NetKnow Corporate Blog

Reward phishing from Russia

Reward phishing from Russia

Web/SEO/App spam from Microsoft Outlook

Private Financial Consultant spam from Google Gmail

Nigerian Spam from Google Gmail

Nigerian spam from Google Gmail

Finnish Language spam from Google Gmail

Sexual health spam from Google Gmail

Web/SEO/App spam from Google Gmail

Web/SEO/App spam from Microsoft Outlook

Fedex Phish from Mailgun

x 0;">FedEx Canada =E2=80=93 Package Notification

Networking equipment spam

Web/SEO/App spam from Microsoft Outlook

Networking products spam

Fedex Phish from Mailgun

x 0;">FedEx Canada =E2=80=93 Package Notification

10px 0;">Pending Service Charge

10px 0;">Need Assistance?

10px 0;">Pending Service Charge

10px 0;">Need Assistance?

Posted by Dave Yadallee on Saturday, August 23. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 15:39:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upZSs-00000000MxD-0r0U

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 15:38:26 -0600

Resent-From: The Doctor

Resent-Date: Fri, 22 Aug 2025 15:38:26 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.138.88.157] (port=37529 helo=otakustack.moe)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1upZDC-00000000LIk-20NH

for root@nk.ca;

Fri, 22 Aug 2025 15:22:22 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=nk.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version:Content-Transfer-Encoding; i=root@nk.ca;

bh=nekm2GmeszbHdWMI+0ZPMojTld0=;

b=HvXK1T3arPqNrSzpZ1EkIgU4Tim5dGpyY82uRaRTwA9e+WrLasdgUq6ahVqWEtTd6qqzJ9/IGV+s

SjZPSR7TESbIdHBip5iR/D58OVMGTWrSjwVhz0uNOnJ4PpsJXkhnKSrhJdDevEjWE3CdzmUjzAKc

WEIwcf7RAkfaCM6wh2L6wxUkvWdqJlwYY0Vh6VQnhEJFg6OAm5Y93dWTxBu6to3cAot6Qe3qKi+x

t6MjkzE22QMQeYIoai4BKw8J8Ddm9KMFTd7PlJnNfHE05dO/vEFH3SGv5crFZ0j6U1L8I/DDSouM

z+2QBoWe9yApiHFspZ1zRRPbK4SGF993f6bvdw==

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=nk.ca;

b=QWg2IOE+vE7YBavIBSYnlfK/6TvCGrRztzbeEtT1P7ApxwktPCAKdO/C6G4y2QfwJv/rQ+t48KGH

ASUdl1U9mtn+VIwCie8cyiJNLEXT3jvAU6Q37MyYiM4mwDOywTCZ4oCC0h6obM2QQ6+cGtcr0Xdi

8bzWUatO+diXz9M3Z7Tx7BxNWpJAzYixLOCwnkH/oJfbjr2XBSLvOgJCqjhaFw9l7MbhtIDfLYFH

G6x0QreSXDAfsPqGgWyTuJr54qDw5MsuhqjSNDv5zprUoa6qZNV4M3/gtEbzcKCjyr1PAZgvOPBZ

euvX/6ENHGK1KjGvM6G+T3SvDQwAwbnCvdRC0g==;

Date: Fri, 22 Aug 2025 21:21:25 +0000

To: root@nk.ca

From: =?UTF-8?B?8J2Qk/CdkKvwnZCa8J2QnPCdkK3wnZCo8J2QqyDwnZCS8J2QrvCdkKnwnZCp8J2QpfCdkLI=?=

Subject: =?UTF-8?B?8J2QhfCdkKLwnZCn8J2QmvCdkKUg8J2QjfCdkKjwnZCt8J2QovCdkJzwnZCeOiDwnZCY8J2QqPCdkK7wnZCrIPCdkJHwnZCe8J2QsPCdkJrwnZCr8J2QnSDwnZCA8J2QsPCdkJrwnZCi8J2QrfCdkKzitZE=?=

Content-Type: text/html; charset="UTF-8"

Mime-Version: 1.0

Content-Transfer-Encoding :BASE64

X-Spam_score: 18.8

X-Spam_score_int: 188

X-Spam_bar: ++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, today's winner is root, Congratulations! You have

been selected to receive an exclusive reward! Your name has been drawn for

a Yeti Outdoor Bundle.

Content analysis details: (18.8 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: bitly.lc]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: bitly.lc]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: bitly.lc]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in sa-accredit.habeas.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[185.138.88.157 listed in bl.score.senderscore.com]

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

3.5 DOS_BODY_HIGH_NO_MID High bit body and no message ID header

2.0 SUSP_UTF8_WORD_FROM Word in From name using only suspicious UTF-8

characters

2.0 SUSP_UTF8_WORD_SUBJ Word in Subject using only suspicious UTF-8

characters

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

Subject: {SPAM?} =?UTF-8?B?8J2QhfCdkKLwnZCn8J2QmvCdkKUg8J2QjfCdkKjwnZCt8J2QovCdkJzwnZCeOiDwnZCY8J2QqPCdkK7wnZCrIPCdkJHwnZCe8J2QsPCdkJrwnZCr8J2QnSDwnZCA8J2QsPCdkJrwnZCi8J2QrfCdkKzitZE=?=

