Geek Squad Phish from Google Gmail Part 2

Posted by Dave Yadallee on
--0000000000005fb51a0650ae91de

Content-Type: multipart/alternative; boundary="0000000000005fb5190650ae91dc"



--0000000000005fb5190650ae91dc

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



UmVtaW5kZXI6IFBsZWFzZSBDaGVjayBZb3VyIFBsYW4gUmVuZXdhbA0KVGh1cnNkYXkgQXByIDMw

LCAyMDI2IOKLhSAxMTo0OHBtDQpFYXN0ZXJuIFRpbWUgLSBOZXcgWW9yaw0KDQoNCg0KUmVuZXdh

bCBEYXRlOiBUaHVyc2RheSwgMzAgQXByaWwgMjAyNk1lbWJlcnNoaXAgSUQ6IFo4NExTUUtYRDg0

OTRGVGVsZXBob25lICANClN1cHBvcnQgU2VydmljZTogMXs4MDh9ICA4NDktMzE1OURlYXIgQ3Vz

dG9tZXIgVGVhbSxXZSB3b3VsZCBsaWtlIHRvIGluZm9ybSAgDQp5b3UgdGhhdCB5b3VyIEdlZWsg

U3F1YWQgUGxhbiBoYXMgYmVlbiByZW5ld2VkIGZvciA1IFllYXJzLiBUaGUgcmVuZXdhbCAgDQpj

aGFyZ2Ugb2YmbmJzcDsmbmJzcDskMzMzLjM1IFVTRCZuYnNwOyZuYnNwOyZuYnNwO2hhcyBiZWVu

ICANCmFwcGxpZWQuVHJhbnNhY3Rpb24gRGV0YWlsczpDdXN0b21lciBJRDogT09CVEhLWDhJNThZ

VGF4OiBVU0QwMEl0ZW0gIA0KUHVyY2hhc2VkOiBDeWJlckNvcmUgRXNzZW50aWFsc1F1YW50aXR5

OiAxTWVtYmVyc2hpcCBEdXJhdGlvbjogNSAgDQpZZWFyc1BheW1lbnQgTW9kZTogQ29uZmlybWVk

QW1vdW50IENoYXJnZWQ6Jm5ic3A7JDMzMy4zNSBVU0QNCkVuYWJsZSBLZXk6Jm5ic3A7NTE3ODI0

YjYtMGExMi00NjVkLTgwMGMtMTkyMGI0NDQ0MTcwWW91ciBtZW1iZXJzaGlwICANCnByaXZpbGVn

ZXMgcmVtYWluIGFjdGl2ZS5JbXBvcnRhbnQ6UGxlYXNlIGNvbnRhY3QgdXMgYXQmbmJzcDsrMSAo

ODEwKSAgIA0KMzg2LTM0OTImbmJzcDtpZiB5b3UgbmVlZCBhc3Npc3RhbmNlIHJlZ2FyZGluZyB0

aGlzIHJlbmV3YWwuVGhhbmsgeW91LFRlYW0gIA0KR2VlayBTcXVhZCdzSGVscCBDb250YWN0IE51

bWJlcjogKzEgKDgxMCkgIDM4Ni0zNDkyDQpPcGVyYXRpb25hbCBIb3VyczogNiBBTSDigJMgNiBQ

TU9wZXJhdGlvbmFsIEhlYWQ6IEphc29uaiBIYUdlZWsgU3F1YWQncyAgDQomY29weTsgMjAyNiBB

bGwgUmlnaHRzIFJlc2VydmVkDQoNCk9yZ2FuaXplcg0KQWxnZW5lIHlvZXNsZQ0KYWxnZW5leW9l

c2xlQGVybXVrLmNvbQ0KDQpSZXBseSBmb3IgZG9jdG9yQG5sMmsuYWIuY2EgYW5kIHZpZXcgbW9y

ZSBkZXRhaWxzICANCmh0dHBzOi8vY2FsZW5kYXIuZ29vZ2xlLmNvbS9jYWxlbmRhci9ldmVudD9h

Y3Rpb249VklFVyZlaWQ9Wkc5MFJFdFJiazVQVldwblptYzVTSGRMYWpGNFZWSkxRbVFnWkc5amRH

OXlRRzVzTW1zdVlXSXVZMkUmdG9rPU1qSWpZV3huWlc1bGVXOWxjMnhsUUdWeWJYVnJMbU52YlRG

aVpqSXlZelptWVRCbFlqbGlOV0kzT1RZNE5EVmxOVFJoTlRabU56TmtOekEyWlRFd01HVSZjdHo9

QW1lcmljYSUyRk5ld19Zb3JrJmhsPWVuJmVzPTANCllvdXIgYXR0ZW5kYW5jZSBpcyBvcHRpb25h

bC4NCg0Kfn4vL35+DQpJbnZpdGF0aW9uIGZyb20gR29vZ2xlIENhbGVuZGFyOiBodHRwczovL2Nh

bGVuZGFyLmdvb2dsZS5jb20vY2FsZW5kYXIvDQoNCllvdSBhcmUgcmVjZWl2aW5nIHRoaXMgZW1h

aWwgYmVjYXVzZSB5b3UgYXJlIGFuIGF0dGVuZGVlIG9uIHRoZSBldmVudC4NCg0KRm9yd2FyZGlu

ZyB0aGlzIGludml0YXRpb24gY291bGQgYWxsb3cgYW55IHJlY2lwaWVudCB0byBzZW5kIGEgcmVz

cG9uc2UgdG8gIA0KdGhlIG9yZ2FuaXplciwgYmUgYWRkZWQgdG8gdGhlIGd1ZXN0IGxpc3QsIGlu

dml0ZSBvdGhlcnMgcmVnYXJkbGVzcyBvZiAgDQp0aGVpciBvd24gaW52aXRhdGlvbiBzdGF0dXMs

IG9yIG1vZGlmeSB5b3VyIFJTVlAuDQoNCkxlYXJuIG1vcmUgaHR0cHM6Ly9zdXBwb3J0Lmdvb2ds

ZS5jb20vY2FsZW5kYXIvYW5zd2VyLzM3MTM1I2ZvcndhcmRpbmcNCg==

--0000000000005fb5190650ae91dc

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">



















=20



=20

















Cybersecure Plus Phish from Google Gmail Part 4

Posted by Dave Yadallee on

/InformAction">
emtype=3D"http://schema.org/EmailMessage">
ntent=3D"Alversia Yaari: Reminder: Your Plan is Set to Renew"/>
itemprop=3D"object" itemscope itemtype=3D"http://schema.org/Event">
temprop=3D"eventStatus" content=3D"http://schema.org/EventScheduled"/>
itemprop=3D"publisher" itemscope itemtype=3D"http://schema.org/Organizatio=

n">
op=3D"eventId/googleCalendar" content=3D"1GbuQdXm9em9oLHKW3kjFdldW0"/>
style=3D"display: none; font-size: 1px; color: #fff; line-height: 1px; hei=

ght: 0; max-height: 0; width: 0; max-width: 0; opacity: 0; overflow: hidden=

;" itemprop=3D"name">Reminder: Your Plan is Set to Renew
idden=3D"true">

--000000000000d011010650ad1170--

Cybersecure phish from Google Gmail Part 2

Posted by Dave Yadallee on


--000000000000d011010650ad1170

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:offi=

ce">
t=3D"text/html; charset=3DUTF-8">
=3Ddevice-width,initial-scale=3D1">
ight dark">





















=20



=20

Nigerian Spam from Google Gmail Part 2

Posted by Dave Yadallee on




Dear Friend:



I am Mr. Robert Setshedi a Financial Consultant from South Africa. I want

to partner with you on a transaction worth $100M USD. I had a client who

unfortunately died of COVID-19 complications from 2020. I want you to

receive this money as a representative for my late client. I shall provide

to you all appropriate legal documents that will present you as a legal

representative and entitlement to this assets/estate. Including AU METAL

(100kg).



reply through my Email: rsetshedi685@gmail.com. We shall discuss a whole

lot of issues including disbursement modalities and of course any questions

you will have regarding the process of this transaction.



Best Regards

Mr. Robert Setshedi



--0000000000009fb21f0650ac00ad

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Dear Friend:

I am Mr. Robert Setshedi a Financial C=

onsultant from South Africa. I want to partner with you on a transaction wo=

rth $100M USD. I had a client who unfortunately died of COVID-19 complicati=

ons from 2020. I want you to receive this money as a representative for my =

late client. I shall provide to you all appropriate legal documents that wi=

ll present you as a legal representative and entitlement to this assets/est=

ate. Including AU METAL (100kg).

reply through my Email:
mailto:rsetshedi685@gmail.com">rsetshedi685@gmail.com. We shall discuss=

a whole lot of issues including disbursement modalities and of course any =

questions you will have regarding the process of this transaction.

