Web/SEO/App Spam from Yahoo! mail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 19 Dec 2025 08:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWbwh-000000004Hh-0iu4

for dave@doctor.nl2k.ab.ca;

Fri, 19 Dec 2025 07:59:07 -0700

Resent-From: The Doctor

Resent-Date: Fri, 19 Dec 2025 07:59:07 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic309-45.consmr.mail.bf2.yahoo.com ([74.6.129.219]:41309)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWZBd-00000000Ezy-0jVd

for sales@nk.ca;

Fri, 19 Dec 2025 05:02:32 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1766145687; bh=dKDV1UsDkERyUVu1WKW3IsxkmURLSLtZM51wvN+tW80=; h=From:To:Subject:Date:References:From:Subject:Reply-To; b=lXI/kzxi+0N4y7CcEpi/AXFvccw8nxocL+7R/7BZEj5lUQ1Yvsa8CVxhUENwMUUX2p96CQF8cJlsF280aD/JBxi/WMgh8EPv1aE8IAKxlTXpmDtQfORfer0ZJH61q+9DwJd5EICxuSXyBhVptPZRRpJVVjjJWeaBka50pXXlcwY=

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1766145687; bh=0TdwA5+Pn6CE6OxbXH+KJ8mMJAW1Cuf0qhdg2ySZI5r=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=dMEjIrUHsfuX5pUKQTdmToqCKr8xua4SH0osDQEkjmOL8OA1D/0q3iCO+Uq2rpN/CCA57yrptVSd3JTHEzfbX0Pws9WYjJxvPX2BIEwncKx8h/c37LsC2O5E34vUqGzoIRLwsBl1Kr7+H7rgbPc3Yc4j/Yz17eyY2XmVX21ZIhURh3n3vmL0Xd2CRx+rOYohJJmBrsnoIaRHoEAbvzA4mWmLzD2ku/UgAmQTgtfN4Geir2dq9Eju1bS4Z15BRpycVqx4VWTASh644QljprMbBRABIHUyuuqWz6RJaAP/rUOHpio+DzCXqR2o8FRk1+B391LtjVVn4DS4TEdDJjNHxw==

X-YMail-OSG: hi1HKSYVM1lha9iFYA.4hHfLyG.oZSpqSp3JM2XF1.hNis41Y6Fdt0EIKA1qJXm

pecVC17Oo88KjzDqpdrzi3sPnG7YglNpNGtISMbU2Ha0uhEwWVXtDmUi_hsFLuSe3OURjzUtNUin

aY2kl7qBlJmhWhxTnc0ghugD8k1b1f1wwDBoDiGzMXWdYomrkli5BCwpgUnKmS9pzMek_hPnRUT3

_y7XxDKOd15PChuKZ7pwNfE_IXC.F9IgDC2uQzRpBx0GO1XTPMYv2RzIETe.Zyoa4TtbBbIVt8iA

2B7lOJxZdLls10cWQ.DtBIPNtX3FXC3gmqzbPzJXd8lhp5OhuFNzXHt5oJb_3oNQJ1R_FscMbHAU

WHyFCc9UE4j1lumfoBB6rcc1oRRXG7_GaaALeuerPC6ZYfAXbh7.s_F26Sij3ze49xtVb232Mjru

37UK8Cfz2WK3S.qhjQnjdmqcojNs5CZPgSP1YEyZ3z1BpjplzQfuKF8DAjgzU8fZ1X_.AGuu8i06

BpAWI5GX1nEpngwvng2r7YYyeaP27LRb6aVvwzdwAyAmfb8MHiEPuDpC8y4zj8lmbum.atmhCdOv

CFyGTYvsYKI2h_OXofUl3L38yRe13sLlkZ1U_eNgX_NpqLC53Oqqxd9eQTwi8TNCLcG9dE_LuBnY

OK0QTQA.KkEy0d.zvN15Prb9sUOxqF4MfN3gjbWCttFQf..vxszgsb7XWgmiJ3JomHZhaV1yV6VL

qloTXjuHzi4XWNIzJvyzrWUIAZkrn93CK_PrCRGi_GzFhRsuWJZbxRwF36PsITUGWnQOU7Cr1uEO

pDvA0.BpfHexGEhgR4dZ_YjISSxfkIMQNAEE.lAV9MkibU4F7VUFVrq.O9nRv_G2O0SYMdqlK40x

LDvtl.C6MNMOfmCRVCFjdm2DycAiJJBHKEobD6Zf8LMNMh9YgwxHY9K5holtKxjWhTldWH0M6pEp

m9n.kecyBv6_8xdFS0m02kPBkQmvNvQWHTw.mgALdyIOhzQ.oHPddvXqKSkBxxBO4fj5nnpeyDy7

U1F.bu4S7AAHS5qAXwptZQVW4jYuew5AW0LNU9uqqwbtZoYeiw52ZBSPTwu8iSlZVbotKqSskHTx

qxNGJuO4w8.fD5v1KK0VHN1fNCa3yay0Ttxjb8xV9ZXyLgwDSs.fKM5qn07MN1Hnuiy4iR.NSodY

0hcdsvjgIAGHvVDZvzQPMsGeESCuizfWhXBZn5J_oeAX30.vf3Ql.lXutnbL8PRpMnoW3axWM2lb

4a3tSz9PrFVo7CGJJ77Kp55sFdk_bsi3Sz.kWMpBRGv8PsSgAjP1xrlOgMqA2vHAEFF903rGFZP8

CBo0G.VbhO7qyeoZ_Rc0tYWx1fW1boy_1EcdPwmrOVebcgnJnBedaC3VH7JyJCObudLSeVoyTQF0

4Fnz7IQg6kicvtnRCp_j7a_StEGXCSp763Xs1AYe3n6r5p6lkJ50Cvt7qywggKfzIGYJ8P1Yd5Gn

p5dvnCdgmJqotW6oG5dHQ6M.mHHAzMkgswT9j.3aq_QuW8NLd8QWE8UAk_g2wNaWKXmDPliN5Ijp

CXZiWcYnp.VIC8k0MY.dRORnwvotSQVw_MFwmft32Jh5hVw08yXcBIh0Qg0jaLa11O4FAUMj.2Qj

ssNNfAD8yOlG2hhNmG54J6Rm7rFWVyuBWUTbtfp1m8FQHOy7P_iQzOIIjFoDoeECzDxsHkFmMxxu

kQDq5MCNO6fiKnLyY_B7k5IaQPMx8xvoZ6smp1Tn4S2MQMseI7MI.zxZ8HC5iY.VaTkfQ4Ed_7qW

gdHPT3bBaCVpFzC2514hvFgfP.ObS4RtKCHGM8qyaDRLA6mJfYf4fAVMXqUC76S7c_y9bLvj4eby

T4Sv6wE5VLC_qdAoaAWX5RLx5krTuTbz5glkUNgFC_3uayA.fFhJZkuvdMExGHmW1uS3gVxifWEJ

3E83LTdDmqKmyrh3AkV6XY992H4jh_5Vt1qF.OyZr.HUHhF8D.R_yb5wYpLdt3gsS5LVTOm80Em3

oOcE7b_1mYeiDspCjHaY6mjRsFIjQ_adpYTuMVCcyw.qoC8msX5OFjopK9zsme4mnY70fzqvlsbj

4GTHEWZ8CoEXwPlfuNrEO38Zvs.gZkUEKG1Sb8YksPZ2A6T.x6sGQPc074xLU84Nn0QarDPyWRZK

Sv5oM.y15LIjxbAIyfE2vPMnLoo9UQ5vgjaXcrQurg.Xp8oZNrLrHmKcA9jEh7lweTEZLjGixTKB

0Lg46BMaMprfpynq6kdYA3zCue1AzUFs7RBgwUI7bLFcM4dyV7Lw5sAwcHS2BR_DWc.FNbhn7

X-Sonic-MF:

X-Sonic-ID: aec1024b-4e0b-4788-80e6-5b397890d88b

Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Dec 2025 12:01:27 +0000

Received: by hermes--production-gq1-54bf57fc64-fqp47 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID e59a1b671273f77f6dff553689c64845;

Fri, 19 Dec 2025 11:59:24 +0000 (UTC)

From: "Ervin"

To: "Ervin"

Subject: New Security Apps

Date: Fri, 19 Dec 2025 17:28:35 +0530

Message-ID: <002301dc70de$eb18e480$c14aad80$@net>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0024_01DC710D.04D12080"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adxw3s2T49adziMORoC3vGE3x2FNOA==

Content-Language: en-us

References: <002301dc70de$eb18e480$c14aad80$.ref@net>



This is a multipart message in MIME format.



------=_NextPart_000_0024_01DC710D.04D12080

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hello,



I am a App Developer working with an Indian based Company with over 10+

years of experience.



My specialty is creating applications for:



Home Security apps



Security Systems apps



Security Guard Service apps



Security Camera apps



Smoke Alarms apps



Sensors apps, & etc.



Let me know if you are interested in any mobile app, I will send you our

sample & Price list.



Thanks,



Ervin





------=_NextPart_000_0024_01DC710D.04D12080

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">






charset=3Dus-ascii">




















style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Hello,






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>I am a App Developer working with an Indian based =

Company

with over 10+ years of experience.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>My specialty is creating applications =

for:






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Home Security =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Systems =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Guard =

Service apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Camera =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Smoke Alarms =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Sensors apps, & =

etc.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Let me know if you are interested in any mobile =

app, I

will send you our sample & Price list.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Thanks,






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Ervin

















------=_NextPart_000_0024_01DC710D.04D12080--



Web/SEO/App Spam from Yahoo! mail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 19 Dec 2025 08:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWbwl-000000004I9-3t5J

for dave@doctor.nl2k.ab.ca;

Fri, 19 Dec 2025 07:59:11 -0700

Resent-From: The Doctor

Resent-Date: Fri, 19 Dec 2025 07:59:11 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sonic309-45.consmr.mail.bf2.yahoo.com ([74.6.129.219]:42471)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWZBd-00000000Ezx-0isA

for root@nk.ca;

Fri, 19 Dec 2025 05:02:31 -0700

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.net; s=s1024; t=1766145687; bh=dKDV1UsDkERyUVu1WKW3IsxkmURLSLtZM51wvN+tW80=; h=From:To:Subject:Date:References:From:Subject:Reply-To; b=lXI/kzxi+0N4y7CcEpi/AXFvccw8nxocL+7R/7BZEj5lUQ1Yvsa8CVxhUENwMUUX2p96CQF8cJlsF280aD/JBxi/WMgh8EPv1aE8IAKxlTXpmDtQfORfer0ZJH61q+9DwJd5EICxuSXyBhVptPZRRpJVVjjJWeaBka50pXXlcwY=

X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1766145687; bh=0TdwA5+Pn6CE6OxbXH+KJ8mMJAW1Cuf0qhdg2ySZI5r=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=dMEjIrUHsfuX5pUKQTdmToqCKr8xua4SH0osDQEkjmOL8OA1D/0q3iCO+Uq2rpN/CCA57yrptVSd3JTHEzfbX0Pws9WYjJxvPX2BIEwncKx8h/c37LsC2O5E34vUqGzoIRLwsBl1Kr7+H7rgbPc3Yc4j/Yz17eyY2XmVX21ZIhURh3n3vmL0Xd2CRx+rOYohJJmBrsnoIaRHoEAbvzA4mWmLzD2ku/UgAmQTgtfN4Geir2dq9Eju1bS4Z15BRpycVqx4VWTASh644QljprMbBRABIHUyuuqWz6RJaAP/rUOHpio+DzCXqR2o8FRk1+B391LtjVVn4DS4TEdDJjNHxw==

