Nigerian spam from Google Gmail Part 2

Posted by Dave Yadallee on
--0000000000005e54bc064744d5b5

Content-Type: text/plain; charset="UTF-8"



Hello My Beloved,



I came across your mail contact prior to a private search

while in need of your assistance. I am Aisha Qaddafi, the only biological

Daughter of Former President of Libya Qaddafi. Am a single Mother



and a Widow with three Children. I have investment funds worth Twenty Seven

Million Five Hundred Thousand United State Dollar 27.500.000.00 and i need

a trusted investment Manager/Partner because of my current refugee status,

however, I am interested in you for investment project assistance in your

country,



If you are willing to handle this project on my behalf kindly reply

urgently to enable me to provide you more information about the investment

funds



Aisha

Regards



--0000000000005e54bc064744d5b5

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



=C2=A0Hello My Beloved,

I came acr=

oss your mail contact prior to a private search
while in need of your as=

sistance. I am Aisha Qaddafi, the only biological Daughter of Former Presid=

ent of Libya Qaddafi. Am a single Mother

and a Widow with three Chil=

dren. I have investment funds worth Twenty Seven Million Five Hundred Thous=

and United State Dollar 27.500.000.00 and i need a trusted investment Manag=

er/Partner because of my current refugee status, however, I am interested i=

n you for investment project assistance in your country,

If you are =

willing to handle this project on my behalf kindly reply urgently to enable=

me to provide you more information about the investment funds

Aisha=


Regards=C2=A0=C2=A0




--0000000000005e54bc064744d5b5--

Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 14:08:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vb3Po-00000000Noz-1IMx

for dave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 14:07:32 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 14:07:32 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from email.cpim.org ([138.201.210.237]:60680)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vb0Nq-00000000AVX-2L6h

for root@nl2k.ab.ca;

Wed, 31 Dec 2025 10:53:27 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cpim.org;

s=default; h=Reply-To:Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Message-ID:Cc:

Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:

Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=LGm0Rr28lqzYDgqYDST2swzYqSO8R7H00iC7fQUUVtw=; b=B75KxjEfbU5zp1lpp2zVuqjKwh

J3xDyGBldf0AUjPGWB/7f+Mv4mI91phy50exb2EaGls0eGWBT7xWOhhzXaiAdf+weAtruUwA3k/7u

TBk4585agmAF1DvChY1xpM1bdfCzqPX9k7pOkcsd4Ui6TH1I7jCNz3LPogvStqwsBEGw4SbIRHnQq

i/rIlMlrmynpEEeMB4lpc+x+HwMQC9ewuOq2jXM7u+CZfORqf08LMgb+zQ9AXIydfNyqVyz6Hi7YT

qXA+SncUYoxEevuAty86/kvg9B8NAnuO3HNFK+UfRNzRQTbRUYT3k8d8DlByHRsdm3tyXftKDiKI2

lHUZTJyA==;

Received: from [103.141.235.183] (port=51823 helo=HY-23676.374593)

by komagata.komagata.in with esmtpsa (TLS1) tls TLS_DHE_RSA_WITH_AES_256_CBC_SHA

(Exim 4.98.1)

(envelope-from )

id 1vb0N3-0000000D6W1-2jqw

for root@nl2k.ab.ca;

Wed, 31 Dec 2025 23:22:28 +0530

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: root@nl2k.ab.ca

To: root@nl2k.ab.ca

From: "Mrs. Rafaela"

Date: Thu, 01 Jan 2026 01:52:26 +0800

Reply-To: rafaellaapponte@gmail.com

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - komagata.komagata.in

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - cpim.org

X-Get-Message-Sender-Via: komagata.komagata.in: authenticated_id: ptl@cpim.org

X-Authenticated-Sender: komagata.komagata.in: ptl@cpim.org

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched

X-Spam_score: 11.6

X-Spam_score_int: 116

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please confirm that this email address is still active and

that you can receive notifications about your donation of 2.7 million euros.





Content analysis details: (11.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[103.141.235.183 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[103.141.235.183 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[103.141.235.183 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[103.141.235.183 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[103.141.235.183 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[138.201.210.237 listed in list.dnswl.org]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 MILLION_EUR BODY: Talks about millions of euros

0.0 T_HK_NAME_MR_MRS No description available.

0.0 HK_NAME_MR_MRS No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.1 MONEY_NOHTML Lots of money in plain text

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

Subject: {SPAM?} root@nl2k.ab.ca



Please confirm that this email address is still active and that you can rec=

eive notifications about your donation of 2.7 million euros.

Nigerian spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 14:09:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vb3Qo-0000000002k-0JGW

for dave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 14:08:34 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 14:08:33 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f68.google.com ([209.85.216.68]:57518)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vb2HF-00000000GIm-3LjH

for doctor@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 12:54:47 -0700

Received: by mail-pj1-f68.google.com with SMTP id 98e67ed59e1d1-34c27d14559so8673263a91.2

for ; Wed, 31 Dec 2025 11:53:49 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1767210824; x=1767815624; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=Hu/4fHMp0kmUfwnBYO51tHe0PhOGorwFQtt410S04lQ=;

b=mugoQxQapEsgv+yFBfqNfwoS4T8Pg6MlVLYlVQBJc04DKMjlkpSfqDSAshyvNXQVpA

LI3rxxD3opuiGqXLE3USBrnY8aAvDfFv+e6fJHmNr+vZNPsC8XoU29PONsM7Fco20lIx

53JTAo1tGgQkof+3mIhqDIu45lLxV5AogBp71ry3x2Mz1eQw8FTTIHTYCBlIsMatB+FN

d0fG9s8lOQ3Tp5ALhPTOQA+pAvp1sk0ypf6Tz4cfMiIWQfl9svj5xU46m3Mu66i3JgFX

e8QQ+9wtl29u/6SIBYc0lJ4Y3Xs/OdSPRHC2hJZmRdwbF2a9n7F9XVQ0Ljztra3j7iZZ

Ix5g==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767210824; x=1767815624;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=Hu/4fHMp0kmUfwnBYO51tHe0PhOGorwFQtt410S04lQ=;

b=qAIwqt4y+Rar0uRal48hqvoymElomZl/xem1zs4XWAeRMuMz7t7acbCP152YuuNsQw

4bgqRQ+qkwAO3bycQ3RwpGL8u3rAEM6CmxvFaA0uCgkla6Tc/x4UZqu+sQzRzLv2qgXY

gUUJBVOCTJB2maF3hB1gTSZWf9Tu5I86t8Xd+nHLjfHa3InZCdDOB593YIui+apC9Xhk

Z3SLd1pUFBbTaNMtLumhBsP6dHEW4JaauaktxumChVO3REHgt5vNeVwvX4RV/Xtz3B++

pPuZyAwikZQ65PQJAm0H5EqHOr+tmozbVYTjwl6kMd/b0fCUwaGP24Q8kCThfBat0+0v

l+bA==

X-Forwarded-Encrypted: i=1; AJvYcCVWd6KbEpZy0u7uMLl8m/y0Au+79+uuc3C/eFgcSQp6+5Fs1xlr/Ar4DmOzGL4++2L6x9QWKb0=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyqfZDWXSQ86Zy91Ton1U0UKhfyazEIrnkuu4c7cJkEsknKs1o/

