMrHR3Q6wCq+c7nomqNNYveuXoF45vy6ZPkl2kd?=

=?Windows-1252?Q?V9aXQTsYHSvuFPl1NKkvabh2EyptHYCQtC/JCvUH+SPG3SBSvVBBBnXM?=

=?Windows-1252?Q?MeQxjGL6WZaADQb5xjy22K5AVVBZtqG/ix8viLj5tzCoGalbXd6Qvj4S?=

=?Windows-1252?Q?5tyCdEy3Xpo5iYtCT4xxKGoSUx7Gh5lTdtwy/C3jeV1Ij6JUzyRYjz+o?=

=?Windows-1252?Q?s00mVOeNyZqsFzWWTTjbV/8YRjZC1goaRk0lZI2+AM8kNoPK+xss+R9c?=

=?Windows-1252?Q?w8XdPOLBg8IEsGW7Nz3Xwk3u2hE2d4ldsIFmClYSYBeRMqRFfvtDnx6B?=

=?Windows-1252?Q?kEFP10p3T8Ezde0QJ5U1QNz2adVw6eco5PaULMLa3xR2KsmNjEyh7w7+?=

=?Windows-1252?Q?+AnqfjJUnyT5AHlHsJ5PtNL3JnlsN7dOz0N4g779NVrmLnBk8ApPipk9?=

=?Windows-1252?Q?j26xR6kJhRYziaPKq1c2nDZQ9up9gLQDyzv6ss4S3M12F56w64eqlovx?=

=?Windows-1252?Q?jaPO0Do0AZObkLyObYUUvL1FB4EDoYH4ZyNEflQrlUTrOkLXpPuMz4Lp?=

=?Windows-1252?Q?YGG+Td2Z9HF9CdIjugeMAImUvK7WSD9OUdfzSjoeejkt8vVWVTqZUsHy?=

=?Windows-1252?Q?fOzYpxb8mIMVSuvRcAaoIBItzY+xiQWXKWE3fg1NX9tU4ARmpf6PQmft?=

=?Windows-1252?Q?bHi81pcTOpgsWHGLC/WlI/ZxlmWtbWGDHJe4jSE5qjZW9mjnlLABKaQI?=

=?Windows-1252?Q?EWCQepsF6HnthugBNTUhLkKJ0MCFLgoU3yxMp7IFdHlz0KiLveW3tZr3?=

=?Windows-1252?Q?4dZQ7Vves6tJEXXqx9IreyuEp9ibO3LuQqp7AHYekLwGOIv5yDRdEXYe?=

=?Windows-1252?Q?N3IUugHU?=

Investment funds spam from Google Gmail Part 2

Posted by Dave Yadallee on Sunday, May 24. 2026

Content analysis details: (24.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.222.177 listed in dnsbl.ahbl.org]

[209.85.222.177 listed in dnsbl.ahbl.org]

[209.85.222.177 listed in dnsbl.ahbl.org]

[209.85.222.177 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.222.177 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.222.177 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.222.177 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.222.177 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

[209.85.222.177 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.177 listed in list.dnswl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.222.177 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.177 listed in wl.mailspike.net]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[melekyari2024(at)gmail.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[melekyari69(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[melekyari2024(at)gmail.com]

3.6 NA_DOLLARS BODY: Talks about a million North American dollars

1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'

2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.8 UNDISC_FREEM Undisclosed recipients + freemail reply-to

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

3.1 MONEY_FRAUD_3 Lots of money and several fraud phrases

2.0 ADVANCE_FEE_2_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} INVESTMENT FUNDS

--0000000000000e8e7b06528dc233

Content-Type: text/plain; charset="UTF-8"

Dear Sir,

My name is Eng.Mele Kolo Kyari. I have been mandated by my colleagues to

look for a foreign partner for a good business relationship.

This is as a result of over invoiced contracts which were executed for the

Department of Petroleum Resources(DPR). The companies who executed these

contracts have been fully paid. It is now part of the over inflated sum of

USD25,000,000.00 that we intend to transfer into the foreign bank account.

I have therefore been mandated by our committee to look for a foreign

partner into whose account we can transfer the sum of USD25,000,000.00

(twenty-five million, (US dollars).

We are ready to compensate you Adequately to be based on agreement.

Please get back to me if interested so that I can give you more

information. how we can proceed.

Have a nice day.

Engr.Mele Kolo Kyari

Executive Director

Department of Petroleum Resources (DPR)

--0000000000000e8e7b06528dc233

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Dear Sir,

My name is Eng.Mele Kolo Kyari. I hav=

e been mandated by my colleagues to look for a foreign partner for a good b=

usiness relationship.

This is as a result of over invoiced contracts=

which were executed for the Department of Petroleum Resources(DPR). The co=

mpanies who executed these contracts have been fully paid. It is now part o=

f the over inflated sum of USD25,000,000.00 that we intend to transfer into=

the foreign bank account.

I have therefore been mandated by our com=

mittee to look for a foreign partner into whose account we can transfer the=

sum of USD25,000,000.00 (twenty-five million, (US dollars).

We are =

ready to compensate you Adequately to be based on agreement.

Please =

get back to me if interested so that I can give you more information. how w=

e can proceed.