Cgo8aHRtbD4KPGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiBBcmlhbCwgc2Fucy1zZXJpZjsgYmFja2dyb3VuZC1jb2xvcjogI2Y4ZmFmYzsgbWFyZ2luOiAwOyBwYWRkaW5nOiA1MHB4IDA7Ij4gCiAgPGRpdiBzdHlsZT0id2lkdGg6IDEwMCU7IG1heC13aWR0aDogNjAwcHg7IG1hcmdpbjogYXV0bzsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsgYm9yZGVyLXJhZGl1czogMTRweDsgYm94LXNoYWRvdzogMCA2cHggMjBweCByZ2JhKDAsMCwwLDAuMDYpOyBwYWRkaW5nOiA0MHB4OyI+CiAgICAKCiAgICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IG1hcmdpbi1ib3R0b206IDMwcHg7Ij4KICAgICAgPGltZyBib3JkZXI9IjAiICBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HeV9FYUZuWEFBQV9jdjQ/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiBhbHQ9IlRyYWN0b3IgU3VwcGx5IiBzdHlsZT0id2lkdGg6IDI1MHB4OyI+CiAgICA8L2Rpdj4KCgogICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogMjJweDsgbGluZS1oZWlnaHQ6IDEuODsgY29sb3I6ICMxZTI5M2I7IG1hcmdpbjogMTRweCAwOyI+CiAgICAgIEhlbGxvLCB0b2RheSdzIHdpbm5lciBpcyAKICAgICAgPHNwYW4gc3R5bGU9ImJhY2tncm91bmQtY29sb3I6ICNmYWNjMTU7IHBhZGRpbmc6IDNweCA2cHg7IGJvcmRlci1yYWRpdXM6IDRweDsiPnJvb3Q8L3NwYW4+LAogICAgPC9wPgoKCiAgICA8cCBzdHlsZT0iZm9udC1zaXplOiAyMnB4OyBsaW5lLWhlaWdodDogMS44OyBjb2xvcjogIzFlMjkzYjsgbWFyZ2luOiAxNHB4IDA7Ij4KICAgICAgIENvbmdyYXR1bGF0aW9ucyEgWW91IGhhdmUgYmVlbiBzZWxlY3RlZCB0byByZWNlaXZlIGFuIGV4Y2x1c2l2ZSByZXdhcmQhIAogICAgICBZb3VyIG5hbWUgaGFzIGJlZW4gZHJhd24gZm9yIGEgCiAgICAgIDxzdHJvbmcgc3R5bGU9ImNvbG9yOiNkYzI2MjY7Ij5ZZXRpIE91dGRvb3IgQnVuZGxlPC9zdHJvbmc+LgogICAgPC9wPgoKCiAgICA8cCBzdHlsZT0iZm9udC1zaXplOiAyMnB4OyBsaW5lLWhlaWdodDogMS44OyBtYXJnaW46IDE0cHggMDsiPgogICAgICA8YSBocmVmPSJodHRwczovL2JpdGx5LmxjLzN6bjhyIiBzdHlsZT0iY29sb3I6ICMzYjgyZjY7IGZvbnQtd2VpZ2h0OiBib2xkOyB0ZXh0LWRlY29yYXRpb246IHVuZGVybGluZTsiPlRoaXMgc3BlY2lhbCBnaWZ0IGlzIGZyb20gVHJhY3RvciBTdXBwbHkuPC9hPgogICAgPC9wPgoKCiAgICA8cCBzdHlsZT0iZm9udC1zaXplOiAyMnB4OyBsaW5lLWhlaWdodDogMS44OyBjb2xvcjogIzFlMjkzYjsgbWFyZ2luOiAxNHB4IDA7Ij4KICAgICAgSHVycnkgdXAhIFlvdXIgcmV3YXJkIGlzIHJlYWR5LgogICAgPC9wPgogICAgCgogICAgPGRpdiBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjogI2Y5ZmFmYjsgYm9yZGVyLXJhZGl1czogMTBweDsgcGFkZGluZzogMjVweDsgbWFyZ2luLXRvcDogMzBweDsgY29sb3I6ICMxZTI5M2I7IGZvbnQtc2l6ZTogMjBweDsgbGluZS1oZWlnaHQ6IDI7IGJvcmRlcjogMXB4IHNvbGlkICNlMmU4ZjA7Ij4KICAgICAgPHAgc3R5bGU9ImZvbnQtd2VpZ2h0OiBib2xkOyBtYXJnaW46IDE0cHggMDsiPllvdXIgYWNjb3VudCBpbmZvcm1hdGlvbjo8L3A+CiAgICAgIDxwIHN0eWxlPSJtYXJnaW46IDE0cHggMDsiPkN1c3RvbWVyOiA8c3BhbiBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjogI2ZhY2MxNTsgcGFkZGluZzogM3B4IDZweDsgYm9yZGVyLXJhZGl1czogNHB4OyI+cm9vdDwvc3Bhbj48L3A+CiAgICAgIDxwIHN0eWxlPSJtYXJnaW46IDE0cHggMDsiPkVtYWlsOiA8c3BhbiBzdHlsZT0iYmFja2dyb3VuZC1jb2xvcjogI2ZhY2MxNTsgcGFkZGluZzogM3B4IDZweDsgYm9yZGVyLXJhZGl1czogNHB4OyI+cm9vdEBuay5jYTwvc3Bhbj48L3A+CiAgICAgIDxwIHN0eWxlPSJtYXJnaW46IDE0cHggMDsiPlJld2FyZDogPHNwYW4gc3R5bGU9ImNvbG9yOiAjZGMyNjI2OyBmb250LXdlaWdodDogYm9sZDsiPllldGkgT3V0ZG9vciBCdW5kbGU8L3NwYW4+PC9wPgogICAgPC9kaXY+CgogICAgPCEtIC0gQ1RBIC0gLT4KICAgIDxkaXYgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsiPgogICAgICA8YSBocmVmPSJodHRwczovL2JpdGx5LmxjLzN6bjhyIiAKICAgICAgICAgc3R5bGU9ImRpc3BsYXk6IGlubGluZS1ibG9jazsgYmFja2dyb3VuZC1jb2xvcjogIzNiODJmNjsgY29sb3I6IHdoaXRlOyBwYWRkaW5nOiAyMHB4IDI4cHg7IG1hcmdpbi10b3A6IDM1cHg7IGJvcmRlci1yYWRpdXM6IDEwcHg7IHRleHQtZGVjb3JhdGlvbjogbm9uZTsgZm9udC1zaXplOiAyNnB4OyBmb250LXdlaWdodDogYm9sZDsiPgogICAgICAgICBDbGFpbSBSZXdhcmQgTm93CiAgICAgIDwvYT4KICAgIDwvZGl2PgoKICAgIDwhLSAtIEZvb3RlciAtIC0+CiAgICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMTVweDsgY29sb3I6ICM2NDc0OGI7IG1hcmdpbi10b3A6IDQwcHg7Ij4KCiAgICAgIDxhIGhyZWY9Imh0dHBzOi8vYml0bHkubGMvdG1zYjEiIHN0eWxlPSJjb2xvcjogIzNiODJmNjsiPlVuc3Vic2NyaWJlPC9hPgogICAgPC9kaXY+CgogIDwvZGl2Pgo8L2JvZHk+CjwvaHRtbD4KCg==

Posted by Dave Yadallee on Saturday, August 23. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 15:39:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upZSz-00000000Mxw-2McX

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 15:38:33 -0600

Resent-From: The Doctor

Resent-Date: Fri, 22 Aug 2025 15:38:33 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [185.138.88.157] (port=40079 helo=otakustack.moe)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1upZDC-00000000LJ9-20FF

for sales@netknow.ca;

Fri, 22 Aug 2025 15:22:22 -0600

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=netknow.ca;

h=Date:To:From:Subject:Content-Type:Mime-Version:Content-Transfer-Encoding; i=sales@netknow.ca;

bh=R510UM06mI3yVl/sUvovPwE54EA=;

b=OLIEH610v4B7r/JHrm0V0KvsdzwGWmvLmKQ1AanUfaC/F5IGZtpvawebr4rCQakAbr44b6Z/buKf

Fy11u01pHURFQexCJokkQCS3CnBFKpmLVPEmv62P7G5weNyiz0KNfvjSQujP5TkLzFQTObmIl33o

nZ3nMDEdNmE4UNA07xqFFeoYNjM5+tUF9wwp51f0BjT9fz4bCp5p8HeKRB8N3FqyJctEe8RL7K7G

PAfUkvOvNSw5j1nUnYp5iPPa6mXwabiN7XDIgAqd8wGrQE8td4uv6G7Aitf59seAJp3suBM9rMP1

hW1+ePgfA+xHVESwYAEP90+wpzJRsfx0dRjyNg==

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=netknow.ca;

b=nXzAEo2hxiYRckhPZ3KI1J0NGp9vQu5FqFzawfsZzWCqHrntjoyJNWcU06FeUm4O/1kOiuScgopb

SP1tS3bmus3+mWQxPUDqJnt9zsjB1dDzphgOUBiUIlGIZhKgDHanSIgBylmx8PLpt5R1hIEDiffc

jUyfxosWjJDbdWJe5cRbwR9FZKP7hfs+PlyIWhMoFOVpqnY7WFsszvyIPSFqryr8kscs/bIfuy67

ixp8EKEmIUX+YvCZvfa5yoKw/UfnZDS7QoXsgH5u1RM2KP3oki5AhSyToozl2U95+1ymXkI7VG0U

tzTQVETNBwIzRMpuNXyRD16RHh0zps+XF5ZePw==;