+3QvXewQH4UKEDnZfNvi8S3lDJF6JbiAIsn6Zv8LuJYIUxXtmGFIk7w9lZCb6Hq1QE0FVEXCZoO

MeYKs3ML4cgIJ0qgUT8t7E1SUrnD6ZtA=

X-Gm-Gg: AY/fxX5oVGonyBqH5LOc7nNKZEP/BFApTQN8cpQEVHv+8fAOX0qM46inj8sZ6mGy5T8

0zOrvAPS404NXBcNoWbTdgtavGHmsLYTiVibgWrLHnPLlzMp+lZduMUXFtbgyyyg/sAnbHwbHrV

ncJTDBJGRLcKpzMKPImprYgkfqmpXRSDZYKFlr5mVkOoW95NaT1N3RaWC5MX/RRcLHi8HLYQ9I6

jmBCMqIUiFypT6HxVjBFPrEDXQn4Z52ej4F7Q63/GCDWMWo3gv1CdBccp/GIi7vrpdTbArOmfMg

nGM6YRzAEoPcPjb0QGPo/y1XZ6v6gn31

X-Google-Smtp-Source: AGHT+IGV+vKVP/X4iDKw/mftjuLPKey/pyCYmKXnhjldAuaWry1TZgqqnKflQLHbCSnA+p3TePoqy3kPLKs5kj/ADUY=

X-Received: by 2002:a17:90b:3c4e:b0:340:c60b:f362 with SMTP id

98e67ed59e1d1-34e921131a2mr33477993a91.6.1767210823339; Wed, 31 Dec 2025

11:53:43 -0800 (PST)

MIME-Version: 1.0

Reply-To: ashaalqaddfi10@gmail.com

From: Aisha Qaddafi

Date: Wed, 31 Dec 2025 19:53:29 +0000

X-Gm-Features: AQt7F2p8ckVB6Fftr1hCzdIBG1KFgyqOEEO-3gJTMXw8MAVwsWCLVIekVsJB02M

Message-ID:

Subject: Hello My Beloved,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000005e54bc064744d5b5"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 15.6

X-Spam_score_int: 156

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello My Beloved, I came across your mail contact prior to

a private search while in need of your assistance. I am Aisha Qaddafi, the

only biological Daughter of Former President of Libya Qaddafi. Am a single

Mother



Content analysis details: (15.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.216.68 listed in dnsbl.ahbl.org]

[209.85.216.68 listed in dnsbl.ahbl.org]

[209.85.216.68 listed in dnsbl.ahbl.org]

[209.85.216.68 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.216.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.216.68 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.216.68 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.216.68 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

[209.85.216.68 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.216.68 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.68 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.68 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[ashaalqaddfi10(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ashaalqaddfi10(at)gmail.com]

2.5 MILLION_USD BODY: Talks about millions of dollars

2.9 MILLION_HUNDRED BODY: Million "One to Nine" Hundred

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.216.68 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.216.68 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.216.68 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

3.6 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Hello My Beloved,

Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 07:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaxHV-00000000LcX-42z5

for dave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 07:34:33 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 07:34:33 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from email.cpim.org ([138.201.210.237]:36714)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vavkR-00000000Hcd-0Hvb

for root@nk.ca;

Wed, 31 Dec 2025 05:56:27 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cpim.org;

s=default; h=Reply-To:Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Message-ID:Cc:

Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:

Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=LGm0Rr28lqzYDgqYDST2swzYqSO8R7H00iC7fQUUVtw=; b=i0LTiCDTLmmugqzVCCDsaHhQaa

lw/J2r+M33w1tgNPk5p3U2+XQOnfxSa48yJbdnoVTfjl7HLrCylhJSdLHcLjyVvktj9yUUiJmUlb6

Mn/As3LcqrXvK7jYEuEV/Vy4xwg4lZEo8zDXsTEDYzoFH73gWYVF2CvB9iUo56rLpOa36N4YAx38j

P+6XyyACN0QDVXnXjNaOIotmoqMjZ26vSbITXf1+pdFQE/6bFm14WecWINDWH4sahpTHWzncokAK4

fVT1dvwwPUH0tf7fgU88zkPL0d6qVgLfEVh40hU0PEdvsWd+NLvRY32TTWjJDP3dQddJUZsx30QRj

mjKCtQyQ==;

Received: from [103.141.235.183] (port=49641 helo=HY-23676.374593)

by komagata.komagata.in with esmtpsa (TLS1) tls TLS_DHE_RSA_WITH_AES_256_CBC_SHA

(Exim 4.98.1)

(envelope-from )

id 1vavje-0000000BGJK-1PFK

for root@nk.ca;

Wed, 31 Dec 2025 18:25:29 +0530

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: root@nk.ca

To: root@nk.ca

From: "Mrs. Rafaela"

Date: Wed, 31 Dec 2025 20:55:26 +0800

Reply-To: rafaellaapponte@gmail.com

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - komagata.komagata.in

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - cpim.org

X-Get-Message-Sender-Via: komagata.komagata.in: authenticated_id: ptl@cpim.org

X-Authenticated-Sender: komagata.komagata.in: ptl@cpim.org

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched



Please confirm that this email address is still active and that you can rec=

eive notifications about your donation of 2.7 million euros.

Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: ave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 07:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaxHS-00000000LcT-0QSY

for ave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 07:34:30 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 07:34:29 -0700

Resent-Message-ID:

Resent-To: ave@doctor.nl2k.ab.ca

Received: from email.cpim.org ([138.201.210.237]:37045)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vavkR-00000000Hce-0Hmb

for sales@nk.ca;

Wed, 31 Dec 2025 05:56:27 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cpim.org;

s=default; h=Reply-To:Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Message-ID:Cc:

Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:

Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=LGm0Rr28lqzYDgqYDST2swzYqSO8R7H00iC7fQUUVtw=; b=YIMSLis0R1P0SB6WqmTM9pf44i

BoWbRK3cK/QcEIRfwIfamAFSOdRcPyxt4UGip0ByeLgFuP876Fr7pbxhKEhQNcFFV9U9Cb0/FQQJg

i8EcjXV0aUtrseMbkQhhj3YDwcste3deAgNe0DJjND8EFExLfOFsRV2OdksLS6u2UGxNQgMXwQaTJ

la2fAVhuR/zScwvtNvE+fQGdnKB4yZQZ44ESkGr3pkU/18e5L5GL/bkyKdPTDr0+Ti1x1Mej7a7dZ

P65S4/jJpBSAd+Fz9+GHPYHicLomu0y9gsLDzilY8irTLg3ghS/m0IKmTNqIE0G2TOfq98AkSxDle

Q6NWMIJw==;

Received: from [103.141.235.183] (port=49640 helo=HY-23676.374593)

by komagata.komagata.in with esmtpsa (TLS1) tls TLS_DHE_RSA_WITH_AES_256_CBC_SHA

(Exim 4.98.1)

(envelope-from )

id 1vavje-0000000BGG3-1Nbh

for sales@nk.ca;

Wed, 31 Dec 2025 18:25:29 +0530

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: sales@nk.ca

To: sales@nk.ca

From: "Mrs. Rafaela"

Date: Wed, 31 Dec 2025 20:55:26 +0800

Reply-To: rafaellaapponte@gmail.com

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - komagata.komagata.in

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - cpim.org

X-Get-Message-Sender-Via: komagata.komagata.in: authenticated_id: ptl@cpim.org

X-Authenticated-Sender: komagata.komagata.in: ptl@cpim.org

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched



Please confirm that this email address is still active and that you can rec=

eive notifications about your donation of 2.7 million euros.

Donation spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: ave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 07:35:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaxHS-00000000LcT-0QSY

for ave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 07:34:30 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 07:34:29 -0700

Resent-Message-ID:

Resent-To: ave@doctor.nl2k.ab.ca

Received: from email.cpim.org ([138.201.210.237]:37045)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vavkR-00000000Hce-0Hmb

for sales@nk.ca;

Wed, 31 Dec 2025 05:56:27 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cpim.org;

s=default; h=Reply-To:Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Message-ID:Cc:

Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:

Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=LGm0Rr28lqzYDgqYDST2swzYqSO8R7H00iC7fQUUVtw=; b=YIMSLis0R1P0SB6WqmTM9pf44i

BoWbRK3cK/QcEIRfwIfamAFSOdRcPyxt4UGip0ByeLgFuP876Fr7pbxhKEhQNcFFV9U9Cb0/FQQJg

i8EcjXV0aUtrseMbkQhhj3YDwcste3deAgNe0DJjND8EFExLfOFsRV2OdksLS6u2UGxNQgMXwQaTJ

la2fAVhuR/zScwvtNvE+fQGdnKB4yZQZ44ESkGr3pkU/18e5L5GL/bkyKdPTDr0+Ti1x1Mej7a7dZ

P65S4/jJpBSAd+Fz9+GHPYHicLomu0y9gsLDzilY8irTLg3ghS/m0IKmTNqIE0G2TOfq98AkSxDle

Q6NWMIJw==;

Received: from [103.141.235.183] (port=49640 helo=HY-23676.374593)

by komagata.komagata.in with esmtpsa (TLS1) tls TLS_DHE_RSA_WITH_AES_256_CBC_SHA

(Exim 4.98.1)

(envelope-from )

id 1vavje-0000000BGG3-1Nbh

for sales@nk.ca;

Wed, 31 Dec 2025 18:25:29 +0530

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: sales@nk.ca

To: sales@nk.ca

From: "Mrs. Rafaela"

Date: Wed, 31 Dec 2025 20:55:26 +0800

Reply-To: rafaellaapponte@gmail.com

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - komagata.komagata.in

X-AntiAbuse: Original Domain - nk.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - cpim.org

X-Get-Message-Sender-Via: komagata.komagata.in: authenticated_id: ptl@cpim.org

X-Authenticated-Sender: komagata.komagata.in: ptl@cpim.org

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched



Please confirm that this email address is still active and that you can rec=

eive notifications about your donation of 2.7 million euros.

Web/SEO/App spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 31 Dec 2025 07:33:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaxFt-00000000LYE-2BOg

for dave@doctor.nl2k.ab.ca;

Wed, 31 Dec 2025 07:32:53 -0700

Resent-From: The Doctor

Resent-Date: Wed, 31 Dec 2025 07:32:53 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pf1-f195.google.com ([209.85.210.195]:55514)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vas42-000000008jp-3yy2

for root@nk.ca;

Wed, 31 Dec 2025 02:00:29 -0700

Received: by mail-pf1-f195.google.com with SMTP id d2e1a72fcca58-8035e31d834so8200342b3a.2

for ; Wed, 31 Dec 2025 00:59:30 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=wordpressconsultants-net.20230601.gappssmtp.com; s=20230601; t=1767171564; x=1767776364; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=pIkTEiwgVAyWEYwX2TLsuvufpiEwt/rWZoRgMD7/gw8=;

b=LQ0oREVcV0macjOqLk+uuH+LAYROIB+frToI3E1tST6MeLZ23dUXm+ibd9B5kXd3Cf

Aw/9j25zsW5dSVu1MOypxtj/iMDHpDCN9XrSXUz+3ofEVo/TCJ/V6dNWC490Lu8hjD9c

jfKbdA6uwbBHNebdQkcLVjkarD5om8EByhYGVJAIiNdRPCIeTRsnLTwzeQdx0rcb6UIF

OUrTob4Af51RGwgG2kfK7aLIKuJ/OvxTW3UByteH2xrtt9MLzjmeTgASym8ArNWMX2+S

3bjDh1sRxLr0waWV5DWR0SoS1qKliQ6QVc2vpMSLNf44L82qpK7Ke1lkDx4XzJiPf2Fk

xhWA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767171564; x=1767776364;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=pIkTEiwgVAyWEYwX2TLsuvufpiEwt/rWZoRgMD7/gw8=;