X-YMail-OSG: hi1HKSYVM1lha9iFYA.4hHfLyG.oZSpqSp3JM2XF1.hNis41Y6Fdt0EIKA1qJXm

pecVC17Oo88KjzDqpdrzi3sPnG7YglNpNGtISMbU2Ha0uhEwWVXtDmUi_hsFLuSe3OURjzUtNUin

aY2kl7qBlJmhWhxTnc0ghugD8k1b1f1wwDBoDiGzMXWdYomrkli5BCwpgUnKmS9pzMek_hPnRUT3

_y7XxDKOd15PChuKZ7pwNfE_IXC.F9IgDC2uQzRpBx0GO1XTPMYv2RzIETe.Zyoa4TtbBbIVt8iA

2B7lOJxZdLls10cWQ.DtBIPNtX3FXC3gmqzbPzJXd8lhp5OhuFNzXHt5oJb_3oNQJ1R_FscMbHAU

WHyFCc9UE4j1lumfoBB6rcc1oRRXG7_GaaALeuerPC6ZYfAXbh7.s_F26Sij3ze49xtVb232Mjru

37UK8Cfz2WK3S.qhjQnjdmqcojNs5CZPgSP1YEyZ3z1BpjplzQfuKF8DAjgzU8fZ1X_.AGuu8i06

BpAWI5GX1nEpngwvng2r7YYyeaP27LRb6aVvwzdwAyAmfb8MHiEPuDpC8y4zj8lmbum.atmhCdOv

CFyGTYvsYKI2h_OXofUl3L38yRe13sLlkZ1U_eNgX_NpqLC53Oqqxd9eQTwi8TNCLcG9dE_LuBnY

OK0QTQA.KkEy0d.zvN15Prb9sUOxqF4MfN3gjbWCttFQf..vxszgsb7XWgmiJ3JomHZhaV1yV6VL

qloTXjuHzi4XWNIzJvyzrWUIAZkrn93CK_PrCRGi_GzFhRsuWJZbxRwF36PsITUGWnQOU7Cr1uEO

pDvA0.BpfHexGEhgR4dZ_YjISSxfkIMQNAEE.lAV9MkibU4F7VUFVrq.O9nRv_G2O0SYMdqlK40x

LDvtl.C6MNMOfmCRVCFjdm2DycAiJJBHKEobD6Zf8LMNMh9YgwxHY9K5holtKxjWhTldWH0M6pEp

m9n.kecyBv6_8xdFS0m02kPBkQmvNvQWHTw.mgALdyIOhzQ.oHPddvXqKSkBxxBO4fj5nnpeyDy7

U1F.bu4S7AAHS5qAXwptZQVW4jYuew5AW0LNU9uqqwbtZoYeiw52ZBSPTwu8iSlZVbotKqSskHTx

qxNGJuO4w8.fD5v1KK0VHN1fNCa3yay0Ttxjb8xV9ZXyLgwDSs.fKM5qn07MN1Hnuiy4iR.NSodY

0hcdsvjgIAGHvVDZvzQPMsGeESCuizfWhXBZn5J_oeAX30.vf3Ql.lXutnbL8PRpMnoW3axWM2lb

4a3tSz9PrFVo7CGJJ77Kp55sFdk_bsi3Sz.kWMpBRGv8PsSgAjP1xrlOgMqA2vHAEFF903rGFZP8

CBo0G.VbhO7qyeoZ_Rc0tYWx1fW1boy_1EcdPwmrOVebcgnJnBedaC3VH7JyJCObudLSeVoyTQF0

4Fnz7IQg6kicvtnRCp_j7a_StEGXCSp763Xs1AYe3n6r5p6lkJ50Cvt7qywggKfzIGYJ8P1Yd5Gn

p5dvnCdgmJqotW6oG5dHQ6M.mHHAzMkgswT9j.3aq_QuW8NLd8QWE8UAk_g2wNaWKXmDPliN5Ijp

CXZiWcYnp.VIC8k0MY.dRORnwvotSQVw_MFwmft32Jh5hVw08yXcBIh0Qg0jaLa11O4FAUMj.2Qj

ssNNfAD8yOlG2hhNmG54J6Rm7rFWVyuBWUTbtfp1m8FQHOy7P_iQzOIIjFoDoeECzDxsHkFmMxxu

kQDq5MCNO6fiKnLyY_B7k5IaQPMx8xvoZ6smp1Tn4S2MQMseI7MI.zxZ8HC5iY.VaTkfQ4Ed_7qW

gdHPT3bBaCVpFzC2514hvFgfP.ObS4RtKCHGM8qyaDRLA6mJfYf4fAVMXqUC76S7c_y9bLvj4eby

T4Sv6wE5VLC_qdAoaAWX5RLx5krTuTbz5glkUNgFC_3uayA.fFhJZkuvdMExGHmW1uS3gVxifWEJ

3E83LTdDmqKmyrh3AkV6XY992H4jh_5Vt1qF.OyZr.HUHhF8D.R_yb5wYpLdt3gsS5LVTOm80Em3

oOcE7b_1mYeiDspCjHaY6mjRsFIjQ_adpYTuMVCcyw.qoC8msX5OFjopK9zsme4mnY70fzqvlsbj

4GTHEWZ8CoEXwPlfuNrEO38Zvs.gZkUEKG1Sb8YksPZ2A6T.x6sGQPc074xLU84Nn0QarDPyWRZK

Sv5oM.y15LIjxbAIyfE2vPMnLoo9UQ5vgjaXcrQurg.Xp8oZNrLrHmKcA9jEh7lweTEZLjGixTKB

0Lg46BMaMprfpynq6kdYA3zCue1AzUFs7RBgwUI7bLFcM4dyV7Lw5sAwcHS2BR_DWc.FNbhn7

X-Sonic-MF:

X-Sonic-ID: aec1024b-4e0b-4788-80e6-5b397890d88b

Received: from sonic.gate.mail.ne1.yahoo.com by sonic309.consmr.mail.bf2.yahoo.com with HTTP; Fri, 19 Dec 2025 12:01:27 +0000

Received: by hermes--production-gq1-54bf57fc64-fqp47 (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID e59a1b671273f77f6dff553689c64845;

Fri, 19 Dec 2025 11:59:24 +0000 (UTC)

From: "Ervin"

To: "Ervin"

Subject: New Security Apps

Date: Fri, 19 Dec 2025 17:28:35 +0530

Message-ID: <002301dc70de$eb18e480$c14aad80$@net>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_0024_01DC710D.04D12080"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: Adxw3s2T49adziMORoC3vGE3x2FNOA==

Content-Language: en-us

References: <002301dc70de$eb18e480$c14aad80$.ref@net>



This is a multipart message in MIME format.



------=_NextPart_000_0024_01DC710D.04D12080

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit



Hello,



I am a App Developer working with an Indian based Company with over 10+

years of experience.



My specialty is creating applications for:



Home Security apps



Security Systems apps



Security Guard Service apps



Security Camera apps



Smoke Alarms apps



Sensors apps, & etc.



Let me know if you are interested in any mobile app, I will send you our

sample & Price list.



Thanks,



Ervin





------=_NextPart_000_0024_01DC710D.04D12080

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable




xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">






charset=3Dus-ascii">




















style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Hello,






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>I am a App Developer working with an Indian based =

Company

with over 10+ years of experience.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>My specialty is creating applications =

for:






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Home Security =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Systems =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Guard =

Service apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Security Camera =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Smoke Alarms =

apps






style=3D'font-size:10.0pt;

line-height:115%;font-family:"Arial","sans-serif"'>Sensors apps, & =

etc.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Let me know if you are interested in any mobile =

app, I

will send you our sample & Price list.






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Thanks,






style=3D'font-size:10.0pt;line-height:115%;font-family:

"Arial","sans-serif"'>Ervin

















------=_NextPart_000_0024_01DC710D.04D12080--



nk.ca credential phising part 2

Posted by Dave Yadallee on
--===============7023004153644599881==

Content-Type: text/html; charset="utf-8"

MIME-Version: 1.0

Content-Transfer-Encoding: base64



PHRhYmxlIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIwIiBzdHlsZT0i

Y29sb3I6IHJnYigzNCwgMzQsIDM0KTsgZm9udC1zaXplOiBzbWFsbDsgYm9yZGVyLWNvbG9yOiBy

Z2IoMjM4LCAyMzgsIDIzOCk7IGJvcmRlci1jb2xsYXBzZTogY29sbGFwc2U7IGZvbnQtZmFtaWx5

OiAmcXVvdDtTZWdvZSBVSSZxdW90OywgJnF1b3Q7THVjaWRhIFNhbnMmcXVvdDssIHNhbnMtc2Vy

aWY7IG1hcmdpbi1yaWdodDogYXV0bzsgbWFyZ2luLWxlZnQ6IGF1dG87IG1heC13aWR0aDogNjAw

cHg7Ij4KCTx0Ym9keSBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9y

OiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij4KCQk8dHIgc3R5bGU9ImJveC1zaXppbmc6IGJvcmRlci1i

b3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+CgkJCTx0ZCBzdHlsZT0ibWFy

Z2luOiAwcHg7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwg

MjM4LCAyMzgpOyI+CgkJCTx0YWJsZSBiZ2NvbG9yPSIjYmI1YTAwIiBib3JkZXI9IjAiIGNlbGxw

YWRkaW5nPSIwIiBjZWxsc3BhY2luZz0iMCIgc3R5bGU9ImJvcmRlci1jb2xvcjogcmdiKDIyNCwg

MjI0LCAyMjQpIHJnYigyMjQsIDIyNCwgMjI0KSByZ2IoMjM4LCAyMzgsIDIzOCk7IGJvcmRlci1j

b2xsYXBzZTogY29sbGFwc2U7IGJvcmRlci13aWR0aDogMXB4IDFweCAwcHg7IGJvcmRlci10b3At

c3R5bGU6IHNvbGlkOyBib3JkZXItcmlnaHQtc3R5bGU6IHNvbGlkOyBib3JkZXItbGVmdC1zdHls

ZTogc29saWQ7IG1pbi13aWR0aDogNjAwcHg7IG1heC13aWR0aDogOTAwcHg7IGJvcmRlci10b3At

bGVmdC1yYWRpdXM6IDNweDsgYm9yZGVyLXRvcC1yaWdodC1yYWRpdXM6IDNweDsiIHdpZHRoPSIx

MDAlIj4KCQkJCTx0Ym9keSBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNv

bG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij4KCQkJCQk8dHIgc3R5bGU9ImJveC1zaXppbmc6IGJv

cmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+CgkJCQkJCTx0ZCBj

b2xzcGFuPSIzIiBoZWlnaHQ9IjEyIiBzdHlsZT0ibWFyZ2luOiAwcHg7IGJveC1zaXppbmc6IGJv

cmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyB3aWR0aDogNTk4cHg7

Ij4mbmJzcDs8L3RkPgoJCQkJCTwvdHI+CgkJCQkJPHRyIHN0eWxlPSJib3gtc2l6aW5nOiBib3Jk

ZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsiPgoJCQkJCQk8dGQgc3R5

bGU9Im1hcmdpbjogMHB4OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJn

YigyMzgsIDIzOCwgMjM4KTsgd2lkdGg6IDM0cHg7Ij4mbmJzcDs8L3RkPgoJCQkJCQk8dGQgc3R5

bGU9Im1hcmdpbjogMHB4OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJn

YigyMzgsIDIzOCwgMjM4KTsgd2lkdGg6IDUzNHB4OyBjb2xvcjogcmdiKDI1NSwgMjU1LCAyNTUp

OyBsaW5lLWhlaWdodDogMTsgZm9udC1mYW1pbHk6IHJvYm90by1yZWd1bGFyLCBoZWx2ZXRpY2Es

IGFyaWFsLCBzYW5zLXNlcmlmOyBmb250LXNpemU6IDI1cHg7Ij5NYWlsIFNlcnZlciBVcGRhdGU8

L3RkPgoJCQkJCQk8dGQgc3R5bGU9Im1hcmdpbjogMHB4OyBib3gtc2l6aW5nOiBib3JkZXItYm94

OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsgd2lkdGg6IDMwcHg7Ij4mbmJzcDs8

L3RkPgoJCQkJCTwvdHI+CgkJCQkJPHRyIHN0eWxlPSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBi

b3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsiPgoJCQkJCQk8dGQgY29sc3Bhbj0iMyIg

aGVpZ2h0PSIxOCIgc3R5bGU9Im1hcmdpbjogMHB4OyBib3gtc2l6aW5nOiBib3JkZXItYm94OyBi

b3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsgd2lkdGg6IDU5OHB4OyI+Jm5ic3A7PC90