Date: Fri, 22 Aug 2025 21:21:31 +0000

To: sales@netknow.ca

From: =?UTF-8?B?8J2Qk/CdkKvwnZCa8J2QnPCdkK3wnZCo8J2QqyDwnZCS8J2QrvCdkKnwnZCp8J2QpfCdkLI=?=

Subject: =?UTF-8?B?8J2QhfCdkKLwnZCn8J2QmvCdkKUg8J2QjfCdkKjwnZCt8J2QovCdkJzwnZCeOiDwnZCY8J2QqPCdkK7wnZCrIPCdkJHwnZCe8J2QsPCdkJrwnZCr8J2QnSDwnZCA8J2QsPCdkJrwnZCi8J2QrfCdkKzitZE=?=

Content-Type: text/html; charset="UTF-8"

Mime-Version: 1.0

Content-Transfer-Encoding :BASE64

X-Spam_score: 19.6

X-Spam_score_int: 196

X-Spam_bar: +++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, today's winner is sales, Congratulations! You have

been selected to receive an exclusive reward! Your name has been drawn for

a Yeti Outdoor Bundle.

Content analysis details: (19.6 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

0.1 MISSING_MID Missing Message-Id: header

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

[185.138.88.157 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

[185.138.88.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[185.138.88.157 listed in dnsbl.ahbl.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: bitly.lc]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: bitly.lc]

0.0 URIBL_PH_SURBL Contains an URL listed in the PH SURBL blocklist

[URI: bitly.lc]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in sa-accredit.habeas.com]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in sa-trusted.bondedsender.org]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[185.138.88.157 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[185.138.88.157 listed in bl.score.senderscore.com]

2.0 BASE64_LENGTH_79_INF BODY: base64 encoded email part uses line length

greater than 79 characters

0.7 HTML_IMAGE_ONLY_28 BODY: HTML: images with 2400-2800 bytes of words

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

3.5 DOS_BODY_HIGH_NO_MID High bit body and no message ID header

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

2.0 SUSP_UTF8_WORD_FROM Word in From name using only suspicious UTF-8

characters

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

2.0 SUSP_UTF8_WORD_SUBJ Word in Subject using only suspicious UTF-8

characters

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

Subject: {SPAM?} =?UTF-8?B?8J2QhfCdkKLwnZCn8J2QmvCdkKUg8J2QjfCdkKjwnZCt8J2QovCdkJzwnZCeOiDwnZCY8J2QqPCdkK7wnZCrIPCdkJHwnZCe8J2QsPCdkJrwnZCr8J2QnSDwnZCA8J2QsPCdkJrwnZCi8J2QrfCdkKzitZE=?=

Cgo8aHRtbD4KPGJvZHkgc3R5bGU9ImZvbnQtZmFtaWx5OiBBcmlhbCwgc2Fucy1zZXJpZjsgYmFja2dyb3VuZC1jb2xvcjogI2Y4ZmFmYzsgbWFyZ2luOiAwOyBwYWRkaW5nOiA1MHB4IDA7Ij4gCiAgPGRpdiBzdHlsZT0id2lkdGg6IDEwMCU7IG1heC13aWR0aDogNjAwcHg7IG1hcmdpbjogYXV0bzsgYmFja2dyb3VuZC1jb2xvcjogI2ZmZmZmZjsgYm9yZGVyLXJhZGl1czogMTRweDsgYm94LXNoYWRvdzogMCA2cHggMjBweCByZ2JhKDAsMCwwLDAuMDYpOyBwYWRkaW5nOiA0MHB4OyI+CiAgICAKCiAgICA8ZGl2IHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IG1hcmdpbi1ib3R0b206IDMwcHg7Ij4KICAgICAgPGltZyBib3JkZXI9IjAiICBzcmM9Imh0dHBzOi8vcGJzLnR3aW1nLmNvbS9tZWRpYS9HeV9FYUZuWEFBQV9jdjQ/Zm9ybWF0PXBuZyZuYW1lPXNtYWxsIiBhbHQ9IlRyYWN0b3IgU3VwcGx5IiBzdHlsZT0id2lkdGg6IDI1MHB4OyI+CiAgICA8L2Rpdj4KCgogICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogMjJweDsgbGluZS1oZWlnaHQ6IDEuODsgY29sb3I6ICMxZTI5M2I7IG1hcmdpbjogMTRweCAwOyI+CiAgICAgIEhlbGxvLCB0b2RheSdzIHdpbm5lciBpcyAKICAgICAgPHNwYW4gc3R5bGU9ImJhY2tncm91bmQtY29sb3I6ICNmYWNjMTU7IHBhZGRpbmc6IDNweCA2cHg7IGJvcmRlci1yYWRpdXM6IDRweDsiPnNhbGVzPC9zcGFuPiwKICAgIDwvcD4KCgogICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogMjJweDsgbGluZS1oZWlnaHQ6IDEuODsgY29sb3I6ICMxZTI5M2I7IG1hcmdpbjogMTRweCAwOyI+CiAgICAgICBDb25ncmF0dWxhdGlvbnMhIFlvdSBoYXZlIGJlZW4gc2VsZWN0ZWQgdG8gcmVjZWl2ZSBhbiBleGNsdXNpdmUgcmV3YXJkISAKICAgICAgWW91ciBuYW1lIGhhcyBiZWVuIGRyYXduIGZvciBhIAogICAgICA8c3Ryb25nIHN0eWxlPSJjb2xvcjojZGMyNjI2OyI+WWV0aSBPdXRkb29yIEJ1bmRsZTwvc3Ryb25nPi4KICAgIDwvcD4KCgogICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogMjJweDsgbGluZS1oZWlnaHQ6IDEuODsgbWFyZ2luOiAxNHB4IDA7Ij4KICAgICAgPGEgaHJlZj0iaHR0cHM6Ly9iaXRseS5sYy8zem44ciIgc3R5bGU9ImNvbG9yOiAjM2I4MmY2OyBmb250LXdlaWdodDogYm9sZDsgdGV4dC1kZWNvcmF0aW9uOiB1bmRlcmxpbmU7Ij5UaGlzIHNwZWNpYWwgZ2lmdCBpcyBmcm9tIFRyYWN0b3IgU3VwcGx5LjwvYT4KICAgIDwvcD4KCgogICAgPHAgc3R5bGU9ImZvbnQtc2l6ZTogMjJweDsgbGluZS1oZWlnaHQ6IDEuODsgY29sb3I6ICMxZTI5M2I7IG1hcmdpbjogMTRweCAwOyI+CiAgICAgIEh1cnJ5IHVwISBZb3VyIHJld2FyZCBpcyByZWFkeS4KICAgIDwvcD4KICAgIAoKICAgIDxkaXYgc3R5bGU9ImJhY2tncm91bmQtY29sb3I6ICNmOWZhZmI7IGJvcmRlci1yYWRpdXM6IDEwcHg7IHBhZGRpbmc6IDI1cHg7IG1hcmdpbi10b3A6IDMwcHg7IGNvbG9yOiAjMWUyOTNiOyBmb250LXNpemU6IDIwcHg7IGxpbmUtaGVpZ2h0OiAyOyBib3JkZXI6IDFweCBzb2xpZCAjZTJlOGYwOyI+CiAgICAgIDxwIHN0eWxlPSJmb250LXdlaWdodDogYm9sZDsgbWFyZ2luOiAxNHB4IDA7Ij5Zb3VyIGFjY291bnQgaW5mb3JtYXRpb246PC9wPgogICAgICA8cCBzdHlsZT0ibWFyZ2luOiAxNHB4IDA7Ij5DdXN0b21lcjogPHNwYW4gc3R5bGU9ImJhY2tncm91bmQtY29sb3I6ICNmYWNjMTU7IHBhZGRpbmc6IDNweCA2cHg7IGJvcmRlci1yYWRpdXM6IDRweDsiPnNhbGVzPC9zcGFuPjwvcD4KICAgICAgPHAgc3R5bGU9Im1hcmdpbjogMTRweCAwOyI+RW1haWw6IDxzcGFuIHN0eWxlPSJiYWNrZ3JvdW5kLWNvbG9yOiAjZmFjYzE1OyBwYWRkaW5nOiAzcHggNnB4OyBib3JkZXItcmFkaXVzOiA0cHg7Ij5zYWxlc0BuZXRrbm93LmNhPC9zcGFuPjwvcD4KICAgICAgPHAgc3R5bGU9Im1hcmdpbjogMTRweCAwOyI+UmV3YXJkOiA8c3BhbiBzdHlsZT0iY29sb3I6ICNkYzI2MjY7IGZvbnQtd2VpZ2h0OiBib2xkOyI+WWV0aSBPdXRkb29yIEJ1bmRsZTwvc3Bhbj48L3A+CiAgICA8L2Rpdj4KCiAgICA8IS0gLSBDVEEgLSAtPgogICAgPGRpdiBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyI+CiAgICAgIDxhIGhyZWY9Imh0dHBzOi8vYml0bHkubGMvM3puOHIiIAogICAgICAgICBzdHlsZT0iZGlzcGxheTogaW5saW5lLWJsb2NrOyBiYWNrZ3JvdW5kLWNvbG9yOiAjM2I4MmY2OyBjb2xvcjogd2hpdGU7IHBhZGRpbmc6IDIwcHggMjhweDsgbWFyZ2luLXRvcDogMzVweDsgYm9yZGVyLXJhZGl1czogMTBweDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBmb250LXNpemU6IDI2cHg7IGZvbnQtd2VpZ2h0OiBib2xkOyI+CiAgICAgICAgIENsYWltIFJld2FyZCBOb3cKICAgICAgPC9hPgogICAgPC9kaXY+CgogICAgPCEtIC0gRm9vdGVyIC0gLT4KICAgIDxkaXYgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsgZm9udC1zaXplOiAxNXB4OyBjb2xvcjogIzY0NzQ4YjsgbWFyZ2luLXRvcDogNDBweDsiPgoKICAgICAgPGEgaHJlZj0iaHR0cHM6Ly9iaXRseS5sYy90bXNiMSIgc3R5bGU9ImNvbG9yOiAjM2I4MmY2OyI+VW5zdWJzY3JpYmU8L2E+CiAgICA8L2Rpdj4KCiAgPC9kaXY+CjwvYm9keT4KPC9odG1sPgoK