B=

est Regards
Mr. Robert Setshedi




--0000000000009fb21f0650ac00ad--

Cybersecure phish from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 07:07:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIR62-00000000KXv-3yS1

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 07:06:26 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 07:06:26 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oa1-f74.google.com ([209.85.160.74]:55388)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIR2c-00000000IQP-1aTs

for doctor@nl2k.ab.ca;

Thu, 30 Apr 2026 07:03:05 -0600

Received: by mail-oa1-f74.google.com with SMTP id 586e51a60fabf-42fb0f12b10so998107fac.2

for ; Thu, 30 Apr 2026 06:02:04 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1777554118; x=1778158918; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=MpDJJJnd4ex83oRMbw94ncZuZKNxrNpAONvsYhYQwuA=;

b=gcyU7JIDSuPmKAXBMzwXdivWLMDd3YOxMal6flmei4TRnYFPq4UZhYTtyvQkXyS15a

lzzzh64hPo0sgl1IbXputlGDd939GeT6TWY7kQXoui8kz0sytNrRlBjzyAEk8jkvcnMF

YUs0TLiTcxw4+A99ZqyvQNjoSzbyF3Oee/9nPW7F5O0WugfrnG+uXIp6SRA7/MO2MtgS

OaTsPEoVeM7N2Q5Pp4slADH8XSOuiGoarmVrI4c1dtJxSqhWwgcXxHe8btoK/dYZXbC7

SRXJwm0zdmy+yDr+gYlOzgIfe0+3jzCYSpODbZmogt27B/5mcxmFyIKKQ5lClQevx3WM

w+Vw==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=haberlo-com.20251104.gappssmtp.com; s=20251104; t=1777554119; x=1778158919; darn=nl2k.ab.ca;

h=from:subject:date:message-id:sender:reply-to:mime-version:from:to

:cc:subject:date:message-id:reply-to;

bh=MpDJJJnd4ex83oRMbw94ncZuZKNxrNpAONvsYhYQwuA=;

b=Scag2nDcuzRz/56ucFdEpTl4A7qVRUQgZ510KooekK1AVYylo1HbMoKcZC2KTMdmZn

zSogS/8WwsWJTvRP0ckQQkQsVBCE5ibSILDgNVmGVBCEY4w9yawkqCjalhFHpPlIcDsL

C4vmPwTMGKnihw5U2DZ9ML4L/pn/dJxkhcUuu7BqTlOH5Ps8muUrvkfnZlQvJ+DfGpQQ

XhFLKOedM8gfpUpRzsqApUxQlranC6dJ3Vm0H8NLFkUbinHMcCY6Xttg7OKZ9I7pV4uU

LJh2TVslAh0bq0V7br7kHbSnnHRKDJzuPwa4ns/nqJfcgTYxJ1Y3Ip5z9HPD621Z3WdY

SxWg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1777554119; x=1778158919;

h=from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=MpDJJJnd4ex83oRMbw94ncZuZKNxrNpAONvsYhYQwuA=;

b=HkZ+mWa0GLfQhJr04cp0XXofQ21QBA73Hc5UL8GcspoAg0bwm8cowkx6rZsx6i+3qR

DF4DeIuJi301fRtldjJlA0HO8FrleMBOwW2awnSXli6UszGkWHhcXeUr1tI9jR2bVlT5

Bn0hFwzZU3TV9q4v7fTX+DDG8nGBt0cYoSI/XmDD4hy/Wv16ILgGXeuVFlClbDPKqxbf

RnqY1ySARUXi3/dQAmGQG944QfvqKZS7B5TkqtPSr9v3u8IZk6n9GFY0YOpB3WgqA/ho

QdjVC88oJ0f0XsyyP9MqyDROErBNWX9fwmC7gZL9tjq5Yvim70hSVCut/QU6NNbFvFb9

bZIw==

X-Forwarded-Encrypted: i=1; AFNElJ9GebK0/wFSZouk5CX2bxNwbDetTrLMlNj1s3ovjEQaXqFhZbM/DD/dtsHHjRHMYcZUPb8Ka1Y=@nl2k.ab.ca

X-Gm-Message-State: AOJu0Yxwg26loph9G8R/j9p4r6qJbAcA4rODwD9KBxaRjlSZMqXqjsLo

JfD44Mfg7G/GOmJf6FaC8vo3J0mzYZ7Ed4QoRySYDDaqsybvGFMpWEZZn9kdebJQew5CA53ULZJ

cM/QlW3qJvjLuJqIuMR7Y1WTutU2KJmWQWLTLqR/mbvfd/A==

MIME-Version: 1.0

X-Received: by 2002:a05:6870:e24f:b0:42c:62c:20db with SMTP id

586e51a60fabf-4343409e4e7mt1381902fac.38.1777554118437; Thu, 30 Apr 2026

06:01:58 -0700 (PDT)

Reply-To: Alversia Yaari

Sender: Google Calendar

Message-ID:

Date: Thu, 30 Apr 2026 13:01:58 +0000

Subject: Reminder: Your Plan is Set to Renew

From: Alversia Yaari

Content-Type: multipart/alternative; boundary="000000000000d011010650ad1170"

X-Spam_score: 10.3

X-Spam_score_int: 103

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Reminder: Your Plan is Set to Renew Reminder: Your Plan is

Set to Renew Friday May 1, 2026 ⋅ 2:01pm New Zealand Time Geek Squads 📄

Order Date: Thursday, 30 April 2026Order Receipt: KMK8YHDY58Z1Z4📞 Hotline

Number: (808)-849 3159.System Membership NotificationAccount Update,This

message is shared to keep you inf [...]



Content analysis details: (10.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

[209.85.160.74 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.160.74 listed in dnsbl.ahbl.org]

[209.85.160.74 listed in dnsbl.ahbl.org]

[209.85.160.74 listed in dnsbl.ahbl.org]

[209.85.160.74 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.160.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.160.74 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.160.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.160.74 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.74 listed in list.dnswl.org]

1.0 HK_RANDOM_FROM From username looks random

0.6 HK_RANDOM_ENVFROM Envelope sender username looks random

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.2 MISSING_HEADERS Missing To: header

0.6 J_CHICKENPOX_64 BODY: 6alpha-pock-4alpha

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.160.74 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.9 REPLYTO_WITHOUT_TO_CC No description available.

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

Subject: {SPAM?} Reminder: Your Plan is Set to Renew



--000000000000d011010650ad1170

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



UmVtaW5kZXI6IFlvdXIgUGxhbiBpcyBTZXQgdG8gUmVuZXcNCg0KUmVtaW5kZXI6IFlvdXIgUGxh

biBpcyBTZXQgdG8gUmVuZXcNCkZyaWRheSBNYXkgMSwgMjAyNiDii4UgMjowMXBtDQpOZXcgWmVh

bGFuZCBUaW1lDQoNCg0KDQpHZWVrIFNxdWFkcyDwn5OEIE9yZGVyIERhdGU6IFRodXJzZGF5LCAz

MCBBcHJpbCAyMDI2T3JkZXIgUmVjZWlwdDogIA0KS01LOFlIRFk1OFoxWjTwn5OeIEhvdGxpbmUg

TnVtYmVyOiAoODA4KS04NDkgMzE1OS5TeXN0ZW0gTWVtYmVyc2hpcCAgDQpOb3RpZmljYXRpb25B

Y2NvdW50IFVwZGF0ZSxUaGlzIG1lc3NhZ2UgaXMgc2hhcmVkIHRvIGtlZXAgeW91IGluZm9ybWVk

ICANCmFib3V0IHRoZSB1cGNvbWluZyByZW5ld2FsIGN5Y2xlIG9mIHlvdXIgUHJlbWl1bSBQcm90

ZWN0aW9uIE1lbWJlcnNoaXAuICANCkJhc2VkIG9uIHlvdXIgY3VycmVudCBzdWJzY3JpcHRpb24g

cHJlZmVyZW5jZXMsIGFuIGFtb3VudCBvZiAkNDI0Ljg2IFVTRCAgDQptYXkgYmUgcmVmbGVjdGVk

IG9uIHlvdXIgYWNjb3VudCB3aXRoaW4gdGhlIG5leHQgMjQgaG91cnMuUHJvZHVjdCAgDQpJbnRl

bGxpZ2VuY2UgRGFzaGJvYXJkOkl0ZW06IEN5YmVyU2VjdXJlIFBsdXNUZXJtOiA1IFllYXJzVG90

YWwgQW1vdW50OiAgDQokNDI0Ljg2IFVTREFjdGl2YXRpb24gS2V5OiBlMTFmOGIyMy0xYzU2LTRk

MDAtOTYwOC0xZmY5MTYxNDc5MTZNZW1iZXJzaGlwICANCklEOiBFS0U2V0QxOTRRVGhpcyBpcyBh

biBhdXRvbWF0ZWQgbm90aWZpY2F0aW9uIHByb3ZpZGVkIGZvciByZWZlcmVuY2UgIA0KcHVycG9z

ZXMuIPCfk4wgSWYgeW91IHdvdWxkIGxpa2UgYXNzaXN0YW5jZSBvciBoYXZlIHF1ZXN0aW9ucywg

eW91IG1heSAgDQpjb250YWN0IHVzIGF0ICg4MDgpLTg0OSAzMTU5Li5UaGFuayB5b3Ugb25jZSBh

Z2FpbiwsR2Vla1NxdWFkJ3NBY2NvdW50cyAgDQp0ZWFtOiBDYXJvbHluIFNtaXRo8J+TniBDdXN0

b21lciBDYXJlIENvbnRhY3Q6ICsxICg4MDgpICAgDQoyMjYtMTE1MkFkbWluaXN0cmF0aXZlIFRl

YW06IDQyNTUgV2V0dW1wa2EgSHd5IFNhbiBMZWFuZHJvIENhIDk0NTc3LTQyMTYgIA0KVXNhJmNv

cHk7IDIwMjYgQ29tcGFueS4gQWxsIHJpZ2h0cyByZXNlcnZlZC4NCg0KDQpPcmdhbml6ZXINCkFs

dmVyc2lhIFlhYXJpDQphbHZlcnNpYXlhYXJpQGhhYmVybG8uY29tDQoNCkd1ZXN0cw0KKEd1ZXN0

IGxpc3QgaGFzIGJlZW4gaGlkZGVuIGF0IG9yZ2FuaXplcidzIHJlcXVlc3QpDQoNCg==

Nigerian Spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 06:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIQPl-00000000FPp-1Dcn

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 06:22:45 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 06:22:45 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oa1-f66.google.com ([209.85.160.66]:59883)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIPqf-00000000KGj-0hGx

for root@nk.ca;