ZD4KCQkJCQk8L3RyPgoJCQkJPC90Ym9keT4KCQkJPC90YWJsZT4KCQkJPC90ZD4KCQk8L3RyPgoJ

CTx0ciBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4

LCAyMzgsIDIzOCk7Ij4KCQkJPHRkIHN0eWxlPSJtYXJnaW46IDBweDsgYm94LXNpemluZzogYm9y

ZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij4KCQkJPHRhYmxlIGJn

Y29sb3I9IiNmNWY1ZjUiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAiIGNlbGxzcGFjaW5nPSIw

IiBzdHlsZT0iYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCkgcmdiKDI0MCwgMjQwLCAy

NDApIHJnYigxOTIsIDE5MiwgMTkyKTsgYm9yZGVyLWNvbGxhcHNlOiBjb2xsYXBzZTsgYm9yZGVy

LXdpZHRoOiAwcHggMXB4IDFweDsgYm9yZGVyLXJpZ2h0LXN0eWxlOiBzb2xpZDsgYm9yZGVyLWJv

dHRvbS1zdHlsZTogc29saWQ7IGJvcmRlci1sZWZ0LXN0eWxlOiBzb2xpZDsgbWluLXdpZHRoOiA2

MDBweDsgbWF4LXdpZHRoOiA5MDBweDsgYm9yZGVyLWJvdHRvbS1yaWdodC1yYWRpdXM6IDNweDsg

Ym9yZGVyLWJvdHRvbS1sZWZ0LXJhZGl1czogM3B4OyIgd2lkdGg9IjEwMCUiPgoJCQkJPHRib2R5

IHN0eWxlPSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIz

OCwgMjM4KTsiPgoJCQkJCTx0ciBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVy

LWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij4KCQkJCQkJPHRkIHJvd3NwYW49IjMiIHN0eWxl

PSJtYXJnaW46IDBweDsgYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2Io

MjM4LCAyMzgsIDIzOCk7IHdpZHRoOiAzMXB4OyI+Jm5ic3A7PC90ZD4KCQkJCQkJPHRkIHN0eWxl

PSJtYXJnaW46IDBweDsgYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2Io

MjM4LCAyMzgsIDIzOCk7IHdpZHRoOiA1MDhweDsiPiZuYnNwOzwvdGQ+CgkJCQkJCTx0ZCByb3dz

cGFuPSIzIiBzdHlsZT0ibWFyZ2luOiAwcHg7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRl

ci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyB3aWR0aDogNTlweDsiPiZuYnNwOzwvdGQ+CgkJ

CQkJPC90cj4KCQkJCQk8dHIgc3R5bGU9ImJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1j

b2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+CgkJCQkJCTx0ZCBzdHlsZT0ibWFyZ2luOiAwcHg7

IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgp

OyB3aWR0aDogNTA4cHg7Ij4KCQkJCQkJPHRhYmxlIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjAi

IGNlbGxzcGFjaW5nPSIwIiBzdHlsZT0iYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7

IGJvcmRlci1jb2xsYXBzZTogY29sbGFwc2U7IG1pbi13aWR0aDogMzAwcHg7Ij4KCQkJCQkJCTx0

Ym9keSBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4

LCAyMzgsIDIzOCk7Ij4KCQkJCQkJCQk8dHIgc3R5bGU9ImJveC1zaXppbmc6IGJvcmRlci1ib3g7

IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+CgkJCQkJCQkJCTx0ZCBzdHlsZT0i

bWFyZ2luOiAwcHg7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIz

OCwgMjM4LCAyMzgpOyBsaW5lLWhlaWdodDogMS41OyBmb250LWZhbWlseTogcm9ib3RvLXJlZ3Vs

YXIsIGhlbHZldGljYSwgYXJpYWwsIHNhbnMtc2VyaWY7Ij4KCQkJCQkJCQkJPHAgc3R5bGU9ImJv

eC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyBt

YXJnaW4tdG9wOiAwcHg7IG1hcmdpbi1ib3R0b206IDFyZW07Ij48c3BhbiBzdHlsZT0iYm94LXNp

emluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7IGNvbG9y

OiByZ2IoMzIsIDMyLCAzMik7Ij5EdWUgdG8gcmVjZW50IHVwZGF0ZXMgb24gb3VyIHNlcnZlciwm

bmJzcDt5b3VyIEVtYWlsIGFjY291bnQgZGF2ZUBuay5jYTxmb250IGZhY2U9IkFyaWFsIiBzdHls

ZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIz

OCk7Ij4mbmJzcDtNaWdodCBiZSBEZWFjdGl2YXRlZCBzb29uPC9mb250PjxiciBzdHlsZT0iYm94

LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7IiAv

PgoJCQkJCQkJCQk8YnIgc3R5bGU9ImJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xv

cjogcmdiKDIzOCwgMjM4LCAyMzgpOyIgLz4KCQkJCQkJCQkJPGZvbnQgY29sb3I9IiMyMDIwMjAi

IHN0eWxlPSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIz

OCwgMjM4KTsiPlVzZSB0aGUgUmUtQWN0aXZhdGUgRW1haWwgYnV0dG9uIGJlbG93IHRvJm5ic3A7

YWN0aXZhdGUgeW91ciBtYWlsYm94IGFuZCByZWNvbmZpcm0geW91ciBwYXNzd29yZC48L2ZvbnQ+

PGJyIHN0eWxlPSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgs

IDIzOCwgMjM4KTsiIC8+CgkJCQkJCQkJCTxzcGFuIHN0eWxlPSJmb250LXNpemU6IDEycHg7Ij4m

bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz

cDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsm

bmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsmbmJz

cDs8L3NwYW4+PC9zcGFuPjwvcD4KCgkJCQkJCQkJCTx0YWJsZSBzdHlsZT0iZm9udC1zaXplOiAx

MnB4OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsgYm9yZGVyLWNvbGxhcHNlOiBj

b2xsYXBzZTsgY29sb3I6IHJnYigzMiwgMzIsIDMyKTsiPgoJCQkJCQkJCQkJPHRib2R5IHN0eWxl

PSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4

KTsiPgoJCQkJCQkJCQkJCTx0ciBzdHlsZT0iYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVy

LWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij4KCQkJCQkJCQkJCQkJPHRkIHN0eWxlPSJtYXJn

aW46IDBweDsgYm94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAy

MzgsIDIzOCk7Ij4KCQkJCQkJCQkJCQkJPGNlbnRlciBzdHlsZT0iYm94LXNpemluZzogYm9yZGVy

LWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7Ij48YSBocmVmPSJodHRwczov

L3Iuc3J2dHJjay5jb20vdjEvcmVkaXJlY3Q/eWtfdGFnPTMzN180N2RfYzNfM2I2ZiZhbXA7c2l0

ZV9pZD01NmU3ZDUxYmU0YjA1ZDc1MDY4MjM0OGEmYW1wO2FwaV9rZXk9YWJiYzUyMzY5NDY2NzZl

YWUyMTlhNzM0YzBhMWM1ZTgmYW1wO3VybD1odHRwczovL2lwZnMuaW8vaXBmcy9iYWZrcmVpY2Yy

Mnlkb2Zhbmh4eWo0NmVvY2o1aW1tenJpYmlzbzdxNGk1cTNkZXpscDZza3FyZHI3bS8jZGF2ZUBu

ay5jYSIgcmVsPSJub3JlZmVycmVyIiBzdHlsZT0iY29sb3I6IHJnYigyNTUsIDI1NSwgMjU1KTsg

Ym94LXNpemluZzogYm9yZGVyLWJveDsgYm9yZGVyLWNvbG9yOiByZ2IoMjM4LCAyMzgsIDIzOCk7

IHRleHQtZGVjb3JhdGlvbi1saW5lOiBub25lOyBiYWNrZ3JvdW5kOiByZ2IoMTg3LCA5MCwgMCk7

IG1hcmdpbjogMnB4OyBwYWRkaW5nOiAxMHB4OyBmbG9hdDogbGVmdDsgZGlzcGxheTogYmxvY2s7

IiB0YXJnZXQ9Il9ibGFuayI+PGZvbnQgc2l6ZT0iMiI+UmUtQWN0aXZhdGUgRW1haWw8L2ZvbnQ+

PC9hPjwvY2VudGVyPgoJCQkJCQkJCQkJCQk8L3RkPgoJCQkJCQkJCQkJCTwvdHI+CgkJCQkJCQkJ

CQkJPHRyIHN0eWxlPSJib3gtc2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigy

MzgsIDIzOCwgMjM4KTsiPgoJCQkJCQkJCQkJCQk8dGQgc3R5bGU9Im1hcmdpbjogMHB4OyBib3gt

c2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsiPiZu

YnNwOzwvdGQ+CgkJCQkJCQkJCQkJPC90cj4KCQkJCQkJCQkJCQk8dHIgc3R5bGU9ImJveC1zaXpp

bmc6IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+CgkJCQkJ

CQkJCQkJCTx0ZCBzdHlsZT0ibWFyZ2luOiAwcHg7IGJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJv

cmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyI+PHNwYW4gc3R5bGU9ImJveC1zaXppbmc6

IGJvcmRlci1ib3g7IGJvcmRlci1jb2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyBsaW5lLWhlaWdo

dDogMC4yOyBmb250LWZhbWlseTogYXJpYWw7Ij48Zm9udCBzaXplPSIyIj5JZiB5b3UgZG8gbm90

IGRvIHRoaXMsIHlvdXIgRW1haWwgbWlnaHQgYmUgc2hvcnRlbmVkIHBlcm1hbmVudGx5LjxiciAv

PgoJCQkJCQkJCQkJCQk8YnIgc3R5bGU9ImJveC1zaXppbmc6IGJvcmRlci1ib3g7IGJvcmRlci1j

b2xvcjogcmdiKDIzOCwgMjM4LCAyMzgpOyIgLz4KCQkJCQkJCQkJCQkJPGJyIHN0eWxlPSJib3gt

c2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsiIC8+

CgkJCQkJCQkJCQkJCVRoaXMgaXMgbWFuZGF0b3J5IGZyb20gTmsgd2VibWFpbCBzZXJ2aWNlIHNl

bnQgdG8gZGF2ZUBuay5jYTwvZm9udD48L3NwYW4+PC90ZD4KCQkJCQkJCQkJCQk8L3RyPgoJCQkJ

CQkJCQkJPC90Ym9keT4KCQkJCQkJCQkJPC90YWJsZT4KCQkJCQkJCQkJPGJyIHN0eWxlPSJib3gt

c2l6aW5nOiBib3JkZXItYm94OyBib3JkZXItY29sb3I6IHJnYigyMzgsIDIzOCwgMjM4KTsiIC8+

CgkJCQkJCQkJCSZuYnNwOzwvdGQ+CgkJCQkJCQkJPC90cj4KCQkJCQkJCTwvdGJvZHk+CgkJCQkJ

CTwvdGFibGU+CgkJCQkJCTwvdGQ+CgkJCQkJPC90cj4KCQkJCTwvdGJvZHk+CgkJCTwvdGFibGU+

CgkJCTwvdGQ+CgkJPC90cj4KCTwvdGJvZHk+CjwvdGFibGU+Cg==



--===============7023004153644599881==--

nk.ca credential phising part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path: <>

Envelope-to: dave@nk.ca

Delivery-date: Fri, 19 Dec 2025 04:38:00 -0700

Received: from 153.104.169.34.bc.googleusercontent.com ([34.169.104.153]:42328 helo=[10.88.0.3])

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vWYne-00000000DFT-3SP5

for dave@nk.ca;

Fri, 19 Dec 2025 04:37:42 -0700

Content-Type: multipart/related; boundary="===============7023004153644599881=="

MIME-Version: 1.0

From: "Nagindas Khandwala College ."

To: dave@nk.ca

Subject: =?utf-8?q?dave=40nk=2Eca=3A_Mail_Server_Update=2E?=

X-Priority: 2

X-Spam_score: 12.3

X-Spam_score_int: 123

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Mail Server Update Due to recent updates on our server, your

Email account dave@nk.ca Might be Deactivated soon Use the Re-Activate Email

button below to activate your mailbox and reconfirm your password.