Have a nice day.

Engr.Mele Kolo Kyari
Execu=

tive Director
Department of Petroleum Resources (DPR)

--0000000000000e8e7b06528dc233--

Investment funds spam from Google Gmail Part 1

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6qv-000000009Jh-0Fb3

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:18:41 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:18:40 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-qk1-f177.google.com ([209.85.222.177]:55422)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR67e-000000004wn-1V7r

for root@nk.ca;

Sun, 24 May 2026 04:32:04 -0600

Received: by mail-qk1-f177.google.com with SMTP id af79cd13be357-914ae4101b4so387075085a.2

for ; Sun, 24 May 2026 03:31:06 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1779618660; cv=none;

d=google.com; s=arc-20240605;

b=P/sAh091aVmedQIvzJuEoVNAQ3xqpUsS0rPJU/iLMVwFYnI39GzYCQuuIRkscIPzrR

84PcPkyO4Xij8fZfjWppzbdau2A2bTl9xVVZXhdOV/WOm0g51RflSYpddPM7Ro7o+Se4

ciS+MEXVhZMB0SmYkRS3HKCIa3ogkkLggaJPQqyOto9JNCs1/1SbuQW8o5DADV4gs1Tx

zte7JxHdYXChTXt1SeRsHn14mj1XQwvgIsK/5r6uxUnUD7JJZYeD3RDOg53XRNAuBLnG

FkPBCa3wVdkaA0V/tqSFhw4u93VPjqUL5PRZRmHIMMXfdx8ZuEQXqG0Y5ioK3ZJTzV9v

EqdA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:reply-to:mime-version

:dkim-signature;

bh=akn7Sv3z4Zcc/wTJKYtuN9ma9CmgzTWKO7FQ18VK7fo=;

fh=eVZSeLnZG/+v3bX1kh+gWPwohqF4PdRng9oVdgJtxEE=;

b=JS0XGEP7r8UOiY/6zQ6zWeoS/senAJOjZrBvsPSm+8cUSukPJLBMjNQPyMr72YfA5N

rGxRyzGiJt4SGvRElNTD8Ykahpfm8EAVXRueyXgamvsJXovm44FdXQbVCSPx0aOT2vwh

uMAYWgl6eCtLbdZux7rL7Nv91n8He7VjuPOEGDtuqiCV8h+RMXyGxa/ezrkU1J7tyH2+

4x6OG7bYld9gJEW0kzA7X1Po+D9on83xmivWGVcG1BJHh3WtMDYYW0JzxidKCHYOCWxC

3lsQxepdZ8+qXuTCr5Yjb37LNbBI80FunQdBT9Mo0iYbE/eT9KFEy2dpUHTQZI+Rt1/H

68lw==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1779618660; x=1780223460; darn=nk.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=akn7Sv3z4Zcc/wTJKYtuN9ma9CmgzTWKO7FQ18VK7fo=;

b=XnKz/LD0iAuQN6G/+iPC0pQexwK3Op/B0cB+ZcVssvyIyIsmF2P23Jhc/f7NmljXsx

3/Q5uWrJbhjNAQmHvOrr/qZ61341IT6xvGiMO4eFmCsSV1FQcDAq/UQ7O4q0uTbZZdIt

IFYooEQaMnUstp1eCs5PL+u6CV7t8sxH8X57chtLBlLTWhTjj7Oa2ins3rJlrUruY9hV

zYmRKRnJ1BHeBDAnuAdE7jkgVy90w5vVuWvE5BFkDFl5VfBuE6ICWzan8Nik7ZcbVoxc

9Ue3s+WImm16Wbugkpwg/S6zCisTj6qn16qRRcKishwWDYYGdjGLBsbopV3ysDSY0C7A

PveQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1779618660; x=1780223460;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=akn7Sv3z4Zcc/wTJKYtuN9ma9CmgzTWKO7FQ18VK7fo=;

b=o8Y+84R37UJ8BWRJGOGI8TDeae+AazvgoXStrteEqzx7Dpow33d3+6Z37zN5fyJDRg

gJAtO44U5tXBThilA/NB0A+TLak/1zaLlxRs03fx5BXCJFgzt0PrPZyL4yQq1Fcig7TF

YHfQaftULZcyOXe4AS05K89/w6weaUqQT7hlpWG3kZ1puTlZFbj/KeAAnBSyVrMo8wUi

QCrDdYQ4uji8fN6jSTxBN63gOGD0vdbkv3usCU3fX5m8b28mTvWpoPpkBeZrv+LTUET5

eP+7Mpx9fWRJCuvefrTXWISThaKBv84hfMeukpFKe3+FMIOo9HH6/TtqQzzi+qJrXBIb

nZ4A==

X-Forwarded-Encrypted: i=1; AFNElJ/rR5g2xdCBEE7j5MttT+u7vPz9k6gsGhPvIA63fqH7aH2ec9tuAnpzVNJiDOKlDxEZEQYK@nk.ca