Thu, 30 Apr 2026 05:46:39 -0600

Received: by mail-oa1-f66.google.com with SMTP id 586e51a60fabf-40ea36b56b7so661201fac.3

for ; Thu, 30 Apr 2026 04:45:41 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1777549535; cv=none;

d=google.com; s=arc-20240605;

b=J9XMy2JAeN+4HVbyXipjUe9vqJ5jDNnBQHzI990racRSv8Q9M+Ojsdmx2mCUIZCLvo

t80UV+hTZCX8Nauaj3dwFR6sPtUvgiCS7oI9mmzB3aOJP5MjlfQDGZw2arBUjbvshRzW

vge3i/GN4r/Wj/V6+FobFK7lSRXNMzkZQez7B7QvHxJejz8sboXe6BBPXIj1LibHY9fT

GOMDV4n7B8GX9y2/PbvM4iJwGoAylbz4zoWNIjXyPRDBdYqxf7Ry+/TqOms+9R6ajoa2

5bwqlzCd+U2tXwaBJTi0kHRpNh6oaDeQsM3XUoXeetQx31XaIVLsid2oi4d8eycMHCGk

MiMA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=aYKAQGp3aXxJ5cZm7N6/KA3zLAls3sgDiEs6u7ocDlA=;

fh=ntUln20fBUzi3fpWqrSmHgwZxmXEudPgxOcsK4r/0mw=;

b=NYk5JHquICmXl0POeBftV9j0kX0WEoI3wYphmBK3NDnXPqsI7RYyNcOQ1QD/rDDvPP

TJ5KH/BW71rPveIWQgTWNnsMyj+z3e+wIiUN5KMzL/f0RUuOTD/fK6tVVa3fEqQ1sZui

PttZvr/5Mb/m/M7jQnKTOpWoWEcw/hAWdCX1B4qdPOjKgaCQr+Mr4am3ndCxQXGinfDt

hat5IOaSHpMppUsqHH4JcOGMmgeUcRHJ3AcK94dW9VOodK2B79rxUPr9qOr1WJgMu/NP

nQOblfApncLseBxsYwkvpz8WCJm5CikTZs9OFp6ZLhe5KSyNJ8q/H+ZA/ipNG2N1Td0Q

LAtg==;

darn=nk.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1777549535; x=1778154335; darn=nk.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=aYKAQGp3aXxJ5cZm7N6/KA3zLAls3sgDiEs6u7ocDlA=;

b=AIVhQHdWwz6aO+U3ImXGDhpL5eFYU63L/EF6zIcMFSBIUYddcZRQBYa0HH5556Wwxo

xp/4t1OaP3qYR4KVYsW9hEb91wRSCq2WGnjQakPdDXXNgiYaXp3Zs9VI+wwxHFH0HgCM

MiS2JAI9XFrRXfifLcw4IFThzHor4n3kpYwlUFRfUplV37jXnottw/+uOT/f8HZUt6bC

W88ph5fL4g3kAUO1EUU9BXT35d1yJ5HPFbXtw+AuA3pXLfnDhvXAw2wg0HZSFrGwTmph

Nk2Gl727Qq7ktcX76HaqCIg5IrOzYVLtWcu5KOSJzHlUKzovDUeuE3y39hifhabm5Iiy

ZhNg==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1777549535; x=1778154335;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=aYKAQGp3aXxJ5cZm7N6/KA3zLAls3sgDiEs6u7ocDlA=;

b=eFtcO/KbL20EHzSb9WFK/IA01HXdYrlpSSkn0KnIvFD+jvyxDoDk3xUDrQ2N1f9496

QWQy7t/WxCvX1+eLJ0fWBJsNIypk/NEFHdOVh24gQWCzgYezBnrkLw5kZEajdXp979Iq

vhrH2FVF5zRTs73c1SZBRdthfRRdkuZVYKdyvjZnJKMpyr/nFKuvgJYqiQp4D+O3tXEs

QRaQzX/lUWIFtuC06sQ1t0Evv7Euxiq75zVZ5SfXfZeIlYpMo0eDj5ancsveCVjcT+XA

aWc/Vdky4HlMcL2om4t8KOcAh28q/csU4PbMkm806O14n3zqa4HhvDNHW0P+YssSf8i9

O4gA==

X-Forwarded-Encrypted: i=1; AFNElJ+qZGVXYA/Ok8qrSWXCW8R7l25ucf9RUvSaOMRZdN+92sGZR9BNMbioLbvvypu144jKRsSO@nk.ca

X-Gm-Message-State: AOJu0YxQ7Sv7rYCzX5dnH3wQU/OtsvKnzLt5UaOs2nSv+wiL2tjB4AL2

aTsRa/hthjvlV2T8GPuOgypwwdezhQOQ+NDAi5zgRGvH1Y4Ai7/OmFTUWIajrSxw5f/UBm502Ug

1c0ILMBCuH1GhLAAL0QGQbZDw9aBHzog=

X-Gm-Gg: AeBDiesmjVP0FK0ZzoAYk9oSbefetM/AittgkmOJPWjtywj2f6pYq/gWq0DYfSa35tf

x/nHNBBv33xGSVEP100vdRwt++APxpAWmJFp8aPmyIvesK7zCBymBF5iPWTjj23hcee6R5Nhsg5

Erf2dy8tdTHS8xPCJRrawzCbPSFAhCZjr5gXfrRyvjzNizI5hScUk76wub0JW5Sm+j2hxO5TOXy

cOD1i+90QpPKaWb/vUlX2u8K18lnN3ATIc6JEjMOc7ubo7yvBRXTOs9KQH1cx4mzYhoJvKZUKmF

VvUh4pFOjQLrE4OoRamy3jQ=

X-Received: by 2002:a05:6808:3448:b0:45c:881c:e0c0 with SMTP id

5614622812f47-47c5fdb1cfbmr1164407b6e.47.1777549535325; Thu, 30 Apr 2026

04:45:35 -0700 (PDT)

MIME-Version: 1.0

From: Leo Zulu

Date: Thu, 30 Apr 2026 13:45:24 +0200

X-Gm-Features: AVHnY4K5q1ILVVgkHxrk-Qaz157rFOoFW88ZmyghUkErijaPuR_BBs1el3hg8TE

Message-ID:

Subject: ON TRUST............

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000009fb21f0650ac00ad"

Bcc: root@nk.ca

X-Spam_score: 16.1

X-Spam_score_int: 161

X-Spam_bar: ++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear Friend: I am Mr. Robert Setshedi a Financial Consultant

from South Africa. I want to partner with you on a transaction worth $100M

USD. I had a client who unfortunately died of COVID-19 complications from

202 [...]



Content analysis details: (16.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

[209.85.160.66 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.160.66 listed in dnsbl.ahbl.org]

[209.85.160.66 listed in dnsbl.ahbl.org]

[209.85.160.66 listed in dnsbl.ahbl.org]

[209.85.160.66 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.160.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.160.66 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.160.66 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.160.66 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.66 listed in list.dnswl.org]

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[zululeo354(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[zululeo354(at)gmail.com]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.160.66 listed in wl.mailspike.net]

2.6 DEAR_FRIEND BODY: Dear Friend? That's not very dear!

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.160.66 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.0 FREEMAIL_REPLY From and body contain different freemails

0.0 LOTS_OF_MONEY Huge... sums of money

1.0 XFER_LOTSA_MONEY Transfer a lot of money

0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases

3.7 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

2.6 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} ON TRUST............



--0000000000009fb21f0650ac00ad

Content-Type: text/plain; charset="UTF-8"

Web/SEO/App Spam from Microsoft Outlook PArt 2

Posted by Dave Yadallee on


--_000_TY2PPF45B8CB2DBC688D2E22B84437AEA9ED7352TY2PPF45B8CB2DB_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable



Hi,



I=92m following up as I haven=92t received a response yet.



Please let me know if you=92re interested. Can I send you price list for re=

view.



Thank you.

________________________________

From: Sony Arya

Sent: 13 April 2026 11:30

Subject: Re:



Hi,



There are a few errors on your website, Those are affected your online pres=

ence and Google ranking.



I can provide a screenshot showing these issues.



We can help bring your website to the first page on Google.



Can I send you full error report & SEO price list, Quote.



Thank you,



--_000_TY2PPF45B8CB2DBC688D2E22B84437AEA9ED7352TY2PPF45B8CB2DB_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable








252">








nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Hi,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I=92m following up as I haven=92t received a response yet.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Please let me know if you=92re interested. Can I send you price list for re=

view.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thank you.







11pt; color: rgb(0, 0, 0);">

From: Sony Arya <Sony6512@outlook.com>


Sent: 13 April 2026 11:30


Subject: Re:


 





_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Hi,



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

There are a few errors on your website, Those are affected your online pres=

ence and Google ranking.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I can provide a screenshot showing these issues.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

We can help bring your website to the first page on Google.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">







_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Can I send you full error report & SEO price list, Quote.



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

 



_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Thank you,








--_000_TY2PPF45B8CB2DBC688D2E22B84437AEA9ED7352TY2PPF45B8CB2DB_--

Web/SEO/App Spam from Microsoft Outlook PArt 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 06:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIQP5-00000000FN6-1WLo

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 06:22:03 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 06:22:03 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012060.outbound.protection.outlook.com ([52.103.66.60]:4175 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIPBa-00000000GYm-2kDa

for sales@nk.ca;

Thu, 30 Apr 2026 05:04:13 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=DuSMokxf/H4jxYmpFGehqQRj5G44huwBYimML9omaSqVPe42i+h1trpJO5wbDmylct8NeogevHU6dtUw1w0gJPqyyjuAH5EysdRn/mJIsufeibTDT/2lHc3GEAJp1bWmgggaiLM3iu+DODEN5keNkgTvpAkvjpS+b48S/nQktTr8cLg/FUPOMOf+MgyVHxe83PjpIaAMpp5o/2ir3DE6xIAu3tZw4ghduOnvggPji5k7wbLEnSpU2sKpNXpFK+OKFgglPxtHmMmlZkmaHNY1AuPIXagfVq+IFCJK/ZPZqtGRxtRJ5XUE8IScl3NQmawGZzo1QUf7kwBqXPdEh7sGow==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=zPv25HkVZZIF9eEnb92UUuAzsXkC6NnczrZMRgLDnWo=;

b=dWjUWAelpIc0kYYzp+m/myt+UiMzUM1Yt00phyas/y/O/pr/dh+XUNZs1Gzhotvdk3u0AwVjdJvcwNMG+5Pe8qOEeUdyBRrQ4/iIXR/KAD8px0rmOxf+tYciiveu8fyJlEeou8vAV9lHfiJUGPStARwKD4PAdvj4Ivybmpb9xg0ZZJ4eaaRrt5cIIZg0DVoxNE++goPe3ObcBlyWGHF7Cw9G+ytTt9tT9xVJM9m5Uq6K8wKIYbKubyfaQCCL3TtevFKzrkYoFBHkKiZzG92rIy5nUSo6NnuLo1mTB5yRPXbJSrxLiu+o+k85IlzKlQgfhl3cz7038885P7ybp4YRrA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=zPv25HkVZZIF9eEnb92UUuAzsXkC6NnczrZMRgLDnWo=;

b=YIKEg0boR8U6eKwFD5fdDe9S/79hQeSrgS32hxObishzKN6FCrb605HxZUY+N0VLFF+8VeRJ1ZB7zgY6NReGXwopm1bg32BqLRUIexZjwikkLkof1f3fhzNwf3ohpgQIJDPVuGTxA0ZLGdacy6QPwxTiZ0NhYUIgzdY+zmsgTPYONDATqscYazvOZTA9D2yaaGRjojZRovGBPm9+joJ8VCL7TgiG3XSaLJuYMgK+G5QAxsT94ybZbyvPhxrRK1jwRfcPdcv+tmtqzuC8dr8kpu4tJBNK4rz6HtGu6rg8joUPKaL0j1a1rU6BZwxDo/8gCLcRe3Vw6bDaCqMIWdUgSQ==