b=VHVxHucW6OzP1IA4bLaZoC3ZNqHcEYfVD7IlnAfZPzPk8hMtl14qagTOOVVtLcDaCq

o6S9X+/rnB5de1n64FKw2ih2MLnbfxoCl7eZOvvfebt1gl7KXTyDtldaVA2bzNqRQdIS

KmCWZRDHmYXRBwEAiZBp4MIIxuVKmUywznn/+TJHddlewrOz4i6tWGOOMqrNEDKYWNDX

2XkywCBnp0zcdByDPR2cXxZMVaidSxRF2g7afvzIKt8Vy4rUiXb8j0vLvq89QSuABjLM

Sy1YTZfjp05n4qlAf9fZZcYYISFX6tJgH0+rMjxOgAGL7GFv5240v0l31oeOPQhGb6Pt

Altg==

X-Gm-Message-State: AOJu0YxJO2WW7HL1s72djcdBXz/IuPGwltl3TAujb2L45MNWaCwwy44h

ckdwDBvGJDYpjq/6drLQpOpsF7W5m6rZbvc7u39SWVolQXYgdsxDTXukYwgxWwuUUbTBm2K2T4o

5BwzZCEo=

X-Gm-Gg: AY/fxX7vWW4UIridWFV3a7uOyAMbTmV8F10c5y4kw7SH74e9xapdsv5Ud4LmlAXBmQE

9/iGq266XRJj0b6Xy2vlrNQVFM+B75VeKtbWYlTEk8SAz8eqzUhg5agCLoItKiuLv+QY7qF0iQU

mIiJPFLCM3is2olSUcMavXOl4bG2QOGAnQp8oZN/KqEywxzn/43CX3kR8zxR03O0PpZp0ZPloT4

DBfD9RfAZK6QVypqUDdEwHA5qHKZWhKVZDjFlujfJ/s52Pud+8x/c2t89s8MliJpi7E7n1F6888

pU3nuvL/M9SFPmT50AMFhNJd7OTXY/OIy5UvVoipUM8A+wI0wDp95lPR34EYHVRDPm3GVzS2/i7

2+HYHXKIJgF3uYcb+aXE1olZomxpG4IekKLc6sDOdiVNkMPFjXTpkbnpgREF3kW/BCfcY8mkz+F

tdNHC0VaKYOqlFS5q8g7j+Ln304AMpPPKsLf5Qxjbp5as1

X-Google-Smtp-Source: AGHT+IEgnN+CiCMiRhkuzOV123226nFhohXsAaH+jN66cb1C7T/uTqYxoVbTfU4BgGxbnuQ3mSEaOw==

X-Received: by 2002:a05:6a00:158c:b0:806:12ff:3877 with SMTP id d2e1a72fcca58-80612ff38b5mr20807777b3a.4.1767171564400;

Wed, 31 Dec 2025 00:59:24 -0800 (PST)

Received: from Kanhaiya ([2401:4900:1c64:6ee1:295b:5f9:c613:cf0b])

by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-7ff7e797ab9sm34582890b3a.59.2025.12.31.00.59.23

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Wed, 31 Dec 2025 00:59:23 -0800 (PST)

From: "Malti"

To:

Subject: Designer\Developer ?

Date: Wed, 31 Dec 2025 14:18:58 +0530

Message-ID: <1493d01dc7a33$c2760ef0$47622cd0$@net>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_1493E_01DC7A61.DC2E4AF0"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adx4xFw7Ltrw58fRQgC+GAa86HdPUA==

Content-Language: en-us

X-Spam_score: 6.6

X-Spam_score_int: 66

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, I'm reaching out to see if there is anything that would

like to create Shopify & Wordpress, upgrade, repair, or redesign on your

website or Mobile App. I am a web designer/developer that can do just about

anything you can imagine at very affordable prices.



Content analysis details: (6.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

[209.85.210.195 listed in dnsbl.ahbl.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[dnsbl.ahbl.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[dnsbl.ahbl.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[dnsbl.ahbl.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.195 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[2401:4900:1c64:6ee1:295b:5f9:c613:cf0b listed in]

[will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

[209.85.210.195 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.195 listed in list.dnswl.org]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.195 listed in wl.mailspike.net]

0.9 PRICES_ARE_AFFORDABLE BODY: Message says that prices aren't too

expensive

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 FROM_FMBLA_NEWDOM28 From domain was registered in last 14-28 days

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} Designer\Developer ?

Web/SEO/App spam from Google Gmail Part 2

Posted by Dave Yadallee on
This is a multi-part message in MIME format.



------=_NextPart_000_1493E_01DC7A61.DC2E4AF0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hello,



I'm reaching out to see if there is anything that would like to create

Shopify & Wordpress, upgrade, repair, or redesign on your website or Mobile

App.



I am a web designer/developer that can do just about anything you can

imagine at very affordable prices.



Let me know what you think.



If interested. May I send you sample, Portfolio and company Details?



Thank you for your time and consideration.



Kind Regards,

Malti



Country-India









------=_NextPart_000_1493E_01DC7A61.DC2E4AF0

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">

class=3DWordSection1>

Hello,

I'm reaching =

out to see if there is anything that would like to create Shopify & =

Wordpress, upgrade, repair, or redesign on your website or Mobile =

App.

I am a web designer/developer that can do just about =

anything you can imagine at very affordable prices.

Let me know =

what you think.

If interested. May I send you sample, Portfolio =

and company Details?

Thank you for your time and =

consideration.

Kind Regards,
Malti


class=3DMsoNoSpacing>Country-India


class=3DMsoNoSpacing> 



------=_NextPart_000_1493E_01DC7A61.DC2E4AF0--



NetKnow now in NetCraft's Top 14700 part 2

Posted by Dave Yadallee on

MCSnet





MCSNET ranks >2000000 from >2000000 and are hosted by Microsoft .



Nucleus Internet Services





After that we have

Nucleus Information Services which can be found at Netcraft Rank >2000000 from >2000000 .





4Web





4web ranks >2000000 from >2000000 .



Alentus / Wolfpaw





Alentus

rank by Netcraft >2000000 from >2000000 and I note they are hosted in the USA .

wolfpaw.net

which ranks at >2000000 from >2000000



Yellowpencil





Yellowpencil Ranks >2000000 from >2000000



WSI Corporation





Next is WSI - We Simply The Internet of Toronto

at Netcraft Position >2000000 from >2000000 and are being hosted on Amazon.



Uniserve / Interbaun





Next, Uniserve

ranks on Netcraft >2000000 from >2000000

One of their acquisitions

interbaun

ranks with Netcraft ?????? from ?????? due to merging of sites.

One customer just came over from this organization in Nov 2006.



Clearwave Broadband





Clearwave Broadband ranks

at >2000000 from >2000000



Platinum Communications





Platinum Communications Corp.

bought out by Xplornet .



Wild Rose Internet





Wild Rose Internet

ranks >2000000 from >2000000 and I wonder if this is another wireless branch of Tera-Byte and bought out by Xplornet





TIC Internet





TIC Internet

ranks >2000000 from >2000000 ( I do remember you).



Nisa Custom Internet Solutions





Nisa Custom Internet Solutions

ranks >2000000 from >2000000 by Netcraft



MediaShaker





Media Shakers of Edmonton

ranks >2000000 from >2000000





Koi Media





Koi Media

rank >2000000 from >2000000



WebFire





Webfire.ca

ranks >2000000 from >2000000 and seems to be connected with Shaw.