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 12:30:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upWVo-00000000AJr-2LcG

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 12:29:16 -0600

Resent-From: The Doctor

Resent-Date: Fri, 22 Aug 2025 12:29:16 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19013074.outbound.protection.outlook.com ([52.103.43.74]:32391 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upTa0-000000006iT-1yBp

for sales@nk.ca;

Fri, 22 Aug 2025 09:21:34 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=EvhG0lLPLXjqbu0xFPl4IHh91c1rohEt4MRP72sD1PPL6vv6+6lFG2b7rexUTECeyYrlMwCpUiccWL7/gOrXJ0jNlpxU71BpOeFxwXbd477sFOj17bV3T/u1R8tQTtofBKzes1npYstyvM3nZh3w6137TzXnQYHMsQT4/onP27UXjY4hmJnBXVSGo/c48mN5CVfvzRRFH7PRMwIke0IclXNMpOqczCnDx2fG1zKNGZU8LKjUr9r2mD7Viyimsgc/nPR7nXJOAVnOYPamvrPnKS+g7vaoUeVBfjMEAzCAlgMrkb/4vl10v9TUreBpDrNtzEvZBA6kkfvxdQe5FDTY6w==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=QfRGML1mBIwVmnitCDI889a+1+jqtJaTkY158whSDYI=;

b=Ioq8RdJ2acXkDT1YjgQfa+4sbmW9ZPj+SD+A0vwvYmdVrn9QkUV2JHjZlw/SLSm4UoP86ScFXK3MEvGtKxml6dC/h+k4bmbjKo6JXJCKcIjZT4u60fPk/wuOqe9fa/13RcLw8uwtoPEtWHhTmLdeAyKV1TDvmwqsFGU4IKTKjhjfpoIowl8ZjzDsFXLMAhmxVBqoDvJMZeRoYkuJD6xiOhvfGFVum09QNsZ+QvoVZ2zoWwOBaIwnBbfMDHVcrI4Nrof4iAzhs9REROHE58OICcbP0m7cYWIvBeEkmMA5iTp7nKwMfXgoSqZgYatbSLogaJwk4jRe9tTwp333+P0f7Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=QfRGML1mBIwVmnitCDI889a+1+jqtJaTkY158whSDYI=;

b=cjv5pEW1w/ZrMzv+S2o/bxF7gGgGaLJXRRg9qsUTT5em0BEhXEqOdVxJKUSqHN5FUOVSwwjPtlfju7S2HK3j6PCmSE3XRV1lDCmMTnicYXdneVWxVQvdl/hLUXkuTTyA3aUCFPrmPCKiBUqk64AHhonYuCnbm9ojkpswWWTXmJMX9WDEPW1fhYQR11yVxE3DfmuifW9H+rulpSJtrJJ2UBsGcG8gZG0XoGUARya7x467rDetipt7HbWJg6tCCgkv5T4wOev1m5j6VpKu8dBGBG7lUPesFh5rSQaWyFD5vXo4sD5OB44hrVJ31Oi49jozxYlf2eRaWK8YxqqQ0UNTxA==

Received: from SEZPR03MB6492.apcprd03.prod.outlook.com (2603:1096:101:3b::11)

by TYZPR03MB7771.apcprd03.prod.outlook.com (2603:1096:400:41a::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9052.14; Fri, 22 Aug

2025 15:20:27 +0000

Received: from SEZPR03MB6492.apcprd03.prod.outlook.com

([fe80::e61f:f423:7750:a93a]) by SEZPR03MB6492.apcprd03.prod.outlook.com

([fe80::e61f:f423:7750:a93a%5]) with mapi id 15.20.9052.013; Fri, 22 Aug 2025

15:20:27 +0000

From: Oliver Ross

To: "sales@nk.ca"