Received: from TY2PPF45B8CB2DB.apcprd03.prod.outlook.com (2603:1096:408::9d0)

by TYZPR03MB9647.apcprd03.prod.outlook.com (2603:1096:405:39d::8) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9846.26; Thu, 30 Apr

2026 11:02:45 +0000

Received: from TY2PPF45B8CB2DB.apcprd03.prod.outlook.com

([fe80::953b:9997:8f63:bfec]) by TY2PPF45B8CB2DB.apcprd03.prod.outlook.com

([fe80::953b:9997:8f63:bfec%4]) with mapi id 15.20.9846.021; Thu, 30 Apr 2026

11:02:45 +0000

From: Sony Arya

To: Sony Arya

Subject: Re:

Thread-Topic: Re:

Thread-Index:

AQHcqvJ69/feKNWnCEC8iUmaCeh4/rWckbD7gAGiRDuAAAGWj4ABmZusgAABWaKAAWxiqoAAAeg6gAHwpzWAAAEjb4ABxn67gAAB1m6AAQEQoIAAATgrgAGGsSeAAAHLooABvTHpgAAApa+AAdEUTIAAAPVYgAAAXbqAAQhW/oAAE5DegATj6/aAAAFSXIAC6H2ogAAEUiCAAcqAr4AJftLsgAAB3MWAArhbe4AAAOabgAT3FLWAAADRIYABrrBQgAABNMOAAYjeM4AAAJ3VgAF0FCOAAADxeoAB2YrjgAABOOeABKoVFYAAAGXUgAGAPJaAAAB0XIABl1yygAAAXwiAAAA1dYABwg0qgAABE1SAAV4EmoAAAJkqgAU4P8mAAADweIABKmbHgAAAoziAAXqn4IAAAL07gAGTLdeAAADlaYABieGrgAAAzleAA2E+3IAAAWZ0gAFcTbWAAAJFO4ABgfxTgAAAgEyAAABXXIABpS9IgAAGosyAAaFgRIAAAGTtgAAAppGAAX36wYAAAD4DgAAAlC+AAr2mZYAAAYnugAH5a7mAAAC2U4ABdzTkgAABpsWAAZEbaYAAAMY2gAGL3RqAAABNlw==

Date: Thu, 30 Apr 2026 11:02:45 +0000

Message-ID:



References:































In-Reply-To:



Accept-Language: en-IN, en-US

Content-Language: en-IN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TY2PPF45B8CB2DB:EE_|TYZPR03MB9647:EE_

x-ms-office365-filtering-correlation-id: b96a5710-5b82-4c25-71b2-08dea6a80233

x-microsoft-antispam:

BCL:0;ARA:14566002|45011099003|55001999006|7042599007|39105399006|22091999003|24121999003|8062599012|15030799006|19110799012|8060799015|15080799012|461199028|31061999003|51015399003|40105399003|3412199025|26121999007|440099028|102099032|26104999006|18071099003|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?VI2UxUuy5xScAGKTry7v9NQdnkGIJsxQ+B5BSy2fMm6DRHk3bX4xut1o?=

=?Windows-1252?Q?WwkTueF9S8rC1jeKjRYEnnfzxyIhokCfgsBYT4Yq0p11PfgF6mhheRvc?=

=?Windows-1252?Q?gODERbrOe1dSBX13/dyyfnm9ONxQD3rWIov0/iLrYmcZFOPkEn/3hzG7?=

=?Windows-1252?Q?uNo98lgE3FLgXWy3MFV0w64pYSfIvFxq2tTUBs7fKgKyl688OAEaPQTp?=

=?Windows-1252?Q?OxbAk06Oz/FKTlzigjLzKuumoy+KMuQfHwYx9uClEKYKjkot5GW/Q1XD?=

=?Windows-1252?Q?aoF3Y0i10x5s2z1YQNPdF72jsL/aFRmC+fCO3FBbVLUMVa2pRKWD9gnO?=

=?Windows-1252?Q?ELJbH+IPgIEFsmutPRIRJqVIULBmOgiiZ54djyoYKjA9EMEDBKM2Og03?=

=?Windows-1252?Q?eQMsVFA3X/E/5siXoSUpjT2eXVl37c/5KoD6VlTlAETM8xh76U6w37AS?=

=?Windows-1252?Q?vKRgEIBYW5g1TOpJxq1zDQbBmThl5AjzMNtnUjS+Y5A9jOn/c9xVV5VK?=

=?Windows-1252?Q?MOjgPbOHSmAx5WGBwfrFVsO+WG8vvgVZMiHj6ypK2uWb3wQKGXfYTvvm?=

=?Windows-1252?Q?nOz8+yhHsifpsrLMLw2Vc4W4ZXLqzM1a73uGIbmqDw6mMTZ1zuAPd/4e?=

=?Windows-1252?Q?uOMoXghZ7rz3K47ABAGjCJDyLyFTWUBSYoTR1Xx5MsCtXeBaMB3ZOJeu?=

=?Windows-1252?Q?CIlXvB0rX0JqupIbajMZUL12BttogH4ZCCdix1piwiCZhzmpTAfibIxW?=

=?Windows-1252?Q?6JVOjWHOht84WPVJSonJuQC/yglz6KWACWn8FGqi9Dq8INqbS905QPbE?=

=?Windows-1252?Q?i3NtJ2U7K3fS7pfCfgzFvLS3zDJ70Q3UmSlxB+5e6vU2Z+axTAeZoNvj?=

=?Windows-1252?Q?lno7TKadC5JEB541qAYMyxnbqKZlhDPS8XBYHddT7KyFyl5ROBvAMZpI?=

=?Windows-1252?Q?h91gtkKTVadQ38/c+vyyUkHE3bv0GWzTTxB9QZNWn//7vJ0zvHyyRvOf?=

=?Windows-1252?Q?nHoz6zd4amBlmxtBz7E8KDDRSJ4ue/6wHe1xw/0aZ3BHzMYmhs+iACAE?=

=?Windows-1252?Q?KdUNVC8SRFxytP/nbveK8VyIk0elLgP0CbSj2I7Bl8IrHO0hZKknPCCV?=

=?Windows-1252?Q?Qn9YYWPadxAJI4jB10ozrBTiGIo/WGNCSO6OihprE/PKxdV7nV+eAkHA?=

=?Windows-1252?Q?0A7VfuPdFTSnejihLNrsEL/oavuYNetaCoZ1Z6FunGZNjDDweRjcQmtO?=

=?Windows-1252?Q?knDTehXdv/NI23fS2Gdh0p/mfqKg9NjX9HISzFtZG/aXJ2bfJSlzvuHt?=

=?Windows-1252?Q?FXwgLLF5J/k+yfkBvc8eOtR6gZpqD71WRiszs7xIw0mEtbqi?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?uc9Bl2+hcmXvAqN/eE+31F1MHvwptRWg6VQUQORwbaCQTC5AK62bAdUf?=

=?Windows-1252?Q?3qG7r4GCB2NTnhXumRCWeJrBhDooRORYDz55Kk9n5qBEQ+AnVupycBzU?=

=?Windows-1252?Q?7JPk2sRvYKbXwUnkIbhwgNUYDvb0gvAOlWAEd3ao6fHa+NyTdWeGx4nQ?=

=?Windows-1252?Q?TtZOWYuGNCyGs8IuUut1j3w5Rl07img31BtelIS4mUlweFaX4RpcQ/DJ?=

=?Windows-1252?Q?sl4dICfdxJpjR+opRr/lK1RMkOFw7Fi31aiOFOxWK9CJKo4biwToUzz3?=

=?Windows-1252?Q?cS5ALJVNHgHb/cLQNcF+7TKXxtKsIRBJe7lhKSaF7ucvVkw69QGhl8GV?=

=?Windows-1252?Q?hm8yieD1HAstgA5Z0XtpkjhKNYxIFdYxzhUKUbcKX5J2GlS8q2fT8Nc/?=

=?Windows-1252?Q?7yU+3QQWSUmd5ZGNXW5ByEOVMyqaCHZGj+v/hBFhdSh0fyLbCvcqDdVA?=

=?Windows-1252?Q?G6LUKA/ubxj94ahNK4Df0gqZWyniboIT9TXovrFN7t0t3FVZIPsAcMrc?=

=?Windows-1252?Q?xXv3eIXKTnS8pKRjb522UpGkuf+Zun4K1JxuHEvowY70N/+wLaT9MXPw?=

=?Windows-1252?Q?DLv6zxMXc3/rxKTqZFAj567RJzcXfLUV6hXo9A3dbFFO4LmpwJIU0KLV?=

=?Windows-1252?Q?e0sER29DwaaLjf8ZywfaKj3v3o6LIcuPoerSMqOC9VqBgKw0dlcjNTKk?=

=?Windows-1252?Q?3OwjNmVm4ARsdndj+cUmQ2bGu282UvGv/27l43IBF4Ggp4jsOv+FIif3?=

=?Windows-1252?Q?zg+Cv9iP/NcEbMfvGx6MOG0que2xfkvbzVQYKR/835FCzN/8MegVlrfF?=

=?Windows-1252?Q?8nXpufsiy3NJdI+h/99y6+ul75BovjDLucRCDIaU/O2qXiuKNSkz8IFW?=

=?Windows-1252?Q?Phvz3JwF4cyCKZ6l/mM+2MeMtfnasdNefzEG7xtnA682XnavACAggELN?=

=?Windows-1252?Q?mmWrE6g/zfb5Y5uFu58VHdZ+srZFokmlOi6iE6E7P4o1PkC5uzPlvGOc?=

=?Windows-1252?Q?2WsaWXf2lbFIKr3PBImqSq16HWfCotn+QcvFRR3A+n1gPHVN0VX3BQ1u?=

=?Windows-1252?Q?pnEiTeJRemmkOuNJBnCXYP5DtR+U+2WPS8OlLE/FBroBVf7HZzRIFslO?=

=?Windows-1252?Q?RDTzQWfaEKBL4dEoMoL18wFdUl05dB3xQGPFuVFs9/KQT+DHaqX09NQw?=

=?Windows-1252?Q?iAFnPtfADwZFi0BTZPru3jHcl9wylivRX5enO7airKv0cdyKAG6Uzvb9?=

=?Windows-1252?Q?rKSg1UKKm0K4S4pbzIXtsUdpWO60Ub3krrtYHTGHdZ+VhxpDyZaFa1kh?=

=?Windows-1252?Q?PSm85t4ldGBIk3iGIg3Rnx6rrqvUNVA+uWMI6EpP1lFg7PBnl26gufmo?=

=?Windows-1252?Q?WXBukLB5MpZL8ttfLWLfZ9Anj5wimJjnnAUyGVyGuvTwD5nuXnRB4PtO?=

=?Windows-1252?Q?jiFHGngXs3IlppAaZj4sj0PjneWGhYpBo9bvdUwEf7GVgCq/bOyN+Ezo?=

=?Windows-1252?Q?w01rzcFeFZl6VuqPpR7TXXLUxUEcETEy+4/ZOm2sKuDDKiUGm1c=3D?=

Content-Type: multipart/alternative;