Core Network Solutions Inc.





Core Network Solutions Inc.

ranks at >2000000 from >2000000 .



The Network Centre





The Network Centre

ranks >2000000 from >2000000 and are linked with Telus high Speed.





Open Concept Internet, Inc.





Open Concept Internet, Inc.

rank > 2000000 from > 2000000





Techalta





Interspots of Edmonton

acquired by Techalta ;



Yegtel





Yegtel rank > 2000000 .



Internet Crossroads





Internet Crossroads Ltd of North Edmonton

rank nothing from nothing by Netcraft and seems to merged with Tera-Byte/ecn.ab.ca .



If I remember anymore, I will add to this entry, before Netcraft changes our ranking. Please watch this space and please feel free to peruse

our services.

NetKnow now in NetCraft's Top 14700 part 1

Posted by Dave Yadallee on
All data is from Netcraft Toolbar .

Looks as if there are major changes to the Netcraft algorithm after some years! Why did Avast clasify the extension as URL:Phishing?

This is not the Alexa Tool Bar!



NetKnow







Netknow now at 14698 from 17767 at Netcraft and pfs compliant



A significant increase! We must do
  1. security audits regularly
  2. check on illegitimate traffic hitting the web server
    3. and
  3. keep design current!




How do we compare with other providers in

Edmonton, Alberta, Canada?



Rogers





Rogers Business Solutions

which rank 3945 from 4033 and are hosted in Europe.



Telus and reviews



Next we have Telus.com

ranked by Netcraft at 6342 from 6440 .

Sometimes their Web Hosting is done by
title="Internet Names for Business">Internet Names for Business

is ranked by Netcraft at >2000000 from >2000000 .



Is Telus's ADSL network susceptible to Code Red Attacks and Attackers?

Reviews of Telus are available :







Government of Alberta



The Government of Alberta Website

ranks 14637 from 14535 by Netcraft and seems to hosted on Cloudfare.





Netknow again





We at Netknow are at 14698 from 18857 from 6568 since late June 2025.



City of Edmonton







The City of Edmonton ranks 30361 from 28330 by Netcraft and hosted by Google.



University of Alberta







The University of Alberta ranks 52387 from 50444 hosted by Amazon Techonologies.



Juno and NetZero





We have Juno Internet ranked on top

at 342753 from 360776 who are the owners of

US Based Netzero at Netcraft Rank 60492 from 57142 .



Grant MacEwen University





MacEwan ranks 135810 from 133425 .



NAIT / Northern Alberta Institute of Technology





NAIT ranks 139314 from 138782 hosted by Microsoft .



TekSavvy



TekSavvy ranks 201404

from 204257 and are hosted by Microsoft



Shaw Cable





Next,

members.shaw.ca

ranks >2000000 from >2000000 and retired and

Shaw Cable

is next at Netcraft rank 1206884 from 316963 . Hosted now by Akamei .

Their Network Hosting Arm,

Big Pipe is at

Netcraft rank 289479 from 291469 and hosted by Akamai in Europe .



Reviews of Shaw are available :





Xplornet



xplornet

ranks >2000000 from >2000000 and are listed with

Cirrus9 and are joining up with Shaw.

Their new domain xplore.ca ranks 353892 from 330697 .

According to an article in the Sherwood Park Independent, they are also getting an Alberta Government subsidy.



Distributel / 3Web / CIA



Cybersurf

is ranked 680453 from 677891 and seems to be hosted in USA by DigitalOcean.



Internet Centre / CCINet



Internet Centre

rank 726269 from 729939 . Their partner Rack Nine ranks > 2000000.



Primus



Primus

ranks >2000000 from >2000000 and now points to BLACKIRON_DataCentres ranked >2000000 from >2000000.



Northern lights Fiber







Northern lights Fiber are ranked by Netcraft >2000000 and uses AWS.



OkayVPN





OkayVPN

are ranked by Netcraft >2000000 and uses Cloudfare.



Radiant Communications / goco.ca





Radiant Communications

are ranked by Netcraft >2000000 and part of goco.ca

which ranks >2000000 .



Tera Byte Edmonton and reviews





Next is Tera-Byte

at Netcraft Rank >2000000 with

Tera-Byte.ca

ranking >2000000 from >2000000 and their wireless arm Tera-Byte Wireless

sold to Xplornet.

One of Tera-Byte's acquisitions

Edmonton Community Networks

ranks at >2000000 from >2000000 and

Go Edmonton ranks >2000000 from >2000000.

Alberta political blogger Daveberta ranks >2000000 from >2000000; interesting!!!

Reviews of Tera-byte is available at

here

and another here

and check Google for more reviews; just search tera byte.

Nigerian spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 30 Dec 2025 16:24:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaj3n-00000000AHo-4A6M

for dave@doctor.nl2k.ab.ca;

Tue, 30 Dec 2025 16:23:27 -0700

Resent-From: The Doctor

Resent-Date: Tue, 30 Dec 2025 16:23:27 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from email.cpim.org ([138.201.210.237]:47879)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vahgy-0000000046Q-35NC

for doctor@nl2k.ab.ca;

Tue, 30 Dec 2025 14:55:57 -0700

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=cpim.org;

s=default; h=Reply-To:Date:From:To:Subject:Content-Description:

Content-Transfer-Encoding:MIME-Version:Content-Type:Sender:Message-ID:Cc:

Content-ID:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:

Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=LGm0Rr28lqzYDgqYDST2swzYqSO8R7H00iC7fQUUVtw=; b=lANhTFaOrsEMsK6hE0tXk9Wo1q

TmkQilrf2KCl79K6Ed9egUVXCMjEw5IxeXPL/WNmO2htqdl3KUHJvxPmZStV+hquK4P6zC0n3RsQZ

losxgioVhBALeDz5aFwlubv/ATZVJG4R/T9SVuLdXuGCyU8080Cdo4lFMMBRK2d0hQOFz7PumqZBu

NWFlg9NLDOtQW07s7d5IqpMPvbga9FNG4MmubrnCJMdSsElvVwG2YUQGyMzFu7GIkzX3nxiJ1neIY

dqig9wkhHlzg5C5ucafwpz/j6HbuzsglDbcraqPsEmNFLepFXmjXQnWVyY2aRRcPnOj9D8Dz3hqFG

i+7KBeHA==;

Received: from [103.141.235.183] (port=59412 helo=HY-23676.374593)

by komagata.komagata.in with esmtpsa (TLS1) tls TLS_DHE_RSA_WITH_AES_256_CBC_SHA

(Exim 4.98.1)