Subject:

=?utf-8?B?SW5jcmVhc2luZyBrZXl3b3JkIFNlYXJjaCBFbmdpbmUgUmFua2luZ+KaoSAi?=

=?utf-8?Q?_sales@nk.ca_"?=

Thread-Topic:

=?utf-8?B?SW5jcmVhc2luZyBrZXl3b3JkIFNlYXJjaCBFbmdpbmUgUmFua2luZ+KaoSAi?=

=?utf-8?Q?_sales@nk.ca_"?=

Thread-Index: AQHcE3hKObw8mTEyDEmqPEZL81rQoA==

Date: Fri, 22 Aug 2025 15:20:27 +0000

Message-ID:

Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEZPR03MB6492:EE_|TYZPR03MB7771:EE_

x-ms-office365-filtering-correlation-id: 30b58c1f-3d64-43af-6d0c-08dde18f6cca

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|461199028|31061999003|38102599003|5062599005|8060799015|8062599012|19110799012|37102599003|40105399003|51005399003|39105399003|440099028|3412199025|102099032;

x-microsoft-antispam-message-info:

=?utf-8?B?Q3NQT21kVkozZmg4Nkx3RkQ4bFc3am5VWkFSMHlMbURLUEV3dTRBWEtGRzgx?=

=?utf-8?B?dzlOSG9HWGM0MHY5NThyTDc0NnhXenZYVDZlY2VCb2YxZ3F3aGJYV0Q0b0Y3?=

=?utf-8?B?NEtIL3hidytZaGUrdDFZd2lTbjZKSU1SbUh1MFhZVmZUbUlkeG04UGpBelR3?=

=?utf-8?B?S29zSTFHaUw2Mk9yc01NWUVpb1ZUVDBNUkFUVVBheG1oallLRkthdys5dy9Z?=

=?utf-8?B?YURKVk5XQmZpb1U4aXFiUkNJQkZIRVNweVBKejUyTm1ldDlyWDJ5eThCRUsz?=

=?utf-8?B?Z0FabS9sY3NOUE8xSVpKUDJQamtsQUlnNENDNHdBWnRPaXpCbktNZE9LcnFu?=

=?utf-8?B?ME5DdExtY3VZUmdCR2hzd25uKzNML2NEQnZLUUV2clMzTzUxVGZ0c05IM2l5?=

=?utf-8?B?d3ArcUUxMFNqUW5odEtoRnFNSTF5dEtyK0N2c1AzWktFMDlKZjdQd3JQbHFO?=

=?utf-8?B?SmZDVi9HS0ZVLzlLWFZZcHBpMURpWCt1ZGxxUUZad0VlVk5jTFZhaE9uNzZE?=

=?utf-8?B?dFZBVTUyRW9QdEVqOFZCVTM3eU82SU91YXZQMnIrZFNPMHV4MEUrYW04Z1F1?=

=?utf-8?B?cWR1WGJBaVlpRkpzZGxYWHFScHVUVHNsd1BGS3BoYi9mb2FmY3pIOEMySkNU?=

=?utf-8?B?NDJyUTZheVd4N281YkM0OVZaM3g4RFZKUnhPdDhyajRWKzVaNkFYNnphZ1ZR?=

=?utf-8?B?d2ZieHlxdzNJTXdVU1F0UytnWUVOZmdYK2FhdXphZzluaEQvM2doQXJlZ2Nz?=

=?utf-8?B?bjZHU2ZONWZybXYwT21aR3hBZ0hnL1MrSUJwaWl2TkZ6M3Jld0RDNEN0ckdM?=

=?utf-8?B?VmxuSEEvTzR5MGh2TTVEbFV0RGQ0UVI4a0V5OHhXSnRCZGZyTDNLSXVFc3R6?=

=?utf-8?B?TEYvMWplT0Frczh4RjdxUW0wdUREMTNBUnFDa3lPOTV4NitBS05ra09Ia3JZ?=

=?utf-8?B?NkhuNi9hQWxmK0tyWTRmQWtnZ21Od0lwT1Y2ZWYyYWx3Zk1qa0RSL0hSR2l4?=

=?utf-8?B?ejVRb1p4M0N1N3NEbHdJMGN4S3krSDY4MzVSQUJ5bjBJd091aWtvOWJIaDNl?=

=?utf-8?B?QmZDb2VPZ21LZ0V6U2xZenNiejdtYys1b1I1NlY0Sk90VkFTQmQyWEd4RFh5?=

=?utf-8?B?VFJrYXpnbnBkb0R5QWtOZHo3elhyQm9xTU9hcVJ4ODVPdFZORlplSUZ1TXpp?=

=?utf-8?B?MjIzUUdBNGxOb3VrUGpMMkNreHRESm02RnhJWmxmUisyR1YxcXpOMVFFTXg2?=

=?utf-8?B?Q29YK0x3eklnWjVFWm9EZ0Y4Vk55OVk4MUdMSm1rcHRFMEQ0M3IvNXQxb1F2?=

=?utf-8?B?N0lieW9nV3dQeUtwZ0JFRkM1bWQramV1YmtEWXp4cWpWU0loRlVHU3Z3dXZB?=

=?utf-8?B?bEdBZ3dDT3BxUVZERzBMU1pyWTBkWWRkMzdJSzcyRUlmMDV5ZDBUMWFwbHZV?=

=?utf-8?B?OUo4Ykhna0Y2L1NGWHF1elo4ZzFpcFVMTkxUYjgzZitLazIvTE1qSHZOaExX?=

=?utf-8?B?MUpqcVlxT0lGMGlJRndIUXdUc1pLTUdXMmNlWkpVNVY3V04vckxDQzRuZ3Bj?=

=?utf-8?B?bjVpNkxodkNzcHJBbG9ybjl0N3ZOR0RZVGJ4S0wzeVpyMVMrRS81bXZ6MlM5?=

=?utf-8?B?YU8wSThOanJjSGI2S1JQQ1BqM1ZUMGFUZlg2UTJmSTR1TnNyVnpGaXZvOWR5?=

=?utf-8?B?TFdIYlJwVThUb25UNi9WRC8xclB0VDZoem54YmZ5ZkdydTVCTTloZW1oUlp0?=

=?utf-8?Q?xtsoJzhaStqZxvQCyXcUlIZ5YrWmtMSqBxi9HIy?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?utf-8?B?d0hwK2k1NGxVUVlkckpqYWFHRFRnOStXb0dEQ21WUElvS2RmUVI5eTV5aWpY?=