X-Gm-Message-State: AOJu0YzVr8cfY26aE3xQm2/P48tfKFG9/22LpsFWtguZnTncMozi1+SS

ByvkX87L44WrH48XcgP2ZwdMYBeC94Lda9UjCwyb8OLejnwmBuY2P886vDIoWi/KFckq4U6DO9z

avQLCZHInq9UFJQVVj3sRFgvScyhrUPY=

X-Gm-Gg: Acq92OHR2s3MF3OKqjwfCC05hx/lADbcQIeXK4owfMmcDehJCX69eVfWKcfozNIQa9N

1hSAjWAf5pMJpr04vYwEt1K2+4rOAAN3UpygE5VGjVkX/ndbnmRfBZlavsI6oauCG39blDiei7i

+W8GST2jydf81NgD+Cafif7XHJgRMctjzuk6KqF8CkjItMQq6j27IahbRXUZETM29fkBwSy+QZo

0figcoiYtIXoXkLVVIXNVfC/F75U9AYfy04n1p5zlvihjMM2yoUGR+Zbvs64bQTKJPab4p1Ox6n

m1wrnIjxBYBrUv1HFkb2K5uwQpsvAm5lgM+lvPmPHlqzwX9T/c8jXt282YWmWa//Nco=

X-Received: by 2002:a05:620a:649b:b0:914:c53f:4d51 with SMTP id

af79cd13be357-914c53f5006mr820654485a.53.1779618659862; Sun, 24 May 2026

03:30:59 -0700 (PDT)

MIME-Version: 1.0

Reply-To: melekyari69@gmail.com

From: Mele Kolo Kyari

Date: Sun, 24 May 2026 03:30:46 -0700

X-Gm-Features: AVHnY4IAvt5Yo7CvIcan0qGJExFII4nCc0A005yiFtxq89vJgfKk-cNSlzdJjz8

Message-ID:

Subject: INVESTMENT FUNDS

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000000e8e7b06528dc233"

Bcc: root@nk.ca

X-Spam_score: 24.1

X-Spam_score_int: 241

X-Spam_bar: ++++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Dear Sir, My name is Eng.Mele Kolo Kyari. I have been mandated

by my colleagues to look for a foreign partner for a good business relationship.

This is as a result of over invoiced contracts which were executed for the

Department of Petroleum Resources(DPR). The companies who executed these

contracts have been fully paid. It is now part of th [...]

Web/SEO/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on Sunday, May 24. 2026

--_000_SL2P216MB1580B99E590FBE3F3B3020BBBE0D2SL2P216MB1580KORP_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

Hi,

May I send you quotes with portfolio?

Please Reply

From: Nikita

Sent: Sunday, February 22, 2026 11:01 PM

Subject: inquiry

Nice day,

If you were on page #1, you'd get so many new customers every day.

Should I send you quotes with Proposal?

Thanks,

--_000_SL2P216MB1580B99E590FBE3F3B3020BBBE0D2SL2P216MB1580KORP_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

1">

s-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi,

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

May I send you quote=

s with portfolio?

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Please Reply

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

From: Nikita

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Sent: Sunday, February 22, 2026 11:01 PM

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Subject: inquiry

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Nice day,

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

If you were on page #1, you'd get so many new customers every day.

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Should I send you qu=

otes with Proposal?

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

xt-indent: 0px; background-color: rgb(255, 255, 255); margin: 0px; font-fam=

ily: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);"=

>

Thanks,

--_000_SL2P216MB1580B99E590FBE3F3B3020BBBE0D2SL2P216MB1580KORP_--

Web/SEO/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:19:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6ql-000000008r7-2UR6

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:18:31 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:18:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19012058.outbound.protection.outlook.com ([52.103.74.58]:57140 helo=SEVP216CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR5r4-000000004BC-4Am5

for sales@nk.ca;

Sun, 24 May 2026 04:14:58 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=Q1yIer9DitWz2fg33RiUVnAGbyoHB5hoGcvL4eqdM0wRYYqzazaqJ8VH1JOin+lEZ/p1SbTeTPTl2arCVXXZ4hy/pB+4JA8NJiyp7eNSOD9FLeM+FbM4w97rA03YKEHGhJ3P9ZHaLw6kQ2nY8/b3PmP3iEPw5nppKq6JGuR4+IH9b+MFPSAxC0ZFf6fCBJvxXWaymFS+JNifrCXxcLAYO8bzkAhAzVobKcR3ryOzdixKRi08ck9hly0bZ2o+PQCOUfxDx6TJBe0QxdtSTm7f6W4GpozoDr0fN4f2m4jGCW5ZtOetWsY20VWGnPE/FEGn4qpKgmJuincrsXBYYDeCfg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=mbXCIIkjv0p3iTloME7GtZ55pBjDfsHIY7FzFC2oKZI=;

b=oavjxP1h0bwvtQTVx4rSjI8kRsCOfSdLpNa9m3Q/0jZJ2kRkPx6ZlxWTBZDdVy2xeb+Xau6MGDWyEQIRGO37I4qSZftOaM/541MatmhlBVmA2LwkVtIXIKnamS/U5NpJ8AooxRBLQjiuBAWjqEh2NxVbnvtLyiq3nWAw29crtD90o4LupRQ3UuLkUMk8LV0vVGQVcBMX3GLZL77wBMHRC9ueQehRwqEEE2vDSoaDccXrwH2Ly0JG2Ji+KvoZVXKfn+IMqTvw8A0uD9MpX3YS1ti2M+TB6xeduYgbGt5j5/yAhKOyC+G2yfa9kDHQYTC4uXUUljNrfwRm4pZweiOGZg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=mbXCIIkjv0p3iTloME7GtZ55pBjDfsHIY7FzFC2oKZI=;