boundary="_000_TY2PPF45B8CB2DBC688D2E22B84437AEA9ED7352TY2PPF45B8CB2DB_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TY2PPF45B8CB2DB.apcprd03.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: b96a5710-5b82-4c25-71b2-08dea6a80233

X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Apr 2026 11:02:45.4453

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR03MB9647

Business Proposal spam from Google User Content

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 04:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIOii-00000000Gwn-2lAz

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 04:34:12 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 04:34:12 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from 219.123.229.8.bc.googleusercontent.com ([8.229.123.219]:54872 helo=[10.88.0.3])

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1wIMzS-00000000K0K-0mTf

for sales@nk.ca;

Thu, 30 Apr 2026 02:43:31 -0600

Content-Type: multipart/related; boundary="===============6606464692661997075=="

MIME-Version: 1.0

From: PT Arghaniaga Pancatunggal

To: sales@nk.ca

Subject: =?utf-8?q?Direct_Supply_Allocation_EN590_10PPM_/_Jet_A1_/_LNG_/_LPG?=

X-Priority: 2

X-Spam_score: 5.9

X-Spam_score_int: 59

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Business Proposal Greetings,



Content analysis details: (5.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.4 MISSING_DATE Missing Date: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

[8.229.123.219 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[8.229.123.219 listed in dnsbl.ahbl.org]

[8.229.123.219 listed in dnsbl.ahbl.org]

[8.229.123.219 listed in dnsbl.ahbl.org]

[8.229.123.219 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[8.229.123.219 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[8.229.123.219 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[8.229.123.219 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[8.229.123.219 listed in dnsbl.ahbl.org]

0.0 TVD_RCVD_IP Message was received from an IP address

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[8.229.123.219 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

0.2 HELO_MISC_IP Looking for more Dynamic IP Relays

0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

1.0 XPRIO Has X-Priority header

Subject: {SPAM?} =?utf-8?q?Direct_Supply_Allocation_EN590_10PPM_/_Jet_A1_/_LNG_/_LPG?=







Greetings,



Warm greetings from PT Arghaniaga Pancatunggal, Indonesia.



We operate in coordination with established upstream and downstream supply channels associated with PT Pertamina (Persero), Indonesia’s national energy enterprise. As part of our ongoing expansion into international markets, we are engaging with verified buyer mandates and institutional counterparties for structured, long-term supply cooperation.



Available Products (Subject to Allocation):

EN590 10PPM (Diesel), Jet Fuel (Jet A1), LNG, and LPG.



All transactions are executed under internationally recognized procedures, strictly adhering to compliance protocols, refinery allocation systems, and standard banking instruments (MT700 LC / MT760 SBLC) governed by formal Sales and Purchase Agreements (SPA). Delivery terms are available on both FOB and CIF basis, depending on buyer requirements and logistical alignment.



Kindly submit your company profile, mandate authorization (if applicable), and buyer requirements for internal review through official channels. We look forward to establishing a transparent and mutually beneficial cooperation.



Kind regards,



Nova Hasnalia

Marketing Officer

PT Arghaniaga Pancatunggal

Jakarta, Indonesia



WhatsApp: +62 857 2748 9570

Mobile: +62 858 1153 4172

Email: marketing@arghaniaga.com

Web/SEo/App spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
--_000_SEL0PFC4E6FECC0D30F4FB3AC01FD7C5919D0352SEL0PFC4E6FECC0_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable



Hi,

I noticed a small issue on your website.



Can I share a quick screenshot?



Thanks,

Spphie





--_000_SEL0PFC4E6FECC0D30F4FB3AC01FD7C5919D0352SEL0PFC4E6FECC0_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helv=

etica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Hi,



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

I noticed a small issue on your website.



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Can I share a quick screenshot?



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Thanks,



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Spphie



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">












--_000_SEL0PFC4E6FECC0D30F4FB3AC01FD7C5919D0352SEL0PFC4E6FECC0_--

Web/SEo/App spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 04:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIOjL-00000000ISz-3tpn

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 04:34:51 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 04:34:51 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013077.outbound.protection.outlook.com ([52.103.74.77]:49209 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIO5C-00000000P8n-1vnj

for sales@nk.ca;

Thu, 30 Apr 2026 03:53:33 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=WTj7rWUQD5VDms+ViK2UVuLkgMFArcb8IawiBmW3DeUFfTRQdrmpD/z6g3aRmAyCKw7IFFyRBu09ng0Dt4W/4eMuLdThLlAwoUfTYXrj6juFAIAUoFnOcwNaTfZMklfoY1h1Hw8UwHM92H0M+g/ftu6NfFJC3jAaJAU0CUb5NjS5x2FbN+RjWm3vmmlL2Ut/tUfvsyJfd+80Nt6EbhM7G0FAmQAiQnriMBWp10J8iXkVZUCtLHHMKLzPk2RDGQ9zklh58mgV0ic6yGxTRwVFu3qxHNvwNUerYJzRclMMpdyQoZU+awUnmqaKLI+sMFqce1kepKNvx0hiqC7ZA+TmQA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=h8ZJVlOlpz0wxYwXzyPfR1pR4e5gI6Pb7dKfSMOkhhc=;

b=vOHcJ3VSusUdh+tz31FHi6PLh/01I8ap/4UlZabHBysB8bpEJ6tzKPzbE6LBUYAJ9VT2hOP+aQs1lEOB4oUwzQIkXoPJmxduqEL5fzEgmXG/3wIJSaWRNtC275Ju0z2aKSxht/fJ1AxPDMPwbzczCihHI22d6ba0T2IfzzMt3tb5dAWZdt5BbPSvxbGh8c5GFr0zAVgZamq7BwwSEGPhRMRwdJWfyNl14wgaaP3i/iJzhpbfeDo7nQJA1ltgryqgP16Mo2oby8ZFk9eMiNhRclV+UriD/wuI8e+7vk04BRpL6BMpTg9Uj8g8fc5W+baiFHiFRMQWTcX1nkKLtETy6A==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=h8ZJVlOlpz0wxYwXzyPfR1pR4e5gI6Pb7dKfSMOkhhc=;

b=CN8qzDLNrKBjKyQqkZxBCazKAOAjk5CNxvSGiVmlcnXZTAcz+JNt0beeLG7z3yfdgscAZtEIK04C6HR18wEgVtK3m171fcVxeXQXWmvEhekYywzYOkiiDVLxzA+EJs9IdCOKhoPBO6/K2FaTXG8ZfOSOdgPAy8S2nHvKuDChndB4T4jpgYN3GKmJaclelQirjew7sjhbnPcMf2wv1Rzg8Gda5SFQEo8d6q1g/C1ZK9xnYPVzT+w6ccX2femLIDItRfVv5mIEg2m3MuwspztZGjeFrmCbs2xMBAaK+TfemcglLYIF15cD8CppgPealb8vM/zAta/8rRcNbn76AHC8Tg==

Received: from SEL0PFC4E6FECC0.apcprd01.prod.exchangelabs.com

(2603:1096:108:1::5cf) by SEYPR01MB6064.apcprd01.prod.exchangelabs.com

(2603:1096:101:20a::5) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9870.18; Thu, 30 Apr

2026 09:51:33 +0000

Received: from SEL0PFC4E6FECC0.apcprd01.prod.exchangelabs.com

([fe80::118d:7fea:db30:1838]) by

SEL0PFC4E6FECC0.apcprd01.prod.exchangelabs.com

([fe80::118d:7fea:db30:1838%5]) with mapi id 15.20.9846.025; Thu, 30 Apr 2026

09:51:33 +0000

From: Spphie Andruz

Subject: Quick website issue

Thread-Topic: Quick website issue

Thread-Index: AQHc2IaPwj6lPGCux0qdHeGptoGDTQ==

Date: Thu, 30 Apr 2026 09:51:32 +0000

Message-ID:



Accept-Language: en-US, en-IN

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEL0PFC4E6FECC0:EE_|SEYPR01MB6064:EE_

x-ms-office365-filtering-correlation-id: 631157b0-5508-49a4-1cb4-08dea69e0f63

x-microsoft-antispam:

BCL:0;ARA:14566002|8062599012|20101099007|24121999003|15001099006|16051099003|8060799015|15080799012|7071999006|19110799012|15030799006|31061999003|24071999003|37011999003|461199028|20031999006|24021099003|39105399006|2604032031799003|55001999006|22091999003|704163111799003|3412199025|440099028|102099032|35041999009|39145399003|40105399003|41105399003;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?cfdxjKNgNGljn1Ymmod1iCuPr7rwS80WdIpZc6MRXJpedu+NWmiQ6T7MGF?=