=?utf-8?B?MHdBNDdBUEg1MlM5d1ZFYXFGMjMxZWwvUm5mVGpYbzRmSDY4UG1jdzhSbjZk?=

=?utf-8?B?MTIvS2VUcG01TU9kcUdZNFdzMG5RUEE0WFAyT0w5QjNvZXBFUGVEejZZZ29Y?=

=?utf-8?B?QnN4eFJHY3Y4cWpPcEthZVArUDlqR1BGdkp6eVJWSXJuUnZzSWxQL24yMjYw?=

=?utf-8?B?YlJmQjJFRTROalk1Rzg1UWVDY3g2WG1UTXQ0TEZHUDNNRVZ6eFg2cVRFZGFC?=

=?utf-8?B?eHpzNGNKTnI2alBaQk5zb25yVVVlWDhVU29tc0trcmpwQlhvOUV3YStweDM2?=

=?utf-8?B?NHFxL2NhNEhtbzduL1ZEc3IwcFNWL0hXN25zMWNaWkRnUGk1blp0SjIrWVJ5?=

=?utf-8?B?VW1WRC9nbWVHTHVQS0FVM0d5Ym5hQlhGeTFGQ0p2VWt1bEEyNHd5aFBiVnho?=

=?utf-8?B?SmRDeEJmREtOTDVqdE1SR1VnVDJGdlhEU0NlbDVDY3hob20yb1MwT0hKeUl4?=

=?utf-8?B?TlRVUStQZGVvMCtnZ0t6dVBrZDdEaXZPcEEwUlN2Wk0veEJZL3NEdmlIUmRO?=

=?utf-8?B?NEl5MHJuVFQ5Z2Qyc09mazNob1BtTWhqRnRKbGVBckNrTHpwZmplTUFLM2xQ?=

=?utf-8?B?TjNSK094UGZuZXU4NmdTR0pZaHJXU2RHbldFc25kdWRpS0REUUpGajI0RnRB?=

=?utf-8?B?NkxFeFFEZGlNbTU3VGdCbmlkS1UwcVlZOHNyRnR0WHFIampzbWg0SXlxNXJu?=

=?utf-8?B?RjNZUFd5T3RmbHhFQVhGYmZjaGp2U2JCQnEyZ25MNG4rVnE2V3BIdzRxc24r?=

=?utf-8?B?eHZobmpUNUs1MWdiZmU3amxNVVdMZVZEaDd5Ukx2cTBOelJHNnlKWUozY0tz?=

=?utf-8?B?R1RtN09lSG90cnJxQmRuTERyODY4WGlNZUV5c1dkeGdISGY3WTZMWkdEamNy?=

=?utf-8?B?UlRwaXVzZ0N0ODZRU1JhQnMvcmNyV0E1emRIMldIUElUcUJiNllhWEZPcUZQ?=

=?utf-8?B?NnhiTy9zTDRMckF2WW5tOE96RlZnR1ZUSlJ1NU93aERucVVtYTBwZHA5SDA3?=

=?utf-8?B?SnpDOE1TVGtVK0N1Sk1lRmFMMytxWTZHVXNUZXc5M1FoSStWUGJ4d1JZaVZP?=

=?utf-8?B?dS9NZlNmc1o2bjhRb3c2SCtRdzJLYVJsRW0rSlBhTm1Lc2FKQXpUU1grbTVM?=

=?utf-8?B?MjNWRjRyM3BFdUlBQzZoQ0FnSGpGaFpreDRPMUpkU3BNcUtDNVNpL0l4K3Fw?=

=?utf-8?B?c2Y2QVQySHBGbjd0akZId3RqOUlUVHVXeWRXY1ordjYrb0FwQ1U3cU8wM1FE?=

=?utf-8?B?bUJIVFJnOEVNM3lsNVpvc0t1YnpzZGtIS2R1blJFRTNHSVdmamNrL1YvOXFF?=

=?utf-8?B?b1ZwWS9RaGEwZi9hKy9jQzB2Z2VBWURzRElQalZyTEZaU0hOQnNsdlVoUWJ1?=

=?utf-8?B?NzIwbmZwQ2VQSzMyNTIrYmZteC9rdzlJTVRNSXJmZzdMSFBuN1g1NkpSOTBu?=

=?utf-8?B?Y2NwWExKMnVqSnN3V1ZqbllreGhvaXgvRHBhOEhtVm9QQVdMSHJ5NmpkU3VL?=

=?utf-8?B?WkIrUlVURi9DRXAzZjBOVXRkblMwZW5FdHo3WUtyNitleVpnT2l5U2JTODdL?=

=?utf-8?Q?1zpYjWfmfdjtkxsSHwo7hSaZUXpR/rxx/5jYQmA0f3pM=3D?=

Content-Type: multipart/alternative;

boundary="_000_SEZPR03MB6492F1102C9114BC0894C323F33DASEZPR03MB6492apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEZPR03MB6492.apcprd03.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 30b58c1f-3d64-43af-6d0c-08dde18f6cca

X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2025 15:20:27.8234

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR03MB7771

--_000_SEZPR03MB6492F1102C9114BC0894C323F33DASEZPR03MB6492apcp_

Content-Type: text/plain; charset="utf-8"

Content-Transfer-Encoding: base64

SGV5IHNhbGVzQG5rLmNhLA0KDQpZb3VyIHdlYnNpdGUgZGVzaWduIGxvb2tzIGdyZWF0ISBIb3dl

dmVyLCBJIG5vdGljZWQgaXTigJlzIG5vdCByYW5raW5nIHdlbGwgb24gc2VhcmNoIGVuZ2luZXMg

Zm9yIG1vc3Qga2V5d29yZHMuDQoNCklmIGludGVyZXN0ZWQsIE1heSBJIHByb3ZpZGUgeW91IHdp

dGggYSBxdW90ZT8NCg0KQmVzdCByZWdhcmRzLA0KDQpPbGl2ZXINCg0K4oCcQSBjb21taXR0ZWQg

cGFydG5lciBkZWRpY2F0ZWQgdG8geW91ciBidXNpbmVzcyBzdWNjZXNzIeKAnQ0KDQpOb3RlOiAt

IFdlIHdpbGwgYmUgbW9yZSB0aGFuIGhhcHB5IHRvIHNlbmQgeW91ICJQcm9wb3NhbCIgYW5kICJQ

cmljaW5nIi4NCg==

--_000_SEZPR03MB6492F1102C9114BC0894C323F33DASEZPR03MB6492apcp_

Content-Type: text/html; charset="utf-8"

Content-Transfer-Encoding: base64

PGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0i

dGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjwvaGVhZD4NCjxib2R5Pg0KPHA+SGV5IDxzdHJv

bmc+c2FsZXNAbmsuY2EsPC9zdHJvbmc+PC9wPg0KPHA+WW91ciB3ZWJzaXRlIGRlc2lnbiBsb29r

cyBncmVhdCEgSG93ZXZlciwgSSBub3RpY2VkIGl04oCZcyBub3QgcmFua2luZyB3ZWxsIG9uIHNl

YXJjaCBlbmdpbmVzIGZvciBtb3N0IGtleXdvcmRzLjwvcD4NCjxwPklmIGludGVyZXN0ZWQsIE1h

eSBJIHByb3ZpZGUgeW91IHdpdGggYSBxdW90ZT88L3A+DQo8cD5CZXN0IHJlZ2FyZHMsPC9wPg0K

PHA+T2xpdmVyPC9wPg0KPHA+4oCcQSBjb21taXR0ZWQgcGFydG5lciBkZWRpY2F0ZWQgdG8geW91

ciBidXNpbmVzcyBzdWNjZXNzIeKAnTwvcD4NCjxwPjxzdHJvbmc+Tm90ZTwvc3Ryb25nPjogLSBX

ZSB3aWxsIGJlIG1vcmUgdGhhbiBoYXBweSB0byBzZW5kIHlvdSAmcXVvdDtQcm9wb3NhbCZxdW90

OyBhbmQgJnF1b3Q7UHJpY2luZyZxdW90Oy48L3A+DQo8L2JvZHk+DQo8L2h0bWw+DQo=

--_000_SEZPR03MB6492F1102C9114BC0894C323F33DASEZPR03MB6492apcp_--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 12:29:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upWVH-000000009ft-2P5S