b=aIvtTBn/thR7dMr4Tekv+KMk8bGkLP4/eCpNohGhb2lKemPJ5dmARWe9Ov9+o8e8H6CaWU4yw9q9btcOO5tGUQESt2LYnROS58CGAqaIqkgrAtgQJoikKe+gNx0E7dpVv3JU1H+l+2vv0BVqWjcj1eaSnY1S1W3iO7QL3ggFsO4/4sC4tjXlsxqtwWv4xYt5EBYaNetTzTO6wzl+j4S4xCaqC36tgpBwktIbJ/7BM/drRjIaSlwnzXSWPKsjvpxanyFyd4neUPkcF2qhxuhbFIfjb7T7TjC4aGYXDnvmHAg9PxntUP3WiRe1bJRvXh/qmJejOfYY2064U6vdVMvX7A==

Received: from SL2P216MB1580.KORP216.PROD.OUTLOOK.COM (2603:1096:101:1f::13)

by SEWP216MB2900.KORP216.PROD.OUTLOOK.COM (2603:1096:101:298::14) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.21.48.19; Sun, 24 May

2026 10:13:18 +0000

Received: from SL2P216MB1580.KORP216.PROD.OUTLOOK.COM

([fe80::4ab2:61bf:d253:a691]) by SL2P216MB1580.KORP216.PROD.OUTLOOK.COM

([fe80::4ab2:61bf:d253:a691%3]) with mapi id 15.21.0048.016; Sun, 24 May 2026

10:13:18 +0000

From: Nikita Matthew

To: Nikita Matthew

Subject: send..?

Thread-Topic: send..?

Thread-Index: AQHc62XO2NPME+NAqEq/sQiMYlu2XA==

Date: Sun, 24 May 2026 10:13:17 +0000

Message-ID:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SL2P216MB1580:EE_|SEWP216MB2900:EE_

x-ms-office365-filtering-correlation-id: 2791d368-3a87-47fb-08f9-08deb97d1359

x-microsoft-antispam:

BCL:0;ARA:14566002|48001999003|8062599012|8060799015|19110799012|15080799012|15030799006|31061999003|39105399006|24121999003|22091999003|37011999003|55001999006|24021099003|3412199025|440099028|18071099003|102099032|41105399003|40105399003|39145399003|1710799026;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?89Jv8CyqOMmYaB/O55LXvnfh4wvaRVV/UzJzf7mj8SgSrgwFUx8bSLj7wA?=