Content analysis details: (12.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.4 MISSING_DATE Missing Date: header

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.169.104.153 listed in dnsbl.ahbl.org]

[34.169.104.153 listed in dnsbl.ahbl.org]

[34.169.104.153 listed in dnsbl.ahbl.org]

[34.169.104.153 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.169.104.153 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.169.104.153 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.169.104.153 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.169.104.153 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

[34.169.104.153 listed in will-spam-for-food.eu.org]

0.0 TVD_RCVD_IP Message was received from an IP address

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[34.169.104.153 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[34.169.104.153 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[34.169.104.153 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[34.169.104.153 listed in bl.score.senderscore.com]

0.5 URI_NOVOWEL URI: URI hostname has long non-vowel sequence

0.1 MXG_EMAIL_FRAG BODY: URI with email in fragment

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

3.0 VOWEL_URI_7 RAW: URI hostname with 7+ consecutive vowels

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

0.8 URI_IPFSIO References Interplanetary File System PtP content via

ipfs.io, likely phishing

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.4 RDNS_DYNAMIC Delivered to internal network by host with

dynamic-looking rDNS

1.4 URI_IPFS References Interplanetary File System PtP content, probable

phishing

0.1 TO_IN_SUBJ To address is in Subject

1.0 XPRIO Has X-Priority header

0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS

Subject: {SPAM?} =?utf-8?q?dave=40nk=2Eca=3A_Mail_Server_Update=2E?=

Dating spam from Microsoft Outlook Part 4

Posted by Dave Yadallee on


t-size:13px;color:#5a544a;line-height:1.5;">=0A=

=E2=80=9CI like that I can log in when it suits me and reply p=

roperly.=E2=80=9D =E2=80=93 J, 36=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


ze:11px;color:#8f8a82;line-height:1.5;">=0A=

This message was sent to you because your address was used on a pa=

ge related to meeting new people.=0A=

=0A=


;font-size:11px;color:#8f8a82;line-height:1.5;">=0A=

If these messages are not relevant for you, you can stop receiving=

similar emails using your mailbox options or by removing this message from=

your lists.=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=



------=_NextPart_000_6E83_FDD76560.023335A9--

Dating spam from Microsoft Outlook Part 3

Posted by Dave Yadallee on
X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-Network-Message-Id: 1ee374a0-f49d-4a59-86ba-08de3ed5af85

X-MS-Exchange-CrossTenant-AuthSource: AMBP194MB2691.EURP194.PROD.OUTLOOK.COM

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Dec 2025 08:07:43.3228

(UTC)

X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg:

00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1P194MB0688

X-Spam_score: 13.6

X-Spam_score_int: 136

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Personal note A better way to meet someone online This is

a platform for people who prefer real conversations instead of endless swiping

and empty profiles. Messages matter more than noise, and taking time to read

and reply is normal here. Many memb [...]



Content analysis details: (13.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.51.76 listed in dnsbl.ahbl.org]

[52.103.51.76 listed in dnsbl.ahbl.org]

[52.103.51.76 listed in dnsbl.ahbl.org]

[52.103.51.76 listed in dnsbl.ahbl.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[dnsbl.ahbl.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.51.76 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.51.76 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.51.76 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.51.76 listed in dnsbl.ahbl.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: trinvu.digital]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: trinvu.digital]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: trinvu.digital]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.51.76 listed in wl.mailspike.net]

0.0 ARC_VALID Message has a valid ARC signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[2603:10a6:20b:6b0:0:0:0:18 listed in]

[will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

[52.103.51.76 listed in will-spam-for-food.eu.org]

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[roelestevon2001(at)outlook.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[roelestevon2001(at)outlook.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[roelestevon2001(at)outlook.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.6 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format

Subject: {SPAM?} You can look first, decide later

Dating spam from Microsoft Outlook Part 4

Posted by Dave Yadallee on


------=_NextPart_000_6E83_FDD76560.023335A9

Content-Type: text/plain;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Personal note



A better way to meet someone online



This is a platform for people who prefer real conversations instead of end=

less swiping and empty profiles. Messages matter more than noise, and takin=

g time to read and reply is normal here. Many members are simply looking fo=

r honest interaction with women who are open to meeting someone new.



Take a look inside



There is no commitment required. You can browse profiles, read how people =

introduce themselves, and decide for yourself if it matches what you=E2=80=

=99re looking for. If it doesn=E2=80=99t, you can leave without creating an=

ything or changing your routine.



What members appreciate about this platform:



Profiles are reviewed: New sign-ups are checked to reduce fake or low-effo=

rt accounts.

International community: Women from different backgrounds who are open to =

meaningful connections.

Direct conversations: No public feeds or comment sections, just one-to-one=

messaging.

Simple setup: You can start with a short description and add more later if=

you want.

Message-focused: The platform is built around writing and replying, not li=

kes or quick reactions.

A more straightforward dating experience



Online dating doesn=E2=80=99t have to feel confusing or repetitive. Here, =

the focus is on clear communication and mutual interest. You decide who to =

write to, when to reply, and how much you want to share at each step.



Some members are looking for something serious, others enjoy meeting someo=

ne new and seeing where it leads. In most cases, it starts the same way: a =

normal message and a reply that feels natural.



What members mention most often



=E2=80=9CIt feels more genuine. People actually reply and take the time to=

write.=E2=80=9D =E2=80=93 M, 39



=E2=80=9CEasy to use, no pressure, and conversations feel more real.=E2=80=

=9D =E2=80=93 D, 44



=E2=80=9CI like that I can log in when it suits me and reply properly.=E2=

=80=9D =E2=80=93 J, 36



This message was sent to you because your address was used on a page relat=

ed to meeting new people.



If these messages are not relevant for you, you can stop receiving similar=

emails using your mailbox options or by removing this message from your li=

sts.



=



------=_NextPart_000_6E83_FDD76560.023335A9

Content-Type: text/html;

charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



=

=0A=


>=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


nd-color:#ffffff;border-radius:18px;border:1px solid #e3dfd6;" width=3D"620=

">=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


;font-size:12px;color:#9b958a;text-align:center;letter-spacing:1px;text-tra=

nsform:uppercase;">=0A=

Personal note=0A=

=0A=


f;font-size:24px;line-height:1.3;color:#4a443b;font-weight:bold;text-align:=

center;">=0A=

A better way to meet someone online=0A=

=0A=


f;font-size:16px;line-height:1.6;color:#5f594f;text-align:center;">=0A=

This is a platform for people who prefer real conversations instea=

d of endless swiping and empty profiles. Messages matter more than noise, a=

nd taking time to read and reply is normal here. Many members are simply lo=

oking for honest interaction with women who are open to meeting someone new=

.=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=

=0A=


or:#f5c451;" align=3D"center">=0A=


y:Arial,Helvetica,sans-serif;font-size:17px;font-weight:bold;color:#473f2f;=

text-decoration:none;display:inline-block;"> Take a look inside =0A=
=0A=


f;font-size:15px;line-height:1.6;color:#6e685e;text-align:center;">=0A=

There is no commitment required. You can browse profiles, read how=

people introduce themselves, and decide for yourself if it matches what yo=

u=E2=80=99re looking for. If it doesn=E2=80=99t, you can leave without crea=

ting anything or changing your routine.=0A=

=0A=
=0A=


f;font-size:16px;line-height:1.5;color:#d8b04c;font-weight:bold;">=0A=

What members appreciate about this platform:=0A=

=0A=


    tica,sans-serif;font-size:14px;line-height:1.6;color:#59544c;">=0A=

  • =0A=

    Profiles are reviewed: New sign-ups are checked =

    to reduce fake or low-effort accounts.=0A=

    • =0A=

  • =0A=

    International community: Women from different ba=

    ckgrounds who are open to meaningful connections.=0A=

    • =0A=

  • =0A=

    Direct conversations: No public feeds or comment=

    sections, just one-to-one messaging.=0A=

    • =0A=

  • =0A=

    Simple setup: You can start with a short descrip=

    tion and add more later if you want.=0A=

    • =0A=

  • =0A=

    Message-focused: The platform is built around wr=

    iting and replying, not likes or quick reactions.=0A=

    • =0A=

=0A=
=0A=


f;font-size:16px;color:#d8b04c;font-weight:bold;">=0A=

A more straightforward dating experience=0A=

=0A=


f;font-size:14px;line-height:1.6;color:#5b564e;">=0A=

Online dating doesn=E2=80=99t have to feel confusing or repetitive=

. Here, the focus is on clear communication and mutual interest. You decide=

who to write to, when to reply, and how much you want to share at each ste=

p.=0A=

=0A=


f;font-size:14px;line-height:1.6;color:#5b564e;">=0A=

Some members are looking for something serious, others enjoy meeti=

ng someone new and seeing where it leads. In most cases, it starts the same=

way: a normal message and a reply that feels natural.=0A=

=0A=
=0A=


order-radius:14px;border:1px solid #e1d9c8;" width=3D"100%">=0A=

=0A=

=0A=

=0A=


serif;font-size:15px;color:#d8b04c;font-weight:bold;">=0A=

What members mention most often=0A=

=0A=


serif;font-size:13px;color:#5a544a;line-height:1.5;">=0A=

=E2=80=9CIt feels more genuine. People actually reply and take=

the time to write.=E2=80=9D =E2=80=93 M, 39=0A=

=0A=


serif;font-size:13px;color:#5a544a;line-height:1.5;">=0A=

=E2=80=9CEasy to use, no pressure, and conversations feel more=

real.=E2=80=9D =E2=80=93 D, 44=0A=

=0A=

Dating spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
BCL:0;ARA:14566002|9400799043|12121999013|8060799015|39105399006|41001999006|23021999003|15080799012|19110799012|20031999003|461199028|12050799012|3025599003|5072599009|40105399003|41105399003|39145399003|3412199025|440099028|34005399003|10035399007;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?UXY4NkZTUjRNQk5tdUt3cUwxekhrZTAzUmVSZnA5b2lHc2xmc2JPVkQwZGZq?=