=?iso-8859-1?Q?qMVbCO+LXc4GF3iqlIe05lzur0xCBxS0V9WQgQ+ZBHLvs+NQURH7fjXjkC?=

=?iso-8859-1?Q?H5FoApOje90Dl1IBz0yMoMBE2hWQwER3EAnPgL2yJ0V0fAYT+HO/y+QKvU?=

=?iso-8859-1?Q?yepNLGz7lsr8t3xFNn5KPg58VoiicKXjKdiMg64xwDwdIBlQjKQIhRZfl3?=

=?iso-8859-1?Q?Y3vvLzfU0cTs/0eY3Vt/UeThbBAPOaoNuw/9cWp8ssNxFLoVURsNln5wdP?=

=?iso-8859-1?Q?fghghc5VANjZTCP+cLIEHLFVF1nai2npfD490bexWhaFTjXooTZi+TfEii?=

=?iso-8859-1?Q?oW9RwLly0q9m3sX61YluuMSOahvkmags/ha9RDq8Zfee1Rx5RbMkyr5qin?=

=?iso-8859-1?Q?e5SJZtt8pb0N65FZfuh/yuQIKZ+ynVrtr8qGqMg1zpOqPqB7BWYydr2uli?=

=?iso-8859-1?Q?5QI4QTE3OX0gwL3oAr88R39Ft0PiKqDq/2OFTSp4i3Hxdh4iZlrlVUAXvb?=

=?iso-8859-1?Q?Bin6A9QCAAaDwit4wLPyTuVSustHdoicLE0OPPCle4heE9H/ncF5zgQsz4?=

=?iso-8859-1?Q?aJftYq2egCJhOk+SNEsqhaaaBhQs+ST1ZTVXB8inUprJ8pG+v+w5jtSWnT?=

=?iso-8859-1?Q?ViZimdj+aIIgViBptc3LrD54tTUapyytB6TdLzEQgWJe/WVSCuojfQS4c4?=

=?iso-8859-1?Q?OvOl6gVB1YP9WAZKOJ1sIagj6gboDXVssd9hxoR95obYOSWGu0cTaGFXcv?=

=?iso-8859-1?Q?MkgI1tOUip7Hb5eQhTV+YObz3B7vl1Yk41xZfADzWD5USDu+M5ls8dJnbC?=

=?iso-8859-1?Q?Nlf57Y+iheNqHNq0B/oNKGNav/ANAHzaFC8U0QU8kTCMzFTdG5R8EQktIR?=

=?iso-8859-1?Q?9WeazFdaOAalIfOYtHJCWj7A+koDNBHcE8OE80nt2XE4D+jeB6HbinG5mF?=

=?iso-8859-1?Q?60l+E948NN8MRovIYTarP1YDyEqTlQWsFz/dtyDJ5RUSl/vRKnpK0jtDSN?=

=?iso-8859-1?Q?hZbVG+oo6SNHt8i6Ic7cDD2MhlTkL4Yh1GqE+ZA8iQSXP9YWUmXsIeU6ax?=

=?iso-8859-1?Q?/WEYtIjthg2Qyh6NXO3dRJ7+sNOvJiuhHfdHKvipCo3qQdN4pp95iAyvwR?=

=?iso-8859-1?Q?T2vR0odlFOCdCyIFkQMVjCQfGq9p5pY4grAqpoZwc7k28vNgfga3MPJUsc?=

=?iso-8859-1?Q?d9SL7hw7u3zap2750OPqBFTbknPl3AcfwJVhFcNw8FDOUz2VJSpiR3aY9v?=

=?iso-8859-1?Q?eUklloYeulLpd9t0SYwxrHT/CPJWaUUcyghCaBEgxiSY/Q5NHdXAxekAQ/?=

=?iso-8859-1?Q?1EE8S6L+Okmkja/eeTV1mtOro6xt7Q4VaAmlKuMtaSgne6oyKAxXK+a71e?=

=?iso-8859-1?Q?WgY3wcPro3ObC6LpbJJuDtH1LOXYzVNajsW4WIcMIiKXErMMSpSaqzwSSQ?=

=?iso-8859-1?Q?rGWZTu+aXLqwiTP8idTNrOg51bu9riMfblx5OXjAop/3OzG143l3BmNwS8?=

=?iso-8859-1?Q?i2E8t7pGykD0G7ed1JR9OFX2yAtdI8yNI0nIjBpNDdcQ=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?MpeTbDkVL4ZBs6MYpfjUrIGmFuYM06qy09QDtSgwCoCHjNR/N6WVslKr1d?=

=?iso-8859-1?Q?Mvg/Ib3LLQB/+1QwPDqn1snEbaamOt+oINBmkqiAEwHUQ/kzyvtrlYULMX?=

=?iso-8859-1?Q?Tx1z/JOvDw+kVSD0E+Njo/ENKUDuDfo/TauQ2c9uZsMiWeSiyxEDRXDyEH?=

=?iso-8859-1?Q?8FZgQEDXFFPN+Rma9BQRlSY425cExqVUkmx6mrXrwJlqZHlkPvnC4mIz20?=

=?iso-8859-1?Q?y/WuGSoXp6Z93iTJ2IK4/sT2+IToHcm4fQMo/VhDgDmxejF3R6P5SbzUdT?=

=?iso-8859-1?Q?2Eo8DYijB1F2NdDM9fp9ysHWjHIU13O+WlJuZKUQTpRQx+jZZCuHSchwSg?=

=?iso-8859-1?Q?0BrWympIeKDCuT6jMfgz5xEZnnkvoX823s2PcsLMbc/We9th8VM7Uzn1kQ?=

=?iso-8859-1?Q?TFxg5QdcmZ4Ne7K1HgNezycAE04biXANO0zHtIfzmPZ8P2S6+lm2huphjo?=

=?iso-8859-1?Q?2QVnMNx2w5RGn8/xDws7fNEbKZH2TixeCgj/kiLprM5h+zFDkpnMHqhgfy?=

=?iso-8859-1?Q?HrSFyDywr1THwG4P8J7xCtmL+gSYH2/J6SAdNCPYXjf6/raosakrgJqBvG?=

=?iso-8859-1?Q?TzEY0ez2p3473dMOLgV6Sk7a8JT95LwrZW3dBPXlw8K3Qrl6g5wYaT/Z71?=

=?iso-8859-1?Q?z9IGGURhWjFG/nd28OFGxrvcdr7W7RkfAcCDduRoazLrQOD2NJbNyUtznm?=

=?iso-8859-1?Q?I4E0ggdU4sBm8eddv4saSdb4srHGaQJjpdedbcYuWBp3NbKkAQ/P1Win/I?=

=?iso-8859-1?Q?nVC2EC/D3tZ0070YUZyzwEdmtm3vBPwxmylYZEWkDZXuOdFADwdrG4PCPG?=

=?iso-8859-1?Q?khPZCn8taNg2SDcEmc6dGKkzM2oCVJoXuLHdrK1ShXj7O4IFrwOCnZ9YT4?=

=?iso-8859-1?Q?4+Uv2r/EE7Fm/S6DeYL2z/pDbbZLSJaddy/wDE415bYirZ65U9BvfiXGpz?=

=?iso-8859-1?Q?CL3muI8MFf9JMj9bohoRG6YxkD1sBJqQMqtbekZP38OymCStpyZHO0k8eR?=

=?iso-8859-1?Q?H+JmLN121ICZbWQUAOOf2CUEPm4hS0yKz85SnvVXz/srZfwEpyyBOtG215?=

=?iso-8859-1?Q?KKNMqbdXIJg2qwpJmTvq52UCle3rxqocHh8aPhHRWlm2VK0x93cM2Ga1Nr?=

=?iso-8859-1?Q?JNtcq2diltdHd8O4hyuVDq3OorL8MWnhsZzHDAlj5wit0GizE6V4ZkqAkt?=

=?iso-8859-1?Q?C624cK34GRnt3qfEacYfEw7Gd0tW35lpeVmpi/65VzLcRLjq6ZhRIyYPAp?=

=?iso-8859-1?Q?mx8VmVyuGHxhTfoCijyBU0HQmkw7Tx/EtkmlI6BCbJpjiMYpxsWSGPMzVv?=

=?iso-8859-1?Q?/4jhoUh7o8ZN6nN2Yhp0vzm51vq7ysipEohTiZDs/XR91NXbZ8BbfgidHq?=

=?iso-8859-1?Q?4UXdZuhhW4hsF4asv2W8Fvcg/dI7cnsVKgJcal5E31yVUzzldM3Iv8yw97?=

=?iso-8859-1?Q?A1GadVbwiSiRtJs54yCCaIey0ARj0zs8esF/z19L97V8DnmH91FpiqSJRM?=

=?iso-8859-1?Q?rUSn7zf4LSrWP2GVt9OBZY?=

Content-Type: multipart/alternative;

boundary="_000_SEL0PFC4E6FECC0D30F4FB3AC01FD7C5919D0352SEL0PFC4E6FECC0_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEL0PFC4E6FECC0.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 631157b0-5508-49a4-1cb4-08dea69e0f63

X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Apr 2026 09:51:32.5827

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR01MB6064





Chinese spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content preview: xmjPq贵公司您好!打扰下,我们公司长期需要美金来支付香港航空公司,船坞,国际快递运输费用,所有新老客户按当天中行牌价上浮6-9分收!金额大还

[...]