=?iso-8859-1?Q?m7eqMtK6petnZXhIbxcsaaylIhPEoZ8gwCCm21O5rbueBehbuiwg+ZkD4y?=

=?iso-8859-1?Q?vbJJwQhky4nV3gJ9sfEuYZKyoVJrdVW0J6c0EqtQtIefWnrQz3cZCahPfJ?=

=?iso-8859-1?Q?SFIRJutCAM9PzdcrS8A9fyp6xkR+qKDxDARZ4bbWDPLuvMFFrjQUUtKiKK?=

=?iso-8859-1?Q?BR4oxeW4bXN8n9yJqsxpjHqGN9VynczAxHrm2kUZQD86r92nxmaut+rsbD?=

=?iso-8859-1?Q?PZpa/XAl0kFHZ3p7CDY0QnNWlSndboy4jNmILKs9cYliFAtYrZ80tTwQ9r?=

=?iso-8859-1?Q?xqQBmDm4xyatZWce4YM0MMIJN6uZno1CdjsUP84ow10iD21FSs62+A9446?=

=?iso-8859-1?Q?JC5ZJ1DplTP4ks0Kbt67bGYM9u6G0hvm7ZBawdGy2iZI2GRD63bvngztmm?=

=?iso-8859-1?Q?yVz9EhUOxnhbnFp9y0MohEU6BOLr8D3keLLact6/UnHbOdJlz4K3/0pH4c?=

=?iso-8859-1?Q?OeadKd/q6nKHLkT83XQEWAupS0RqgP0mgaGYeKaMUnzPNQXC6zLTwZt2Mv?=

=?iso-8859-1?Q?7LcYjrC+R/jAZWq77XIUgkY0MtPI4Hrb2KnPxjTbPmyJqQaTNsd90xHVoI?=

=?iso-8859-1?Q?wPrUMvivB1hWtHMjqcXzpBeWCpsebpexqztoHBwjmbD+LhCXAbpzsIe+YX?=

=?iso-8859-1?Q?6ugyo/uh+v9J+UembZkMPwuK1o+xXxObPlQsBRyD9TPD9BRh1w4JYlqS4g?=

=?iso-8859-1?Q?0JchOD03zaqK90hI9S7NfFk9PLix0XU7w0QGVf1QOUZWAGPGzMwbwK4yIg?=

=?iso-8859-1?Q?M5SIRXU2E7N5fn6xi9iHPHbYvJmm/9See4BwX3Xk8DLKv6b3VCpcuLz9Vp?=

=?iso-8859-1?Q?2gYM9zbqunTb0ToDxOBRSo8a/UryNhxZUeql/34sL+vGUzt9QQLcx/NfUL?=

=?iso-8859-1?Q?bRzjGmE64+VkJ0cKiJvhTi4J50Yw7iCEjgLJ1mmZn1frU15iaQpDcej+d1?=

=?iso-8859-1?Q?qWXIItHNTC9ZcP+Eq7PDLVSVq9qZB4NkRg0tCk7F6/tu2w/QkWEvY+yPed?=

=?iso-8859-1?Q?2gs8H8qZCg0xS/E1ATsHZPTDli3Rxpn5/lh1GhnLJ7xRZzIYcNEmTqyaDD?=

=?iso-8859-1?Q?OweVBQyt4ApIy5xKajYm0SKjMOXBhq2fMwIM3LWkRLfG2BljbXWBQitlxn?=

=?iso-8859-1?Q?1DsbeOyl3z7hLA/Xgrtb4EyaqLeAaLhschJQpIgZGGwM1Cq2RjdupaGQLN?=

=?iso-8859-1?Q?QlP4e4sSfDYl8Ed3iE5cBTkJFaQIskB3c1GQvRifDsrfLVcBZ34kuO3ZyD?=

=?iso-8859-1?Q?yCM9?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?Pn4jcpQmjvycTg7YSPuoTfCkPeAQaE4FiLHIGOf3l5qaD0w8ikoa1umjsx?=

=?iso-8859-1?Q?zxrAcvWD1hv21DOO7ViTLkKpM+trTkoSIjdRnDF9PphI00vBpHv9V0L1X8?=

=?iso-8859-1?Q?6BPhGBqfM8GelPxAFDNGcvy2gAVvVNQJgoeObh7/YvSbYwxN6adzdloJXq?=

=?iso-8859-1?Q?7kJjmwLNqfnfmHD5Oggy4jVWsfVnX2ng7nIPkVZgYEozwTdiiIxR+o33Mu?=

=?iso-8859-1?Q?Pr+UntY7hUJ8fLrxZeyvXOn9gh+SAJHlvzF9jzyYN86QyMbpeT8/WB9thP?=

=?iso-8859-1?Q?md4rTeTPNeybqmWLGtzkjG5TuILMk8VQZlPJlCdljlnKMI8OgtJefOR+DP?=

=?iso-8859-1?Q?C4wqnx+vIpUl53YDj39StYDfN0RcVNb4vhB9Zhz2Coq3dzviS3ZT/EOirk?=

=?iso-8859-1?Q?DLOqxMekxHBXe6msIQAkiVKN2hZHZQD4UNxXhjhb5K/BvriLLJjQw6L4bz?=

=?iso-8859-1?Q?Vu9dZUrad3eKO8RAmRQpyvuIE6JQF+YU56icRBzg6XXhrcJwnBNOYYwjRI?=

=?iso-8859-1?Q?N7rYp6b59Ctg6NFkW1/gmA/l/0bRBb7L0wgmS1aqf6UsPo6VzaZdcGiyYT?=

=?iso-8859-1?Q?QL6QWbOcMAKZu9EBAMCND7lWhH9CG4N5MM4Ov+EFSpY4+x7QhOyX22p9kg?=

=?iso-8859-1?Q?TYzS1QCnGZJDVChS9uDE8Ch8Hs/IepY+9VP1OO2S7pU8yLD6E9kfRBc51b?=

=?iso-8859-1?Q?wzsy+JAfWfQoPAv6SkeP6Vjg7XhE3RMxfwrQf0YfaLWoGazJLeDlwogGHP?=

=?iso-8859-1?Q?R5sh3p/Vf8coV11DjcE3JGYNKZjAwJ9S8R1NViQ77RJdLyoMtX5JCVW2qc?=

=?iso-8859-1?Q?3uUU//n5myFsnS25qtFQzqR9L7vgYJ+Tv4ddtKactBF9ok4X1c1wCenA1b?=

=?iso-8859-1?Q?IxpRNXtv6Nwg0vAjZR8UG+a/43ZA7MvvSxCMEVPz5e7O8eOPR8PiwJ5j/s?=

=?iso-8859-1?Q?tR798oQQVt/BeJKb9c7M0Hkce55htgy6TqSVnKKLgVL/ut1GBlLZng5DX6?=

=?iso-8859-1?Q?FsfS5nMPjcHbTPcHO8uINg7l4SQE5Xc8v6xYT0Kehcx2akOfR4vz9a8BzH?=

=?iso-8859-1?Q?t2K8ywr11y358foezhZ55aZjHMcvQCCY5wlhzVLtYw29kkT2TYYzdu1zyO?=

=?iso-8859-1?Q?fMXlL6BIhFTe6tH7hAhPPlYZwKMvWjlJN6XktC193q/rpz3ImdK+UFbvbB?=

=?iso-8859-1?Q?ieZPt/4Si1ZBHoKDycG+OQxP6vODXXGQvYGR6OTcZEbt/wymEWEdGfFHxf?=

=?iso-8859-1?Q?uy1aK0Sci23aiZaSpv17/MGX5bvk0IDLciPPeeZQgMyfPklxLdKYAfyrY/?=

=?iso-8859-1?Q?eL3J/e5u48mN0X/ZwkBl9RrF5SGiihF8bSE1yyca0MCsSv3h59mDpDB2EN?=

=?iso-8859-1?Q?BMY2bveVDO0r0Pq7l12Q5fF4H3zrBrMNivLyhHRb59x0QeBBnQT/fff5Zv?=

=?iso-8859-1?Q?NmpyFeyGHVLXEAMc?=

Content-Type: multipart/alternative;

boundary="_000_SL2P216MB1580B99E590FBE3F3B3020BBBE0D2SL2P216MB1580KORP_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SL2P216MB1580.KORP216.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 2791d368-3a87-47fb-08f9-08deb97d1359