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 12:28:43 -0600

Resent-From: The Doctor

Resent-Date: Fri, 22 Aug 2025 12:28:43 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f46.google.com ([209.85.218.46]:49403)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upSkx-000000000Lb-46qU

for doctor@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 08:28:48 -0600

Received: by mail-ej1-f46.google.com with SMTP id a640c23a62f3a-afcb7a0442bso346727166b.2

for ; Fri, 22 Aug 2025 07:27:53 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1755872866; x=1756477666; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=YggPrgwVW3uHOiWyAx6GcpbOv/6JAKTVvzKhrxNPsTA=;

b=JQSWkX/gHSSbYQ7fUGicJf54Yfrn+vrDW+0xap61OxVUZBh6UZU9SG/ccd8fSn618N

foP1LfRZ9fhqGUxzfj2Wk+oeKq7PHiTRFcEtR53GGDLJC54qpdATILxlbCReZ45Ugq33

2jtz1ccyOpy9YycEo8OWqWiIQjudhtRCYvtY0dW4Lu4pekScdODIFAhkyebEfvEl/z7B

y6eMpH5insJzSBwE4oF8y4EPPg90WKzT9tap7uWdFjsam46KI3eYmkfv0hCwO7HpSxPv

w1S3wUddcnLloDpyxf8dMaCXJvJUkUEmOueCl0OLugCRJ32RnTd5WWfqovJ/kPP3qOHk

hprw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1755872866; x=1756477666;

h=to:subject:message-id:date:from:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=YggPrgwVW3uHOiWyAx6GcpbOv/6JAKTVvzKhrxNPsTA=;

b=lBwBQNXJaObPLrUhEaTHXkgzV+a7m/UsX5Vi0WImsQt8F3T4ZqgAs0dO+XvngobpzR

52iihAkiL6ZsoIrXe9Xw4LjgiUuEJYJ4ORUXR40+CRbEGY3ScTc3Bo2xv1Fm3qoKJYMW

vageweNRDLQNTYGePUFT+fcakVkuc1Rxr18gCzc7EYQJUPeZe0lde6gDdjoOLB6AccZe

8yWq509VTSq66RNcdw4Rtb8DcOHnNSVqc6TwZfwqG3LYh6H04AXtY6JMv2loSHQf/ne9

EEVSurKeIEkQVmqzrAx0v5AzZXrDiriXT4GHq6m/GfBQC2pF+TrVnLalPiyGXhCmO9Kf

02Iw==

X-Forwarded-Encrypted: i=1; AJvYcCX+GZ7YFAZpYKvAO89exx8jxKe0LlAh6/f8kokp4Hd7noZn9KA/9ADCt+RGVwH3k60XnpbuFko=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxI/2TjR1gwedyWs2SZmxNIFUt8X1WuDtclfzN06M7UFi1RS9lw

N5hm28EMTZ4GjCMdl4TE4QaSb0rG/udISJgJ731l0tSt0rRCNbMHKy8yjrwchNFldhYrxu2ztko

tseFXftYH6t1i+4auMZo/Ev8fI1BjGM0=

X-Gm-Gg: ASbGncuprxWoHR1aTGjL+dqhg+tgiasQPjmpYZNEh7j6ZW3jg/YzGJDeFYh8FBGr3BB

QVSMQqwk7W1sqfjTbG4CTzRn2vFycD/yZPKUEKb2HyzgjFtDCA4MGDTeNIUOvw+h8MGW8PxRPCc

pKstk9j5caiXQT5YJ9oxoQTB92DXw3STjVTtGfrs/zTzL0eV2UetwRy4VdPIUjUEYH4yYnSiDFV

bzg2WEERhfZr8bNVqmtlrDVBDB0m6U28c3O2ioRFQ==

X-Google-Smtp-Source: AGHT+IGInjpqlqsc6Lcvxbf4X0dPWzFJD8WQzQODGJ88COGFik2UTQh/dkjZG1yU6xmAyqd0IZnT7XI69JNEuxv/HAw=

X-Received: by 2002:a17:906:c112:b0:ace:d710:a8d1 with SMTP id

a640c23a62f3a-afe2904bbcemr288967166b.24.1755872865831; Fri, 22 Aug 2025

07:27:45 -0700 (PDT)

MIME-Version: 1.0

Reply-To: mrmatherdavid4@gmail.com

From: "Mr. Mather David"

Date: Fri, 22 Aug 2025 15:27:34 +0100

X-Gm-Features: Ac12FXw12BxVtygUzPCotQWU7jq4ltpz165dZfoy6W2J_TSzK_liCBVBGaOkTpQ

Message-ID:

Subject: I'M Mr. Mather David,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000705028063cf50221"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 11.3

X-Spam_score_int: 113

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: -- I'M Mr. Mather David, I'm a Private Financial Consultant,

I have a client who has an interest in investing in your country into a joint

venture he has funds available meant for investment The client main interest

is in the area of the following: Civil Construction, Real Estate Developments,

Hospitality, Power/Energy supply, transportation, Mining, Education,Oil and

Gas,

Content analysis details: (11.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

[209.85.218.46 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.218.46 listed in dnsbl.ahbl.org]

[209.85.218.46 listed in dnsbl.ahbl.org]

[209.85.218.46 listed in dnsbl.ahbl.org]

[209.85.218.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.218.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.218.46 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.218.46 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.218.46 listed in dnsbl.ahbl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.218.46 listed in sa-trusted.bondedsender.org]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.218.46 listed in sa-accredit.habeas.com]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.218.46 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.218.46 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.218.46 listed in bl.score.senderscore.com]

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[mrmatherdavid4(at)gmail.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[staketanya2(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[staketanya2(at)gmail.com]

0.6 J_CHICKENPOX_93 BODY: 9alpha-pock-3alpha

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.5 HK_NAME_FM_MR_MRS No description available.

2.9 UNDISC_FREEM Undisclosed recipients + freemail reply-to

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} I'M Mr. Mather David,

--000000000000705028063cf50221

Content-Type: text/plain; charset="UTF-8"

--

I'M Mr. Mather David,

I'm a Private Financial Consultant, I have a client who has an interest in

investing in your country into a joint venture he has funds available meant

for investment

The client main interest is in the area of the following: Civil

Construction, Real Estate Developments, Hospitality, Power/Energy supply,

transportation, Mining, Education,Oil and Gas,

I will be happy to inform you that my investor will be glad to meet with

you one on one if you are interested in this offer.

Looking forward to be hearing from you.