(envelope-from )

id 1vahgC-00000005dUc-25hA

for doctor@nl2k.ab.ca;

Wed, 31 Dec 2025 03:24:59 +0530

Content-Type: text/plain; charset="iso-8859-1"

MIME-Version: 1.0

Content-Transfer-Encoding: quoted-printable

Content-Description: Mail message body

Subject: doctor@nl2k.ab.ca

To: doctor@nl2k.ab.ca

From: "Mrs. Rafaela"

Date: Wed, 31 Dec 2025 05:54:56 +0800

Reply-To: rafaellaapponte@gmail.com

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - komagata.komagata.in

X-AntiAbuse: Original Domain - nl2k.ab.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - cpim.org

X-Get-Message-Sender-Via: komagata.komagata.in: authenticated_id: ptl@cpim.org

X-Authenticated-Sender: komagata.komagata.in: ptl@cpim.org

X-Source:

X-Source-Args:

X-Source-Dir:

X-From-Rewrite: unmodified, already matched

X-Spam_score: 8.6

X-Spam_score_int: 86

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Please confirm that this email address is still active and

that you can receive notifications about your donation of 2.7 million euros.





Content analysis details: (8.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[138.201.210.237 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

[103.141.235.183 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[138.201.210.237 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[138.201.210.237 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[138.201.210.237 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[138.201.210.237 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[103.141.235.183 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

[138.201.210.237 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[138.201.210.237 listed in list.dnswl.org]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 MILLION_EUR BODY: Talks about millions of euros

0.0 T_HK_NAME_MR_MRS No description available.

0.0 HK_NAME_MR_MRS No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.1 MONEY_NOHTML Lots of money in plain text

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

Subject: {SPAM?} doctor@nl2k.ab.ca



Please confirm that this email address is still active and that you can rec=

eive notifications about your donation of 2.7 million euros.

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Dec 2025 12:45:03.8958

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR04MB6150

X-Spam_score: 5.1

X-Spam_score_int: 51

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hi, doctor@nl2k.ab.ca I was just wondering if you had a chance

to review the previous email I send to you. I understand the value of your

time so I'd like to know what's the best way to reach you and when can we

discuss this in more detail?



Content analysis details: (5.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.66.61 listed in dnsbl.ahbl.org]

[52.103.66.61 listed in dnsbl.ahbl.org]

[52.103.66.61 listed in dnsbl.ahbl.org]

[52.103.66.61 listed in dnsbl.ahbl.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.66.61 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.66.61 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.66.61 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.66.61 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:820:f4:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

[52.103.66.61 listed in will-spam-for-food.eu.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.66.61 listed in wl.mailspike.net]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[liliana.join(at)outlook.com]

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Re-last mail update please.



--_000_KL1PR04MB7306A88F3CF829A15148B5829EBCAKL1PR04MB7306apcp_

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable



Hi, doctor@nl2k.ab.ca







I was just wondering if you had a chance to review the previous email I sen=

d to you.







I understand the value of your time so I'd like to know what's the best way=

to reach you and when can we discuss this in more detail?







Waiting,



...........................................................................=

...........................................................................=

.........



From: Liliana [mailto: liliana.join@outlook.com]



Sent: Thursday, 23 November 2025, 3:30 PM



To: doctor@nl2k.ab.ca







Hi,

Web/SEO/App Spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on
Thank you for your response.







Friday at 10:00 AM works perfectly for me. I look forward to discussing you=

r website redesign and mobile app requirements in detail.







Please let me know if you prefer a Zoom/Google Meet call, and feel free to =

share the meeting link at your convenience.







Speak to you on Friday.







Best regards,



--_000_KL1PR04MB7306A88F3CF829A15148B5829EBCAKL1PR04MB7306apcp_

Content-Type: text/html; charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=

//www.w3.org/TR/REC-html40">




>











Hi, doctor@nl2k.ab.ca



 



I was just wondering if you had a chance to re=

view the previous email I send to you.



 



I understand the value of your time so I’d =

like to know what’s the best way to reach you and when can we discuss=

this in more detail?



 



Waiting,



…………………=

…………………………̷=

0;…………………………=

230;…………………………&=

#8230;…………………………=

;………



From: Liliana [mailto: liliana.join@outlook.com]<=

/p>

Sent: Thursday, 23 November 2025, 3:30 PM



To: doctor@nl2k.ab.ca



 



Hi,



 



Thank you for your response.



 



Friday at 10:00 AM works perfectly for me. I look=

forward to discussing your website redesign and mobile app requirements in=

detail.



 




:yellow">Please let me know if you prefer a Zoom/Google Meet call
>, and feel free to share the meeting link at your convenience.



 



Speak to you on Friday.



 



Best regards,











--_000_KL1PR04MB7306A88F3CF829A15148B5829EBCAKL1PR04MB7306apcp_--

Web/SEO/App Spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 30 Dec 2025 08:45:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vabtb-00000000Jic-0so3

for dave@doctor.nl2k.ab.ca;

Tue, 30 Dec 2025 08:44:27 -0700

Resent-From: The Doctor

Resent-Date: Tue, 30 Dec 2025 08:44:27 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012061.outbound.protection.outlook.com ([52.103.66.61]:34782 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vaZ6u-00000000AJI-3HoX

for doctor@nl2k.ab.ca;

Tue, 30 Dec 2025 05:46:11 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=QGpB0VC6mZiYBiDFp29GQF2Ce/njdmckeGX0r3RJ6vc/sBLZ9qnP7hl/ARkxsd0EdfSXmcWmpxZjpR0ONIdbEp24S4lfnwslV+cMA6AwGmjSBdtyUcYZBKthj3S24KYBBkjN6Qxa3PnuzLeSvhKNK/qQbKW42zoTylhZT5kShUzeTORuu8zCfV7mIp3pPP25j58seXU5G4Wgf9FEjqIWA0cbsR7k8Z2wBOUIIwRqalL/4rKLIgEY3zCjq7edWVB4JOLrNcKZuKPrVyJ4xCW9mmuuTMwzxm5I2kb1wk1/h7Ah6Die0mCXBvSWvuf6aoTWwWamyoaBLeY9ChIUcjissg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=Tu73F5axUtS8QnlEwv5Nb8/z/i+kdIRTGeTrQcLDnGg=;