X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2026 10:13:17.9288

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEWP216MB2900

Urgency spam from Hungary

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6p4-000000006hX-3J9X

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:16:46 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:16:46 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.szakrendelo16.hu ([109.74.55.102]:37554)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR18F-00000000Djo-0897

for www@nl2k.ab.ca;

Sat, 23 May 2026 23:12:19 -0600

Received: from mail.szakrendelo16.hu (localhost.localdomain [127.0.0.1])

by mail.szakrendelo16.hu (Proxmox) with ESMTP id 654F28DAE3;

Sun, 24 May 2026 04:36:32 +0200 (CEST)

X-Amavis-Modified: Mail body modified (using disclaimer) -

webmail.szakrendelo16.hu

X-Virus-Scanned: amavis at szakrendelo16.hu

Date: Sun, 24 May 2026 04:36:01 +0200 (CEST)

From: "Ms.Kadulina"

Reply-To: eaolifa@montevideo.com.uy

Message-ID: <270700411.278276.1779590161444.JavaMail.zimbra@szakrendelo16.hu>

Subject: Awaiting Your Response

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [192.168.7.14]

X-Mailer: Zimbra 8.8.15_GA_4717 (zclient/8.8.15_GA_4717)

Thread-Index: i2dbE8ilReJyEU+CO+bXCUH7gHtqNQ==

Thread-Topic: Awaiting Your Response

X-Spam_score: 7.1

X-Spam_score_int: 71

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have an urgent opportunity for you that would be highly

beneficial. Please get back ASAP. I appreciate your quick response, Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag

a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai

bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ© [...]

Content analysis details: (7.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[109.74.55.102 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.9 REPLYTO_WITHOUT_TO_CC No description available.

1.0 CTE_8BIT_MISMATCH Header says 7bits but body disagrees

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Awaiting Your Response

I have an urgent opportunity for you that would be highly beneficial. Please get back ASAP.

I appreciate your quick response,

Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ©dett informÃ¡ciÃ³t tartalmazhatnak. Az eredeti cÃmzetteknek szÃ¡nt informÃ¡ciÃ³k bÃ¡rmilyen formÃ¡jÃº illetÃ©ktelen felhasznÃ¡lÃ¡sa, megismertetÃ©se, publikÃ¡lÃ¡sa, tovÃ¡bbÃtÃ¡sa, vagy az azzal vÃ©gzett bÃ¡rmely mÃ¡s mÅ±velet szigorÃºan tilos. Amennyiben ezt a levelet sÃ©rÃ¼lten kapta meg vagy nem Ã–n annak valÃ³s cÃmzettje kÃ©rjÃ¼k, haladÃ©ktalanul tÃ¡jÃ©koztassa errÅ‘l a feladÃ³t Ã©s a levelet tÃ¶rÃ¶lje rendszerÃ©bÅ‘l

Urgency spam from Hungary

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6oy-000000006h1-3u00

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:16:40 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:16:40 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.szakrendelo16.hu ([109.74.55.102]:59496)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR0nl-00000000Cq2-11XR

for sales@nk.ca;

Sat, 23 May 2026 22:51:10 -0600

Received: from mail.szakrendelo16.hu (localhost.localdomain [127.0.0.1])

by mail.szakrendelo16.hu (Proxmox) with ESMTP id 0B874921A3;

Sun, 24 May 2026 04:30:33 +0200 (CEST)

X-Amavis-Modified: Mail body modified (using disclaimer) -

webmail.szakrendelo16.hu

X-Virus-Scanned: amavis at szakrendelo16.hu

Date: Sun, 24 May 2026 04:30:21 +0200 (CEST)

From: "Ms.Kadulina"

Reply-To: eaolifa@montevideo.com.uy

Message-ID: <140265040.277818.1779589821126.JavaMail.zimbra@szakrendelo16.hu>

Subject: Awaiting Your Response

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [192.168.7.14]

X-Mailer: Zimbra 8.8.15_GA_4717 (zclient/8.8.15_GA_4717)

Thread-Index: T1ajz4VQI235zTfdZ5FmDEM1LYANwQ==

Thread-Topic: Awaiting Your Response

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have an urgent opportunity for you that would be highly

beneficial. Please get back ASAP. I appreciate your quick response, Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag

a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai

bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ© [...]