Content analysis details: (5.5 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

[52.103.20.90 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.20.90 listed in dnsbl.ahbl.org]

[52.103.20.90 listed in dnsbl.ahbl.org]

[52.103.20.90 listed in dnsbl.ahbl.org]

[52.103.20.90 listed in dnsbl.ahbl.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[dnsbl.ahbl.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[dnsbl.ahbl.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[dnsbl.ahbl.org]

[2603:10b6:518:1:0:0:0:59e listed in]

[dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.20.90 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.20.90 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.20.90 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.20.90 listed in dnsbl.ahbl.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[52.103.20.90 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.20.90 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[52.103.20.90 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

1.7 SARE_XMAIL_SUSP2 X-Mailer suggests spam (variant 2)

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[ronaldnixon9611(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[ronaldnixon9611(at)outlook.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.5 XM_RANDOM X-Mailer apparently random

Subject: {SPAM?} =?utf-8?B?aU93Lee+jumHkeadpeaNolJNQi0tZWtP?=



--ba2342e64fe860ef55778f6600008901

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



xmjPq=E8=B4=B5=E5=85=AC=E5=8F=B8=E6=82=A8=E5=A5=BD=EF=BC=81=E6=89=93=E6=89=

=B0=E4=B8=8B=EF=BC=8C=E6=88=91=E4=BB=AC=E5=85=AC=E5=8F=B8=E9=95=BF=E6=9C=9F=

=E9=9C=80=E8=A6=81=E7=BE=8E=E9=87=91=E6=9D=A5=E6=94=AF=E4=BB=98=E9=A6=99=E6=

=B8=AF=E8=88=AA=E7=A9=BA=E5=85=AC=E5=8F=B8=EF=BC=8C=E8=88=B9=E5=9D=9E=EF=BC=

=8C=E5=9B=BD=E9=99=85=E5=BF=AB=E9=80=92=E8=BF=90=E8=BE=93=E8=B4=B9=E7=94=A8=

=EF=BC=8C=E6=89=80=E6=9C=89=E6=96=B0=E8=80=81=E5=AE=A2=E6=88=B7=E6=8C=89=E5=

=BD=93=E5=A4=A9=E4=B8=AD=E8=A1=8C=E7=89=8C=E4=BB=B7=E4=B8=8A=E6=B5=AE6-9=E5=

=88=86=E6=94=B6=EF=BC=81=E9=87=91=E9=A2=9D=E5=A4=A7=E8=BF=98=E5=8F=AF=E5=95=

=86=E9=87=8F=EF=BC=81=E6=88=91=E5=8F=B8=E5=83=8F=E6=82=A8=E4=BF=9D=E8=AF=81=

=E6=89=80=E6=9C=89RMB=E9=83=BD=E6=98=AF=E5=9B=BD=E5=86=85=E5=B7=A5=E5=8E=82=

=E6=88=96=E8=80=85=E5=90=8C=E8=A1=8C=E8=BF=90=E8=BE=93=E8=B4=B9=E7=94=A8=EF=

=BC=8C=E7=99=BE=E5=88=86=E7=99=BE=E5=AE=89=E5=85=A8=EF=BC=81=E5=8F=AF=E9=9D=

=A0=EF=BC=81=E6=9C=89=E9=9C=80=E8=A6=81=E9=BA=BB=E7=83=A6=E6=82=A8=E6=B7=BB=

=E5=8A=A0=EF=BC=9Aw x r 1 9 4 6 0 =E5=BE=AE=E4=BF=A1=EF=BC=8C=E5=A6=82=E6=

=9C=89=E6=89=93=E6=89=B0=EF=BC=8C=E6=95=AC=E8=AF=B7=E8=B0=85=E8=A7=A3=EF=BC=

=81 we know nothing ourselves; and besides? sir=EF=BC=8Cmiaojiyong001@hocma=

il.com=E5=94=90=E5=A5=87=E5=B1=B1

--ba2342e64fe860ef55778f6600008901

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable











xmjPq

=E8=B4=B5=E5=85=AC=E5=8F=B8=E6=82=A8=E5=A5=BD=EF=BC=81=E6=

=89=93=E6=89=B0=E4=B8=8B=EF=BC=8C=E6=88=91=E4=BB=AC=E5=85=AC=E5=8F=B8=E9=95=

=BF=E6=9C=9F=E9=9C=80=E8=A6=81=E7=BE=8E
=E9=87=91=E6=9D=A5=E6=94=AF=E4=

=BB=98=E9=A6=99=E6=B8=AF=E8=88=AA=E7=A9=BA=E5=85=AC=E5=8F=B8=EF=BC=8C=E8=88=

=B9=E5=9D=9E=EF=BC=8C=E5=9B=BD=E9=99=85=E5=BF=AB=E9=80=92=E8=BF=90
=E8=

=BE=93=E8=B4=B9=E7=94=A8=EF=BC=8C=E6=89=80=E6=9C=89=E6=96=B0=E8=80=81=E5=AE=

=A2=E6=88=B7=E6=8C=89=E5=BD=93=E5=A4=A9=E4=B8=AD=E8=A1=8C=E7=89=8C=E4=BB=B7=

=E4=B8=8A=E6=B5=AE
6-9=E5=88=86=E6=94=B6=EF=BC=81=E9=87=91=E9=A2=9D=E5=

=A4=A7=E8=BF=98=E5=8F=AF=E5=95=86=E9=87=8F=EF=BC=81=E6=88=91=E5=8F=B8=E5=83=

=8F=E6=82=A8=E4=BF=9D=E8=AF=81
=E6=89=80=E6=9C=89RMB=E9=83=BD=E6=98=AF=

=E5=9B=BD=E5=86=85=E5=B7=A5=E5=8E=82=E6=88=96=E8=80=85=E5=90=8C=E8=A1=8C=E8=

=BF=90=E8=BE=93=E8=B4=B9=E7=94=A8=EF=BC=8C
=E7=99=BE=E5=88=86=E7=99=BE=

=E5=AE=89=E5=85=A8=EF=BC=81=E5=8F=AF=E9=9D=A0=EF=BC=81



=E6=9C=89=E9=9C=80=E8=A6=81=E9=BA=BB=E7=83=A6=E6=82=A8=E6=B7=BB=E5=8A=A0=

=EF=BC=9Aw x r 1 9 4 6 0 =E5=BE=AE=E4=BF=A1=EF=BC=8C



=E5=A6=82=E6=9C=89=E6=89=93=E6=89=B0=EF=BC=8C=E6=95=AC=E8=AF=B7=E8=B0=85=

=E8=A7=A3=EF=BC=81










we know noth=

ing ourselves; and besides? sir=EF=BC=8C
miaojiyong001@hocmail.com
=

=E5=94=90=E5=A5=87=E5=B1=B1






--ba2342e64fe860ef55778f6600008901--

Chinese spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 30 Apr 2026 04:35:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIOip-00000000HSR-0iXI

for dave@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 04:34:19 -0600

Resent-From: The Doctor

Resent-Date: Thu, 30 Apr 2026 04:34:19 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-northcentralusazolkn19013090.outbound.protection.outlook.com ([52.103.20.90]:46568 helo=CH4PR04CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wIN3k-00000000KJY-2xGt

for root@doctor.nl2k.ab.ca;

Thu, 30 Apr 2026 02:48:00 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=k8nFoqbrTqdcg+MOQV3alK2AFLlnfRB5CxfRY5O6tjwJu/+YNo5+WjW0WWfg+erTp+MF5HONQjMqFaPSIUcn3TuyxNDEclsSo8WNHaqF61RwUu5EV1Pwbp1S6Ti102uAxLkMApOfdowwF9P/G9qsg9l1iJFri4rImW7mfYUFZr7PIeCBsit60MkmUf76jg+Nvl7CPbP39KsGwUv+2HEp06+rORaGmMaNZMlwCFKUOIAxCBtYaWFBzEkjsX/OTn9H7UG8xsEmT9n3QGxcKtpFUsp53PY1Pcl62+4S1PBr9nsjHw3pkcSHi7aFrJAYz07qOkwIN/4qriMivP4hAkagpA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=58YhOH1Adb6I6cxhz/sdhwtIcE/PdMqZxYvhRZoh5Uo=;

b=RgpPC+EjnAmTf6fWxT+HUFYDgx0TXtuNotK7MwnVFL6V43kltw8U2iv/kqcjXm+DtLa8Zvv2l12FOW5g+vKbR22Xif5V7tIZl2KD0xuAg0w0duOejlMc7d5QW8/2iTwDhO16fEpJbkcZ0tCri0aS2ee9rwdWHc+Eq2dXr4MkyA0SDVYhXc6Pu086FGzGzzVHqGbWUyzNo7xWlv5ZHYcOVLRqhaBMVdMbFh9VgYl4Tw9+mMP20Bo1DcOBNGAGG1+8yhAF+m1FMxnw4eS//c3PPcSwVUfrw8W4RjQPqMHETblnNBQrhiPaOlHzBJczQWZ3GH3/lWP5L8L8qwgQkJAWlw==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=58YhOH1Adb6I6cxhz/sdhwtIcE/PdMqZxYvhRZoh5Uo=;

b=SKEF8tIhnT0Xlj8ZMEZX2BlCNmig7ug2aXBz1KmpTtSWNCC/ukHjIR/wdLAAbXd/hW7QagXvxZzmn4RDPcGJxqv18LSNeGbaEcnBidvSGEgBt0D4M4+AzQOoGZO/CNcKqj3L/c14uXoqP8qCnXLTK3PWQbJVNGjgD9aSg0rRc34Wu9S2VuKaw1g0HjBr5DU9dtS7eRcpAj2ZZ/xvLq5OTyuRoDYZrZN4CjVbH7v0zQslvEvr0DWKLsaDe5KKnvWKaCEXLw/La13du5pQp3TBLuvZwjfCH3k7b3CYL8h34W3+ozBvnfVfJ2qmvcVnqxIJhEd4zBMCMuxFyZ6b0HXn5g==

Received: from PH3PPF3C9067971.NAMP221.PROD.OUTLOOK.COM (2603:10b6:518:1::59e)

by LV3P221MB1264.NAMP221.PROD.OUTLOOK.COM (2603:10b6:408:1b5::15) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9870.20; Thu, 30 Apr

2026 08:46:51 +0000

Received: from PH3PPF3C9067971.NAMP221.PROD.OUTLOOK.COM

([fe80::ac54:d343:66f6:5ae7]) by PH3PPF3C9067971.NAMP221.PROD.OUTLOOK.COM

([fe80::ac54:d343:66f6:5ae7%4]) with mapi id 15.20.9870.016; Thu, 30 Apr 2026

08:46:51 +0000

Message-ID:



From: Stephannie

To: "miaojiyong001@hocmail.com"

Subject: =?utf-8?B?aU93Lee+jumHkeadpeaNolJNQi0tZWtP?=

Date: Thu, 30 Apr 2026 16:46:40 +0800

X-Mailer: lekfnggiwmw qdgezsyidyyz 316

Content-Type: multipart/alternative;

boundary="ba2342e64fe860ef55778f6600008901"

X-ClientProxiedBy: SEWP216CA0059.KORP216.PROD.OUTLOOK.COM

(2603:1096:101:2ba::10) To PH3PPF3C9067971.NAMP221.PROD.OUTLOOK.COM

(2603:10b6:518:1::59e)

X-Microsoft-Original-Message-ID:

<4751be3a7a27987af6d0b7891520d1cb@outlook.com>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: PH3PPF3C9067971:EE_|LV3P221MB1264:EE_