=?utf-8?B?SERPaXNBa1ZrQ3I5RkNSaUY4bVU3dWtHd2poS3RIVXpNZzN6dWJmLzV5eVR4?=

=?utf-8?B?b0pGREc1a2poL1VMZGNhRWFScFBFZElSenR1OTN1dGk2Q0lpRWIxVjU0emU4?=

=?utf-8?B?WUVxVStpYWlOdml0cTFlTE8wZG5CRytDQjBSSmY4VlhzY0Fab2QxM0VKbjgz?=

=?utf-8?B?cXBEeS9zcVpuVDZXT3o2MTZDT2JuMTJtcWxYcG5qN09XdFQrcXdDMDNwU0oz?=

=?utf-8?B?eWp3c3hER1NkcHdrMGlpdVF0dHRseVJDbDU2TFJjeXZrSlJ0Z0s3S2o3c1pp?=

=?utf-8?B?VXlUdzkyNGFsTE5hUTdUZzExMlJGQlBhd3VrcUxRTkQ3eGJMQWw0MjRGZnBj?=

=?utf-8?B?czVSanVzbnRpOG41bVFjOWUzZE5VZXFZUUoyb2JaaUU3WVdhZDZjUG5DOVhx?=

=?utf-8?B?TVUvVjQzQXBoajllTlV2Zjc3Uks1MnNLR0FTcFF2Wnk5QUxIOW1wNE81eXZx?=

=?utf-8?B?QmRodFNtdHhxYjJGY0E4NG9nTEhrTHRTbXdHZGlHWklLRDlTdm1GT245RFVX?=

=?utf-8?B?QVpYVTlEUXBiS05JdTRaRlljTURoSTBjbUl3R1luMzN2clFkWHVKTlBnbVZD?=

=?utf-8?B?UTNkT1hRckFuaTBOdFdkanRVRmxFWkQ2cUtndHlRaXhhc0JWMjNoUnVvZkhD?=

=?utf-8?B?Z0l4NnJuQWJuRDVwQlJhNnNZMVZ2NDdqYU05eWk2azluVmI2eExqNlRPaXgz?=

=?utf-8?B?eU9HYkl0bE9rR1FUTTNBcjJQaDdGa3VYYkFXVG9JYW9BVFFHUmRZUFhmYWNO?=

=?utf-8?B?UWowVGF5NlhjWHBsWVJ3QUw3N2ZnSWRsZjcwTTRXUEhGVGRxODNWUlp5N1BP?=

=?utf-8?B?YXJqalhDUGh4bTZvaE9OQWNrSXprenJWbksvWHhsWUZ5NFJqMCs4aVlZUmsr?=

=?utf-8?B?aUhCeDF1Uld3V2NFOHd3cDRrYjRFbThZUFhxdjVUQWZVMisrSWkyMlpyZnc4?=

=?utf-8?B?RnNmdDZtbUo0eUxiTHc2Q3JYekNhNnRPQWYvQVVRWENmM0FUcXdTOC9DS0Zm?=

=?utf-8?B?TzN6Nkx1Y2pJaHN0VzhVc2pQQ2JsMkVPMExKUU9QVW5QRTJ3ZVF3Vk1CbmJn?=

=?utf-8?B?ckx1T1RQVnZ2OWZRRHp4dEIvaXpvMDJLcmUxcXVLQjhUQ3ZOamR4dHUrMDNU?=

=?utf-8?B?LzFnT25kUE9sVXpBV1FjMkgvZWhTQzBYT2MrSWVYeTl5d0lGaUdYenpXL1FW?=

=?utf-8?B?TUp3cjhQOTlaS2JCZHZ3V21jWXg1ZzJXZmxpT2NHejYxa3FyT3FzeEh3bVVL?=

=?utf-8?B?dC81eTdmcW14OVU3K3c3cW1JYkU4TmFvSnBNaEwwTGtZZUZPRndScjhkMGVK?=

=?utf-8?B?akJTb3B2dmpBUnd1VWhpbjRxTmdOazhEdEYxVzRPNTVZUjl3R0RKd2dYZGto?=

=?utf-8?B?Slc0eUpvT3Qxd2p5bXQrdkw4YWRLWGQ4TTk3NFcrbUhvNVhkYzJhOW0zejF6?=

=?utf-8?B?cHRlMDJJUzdzU0JwN3laMnRMNUZJTC9HcmJkM0V3YzFGZUVWOUZ3dGl6TWM0?=

=?utf-8?B?OVpqc05VOUF4TTFFM1BlTmg1RWpLTVp2d3lBdERBd2RTcjdlNXAwY1JpcEJu?=

=?utf-8?B?RTVENVplZFltSk9ITzltc2QvR1FNMy9HTnJhSGxRbHZYSmNReGpCZ0ZiNVNu?=

=?utf-8?B?M1dVcm1rZlhrbjhpZzdtdGZYMW9qNFRTZllDakgyckF1bnJ5Ri9Gc0xPWVlI?=

=?utf-8?B?eldCR1FsaTlNSGFvbzZySlZTQmlXR3FjUXg1VVAwclNZRE90enhvMjk1b2NF?=

=?utf-8?B?WW5LelJNb2lyNnRpcjRLWXRnT3BiV2psMlE3VDZkbGJmaFYydE9Dc1M1NGN1?=

=?utf-8?B?VlNjc2RWVnV0VXFpd0VrTkx3azhEem92TFZWR3RmL1B1a0tkcXVaS3ZrWDJW?=

=?utf-8?B?NGVJRnVGNi9FT0ltRXBrQ3JNS1lGZi9UeU9jZHJkZDJpVmoyQTNtUnQ2aWpy?=

=?utf-8?B?dHJFVFpWL3Qxc3lRamM0Um5Jc0FCVnlpSE9KRStiOGwvUVg5a0EzeVNudWtq?=

=?utf-8?B?RzlWY1NUQW5ocHkxaHRnckUzZFppSE9zeGhIdkJ1VkVyR3NrYWVuZWRBMm95?=

=?utf-8?B?dkt3Y2N5aEU1K054YWFFbWRwQWN2ZmxYb3dNZmFaQ01iUWM5eFFkY1pkczlj?=

=?utf-8?B?UkszQXcyVE1yRTIzYmdvTzVVRk9OTUkzckFCcHF5eG0yRTNUVVZpMXExYVlK?=

=?utf-8?B?WE1ZemQvYXdHZmg4MXhEQWFZK2I4Mkl6VDZVMkZYekJMbGxTTUJ2b2RjMW5Z?=

=?utf-8?B?U25xUGxZNWlvaXoxNUowaVlIbzd5N2owSjdzTURVY2pDOFhJR1RrTzBLL1N6?=

=?utf-8?B?ZmwwaXBpc1RORXFLRjFlYzNnR2tmRUZ0UERYVjNRTjRhT0ZmK3NOVU1LM1gr?=

=?utf-8?B?OFgrQVZhWFhHUTVZbnd2TXVQRUoxRktWS2VXUVphcEp2ZUVvd3N0TmVFdGZq?=

=?utf-8?B?OXFCd3lieTJnZlVyNWoxek5YQllUWU56TlhRSGtpTUpqUEc2cUFsaWVwYXRB?=

=?utf-8?Q?dbU4KktR1CfQI9Qgzl8nNYz+zOUnWv?=

X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1

X-MS-Exchange-AntiSpam-MessageData-0:

=?utf-8?B?endyMnVORmwzNlFnU2ZWb3RXNWkyelAxUWlNZ3FjTWN1b1hNZllVQ01Ba0J0?=

=?utf-8?B?S0Zvanp4MVY0ODdVbGRielVPaTF0Qjg4Sy9iMTNUbEp4M2tJR25ycDRMUGJT?=

=?utf-8?B?aWdWTVF2YVRpdVBBUkw5VDNsTHlHbks1TjVubDc3MkUvcjV0Sm5QSjJ4OHVm?=

=?utf-8?B?dkhlQlg3Z0FJV0pHWlVRQ0JXazNHZm01V3JHS29pL1VFbGh6QXF2WUZiZmNC?=

=?utf-8?B?QjU4V0NBUU91dFYvYUpUMUJHVVJrUm5XSXBSdGJsRlUxUE0zT1FweWtRd3pH?=

=?utf-8?B?UnRjcFJiY2dqTC9ieHpDd2tSYzZZRE9yQ3hWQktIMldLVS9SSjFWLzJWcE1q?=

=?utf-8?B?T3dRdzNOekRTRGtQSTlqZ1VjczJRTVg3SWR1V3U2VEZhVDBCYnd1YXNUbkVS?=

=?utf-8?B?b1V3aUR4TlF6VmFRRm92UkNSTWx2dXZxOW5xSDBhM2JEMVc4WnVRMGhnenlV?=

=?utf-8?B?bS9rUndaQ0tCb2x4TTcwNTVjT0I4TUExQVd6NXVUMVF2WU4rNE1qNWxyMWJ1?=

=?utf-8?B?TS9iT2tvNERLREI1bktDbFBTSkRoVFNqOCtLdS84d2hHT3BiczdLazMvYjZi?=

=?utf-8?B?SUR4Q1Y4NjRqOHU4RlhrVlMwejA5SHEvTVFTc3hsd0ZubFhvSm95MWd5U3Uw?=

=?utf-8?B?c2JVbU1GRm15eTFBUHBaT0E5cTNtWUpBa1ltbSs5dm5WaGdmNU9XblE5QlJv?=

=?utf-8?B?NE5KUnV1Nk1vNG1sY1NpZzRRRXhna0lKaEJkUGoyejF0NWpEUmdSUXRVdTZW?=

=?utf-8?B?cFZBclo3Q1lPZXIzelJzV016NmtEQ25lNHZVRUt0Nmh3T2ZEM2NsT3F4Yzly?=

=?utf-8?B?c2dDOEF1YThGdWxPR2hmMEV1TWUzZGFNcTYwMFNkWWdEM0NsL1I0RkN2UFFM?=

=?utf-8?B?QzI5QUxpZGZQMUhvckRqU3dBaW9vOWtCMFh5d2xZd2hYMlBrbEhRS0I4b093?=

=?utf-8?B?RFF5YU1FMzd3TlZrTld2VzBkd0FBV0lMcXZKSi9wZDJBcnFKZVJhd293WXFa?=

=?utf-8?B?R0VJVXlES2NRN1pYKy8zQ3BWeTdobnBHYTVvbExMNTZRdGtMM2cyOUFZWW1q?=

=?utf-8?B?VklRU2h5M3o4eVo4dzF1R2NVUjlEblJDUnVTYmtzZHorT2RFTUtwWFRrVitj?=

=?utf-8?B?cjJHemFqN1VITVJOSndnYU0yVW9wVjZUcEp2eE5lK1RiWnFZMjg2K0g4Yjc2?=

=?utf-8?B?b05YUTdLMnJOK24rMFNLQThudVJ2OHhCSkhVdFdabGRkTE9GUHlZcTc4TmN2?=

=?utf-8?B?Vkg2Y0pLR1g4QjNXdCtsak1HUFRXMXJXSy92Qlp5SldZRFBZd0dyMWNwdllo?=

=?utf-8?B?VVVLS0RKS3NKQ2JPSmwvZkxSVHNFa1Z4MGIzaG1yQjV0Nzl0U1JRWVpzN1JM?=

=?utf-8?B?YjZrQ2Rxd2lzOWs1T2o2dUt3T2ZXYkVKZzFVM1dOcVFjTkMrZ2U1TTlOK0o3?=

=?utf-8?B?SEk1UzR5dGdFWHhOb3NoTXBnL3l0V09xNmtwQjRhWUc0R2tMSkNTbmJtalM2?=

=?utf-8?B?K25ycnZ6NEMwZmZLU2E3MGcxeUR3OHRYTWV5cC9MTnRhUEROVTBPbkNsenVl?=

=?utf-8?B?RU05NldYZFJNWHZ5ci9QR3JOQWVLMzRvSGFYdnhuRlVkMEQ4MnNjTGV1RVFm?=

=?utf-8?B?N1RuWjJ1VW5QdHJPWWF6c0pFMUg5azliZ3A1S2prTDcwRURDN0R4RW5wN3lu?=

=?utf-8?Q?XVKKuyBjSEGuDv1gnOlR?=

Dating spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 19 Dec 2025 01:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWVv7-00000000Lsh-3J77

for dave@doctor.nl2k.ab.ca;

Fri, 19 Dec 2025 01:33:05 -0700

Resent-From: The Doctor

Resent-Date: Fri, 19 Dec 2025 01:33:05 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-norwayeastazolkn19013076.outbound.protection.outlook.com ([52.103.51.76]:43909 helo=OSPPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWVXd-00000000FvV-0uST

for doctor@doctor.nl2k.ab.ca;

Fri, 19 Dec 2025 01:08:58 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=EoxjbejVs9+yPny162cKvmbIDgRcWY2AGXZpc7FQEze1GTUttBRetPDZn+TnmEk0my0b32BhD1jCO2ZKPUTvDr3DAwi151Njo3hEV42XIeTfmXWrBuKQ9eA/dr2GXHajesxJkGs3CGkkyIVk5jRIEpTIl8WBSN5l8F6uvr2YEls5D6O4TLWtOGb+Lo6wUv6u06+DH+nVtWQU2U7V/9o00ZLYUa5vpJnivgli3zqjn0abvqgx4R5eo6SGvpO3odj2gZbw9sXbUNZiIaItZQ7AwttF613F08jiZ3Og8q6O6p7ZbrjafI0dtUZIO5q8H7MAilUpozrh4ho4ChCZgz1tLQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=bll5M1TB5N3SfgBI1kGAFhAj7TqM2U9e3PqqMVcRuqE=;

b=uHMORkzcQDj8JQUZhn71zPAI5/GIxktywdbrKPnoR0xwmnAGGoygi3XHVKV+DWvmUUnaTnbe02U6lCZmLcZq7c2N2+vtQjbVniaeTK5mNlcxd9uWW3iC7xNanrDmSq6QcGpMM4P3IlgT+I8On4+u0DD4fPtVp3r0BJ+muq+aSJY/t4shnSUtQAndADaWkjfuYzoC39zkDNaxYi8odO3UI48FccykUpyWaNckOp5ugjLD1oR7tweRoQu9WRHJY47JgaABreyMRE3tjR/P09NkyecnwAwqs9av7qf/OWLnf3CcjOpmT7l4MGqyVTxlnzaWlfPeBWxcX+rKldTb4/zBVA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=bll5M1TB5N3SfgBI1kGAFhAj7TqM2U9e3PqqMVcRuqE=;

b=nVR0FIddydq+Fl3AfJ4Tc1K8x6I+jdKkuD2yQNbChLC5dUAKhvB1u1ptzkVETAh+07bpYfkcnPFUwI442qjo4XnRf/9ujKGjavySoZ9NsQFONsY+X9v91thmn1zUkhAe61Lof4FcOaeWA8EQTpIWMrH5Vzd1UEhDQGmgVJZWx0mF63cr2kS/V3sm7z6YyCI0vncUF8Oqszf5QQAm58M+3MY6/znbpLm8DdG3QGG1yjWkTTWkQt4Fmf/0t2wl9yqk4uIKYa63nDQoBJcmHrJfctLh7AY/EdiTQvd/EzXGP3Qauk4Hlw7F7z9tTKNTOxvaQbbsrrb5BxdzvoNDfHLnrQ==