b=Caomi4W2YPZatIHvZBLBMqIrvN1bW7hfsEeOY4ziPsiDAORcyCd7Cpb2hAXHHb1324JRxeGyatDI0SZ0tv76STljhdLkAK//W7yUj7pI1u6Jazv6+cNlFfqjTuzOMXj/giMQLiGALW3HNVrXvsDMJo2IaqcPvlWALeaPIxTIoVXWoQddbvSU8tlZCaVf43tMcchzhaugWtVtAihzgPW7uSEUcuPrS9oo4/lkgzp4BbMv6XNft8aR8T9olOsqwvPDTYOsBwd4eYaOAF0p30lbwgr20kusVnIZoAO222p9xz1Q1rroKgdF7Du3DY5RVhO8s8V4j4UEeAQeyBFRtXXNZg==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=Tu73F5axUtS8QnlEwv5Nb8/z/i+kdIRTGeTrQcLDnGg=;

b=ZPaHBZ+FNCa7FLgBQGKbvx9FJzb/gd3kZIAeU6DZpxNU53Ni4V7z1u1NY9xMJkyhJzdOLGIa4hM7xxIofUiA5Lm6zkZ+oKoxJr0L7CCJpBFGRvZqFaQ7JRA4UWtlCM5yJn9q8jRWNoeqQ/Q4c8PqfcDbGeUxTeFBFytTtYxgxpDRwrtdim5rhWsef31uZlQzSOA7GcT7UUUM4m8z2OjGxuveLvCpKC184WneUkPb5HGsB2vIrUTyb8fpy6/6B3wC71luu87CW+xgQQeD/EsvFOkRvs2v39T6WY5xPa5iBE6kxIGtTceSuJxbgKWnIfPvyhHF4I2O2XtESVxku2FcSA==

Received: from KL1PR04MB7306.apcprd04.prod.outlook.com (2603:1096:820:f4::6)

by TYZPR04MB6150.apcprd04.prod.outlook.com (2603:1096:400:25c::12) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9456.14; Tue, 30 Dec

2025 12:45:04 +0000

Received: from KL1PR04MB7306.apcprd04.prod.outlook.com

([fe80::e477:85c1:6d71:c44b]) by KL1PR04MB7306.apcprd04.prod.outlook.com

([fe80::e477:85c1:6d71:c44b%6]) with mapi id 15.20.9456.013; Tue, 30 Dec 2025

12:45:04 +0000

From: Liliana Join

To: "doctor@nl2k.ab.ca"

Subject: Re-last mail update please.

Thread-Topic: Re-last mail update please.

Thread-Index: Adx5iAuFXFPR15f9QSClwopRJ0h52Q==

Importance: high

X-Priority: 1

Sensitivity: company-confidential

Date: Tue, 30 Dec 2025 12:45:03 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: KL1PR04MB7306:EE_|TYZPR04MB6150:EE_

x-ms-office365-filtering-correlation-id: 6c1ebaec-670c-472a-add2-08de47a14104

x-microsoft-antispam:

BCL:0;ARA:14566002|13091999003|5062599005|19110799012|21061999006|8062599012|8060799015|31061999003|15080799012|39105399006|20031999003|461199028|3412199025|440099028|40105399003|102099032|30101999003|12091999003;

x-microsoft-antispam-message-info:

=?us-ascii?Q?WA2qaF5SGS8AoWwyeCfrWIwdxiadA7Qok5jI+d0EORqJ8Ae2NF/wYEOklO/U?=

=?us-ascii?Q?W9KYS0SjVvpSvKwr328dwzoD3WksafZn1ptkmKklavX4+i6c+WkU9IBmq+4H?=

=?us-ascii?Q?gLH4p425g6cazvyUUORErnZGrR6YxtKs/2uL+yJkSUyBTMu3ICO0ICqD95xf?=

=?us-ascii?Q?6KjFDDlAUgsK4njorZOjte36LG/sJaqNGG+iR4YlBUX/bX71SH4RC2Z40gDz?=

=?us-ascii?Q?dDo1bmpJtK/kQ8jipZC7ob0RULv8JAYMwdMpkkKHtOVyA5urp3SdoMlgIEny?=

=?us-ascii?Q?f/FselYJPLPHWlFUBeAMN0RhU6SekSy1uODL1w39lL3JNQHKwIm+t3RuoZbu?=

=?us-ascii?Q?RW3QECKOxetPJq5MMetJEP8iYL7xvhV2bKKurtYIDM+1K2/dFJ1yllKl8J+4?=

=?us-ascii?Q?v417xpIi4OkN4Xe3X4YxN1avRRQWqa2KHUTORTv+0Rp7M7SFsDqs/Kn0J99w?=

=?us-ascii?Q?XKZctLqI6wJVKkgaz1nYaAHEid/d7DLGZo7vvtfqfQ0wCsQcGNolJ2HX8XHd?=

=?us-ascii?Q?qdcZR/EVilLJ606nRcqKy8LiYcjZ84asmuBboozbyt+QdAn5x8ICHo0Bv2qC?=

=?us-ascii?Q?HHzM3BBvVKIM0kAyOzvG+Et1LN9F45WDzadvSH/IlE2NOG6lHiPHdrwA99Wx?=

=?us-ascii?Q?W8RJIjlX7gHUzelSUUV0sNzntXdague+W8cMoZyIlbwUoIeAfaYByw3CkpUj?=

=?us-ascii?Q?AnFZJf+dDVgi5DZO18//nApDW/WUuOqDhuUz5/U1EjzSE8INSMiGc85q6BXx?=

=?us-ascii?Q?QXryPWVhwXsZqbeF2/St885sgEgzi6fbOEZn5/iN4qVk6F6iTbBAjhYu0NQB?=

=?us-ascii?Q?Hp4FmS9B7WpKMYbQHAnqOG6i5vw147nEcmHOflCGVs60+/+cS/MxThBQWMAh?=

=?us-ascii?Q?/wP/wZPLoGTjsKYHiLcEydBddg1pfJbDG2/Ea9+wCpBh+A/urWwAPpT7eBWR?=

=?us-ascii?Q?Xk5+sqqN3wC9QRHah0rk/9i4INnoqnfWvhVWCsgiM0EXaBkjit6wYu5GwnSA?=

=?us-ascii?Q?zcr9n91w9Wn0AVrJ1R1536O7JVfFlwhnSY5palCX6A+/q4gdJanqCgVkEZtD?=

=?us-ascii?Q?b9nPiw1YlnQiFezcXc2FpleiCtaX7UWbUksKnRdj/wiRZD3Hta2H+6vDtv4J?=

=?us-ascii?Q?YqxPkJCMCAf3jzkbS/Tl84xvxqzEhIdENQR/uJGZb7L9dGUYrWZ5bojiniNV?=

=?us-ascii?Q?/rEquX0z2o0JWtHEMujQfrI9ClKfNcRj/WcaWTYnv+tsYlHV8EGlNTlo+2KF?=

=?us-ascii?Q?JIUJzW591npehl6voWc6vRNJt5/4EwtZ8AtUZ4mnaPC2O+ZYFqEOn9nv4TC9?=

=?us-ascii?Q?LuE0ehC4zv3z9vgvb1JpqXVvGFrjkOFlxE0CnP16j9sGhOMvlUjZiZQ1ofrb?=

=?us-ascii?Q?2GLy3cGTofeBllgoJvXS29amcUKb?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?us-ascii?Q?3IIAZBXYCYM1r2LSnHd8UW2WxuMa0JyX6JFW20bwYo+Hbq9FD4qnJuGDlw+h?=