X-MS-Office365-Filtering-Correlation-Id: a1667a5b-c5c7-4aeb-c0e5-08dea695058d

X-Microsoft-Antispam:

BCL:0;ARA:14566002|12121999013|461199028|19110799012|8060799015|23021999003|15080799012|39105399006|20031999006|45011099003|37102599003|5072599009|5062599005|440099028|3412199025|3430499032|40105399003;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?MzUrT1k1NzhyVXNkVmtvZVdreFEvQWUyQXJBV1hiOE55a3o0NnBPUzlZdG5O?=

=?utf-8?B?WXV1aCs5Uit0ckt2ZVN3K0p6UkpISXpYWG5iL2owMnFwMTNTYzVqRU5qdlVz?=

=?utf-8?B?NkxUT3lmVG9DY09ITkpxTXExVHhmd092ZDZEaXN3WU1TdUNvWUpJa2ZabUJz?=

=?utf-8?B?TUxCNm82elhTMHQzUCsyTWk2WjJiMnVjRXk0RnRrcVdmalpHMGx0cGRXeUpE?=

=?utf-8?B?MnVQeTBVV0dVNnVJRWs5dEY4cUNBcEZjT2djRUpCdmdKYU85VWFLdGFidTJC?=

=?utf-8?B?KzB3ZnJ6OHlWVEhhNHQwRlRkOXVVSG9lQVA3Y05kSWpQVVFvbkR5UUpCeC9B?=

=?utf-8?B?K2hZbnNSa1FMK2JNYkM3NmhZb25OVUt2SFhsQ1RKNkd3VzM1RUlYVGg5R05q?=

=?utf-8?B?bXh6cHNtcUF0REJxNWNIYUx2NTA4WHVDa1Bmait5RHRiNzJJdG9wWnJlUFAv?=

=?utf-8?B?MFAvaHBubUVRQjJWd1lBZEQraG1KWk9ONElzM1dqUktBMngxbkZkVmQ2K0lr?=

=?utf-8?B?cUlyMjN4S1VTZCtLcHpXOG1xR1ZkMWxnZUNtSlkyQVVObWFZZTRTdTNyRnpN?=

=?utf-8?B?VGRYM0dSV20xVEZSZXJidUdWNWJQcG9aYkVLSENqUCtxRy9sSVNhc3FXYnFJ?=

=?utf-8?B?a1BWZFFGTjh1eGkyVlNnZElqM0lTdlJyZlpsN1diWC9iQ2NRdWI0UXhpY3FV?=

=?utf-8?B?RytabVhiU1FuanVEVkxHUU0xNVNJUm1qNTJOblhMdjg2WVhOU2g4WVZhenlS?=

=?utf-8?B?azU3dUpJMmMzVTlaSHNrSDFIdnBOeVR3TTBsKzEwQUsyWStUTStXZENnMFo0?=

=?utf-8?B?VXM3bW4xeElzbm5CamFlcUhQZENqMStYK09UWU5mSTFxQ0RkaU82Qm9nMVpu?=

=?utf-8?B?RlFWUnd1RFZqUmtKTlJMRzV5UWxRdXFsKzdwRHZCRmxJL2pldndKL2d2NHEy?=

=?utf-8?B?UTlYYjRLRTNBZ21xaXlBUEMwaTNaYWp1WVAwVkROV285eXVPUkVSMWZlWi8x?=

=?utf-8?B?UUZaUjRWcitjV3NRSUpTWllQYVQ0VFpDaGRvdEdhbkVsU000R2ZKY0dtVEFy?=

=?utf-8?B?YUU4SEVFRVp5cUxLT1hvdXREdjBQdGs4TGh3N2orTXRsS25paDV4OXM0Z1NG?=

=?utf-8?B?TlE0TENiK2hjV0pSTHJad3V3MHRKRTZId2F4ajc2eDFDdnBJdXUxRldPR2dK?=

=?utf-8?B?OEtOYlpNVzk2aXIzTHJDUG1hVkRtOE50WmJwNXlhSU1ld1FiQXFiYXlkVE5P?=

=?utf-8?B?YlhJbzlXWnhueGZNKzlPbFRQWCswZnh0ZC90RTVNL25pdzRjd3dmb2dFb1gr?=

=?utf-8?B?UTVJcDZGWE55NTJvMG1oWEhaQ3JQbFB6ZXNHaGE0ZkFZRXNBU1ZyL2lVZGRm?=

=?utf-8?B?MWRPelV2eThiS2tUeXErYkR1NnE2eXpRRm8zbDl0L3pwMmNkNkM3U2RRaW1l?=

=?utf-8?Q?oPhgO+Vn?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?Q1ExbzZCVVpFbXJCK0pXeDFtVm1nTVFzSVkycEFZSkRKdnN0V2w4dmpaVHRG?=

=?utf-8?B?RURkM0Rsc0hrd2FrbnZPa1AzSWhMSHpjSjZxSStVeklnSVUxRldyQ3FxV1dk?=

=?utf-8?B?U3doejZYZkhCZDdjb052N2JqUXk3RzNpK2VocDEvUUhqMm1ScStnQVJXNmpB?=

=?utf-8?B?YjQ2ak1rWGFUTEtENTg1TEErajZyZzNPZ3UwTlpSdUFnOVkyeDVZMHhhaFly?=

=?utf-8?B?M0ZpOWJac3hnMGxEb0lyamxsUytnY05NQmlTUno3Yk1XV3RvZENjbmZTNHlk?=

=?utf-8?B?c3lUTzZpanVweHBJL1kzWnVBeTI4R1hsc1VZMEd2SzlPUHJNdEZ2Z0l1N0Nm?=

=?utf-8?B?Yjd3cFZkWDBkSjFZdzFzZnUrdSt1UkxiVklrdlA1QUhPWVpuaWhXOEtoY2Mz?=

=?utf-8?B?OW9RVTkwVUV1WURnL0pCRGhmNU5qdkg1YzBiRmF5QUJxbStXaFNwSEtTNlYv?=

=?utf-8?B?QlVNN3hPdnQ1VUJybUFxbU1JNFozdi92c0pselFEaThIQy9zNnpyOHVJZnhu?=

=?utf-8?B?bm9maUQrdzdMMWlWaDE3eFIyRE9iUUFLSEtEVkJGRVc4c2lFZWI0eHd5S0ZG?=

=?utf-8?B?WVBUbGwzQ3N2UjAvcytRcU04UTdndlpZd0NCZkpkaVJVU0pwbEgxejhOT1Jw?=

=?utf-8?B?bVFmUXF1TTF1OHpNcGI3dGR1MXZBSmRJNWw3dW1YZThtTFdWSFI1Nk5XSnBO?=

=?utf-8?B?Nk1BaTRiU0p1MzZiZ2d0bzZvODRlTlQzUU5xS1BnamhYcXRSRUJ1dHhCRWFZ?=

=?utf-8?B?ZjlWMXl0N1lscDVFa3lFMHN4R1IzRjE3Z04yVzByZG1aV2d6L2wxdkl4Q2d6?=

=?utf-8?B?eG9BbERJWWdCenhvUkMxUzlKREZmcWFwc2k2UDcwVnNld0pMOXdKdnBlakJS?=

=?utf-8?B?bGEyZGgxaW5hY2J3VUJRMDBvNVpNb21mRXNGbXp4em1iY2Y2bEw4VDFvV3dQ?=

=?utf-8?B?ZVl0RkU4ZndnbkxhdDhKMkFWVHBSeDFncDJoMXBNeDA0K2d0UkVPY0ZzQXhq?=

=?utf-8?B?a1JGOFVyY0ZkOXpkMjJVS0MwbUVZOEJ3SXlKc2t4Q3VMdG9BQXJXZDJndWNp?=

=?utf-8?B?TUZzWFFjeHhVenQ2dXpYRVhpUm1Qd3RqdEpzV09ldGdNZm1QOGtpeTJBcUN1?=

=?utf-8?B?L0MvaFVRb0VXM0pRaVJSWU45bVJvTTB4VllRTnpnWTRDR2J0YWZCYXJybHJu?=

=?utf-8?B?QXp3ZzI0NmREY3J3K3BFbmJpMGtDdXA4MWx0dEdXMTcySzFZb0hrck1ra1RL?=

=?utf-8?B?NkFvTExGNllRd0NXWTlzOW03VFVZRFJGa3Bndm1tMjdMTm9SeDVyRUluWW1i?=

=?utf-8?B?cFgrZE1jQWFBSlJ0dWhPUldhaDVUajBGY2hmRm53NmhOQUEzdUZOZlpMTGdC?=

=?utf-8?B?dVhYQjgzRUVlcXRuWDdtTHN3MHJ0M2N3a2JuRytpZUM2aXZaUGNvSGZEOU16?=

=?utf-8?B?RmdOM2F1RkY5QmkweFRQNjN1Nk1jckR0aE94TnNmQlBFenRXWGxtNE1aa3ZR?=

=?utf-8?B?UUkvYitVWEZzYmQ5YWFicVd6ZU9hR0puK1Z6L0tobkF2eGx1ZEg4OGxvMHF2?=

=?utf-8?B?ZXZydStMbGtWd1lJRG9RNHFPelNSRDZYMDR6MUVDYlZDOTVTTytXWXZUaHJB?=

=?utf-8?B?RFhYTXdmMmx0dUI3bldiakxveWVJZGt6YkdITmZXU3hHRmNQUVd6MDFNRk5H?=

=?utf-8?B?S2lhZGlnb2JjRzdvZ1FiY1dueU1UOEJuM0VycWhRcU5qWTZTY3dzc3ljUDY0?=

=?utf-8?B?Y1NjYi9yRUJlb2dNSnp1d1hjaGlqYlJPbWFVbk1vRUIwdU1VMHhhT0pFeXRk?=

=?utf-8?B?YnNzS1J1aDBQemk4bmJtdmprNDlhblg0YmxBRHhsUkx6emJsenBrVDZRMW9z?=

=?utf-8?B?S2V0VDNYSG5XekNadU80aEhPZjZITGlQYXd0bk1ncVZiT2c9PQ==?=

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: a1667a5b-c5c7-4aeb-c0e5-08dea695058d

X-MS-Exchange-CrossTenant-AuthSource: PH3PPF3C9067971.NAMP221.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2026 08:46:51.4475

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3P221MB1264

X-Spam_score: 5.5

X-Spam_score_int: 55

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.