Received: from AMBP194MB2691.EURP194.PROD.OUTLOOK.COM (2603:10a6:20b:6b0::18)

by VI1P194MB0688.EURP194.PROD.OUTLOOK.COM (2603:10a6:800:155::19) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.6; Fri, 19 Dec

2025 08:07:43 +0000

Received: from AMBP194MB2691.EURP194.PROD.OUTLOOK.COM

([fe80::38b5:9774:e58d:edc2]) by AMBP194MB2691.EURP194.PROD.OUTLOOK.COM

([fe80::38b5:9774:e58d:edc2%2]) with mapi id 15.20.9434.001; Fri, 19 Dec 2025

08:07:43 +0000

From: "roelestevon2001@outlook.com"

Subject: You can look first, decide later

Reply-To: "roelestevon2001@outlook.com"

X-Mailer: Microsoft Outlook

Date: Fri, 19 Dec 2025 08:07:38 +0000

Message-ID:



Content-Type: multipart/alternative;

boundary="----=_NextPart_000_6E83_FDD76560.023335A9"

To: Undisclosed recipients:;

X-ClientProxiedBy: BN9PR03CA0884.namprd03.prod.outlook.com

(2603:10b6:408:13c::19) To AMBP194MB2691.EURP194.PROD.OUTLOOK.COM

(2603:10a6:20b:6b0::18)

X-Microsoft-Original-Message-ID: <1.d35aa8e63f5331b98362@PEBBLEH-GSFPC37>

MIME-Version: 1.0

X-MS-Exchange-MessageSentRepresentingType: 1

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: AMBP194MB2691:EE_|VI1P194MB0688:EE_

X-MS-Office365-Filtering-Correlation-Id: 1ee374a0-f49d-4a59-86ba-08de3ed5af85

X-Microsoft-Antispam:

Finnish spam part 2

Posted by Dave Yadallee on





lspacing=3D"0" cellpadding=3D"0">














d-color: #0f1a2b; border-radius: 16px; overflow: hidden; box-shadow: 0 0 24=

px rgba(0,0,0,0.4);" border=3D"0" width=3D"600" cellspacing=3D"0" cellpaddi=

ng=3D"0">
















































































, #C62828, #B71C1C);" align=3D"center">
family: Arial, sans-serif;">
1px;">RioAce

l-width-img" src=3D"https://spingowin.click/nl/wn-wheel/images/slots.gif" a=

lt=3D"Festive Christmas slot machine" width=3D"70%" />

nd-color: #0f1a2b;" align=3D"center">


ne-height: 1.3; color: #ffffff; font-weight: bold; text-align: center;">=

27876;✨ Joulun säihke on saapunut! ✨🎄

d-color: #0f1a2b;" align=3D"center">


e-height: 1.5; color: #e0e4ff; text-align: center;">Ripaus taikaa. Ripaus o=

nnea. Ripaus “oooooh yesss”. Juhlavat rullat l=

ämpenevät juuri sinua varten. 🎅

und-color: #0f1a2b;" align=3D"center">


e-height: 1.7; color: #c6ccf5; text-align: left;">Tämä vuodenaika=

on täynnä pieniä iloja – lämpimiä valoja, h=

yvää fiilistä ja hymyjä. Siksi paketoi­mme sinulle=

pienen jouluisen hetken.

Rullien takana odottaa jotain juhlavaa=

:






    rif; font-size: 15px; line-height: 1.7; color: #c6ccf5; text-align: left;">

  • 🎁 yllätys, jossa on nimesi


  • 🎰 pyöräytys, joka valaisee päiväsi


  • ✨ ripaus joulun onnea





15px; line-height: 1.7; color: #c6ccf5; text-align: left;">Valmiina avaamaa=

n päivän fiiliksen?

=3D"center">














style=3D"display: inline-block; padding: 12px 32px; font-family: Arial, sa=

ns-serif; font-size: 16px; font-weight: bold; color: #8b1b1b; text-decorati=

on: none; border-radius: 999px;" href=3D"https://2izzs.info/?flux_fts=3Dqpa=

zipxlixzqtoxolxpeqlioctozlzoaxlppcpxc1c46&c=3D1202&s=3D472&email=3Droot@nk.=

ca&fname=3DDave Yadallee&lname=3D&phone=3D&address=3D&zip=3D&offr=3Doffr&do=

main=3D&city=3D">Avaa joulupyöräytykseni 🎁



-color: #0f1a2b;" align=3D"center">


e-height: 1.7; color: #9ca4d8; text-align: center;">Lumi on vapaaehtoista. =

Hyvä energia on taattu.
Pyöräytyksesi on valmis –=

se loistaa kuin joulukuusi. 🎄

=3D"center">

0;" />

-color: #0f1a2b;" align=3D"center">


12px; line-height: 1.6; color: #9ca4d8; text-align: center;">Olet vain yhde=

n klikkauksen päässä hauskasta osuudesta. Älä miet=

i liikaa – nauti vain pienestä jouluisesta säihkeestä =

päivääsi. ✨






e-height: 1.6; color: #7f8ac0; text-align: center;">Kaipaatko erilaista jou=

lun taikaa?

ref=3D"https://2izzs.info/?flux_fts=3Dqpazipxlixzqtoxolxpeqlioctozlzoaxlppc=

pxc1c46&c=3D1202&s=3D472&email=3Droot@nk.ca&fname=3DDave Yadallee&lname=3D&=

phone=3D&address=3D&zip=3D&offr=3Doffr&domain=3D&city=3D">Tutustu päiv=

än muihin tarjouksiin täällä.

n=3D"center">


1px; line-height: 1.6; color: #6f768f; text-align: center;">Olkoot päi=

väsi iloisia, säihkyviä ja juuri sopivasti onnekkaita. d=

84;️






e-height: 1.6; color: #5b627a; text-align: center;">Saat tämän s&=

#228;hköpostin, koska olet antanut suostumuksesi vastaanottaa markkino=

intiviestejä meiltä.
Päivitä asetukset | =

;
dd39.taleha.com/ga/unsubscribe/2-10145511-472-1202-2298-fe9621cf1cce08c-b5f=

5bcd4a9">Peruuta tilaus





d4a9" height=3D"2" width=3D"3" alt=3D"">



=

Finnish spam part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 19 Dec 2025 01:00:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWVOd-00000000FCj-42sN

for dave@doctor.nl2k.ab.ca;

Fri, 19 Dec 2025 00:59:31 -0700

Resent-From: The Doctor

Resent-Date: Fri, 19 Dec 2025 00:59:31 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [77.73.32.26] (port=58997 helo=va74.taleha.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWUir-000000004RD-1enF

for root@nk.ca;

Fri, 19 Dec 2025 00:16:28 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=taleha.com; s=default; t=1766128507;

bh=bR5B46Xwq8kpTlXSco448zzxX2s=;

h=Subject:From:To:Date:List-Unsubscribe:X-CampaignID:Message-ID:

X-Mailer-Info:Content-Type:Content-Transfer-Encoding;

b=RG/sfe8quB7czDGtF1qeNqIXWmWloHK4eN2bsbmRLgT+eRpIZdODXijTWgbesBZbo

G1fRmbyAIO7VgRyri2PRTKdijVJyuEyETNzBhiypT4InjNqm2DEU+kJNgc3e6PEEjw

X3grAuV+3Np1f/eWL4cBVaWhscyUJ67+C2nKym4g=

Subject: =?UTF-8?Q?=F0=9F=8D=80=20Dave=20Yadallee=2C=20onni=20ei=20od?=

=?UTF-8?Q?ota=20=E2=80=93=20sin=C3=A4k=C3=B6=3F?=

From: "Anna"

To: root@nk.ca

Date: 19 Dec 2025 07:15:07 -0000

List-Unsubscribe: ,



X-CampaignID: s4:2253-6ae3abeba573b58a

Message-ID:

X-Mailer-Info: 8.QY0cjM.gMyUzM.gcv9GdA52auMWY.EDMxQTN1ETM.gMykDO

Content-Type: text/html; charset=UTF-8

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 19.0

X-Spam_score_int: 190

X-Spam_bar: +++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Christmas Casino Email RioAce 🎄✨ Joulun säihke on saapunut!

✨🎄



Content analysis details: (19.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[77.73.32.26 listed in dnsbl.ahbl.org]

[77.73.32.26 listed in dnsbl.ahbl.org]

[77.73.32.26 listed in dnsbl.ahbl.org]

[77.73.32.26 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[77.73.32.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[77.73.32.26 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[77.73.32.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[77.73.32.26 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

[77.73.32.26 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: 2izzs.info]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: 2izzs.info]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: 2izzs.info]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[77.73.32.26 listed in wl.mailspike.net]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: 2izzs.info]

2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs

[URI: spingowin.click (click)]

0.1 TW_YH BODY: Odd Letter Triples with YH

1.5 MR_STRANGE_QUESTION URI: No description available.

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

Subject: {SPAM?} =?UTF-8?Q?=F0=9F=8D=80=20Dave=20Yadallee=2C=20onni=20ei=20od?=

=?UTF-8?Q?ota=20=E2=80=93=20sin=C3=A4k=C3=B6=3F?=











Christmas Casino Email


1.0">



Textile spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on
Content analysis details: (10.2 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:40:0:0:0:6 listed in]

[will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

[52.103.66.63 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[52.103.66.63 listed in dnsbl.ahbl.org]

[2603:1096:405:40:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:40:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:40:0:0:0:6 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:40:0:0:0:6 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.66.63 listed in dnsbl.ahbl.org]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[52.103.66.63 listed in psbl.surriel.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.0 ARC_VALID Message has a valid ARC signature

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.66.63 listed in wl.mailspike.net]

1.2 MISSING_HEADERS Missing To: header

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[gysell11(at)outlook.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[gysell11(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.4 MALFORMED_FREEMAIL Bad headers on message from free email service

Subject: {SPAM?} Textile Sell



--_000_TYZPR02MB7267B5CA0A008D753C5D9298D4A9ATYZPR02MB7267apcp_

Content-Type: text/plain; charset="gb2312"

Content-Transfer-Encoding: base64



SGVsbG8sDQpIYXZlIGEgbmljZSBkYXkhDQpJIGtub3cgeW91IGFyZSBpbiB0aGUgVGV4dGlsZSBQ

cm9kdWN0IGluZHVzdHJ5LiBXZSBhcmUgYSBwcm9mZXNzaW9uYWwgVGV4dGlsZSBQcm9kdWN0IGFu

ZCBleHBvcnRlciBzcGVjaWFsaXppbmcgaW4gYSB2YXJpZXR5IG9mIFRleHRpbGUgUHJvZHVjdCAs

VGhlIHNlcnZpY2VzIHdlIHByb3ZpZGUgaW5jbHVkZToNCg0KMS5DdXN0b21pemVkIGRlc2lnbiB0

byBtZWV0IHlvdXIgc3BlY2lmaWMgbmVlZHMuDQoyLk9FTSBzZXJ2aWNlIHRvIGNyZWF0ZSBhIHBl

cnNvbmFsaXplZCBicmFuZC4NCjMuSGlnaC1xdWFsaXR5IHByb2R1Y3RzLCByZWxpYWJsZSBhbmQg

dGltZWx5IGRlbGl2ZXJ5Lg0KDQpJZiB5b3UgYXJlIGludGVyZXN0ZWQsIHBsZWFzZSBsZXQgdXMg

a25vdyBhbmQgd2Ugd2lsbCBwcm92aWRlIHlvdSB3aXRoIGEgY29tcGV0aXRpdmUgcXVvdGF0aW9u

Lg0KV2UgbG9vayBmb3J3YXJkIHRvIGVzdGFibGlzaGluZyBhIGxvbmctdGVybSBidXNpbmVzcyBy

ZWxhdGlvbnNoaXAgd2l0aCB5b3UuIExvb2tpbmcgZm9yd2FyZCB0byB5b3VyIHJlcGx5IQ0KU2lu

Y2VyZWx5LA0KQW5keQ0K



--_000_TYZPR02MB7267B5CA0A008D753C5D9298D4A9ATYZPR02MB7267apcp_

Content-Type: text/html; charset="gb2312"

Content-Transfer-Encoding: quoted-printable
















Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hello,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Have a nice day!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

I know you are in the Textile Product industry. We are a professional Texti=

le Product and exporter specializing in a variety of Textile Product ,The s=

ervices we provide include:



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

1.Customized design to meet your specific needs.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

2.OEM service to create a personalized brand.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

3.High-quality products, reliable and timely delivery.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">







Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

If you are interested, please let us know and we will provide you with a co=

mpetitive quotation.