=?us-ascii?Q?VrPbIw4d/oxD68QkmAX4qPitBIEjBEKK3D87zL5KqIY1dS2Pfryn9SMJXkgq?=

=?us-ascii?Q?A6+mk5NdK4fIDvBdbkUe1y+vlMvuZnM7WGzt3hJYtp7zffUZj36winSxpYYB?=

=?us-ascii?Q?SP8ajaR4AgHwhyKzk5ToxPZTjh/RsAAWOKUFImuV3BpUGAz+Ks7qiGJN+FjS?=

=?us-ascii?Q?USndI9lIp/1KMt4Vq+kqM+ZXauMWUyF+oAIoUoUgUKq9haNPw/LFpLT7iMrv?=

=?us-ascii?Q?ZLo56UpelJ/v5k21DuxOGTEWMgbwzZhDIEEP81aAwLzBgFY09cVLhvYtTLHl?=

=?us-ascii?Q?Q/igN1HXN5laR8CivHB2D9rgkWzlVfYYZD+OluwM7t7t4QdgYA0MbpEPPhUO?=

=?us-ascii?Q?gnxhw1B/nXLie1L1tVDs80rrYrqtlo06gBOK0V9sioRX60h/E+vD4gQUUofz?=

=?us-ascii?Q?Hp5Ktk5QGYlHUUbuQY0DLRnNehBJKiXGB5uJ0SGapKb2r7dgjd2VIRtBd60P?=

=?us-ascii?Q?IRi4aVhh3SAerC19zcUh5Wd54NyBsT2z2f3aqNK95wfRLLZKtJEWgpQ7JOA5?=

=?us-ascii?Q?fRxfb+MF0lI18f/zF/A546wKV6qM0diqgFSW54AIMUh4mODVBYd5JcCUGPNE?=

=?us-ascii?Q?NhEED1JoT7YQPYNSQrdGNYbN1JLcQ/ViHcdZ8wawXKD7Ma0KQ9qwUZYrwShJ?=

=?us-ascii?Q?VyTgvCKedAAkEdcLB8IIO+j0U4szkNNNkDXahXd++vmld8vGrq96p78IMkDm?=

=?us-ascii?Q?b6k57hiuwk8Trc0WnG/zjoOEMtFakoEIxztohxQxYT2+lMGhjKQW6JkAv3nJ?=

=?us-ascii?Q?5U5bMTLc1+qwE14MMaizGIqq/BD5mS3nZjovS7fAErneDKXTltXYQqOjdl1I?=

=?us-ascii?Q?f0HIYn3/qkCaprKOFbORaiwXYOpggkz4yC2JI4OPqfEAb5Qa13cfXofpg7Gy?=

=?us-ascii?Q?g5V3RMgN8UpHke6BBJqhcYrj4QdLq+AFEG4cWycAfAB17QHsxO88DiCws54J?=

=?us-ascii?Q?/2WrZzpt1Q1C3sc38I1l4/IwvtkHdZqwBmRgKPEvbTKL0FSm9nwsbriFunJh?=

=?us-ascii?Q?ZWGUItdRyvtXiO9tmtmuhzbUawYVVtQh9yAeNIMLJG7oWM8PSxMpJn2D/8Ua?=

=?us-ascii?Q?KLoFW3kDxkxQwpoc/xHe7z+A4tID90hYidbHDqY1fXVmxLhMl4SzkASE3bLz?=

=?us-ascii?Q?KXpqkoJcclzeV/Fq4aW2lwT4eE63BC/RpStUqkroOunWuiU0YwU2ahd9YKt0?=

=?us-ascii?Q?v2WDsweBHTjgpMRZN1kuI9N91Q5xhFV5ySupmtFZinvgtGS1EyGe/OUcp5Gu?=

=?us-ascii?Q?vb9I9y2azfs/kKN660C43Aq0Jj9Kt1yBGB10mp2SlM3gav5eSM0mTsDNuy/u?=

=?us-ascii?Q?JXL4MIdqAbJoSkwr6enaA6q2S4Sf?=

Content-Type: multipart/alternative;

boundary="_000_KL1PR04MB7306A88F3CF829A15148B5829EBCAKL1PR04MB7306apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: KL1PR04MB7306.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 6c1ebaec-670c-472a-add2-08de47a14104

Web/SEO/App Spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (7.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.74.77 listed in dnsbl.ahbl.org]

[52.103.74.77 listed in dnsbl.ahbl.org]

[52.103.74.77 listed in dnsbl.ahbl.org]

[52.103.74.77 listed in dnsbl.ahbl.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[dnsbl.ahbl.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.74.77 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.74.77 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.74.77 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.74.77 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[2603:1096:301:bc:0:0:0:10 listed in]

[will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

[52.103.74.77 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.74.77 listed in list.dnswl.org]

0.8 DKIM_ADSP_NXDOMAIN No valid author signature and domain not in DNS

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

0.0 ARC_VALID Message has a valid ARC signature

0.0 ARC_SIGNED Message has a ARC signature

0.5 ONE_WORD_SUBJECT Subject with only one lower-case word

0.3 FROM_LOCAL_HEX From: localpart has long hexadecimal sequence

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.74.77 listed in wl.mailspike.net]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 FORGED_SPF_HELO No description available.

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} url



--_000_PUZPR04MB64877A35DEA8A62CF097A8FEB5BCAPUZPR04MB6487apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,



I found a few errors on your site.



Would you like me to send over a summary of those errors?



I can also provide an Audit Report of your business website.



May I send you a Quote as well?



Warm Regards

James



--_000_PUZPR04MB64877A35DEA8A62CF097A8FEB5BCAPUZPR04MB6487apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

Hi,



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">







-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

I found a few errors on your site.



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">







-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

Would you like me to send over a summary of those errors?



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">







-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

I can also provide an Audit Report of your business website.



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">







-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

May I send you a Quote as well?



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">







-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

Warm Regards



-serif; font-size: 11pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

James








--_000_PUZPR04MB64877A35DEA8A62CF097A8FEB5BCAPUZPR04MB6487apcp_--