Content analysis details: (8.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.0 CTE_8BIT_MISMATCH Header says 7bits but body disagrees

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

1.9 REPLYTO_WITHOUT_TO_CC No description available.

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[109.74.55.102 listed in bl.score.senderscore.com]

Subject: {SPAM?} Awaiting Your Response

I have an urgent opportunity for you that would be highly beneficial. Please get back ASAP.

I appreciate your quick response,

Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ©dett informÃ¡ciÃ³t tartalmazhatnak. Az eredeti cÃmzetteknek szÃ¡nt informÃ¡ciÃ³k bÃ¡rmilyen formÃ¡jÃº illetÃ©ktelen felhasznÃ¡lÃ¡sa, megismertetÃ©se, publikÃ¡lÃ¡sa, tovÃ¡bbÃtÃ¡sa, vagy az azzal vÃ©gzett bÃ¡rmely mÃ¡s mÅ±velet szigorÃºan tilos. Amennyiben ezt a levelet sÃ©rÃ¼lten kapta meg vagy nem Ã–n annak valÃ³s cÃmzettje kÃ©rjÃ¼k, haladÃ©ktalanul tÃ¡jÃ©koztassa errÅ‘l a feladÃ³t Ã©s a levelet tÃ¶rÃ¶lje rendszerÃ©bÅ‘l

Urgency phish from Hungary

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6op-000000006gY-2RQf

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:16:31 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:16:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.szakrendelo16.hu ([109.74.55.102]:59480)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR0nl-00000000Cq1-11Zq

for sales@netknow.ca;

Sat, 23 May 2026 22:51:10 -0600

Received: from mail.szakrendelo16.hu (localhost.localdomain [127.0.0.1])

by mail.szakrendelo16.hu (Proxmox) with ESMTP id 0B874921A3;

Sun, 24 May 2026 04:30:33 +0200 (CEST)

X-Amavis-Modified: Mail body modified (using disclaimer) -

webmail.szakrendelo16.hu

X-Virus-Scanned: amavis at szakrendelo16.hu

Date: Sun, 24 May 2026 04:30:21 +0200 (CEST)

From: "Ms.Kadulina"

Reply-To: eaolifa@montevideo.com.uy

Message-ID: <140265040.277818.1779589821126.JavaMail.zimbra@szakrendelo16.hu>

Subject: Awaiting Your Response

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [192.168.7.14]

X-Mailer: Zimbra 8.8.15_GA_4717 (zclient/8.8.15_GA_4717)

Thread-Index: T1ajz4VQI235zTfdZ5FmDEM1LYANwQ==

Thread-Topic: Awaiting Your Response

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have an urgent opportunity for you that would be highly

beneficial. Please get back ASAP. I appreciate your quick response, Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag

a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai

bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ© [...]

Content analysis details: (8.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.0 CTE_8BIT_MISMATCH Header says 7bits but body disagrees

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[109.74.55.102 listed in bl.score.senderscore.com]

Subject: {SPAM?} Awaiting Your Response

I have an urgent opportunity for you that would be highly beneficial. Please get back ASAP.

I appreciate your quick response,

Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ©dett informÃ¡ciÃ³t tartalmazhatnak. Az eredeti cÃmzetteknek szÃ¡nt informÃ¡ciÃ³k bÃ¡rmilyen formÃ¡jÃº illetÃ©ktelen felhasznÃ¡lÃ¡sa, megismertetÃ©se, publikÃ¡lÃ¡sa, tovÃ¡bbÃtÃ¡sa, vagy az azzal vÃ©gzett bÃ¡rmely mÃ¡s mÅ±velet szigorÃºan tilos. Amennyiben ezt a levelet sÃ©rÃ¼lten kapta meg vagy nem Ã–n annak valÃ³s cÃmzettje kÃ©rjÃ¼k, haladÃ©ktalanul tÃ¡jÃ©koztassa errÅ‘l a feladÃ³t Ã©s a levelet tÃ¶rÃ¶lje rendszerÃ©bÅ‘l

Urgency Spam from Hungary

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6oj-000000006gF-0i1b

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:16:25 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:16:25 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.szakrendelo16.hu ([109.74.55.102]:35900)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR0l5-00000000Ce2-1zoN

for root@doctor.nl2k.ab.ca;

Sat, 23 May 2026 22:48:24 -0600

Received: from mail.szakrendelo16.hu (localhost.localdomain [127.0.0.1])

by mail.szakrendelo16.hu (Proxmox) with ESMTP id 7D88491562;

Sun, 24 May 2026 04:30:04 +0200 (CEST)

X-Amavis-Modified: Mail body modified (using disclaimer) -

webmail.szakrendelo16.hu

X-Virus-Scanned: amavis at szakrendelo16.hu

Date: Sun, 24 May 2026 04:29:55 +0200 (CEST)

From: "Ms.Kadulina"

Reply-To: eaolifa@montevideo.com.uy

Message-ID: <446864555.277807.1779589795581.JavaMail.zimbra@szakrendelo16.hu>

Subject: Awaiting Your Response

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [192.168.7.14]

X-Mailer: Zimbra 8.8.15_GA_4717 (zclient/8.8.15_GA_4717)

Thread-Index: eU+fOBNj/pU6GKETWCtY8AZIgnhFLQ==

Thread-Topic: Awaiting Your Response

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have an urgent opportunity for you that would be highly

beneficial. Please get back ASAP. I appreciate your quick response, Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag

a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai

bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ© [...]