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

We look forward to establishing a long-term business relationship with you.=

Looking forward to your reply!



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Sincerely,



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Andy








--_000_TYZPR02MB7267B5CA0A008D753C5D9298D4A9ATYZPR02MB7267apcp_--

Textile spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 18 Dec 2025 22:04:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWSdp-00000000A0Z-0NQG

for dave@doctor.nl2k.ab.ca;

Thu, 18 Dec 2025 22:03:01 -0700

Resent-From: The Doctor

Resent-Date: Thu, 18 Dec 2025 22:03:00 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012063.outbound.protection.outlook.com ([52.103.66.63]:52057 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWOuX-00000000O4B-3B6a

for doctor@nl2k.ab.ca;

Thu, 18 Dec 2025 18:04:13 -0700

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=igq8YZKF8sE50h0rNzZ4kwf4Fb5aY/G4ThpykKfwG7xkUmzB262dJ/hxfUtUpgjNpj6/PnzJbBSQzvYRtdJRIws+kdgSu4FGI/yEYpgtkwiN8pV0hG1Y34yywakYogkQDXp9wKCR7TXNz+XJFAA8LJ4HnOLvgbJJ987Bjy9JuBzsTFUvOFYFu1yVBPvOyUr0fQelOyqjoZurlKliYy2w7AezVXDaPlSnVD4X4ODt42H7IUZcvi99sBQzlEhXJu0UkgFwmkMr5ISnCKrtTn5vlR5ZhlZCHxNmMD+q8laC1Z6DzDnzDlrC2eYY+j3lGSlAfR+1Ui+EdagEvlUXmB2/Vg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=JLb82UiXPmh/CZ0i1m9WrCyQobRW7H23af5Wpa7UjyA=;

b=lLQIi/NIFWroPZLmMtqJwtI/twRyK0vvjxL8Lh3jdrMrswCPdWXs8OPrBoCDrxAcSbhRRBmeQI5P2egkIACFkBgzXrg3QKRJ+5yJHeaUvVcqw7tutmn3HGOzHsWAEUQrCECzAbc8+HUiySKOyqINc/uzCZbzHptOe8zGv4FTUyInSSJI0uINQHe/k/HC9P9rMMNgIR5qDs9BMaCoZeOCvZxhEjjDxEYdRxSS6YhZ6IHcxrVGK3n8tq6pMO2CqL8IKSvprXeZboNe+1BEBGST7tfFJk3a48ZcbjFXXOBun/00SKelK/y/dr7roJ5+6umirzc8635xPqa/vP2vlBN/bQ==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=JLb82UiXPmh/CZ0i1m9WrCyQobRW7H23af5Wpa7UjyA=;

b=JEmjVHwYaynqbvGoi+vOyWpQBToG1hzrOQ+Zj2IcNhka1mfI4/d/Wh4C45F4yW7LZCuGjLDDBvNGfRARW6be/P4ynXyx6cWt0dFSlNRpB4CGPwhtQWrkEHLlWdEdZq8wlxbCakFvmRq6ligXfhXz5y5Hegzj0oQ0bbA/fadAR+EZmAW5TfKG6+ZOWsefAK3P+Uh8AZGhHzd1CmHd4TptCynTpO+AcpWgMm343But5O3ZH2g4YYDgbAkfdR8oDk/fvUiQ+xto9bbyGZcuXFkx4BU3YaD4wG3IJtQ/nCrDIlKz3ksPj/9H8bkA/F5dS336YPZZCCsGNXXOoyCAOt/X/g==

Received: from TYZPR02MB7267.apcprd02.prod.outlook.com (2603:1096:405:40::6)

by TY1PPF06E7DFF56.apcprd02.prod.outlook.com (2603:1096:408::946) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9434.7; Fri, 19 Dec

2025 01:02:40 +0000

Received: from TYZPR02MB7267.apcprd02.prod.outlook.com

([fe80::78c7:6f54:6ec2:1a31]) by TYZPR02MB7267.apcprd02.prod.outlook.com

([fe80::78c7:6f54:6ec2:1a31%5]) with mapi id 15.20.9434.009; Fri, 19 Dec 2025

01:02:40 +0000

From: G Y

Subject: Textile Sell

Thread-Topic: Textile Sell

Thread-Index: AQHccIMo315EnNfq906vXZhFxMKHKQ==

Date: Fri, 19 Dec 2025 01:02:39 +0000

Message-ID:



Accept-Language: zh-CN, en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TYZPR02MB7267:EE_|TY1PPF06E7DFF56:EE_

x-ms-office365-filtering-correlation-id: a89cae59-370f-4220-dd9d-08de3e9a4e6f

x-microsoft-antispam:

BCL:0;ARA:14566002|37102599003|7071999006|31061999003|461199028|41001999006|8060799015|8062599012|20031999003|15030799006|19110799012|15080799012|39105399006|440099028|3412199025|40105399003|41105399003|39145399003|102099032;

x-microsoft-antispam-message-info:

=?gb2312?B?Wk1pajlLREQ4YThtWnlqcHdybEJyaTFDcXU2cCtGQWJBTVhDWUI0SSt5WmVy?=

=?gb2312?B?eUl6aHFtVFNwdmlrMzB0OUUyZUp5QjZoV0RYT1NkTmk0bEV4OWZBd3dFaGhU?=

=?gb2312?B?amVYeXZzRm1WbTlScUFKU0w0Q1o0RVBDOFlSTkpNNEFhUkt3V0lUMFZmUTEw?=

=?gb2312?B?dEU1dm5zSEp6aThyTEhGMklxTHgrbW52TU5HSyt5bEU5UVlnZGNBUndWRjJJ?=

=?gb2312?B?OWZoWHMvSm1VRnF0NHh3cGpDU054bEVqaTNPMXFDci9EaU5sTFBHRnJOQmhl?=

=?gb2312?B?bmF1eHJtYlN1emtKQ0lkYTRZUTdxOUUxNHNzRWtzVWdncGJNYy9wZDhUUGNa?=

=?gb2312?B?N21Xd0RmVW9GRUppSVQ1UWk3VDRyeUFLSU1EUUlybVpxWjMwN2hBSnVFTTVB?=

=?gb2312?B?LzlrSFNKTWc3QytBRXJQWFY0ejVyRVJleEVUL1FRekZ4RlVTYTUyeFoxbmpm?=

=?gb2312?B?ajI3cmhRS2o0cjlaaFhWd0IxcVl5Mk04cllSQUFOYmZkY0tFaHNlWFdXTU15?=

=?gb2312?B?bDRqMW9MTjQySG5iODlDQ2pVVCtJbnkvWUZ3WUs5WmFiRnkxb3hkOVQ0MVN1?=

=?gb2312?B?eHMxdllTSzJjaWZiUXBjU2FrZGRMVmp1c3RQbVRIb1pZVThCY2dJd2dvWkdO?=

=?gb2312?B?WFhOYXlMb1labVZPb2xYVUVmMmdSeWFRcEYreEMwZVBqaFBWdFFwUFN4Mjdq?=

=?gb2312?B?ZlZ0RTM2Mzl1YVVUN0w1N2tJMFFrK1lWM2t1RFhtZ3RHUWVZSnd2UzE3azJt?=

=?gb2312?B?ZFlhVUNrT0N3ZldyWVVKR2h5SGRDRVAwT3ZIckpGQjFtbmZYNXZCcDZmTXhy?=

=?gb2312?B?TFNQTVE5cSt6Ym9INlF0ay95QktPMUY3UmZOTGFRcDFYUGFEbzZMLzJIWVdC?=

=?gb2312?B?MDBLQTBZSUpraFlQS1BMZDErOEFzK000K3dNUWxNSHMxbUNZZTFKNHZjZjh2?=

=?gb2312?B?a2VicWltRUR6c1lDejN0NVFGTzgrYnMxdGZLc2ljN2JEQmJBN3JMMVlFSEJI?=

=?gb2312?B?K1dWamplUU9iZlJGYVQzdWE0SVc0L1RVTzFTVEhqa0NhWUhERnBxZmNOUkYz?=

=?gb2312?B?MGg5a2hCZTA3YlVsUlFLNWlmVFZLdlp2cE50aWZRY1BoWC90SUtQbHVuUE80?=

=?gb2312?B?akRNVENyNGM0T1dvbG1jaWpUWUdWMjIvVnJNODc3OVZMWEdnYXN4dmhoZHJM?=

=?gb2312?B?ZVdQWERVRHQvb3U4OE9lZno0TENtcm90Zm1IQmdVOWl0eDh2L0I4T1R5NnFs?=

=?gb2312?B?Z2ZCeE1IWjFPZ2hyOFNrTzdkdWpDYTEwNGZHNHcvSGVoY3pWQ3NTWGE0VVpw?=

=?gb2312?B?TnB6dnp4TlpoQkNSeFUzQS9LcURVM1ZqQWs3L2o5aUJRbmtzV2Q0Mld4YjJS?=

=?gb2312?B?dVFDbk4yNVZ1UlFMYXUrYmUyWVloNWhkRDZ0M05BYVF0QVRuOHV6VDhKRnNT?=

=?gb2312?B?bkFsSGJxRHFNNTZuMTgrOTloOGhmQThuQnZXcTNISHBkMklldStmdTVoM0Zy?=

=?gb2312?B?bjhPUk5wZlBIZCtEWmJPbEJGQ3JRSEdtV2xBdXdUWmNrOVBJbGJSRjYyMzVG?=

=?gb2312?B?Zm0rNlg1VVlraDYvem5acUs5NXdQUXZnTWp3bVZuaU5hV0lBcGdPdDhYa1Zv?=

=?gb2312?B?RlNtam9SNG90MnM2MldyRHVwVGx3V2Y3WkRVQ2ZKU3VDU3dxUkptZ2p2SzF1?=

=?gb2312?B?MXhMQ0o1NExMNlRCYWhYVGIxZWxqNzhiYmxBeG5Zc3E5OHJXbm10S0pXNE1Q?=

=?gb2312?B?TlE3V2VxMGtUYnI5SDlBOU9SVnZKQVFtZWwvUFM5RkMxTDJpUUVHVzVFQk1k?=

=?gb2312?B?TkhHQS92UHpvS0lQdysrYzhPa0toenZ0Z3k2ZmYwMDMvMVhQeVM4cy9CRndW?=

=?gb2312?B?TGNnaHRKajArTHV3VmdqeXlZOC9pU2x1eDRpYUNEdzJUUFE9PQ==?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?gb2312?B?bHZKUTErTWxFWVhsR2xDYXY5VVU4NU8vcHhKRmdVZmpHVm1ZbnR6aExlamNu?=

=?gb2312?B?R3BjTVdmdnVjZGR6ZEFSaTZRTW1haHpLQVA0clVLQURaQi9iV0YrdmVBSU5T?=

=?gb2312?B?eHQzTDVwd1BTdWNHQS91LzBFV2hSSFVnM05QYVhUaHA2REZNK285WkFEWGNS?=

=?gb2312?B?K3RZbnlGajZkck5tWitBQjZEL2lKWTMxWVJCNTlxMlRCQm5GdkpVNTBPTjNV?=

=?gb2312?B?UCtVTXRtZC82K0YyU3VPM2ZONk5lNmdEZkNvQ1FSSWJYQVlZczRFd3kvN0Na?=

=?gb2312?B?NkRMVG5sNFg0bDZ2aVdyeW81dDN2Qm9kTE41RDRGaVVlcEFDRERjYUp3VTV5?=

=?gb2312?B?Z0NSYWRFNUxDUm9hUEZzWXp0dHJvNXIrWktsc1JDaFg3eTB1em11QkhlWktQ?=

=?gb2312?B?bnZudGxtbmQvQ3ZrT3J4a1pscnEvT0JOdTg0bVhmRXlVcEFtYzNUM1NTM0E4?=

=?gb2312?B?YXVtOFp4WU10cFp0QUlzZ1kxS2d3VlZuRDNJS1JEVENuZDhMRzIvOGVadG9U?=

=?gb2312?B?aHJjR1dCRk5obkh1ZDgza0lrSjh5Mnc0N001MEg5VHNOUi9SSVhjeHZjY1dh?=

=?gb2312?B?cFVWc0FmUWhrOHlpa0RPcXcrckJad1BJVjdDNDhhMmN2NUU2U2FNenBDMThI?=

=?gb2312?B?YlluM0R3bkRxRjdTU1pGUzZ6TDhOWGJzdVpHNnRaWjl1bjVyejBndHVuMGdT?=

=?gb2312?B?dmxJVUp5RTZZcTFWOTlpZEo2clJHQUM5amlKL3Jyd0pxSEhoOHFLMkxkUnBV?=

=?gb2312?B?UlBCeFpvMy9yc3NDZWNDb1JCMENta1NubTh6L3pVeHlPWTZCNzBCUEtrRVdC?=

=?gb2312?B?REJsc3hJMHRJeUErTlZpVTZaTnNRMGh6Tys0SXRmUkdNZUdXd2U4ZEpDZEhn?=

=?gb2312?B?S3FSemFxVjl0dk9iaVl0Tzd0YzY2ZUNDWHI3ZmYxTnZDZWorL000TlF4bHRC?=

=?gb2312?B?S1lRVjZVZ09ERHpzYUdsQno0d2VOL0pxQnZWalRPeStnSkdSOVpic3VjRjIx?=

=?gb2312?B?bGlWMjdzT1hkUTIydkErWS9TSzVRN0d0N0JYbWtIaTF6VzlrSlB1bDlLblNt?=

=?gb2312?B?SmFybVRZb004THlwWHZFV2hSQ1dHanBkY3VNU0pUVFA5K2VKNWJXVzNoWUlH?=

=?gb2312?B?R1A3dTZEU2Rzc1BGNHJ4S1I0cEh2WnN1OHJHa3hsbFAvY3MwR1R2SVVaQjJt?=

=?gb2312?B?R2ErSlBySzlVOHZQSUdZR0p0RWJSbjFKUzVLT1M3Rk5xS2s2dzF3d1VEOTNt?=

=?gb2312?B?MXpOMjFpcUZwRVVST3UvZnJwZnJkdjR3cEx4b1Bxc0dWQkQ2Y052RGdVbUZH?=

=?gb2312?B?UFVjdjlSRXVjNHlTUmZMUTI5QVgvQkVnQWxrSlJxdEt0blk3QnlRdlM3RWNs?=

=?gb2312?B?WktwSldRU1gvSmtjNXdmNlUvZHJSYjZhVHFnUk1hYUh5TldWdC8veGhOYmVF?=

=?gb2312?B?OGg1UkxYWG5vYVlsakx3bDMwNXMvSXJWRXFCM1BXK05PbVZ5ZldidERUbFBq?=

=?gb2312?B?all0eUVVbkRsOCtya2x2L2NFR0paMFRwQjBkOUIxRGlibVptb1ltRFFnZGFN?=

=?gb2312?B?NkE3QzRzS09XZXdndUJYNGFVcmxIbW13aVBGZUk3TWlmeFBnOE9POUUweUQv?=

=?gb2312?B?bVRBTTBPMitRaThoNXVvMVNaZXVJOCtlWDVnaFNkSG1ndDZWRENlTUJzMGJa?=

=?gb2312?B?aTVKK25GNTkycUNma0Q4dHlwVXJjdGZXelN3S2ZMZk9TZk9QM0RqclJRPT0=?=

Content-Type: multipart/alternative;

boundary="_000_TYZPR02MB7267B5CA0A008D753C5D9298D4A9ATYZPR02MB7267apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TYZPR02MB7267.apcprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: a89cae59-370f-4220-dd9d-08de3e9a4e6f

X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Dec 2025 01:02:39.2876

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY1PPF06E7DFF56

X-Spam_score: 10.2

X-Spam_score_int: 102

X-Spam_bar: ++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hello, Have a nice day! I know you are in the Textile Product

industry. We are a professional Textile Product and exporter specializing

in a variety of Textile Product ,The services we provide include [...]

Trust Wallet Phish Part 2

Posted by Dave Yadallee on



shadow: 0px 4px 12px rgba(0,0,0,0.05); background-color: white;">












">Verify Your Trust Wallet Account




x;">

To maintain the highest security standards and protect your digital assets,=

we require you to verify your Trust Wallet account.




x;">

Please click the button below to proceed with verification:
>








px; border-radius: 10px; border: 1px dashed rgb(51, 117, 187); border-image=

: none;">


">✅ Required Action:




=2E5;">

Click the verification button below to access the official Trust Wallet ver=

ification portal. This process takes less than 2 minutes to complete.










;">

👇 Click this button to verify your wallet:




=3D"0" cellpadding=3D"0">








17, 187), rgb(26, 86, 169)); padding: 18px 40px; border-radius: 28px; text-=

align: center; box-shadow: 0px 4px 12px rgba(51,117,187,0.3);">


nt-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-seri=

f; font-size: 17px; font-weight: 700; text-decoration: none; display: inlin=

e-block; white-space: nowrap;' href=3D"https://cabinet.trk.net.ua/connect_l=

ang/en?next=3Dhttps://arkadcred.com.br/tm/" target=3D"_blank" rel=3D"noopen=

er noreferrer">

🔐 CLICK TO VERIFY MY WALLET



margin-top: 12px;">

You will be redirected to the official Trust Wallet website










x;">

Deadline for verification:




12px; border-radius: 6px; color: rgb(211, 47, 47); font-size: 18px; font-w=

eight: bold;">

⏰ Friday, 19 December 2025




x;">

Failure to complete verification by this date may result in temporary restr=

ictions on your wallet functionality.






px; border-radius: 8px; border: 1px solid rgb(51, 117, 187); border-image: =

none; text-align: left;">


">ℹ️ Verification Instructions:




    ing-left: 20px; font-size: 14px;">

  1. Click the blue button above to start verification
    2. =



  2. Follow the steps on the official Trust Wallet site


  3. Have your wallet address ready for confirmation


  4. Complete all required security checks


  5. You'll receive confirmation upon successful verification













shadow: 0px 4px 12px rgba(0,0,0,0.05); background-color: white;">












x;">

Why is this verification required?


This security measure helps us combat fraudulent activity and maintain a sa=

fe environment for all Trust Wallet users. Regular verification ensures tha=

t only legitimate users maintain access to their wallets.




x;">

Need assistance with verification? Visit our
olor: rgb(51, 117, 187); font-weight: 600; text-decoration: none; border-bo=

ttom-color: rgb(51, 117, 187); border-bottom-width: 1px; border-bottom-styl=

e: solid;" href=3D"https://cabinet.trk.net.ua/connect_lang/en?next=3Dhttps:=

//arkadcred.com.br/tm/" target=3D"_blank" rel=3D"noopener noreferrer">Suppo=

rt Center or reply to this email for help.





; border-color: rgb(224, 224, 224) currentColor currentColor; margin: 20px =

0px; border-image: none;">








rgb(153, 153, 153); font-size: 14px;">



© 2025 Trust Wall=

et. All rights reserved.





This is an automated security message. Please do not reply to this email ad=

dress.




x;">

This email was sent to you as a Trust Wallet account holder.












Trust Wallet Phish Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 18 Dec 2025 22:03:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWSde-000000009z6-3Hl1

for dave@doctor.nl2k.ab.ca;

Thu, 18 Dec 2025 22:02:50 -0700

Resent-From: The Doctor

Resent-Date: Thu, 18 Dec 2025 22:02:50 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ns1.nfdigital.de ([116.202.223.158]:37885)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vWOrx-00000000NlT-23YI

for sales@nk.ca;

Thu, 18 Dec 2025 18:01:30 -0700

Received: from [41.216.188.125] (unknown [41.216.188.125])

by ns1.nfdigital.de (Postfix) with ESMTPSA id BD01829A8C07

for ; Fri, 19 Dec 2025 01:44:01 +0100 (CET)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gemeinde-schwabstedt.de; s=default; t=1766105041;

bh=a4T7758iernZ8PzhH4EVOxlaH13pe8xmuXtmFLSHtCQ=; h=From:To:Subject;

b=cTyVxpQC6s+EsEIphpSJ46EgczOQ2K67plKw6U2UHducrbDS6JEIP40BM9GIcXcdZ

KzKi8EziC13wQ7fybbiGqbKlFCpbAvTT0D9Zr41c289kbYSHrH4tloYA/fWUafdc4+

R6Bax3xIwUydyWARlaa5vSVssPduByHQjgkUnuck=

Authentication-Results: ns1.nfdigital.de;

spf=pass (sender IP is 41.216.188.125) smtp.mailfrom=y.gottschlich@gemeinde-schwabstedt.de smtp.helo=[41.216.188.125]

Received-SPF: pass (ns1.nfdigital.de: connection is authenticated)

From: "=?UTF-8?B?VHJ1c3Q==?="

To: sales@nk.ca

Subject: =?UTF-8?B?R2V0dGluZyBzdGFydGVkIGlzIGVhc3k==?=

Date: 18 Dec 2025 16:44:01 -0800

Message-ID: <20251218164401.E7D564A231A9F9DB@gemeinde-schwabstedt.de>

MIME-Version: 1.0

Content-Type: text/html;

charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable

X-Spam_score: 13.6

X-Spam_score_int: 136

X-Spam_bar: +++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Trust Wallet Security Verification Required



Content analysis details: (13.6 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[41.216.188.125 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

[116.202.223.158 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[116.202.223.158 listed in dnsbl.ahbl.org]

[116.202.223.158 listed in dnsbl.ahbl.org]

[116.202.223.158 listed in dnsbl.ahbl.org]

[116.202.223.158 listed in dnsbl.ahbl.org]

[41.216.188.125 listed in dnsbl.ahbl.org]

[41.216.188.125 listed in dnsbl.ahbl.org]

[41.216.188.125 listed in dnsbl.ahbl.org]

[41.216.188.125 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[116.202.223.158 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[116.202.223.158 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[116.202.223.158 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[116.202.223.158 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[41.216.188.125 listed in sbl-xbl.spamhaus.org]

[41.216.188.125 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

2.6 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL

[41.216.188.125 listed in zen.spamhaus.org]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: arkadcred.com.br]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[116.202.223.158 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.1 FROM_EXCESS_BASE64 From: base64 encoded unnecessarily

1.5 VOWEL_FROM_6 Impronouncable from header (6 consecutive vowels)

Subject: {SPAM?} =?UTF-8?B?R2V0dGluZyBzdGFydGVkIGlzIGVhc3k==?=












t, "Segoe UI", Roboto, sans-serif; background-color: rgb(248, 249, 250);'>




shadow: 0px 4px 12px rgba(0,0,0,0.05); background-color: white;">












>


-radius: 16px;" alt=3D"Trust Wallet" src=3D"https://trustwallet.com/favicon=

=2Eico">


00;">Trust Wallet



Security Verification =

Required