Content analysis details: (8.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[109.74.55.102 listed in bl.score.senderscore.com]

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

1.0 CTE_8BIT_MISMATCH Header says 7bits but body disagrees

Subject: {SPAM?} Awaiting Your Response

I have an urgent opportunity for you that would be highly beneficial. Please get back ASAP.

I appreciate your quick response,

Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ©dett informÃ¡ciÃ³t tartalmazhatnak. Az eredeti cÃmzetteknek szÃ¡nt informÃ¡ciÃ³k bÃ¡rmilyen formÃ¡jÃº illetÃ©ktelen felhasznÃ¡lÃ¡sa, megismertetÃ©se, publikÃ¡lÃ¡sa, tovÃ¡bbÃtÃ¡sa, vagy az azzal vÃ©gzett bÃ¡rmely mÃ¡s mÅ±velet szigorÃºan tilos. Amennyiben ezt a levelet sÃ©rÃ¼lten kapta meg vagy nem Ã–n annak valÃ³s cÃmzettje kÃ©rjÃ¼k, haladÃ©ktalanul tÃ¡jÃ©koztassa errÅ‘l a feladÃ³t Ã©s a levelet tÃ¶rÃ¶lje rendszerÃ©bÅ‘l

Urgency spam from Hungary

Posted by Dave Yadallee on Sunday, May 24. 2026

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sun, 24 May 2026 05:17:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR6od-000000006fu-2xFT

for dave@doctor.nl2k.ab.ca;

Sun, 24 May 2026 05:16:19 -0600

Resent-From: The Doctor

Resent-Date: Sun, 24 May 2026 05:16:19 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail.szakrendelo16.hu ([109.74.55.102]:53504)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.99.3 (FreeBSD))

(envelope-from )

id 1wR0l5-00000000CgQ-1zsN

for root@nk.ca;

Sat, 23 May 2026 22:48:24 -0600

Received: from mail.szakrendelo16.hu (localhost.localdomain [127.0.0.1])

by mail.szakrendelo16.hu (Proxmox) with ESMTP id 59A899168E;

Sun, 24 May 2026 04:30:09 +0200 (CEST)

X-Amavis-Modified: Mail body modified (using disclaimer) -

webmail.szakrendelo16.hu

X-Virus-Scanned: amavis at szakrendelo16.hu

Date: Sun, 24 May 2026 04:29:55 +0200 (CEST)

From: "Ms.Kadulina"

Reply-To: eaolifa@montevideo.com.uy

Message-ID: <446864555.277807.1779589795581.JavaMail.zimbra@szakrendelo16.hu>

Subject: Awaiting Your Response

MIME-Version: 1.0

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit

X-Originating-IP: [192.168.7.14]

X-Mailer: Zimbra 8.8.15_GA_4717 (zclient/8.8.15_GA_4717)

Thread-Index: eU+fOBNj/pU6GKETWCtY8AZIgnhFLQ==

Thread-Topic: Awaiting Your Response

X-Spam_score: 8.1

X-Spam_score_int: 81

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have an urgent opportunity for you that would be highly

beneficial. Please get back ASAP. I appreciate your quick response, Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag

a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai

bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ© [...]

Content analysis details: (8.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

[109.74.55.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[109.74.55.102 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

[109.74.55.102 listed in will-spam-for-food.eu.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

1.2 MISSING_HEADERS Missing To: header

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[109.74.55.102 listed in bl.score.senderscore.com]

1.0 CTE_8BIT_MISMATCH Header says 7bits but body disagrees

1.9 REPLYTO_WITHOUT_TO_CC No description available.

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Awaiting Your Response

I have an urgent opportunity for you that would be highly beneficial. Please get back ASAP.

I appreciate your quick response,

Ms.Kadulina

Jelen elektronikus levÃ©lben rÃ¶gzÃtett informÃ¡ciÃ³ csak Ã©s kizÃ¡rÃ³lag a cÃmzett termÃ©szetes, illetve jogi szemÃ©lynek szÃ³l. A levÃ©l, Ã©s csatolmÃ¡nyai bizalmas, illetve jogszabÃ¡ly Ã¡ltal vÃ©dett informÃ¡ciÃ³t tartalmazhatnak. Az eredeti cÃmzetteknek szÃ¡nt informÃ¡ciÃ³k bÃ¡rmilyen formÃ¡jÃº illetÃ©ktelen felhasznÃ¡lÃ¡sa, megismertetÃ©se, publikÃ¡lÃ¡sa, tovÃ¡bbÃtÃ¡sa, vagy az azzal vÃ©gzett bÃ¡rmely mÃ¡s mÅ±velet szigorÃºan tilos. Amennyiben ezt a levelet sÃ©rÃ¼lten kapta meg vagy nem Ã–n annak valÃ³s cÃmzettje kÃ©rjÃ¼k, haladÃ©ktalanul tÃ¡jÃ©koztassa errÅ‘l a feladÃ³t Ã©s a levelet tÃ¶rÃ¶lje rendszerÃ©bÅ‘l

Mon	Tue	Wed	Thu	Fri	Sat	Sun
← Back	May '26					Forward →
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31