Regards,

Mr. Mather David

Private Financial Consultant

--000000000000705028063cf50221

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

ature_prefix">--

-smartmail=3D"gmail_signature">

I'M Mr. Mather David,
r>
I'm a Private Financial Consultant, I have a client who has an in=

terest in investing in your country into a joint venture he has funds avail=

able meant for investment

The client main interest is in the area of=

the following: Civil Construction, Real Estate Developments, Hospitality, =

Power/Energy supply, transportation, Mining, Education,Oil and Gas,

=

I will be happy to inform you that my investor will be glad to meet with yo=

u one on one if you are interested in this offer.

Looking forwar=

d to be hearing from you.

Regards,
Mr. Mather David
Pr=

ivate Financial Consultant

--000000000000705028063cf50221--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 01:08:00 -0600

Received: from mail-ed1-f46.google.com ([209.85.208.46]:40153)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upLs3-000000009Tw-2Hv7

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 01:07:40 -0600

Received: by mail-ed1-f46.google.com with SMTP id 4fb4d7f45d1cf-61a54560c1fso245788a12.0

for ; Fri, 22 Aug 2025 00:06:45 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1755846398; x=1756451198; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=fkQ5jSeixp2h4xJNeYAg7SxKZkDhqDaRB3Dcvz3lYNg=;

b=eMmAZzIdZq1b0ttpC7IJ8AJ4+CMbBfeI3Ji7CRm8N/3oGG7DS4PuXmaShoJ5x39It1

ZIpRSqXjq3iczmX7RZGWiZCRVPyXex713n8txNu4kYj0kZBQXsJUaIedYyxwfLOyon6g

hpaUq5/qo+ff8LKisnOAxPVijX8xrIiiriWX8Io8Mz7ev1b1KiQDmkhKI7VjbCLKdYBB

6ku88Y2qXZ0psymaS5tVipgvloUpj7rzZiKxNCUU8NJqOopffSPew4odMwBNMBbIBoxs

0NYqlgHuKKUwGV7I98S5xRf6K8WXSiVzpl3d3tbg+qvrCC7ZnL8cmKpdoeTUcR+xa8oT

v6XQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1755846398; x=1756451198;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=fkQ5jSeixp2h4xJNeYAg7SxKZkDhqDaRB3Dcvz3lYNg=;

b=WNIfXFqrb5lx/fu/s7NOHC2VMeoCI8B58X1T6a7WHspUHAtvSDbOenQjlv1xzxYRxj

qq2JgALdS8+MmRW9PfW/htxW5WWHAuKxn4ArLGnZnhl5XkAcIwDv1cpD5F4xF3XCsp0W

5Rizjz4plOtq0+2XGmIgDZK1s18Zkb/gb1uEbo/IzROmVAM7htAVacYKzliyRzWPLyqW

EMyUklh4nkQdARbriavCWinOWFzXrCMHMlL/ekiB3EkOY5uJLE0B0jjIGtKbtIKmabhj

SBpPcQf5hG1geVbp3N9PvXXi9po0wKVSaw9gJbKjKgLsxcnE/LA4QExJ1F9Zi2xW9eqJ

jjTg==

X-Forwarded-Encrypted: i=1; AJvYcCV1de5WIgJ+f4LyejGwWng8sk4roTTwcuqeU3GqsB2aPik55ReP11lFff1vcF4WOW3bSvm5@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yw/HqsiQiLWXsAoQ3UCgZMUkYih+6XOMh2AKgVfUZy/QUWHqySw

hqtq6Z4KQVIquBzCZCnjAJuImWvpth3NA0zz8iAQgedWZgXWNp/fvA4tU7JBOloZbVU4knQgvVZ

69bQG4F1+do74WRbyngz3d0Cm5KO5ijA=

X-Gm-Gg: ASbGncvhXo5Ew1vP3X9kfA5wjA62+3lEIL/4SQwayFh3IHoSJLYamNlzjheI85w9tgE

xnKiyarjJBCUofXKLoydMJQH/uNMR8U9bJVo1R321h98n9NTdkyENg9wgwlJXNL9Mfbfx33IWAq

OkCtyF+FBBb+vVccPSJdOqBO8lRoSuz6I3modfsmNIPGn1hqoSo4J8N8p0af2JKNZTasv/WMI38

HBiUIo4mW8WEd+fXPvOgujio31c5zuXvf2qvDL21Wo=

X-Google-Smtp-Source: AGHT+IGJAspLvZlEuCj4u/HE9gezNge6Mxiyv7oDWHwrY2Tpkwa/KzgNknrXQu2STMzcFjD+n/1vu3DOkDNAdlg0+1g=

X-Received: by 2002:a05:6402:84c:b0:615:ec26:99ad with SMTP id

4fb4d7f45d1cf-61c1b3b8991mr756646a12.2.1755846398025; Fri, 22 Aug 2025

00:06:38 -0700 (PDT)

MIME-Version: 1.0

From: Mr Abdul Mannan

Date: Wed, 20 Aug 2025 23:50:35 -0700

X-Gm-Features: Ac12FXypeKNwufR4S0nPRAV0sbr-gxUZxb0UZTU_eZSF3T_RHUfeBHNUiQst5x8

Message-ID:

Subject: Hello

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000d5a362063ceed894"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 12.9

X-Spam_score_int: 129

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Greetings to you. I wish to inform you that this letter is

not a hoax mail and I urge you to treat it seriously. This letter must come

to you as a big surprise, but I believe it is only a day that peo [...]

Content analysis details: (12.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

[209.85.208.46 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.46 listed in dnsbl.ahbl.org]

[209.85.208.46 listed in dnsbl.ahbl.org]

[209.85.208.46 listed in dnsbl.ahbl.org]

[209.85.208.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.46 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.46 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.46 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.46 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.46 listed in list.dnswl.org]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[mrabdulmannan913(at)gmail.com]

0.5 DATE_IN_PAST_24_48 Date: is 24 to 48 hours before Received: date

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[abumade759(at)gmail.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.46 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

1.5 HK_NAME_FM_MR_MRS No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases

0.0 T_MONEY_PERCENT X% of a lot of money for you

2.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs

1.8 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Hello

--000000000000d5a362063ceed894

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Greetings to you. I wish to inform you that this letter is not a hoax mail

and I urge you to treat it seriously. This letter must come to you as a big

surprise, but I believe it is only a day that people meet and become great

friends and business partners. I must apologize for barging this message

into your mailbox without any formal introduction due to the urgency and

confidentiality of this business and I know that this message will come to

you as a surprise. Please this is not a joke and I will not like you to

joke with it ok, with due respect to your person and much sincerity of

purpose, I make this contact with you as I believe that you can be of great

assistance to me. My name is Mr.Abdul Mannan from Burkina Faso, West

Africa. I work in Soci=C3=A9t=C3=A9 G=C3=A9n=C3=A9rale Burkina Faso (SG;BF)=

as telex manager,

please see this as a confidential message and do not reveal it to another

person and let me know whether you can be of assistance regarding my

proposal below because it is top secret.

I am about to retire from active Banking service to start a new life but I

am skeptical to reveal this particular secret to a stranger. You must

assure me that everything will be handled confidentially because we are not

going to suffer again in life. It has been 10 years now that most of the

greedy African Politicians used our bank to launder money overseas through

the help of their Political advisers. Most of the funds which they

transferred out of the shores of Africa were gold and oil money that was

supposed to have been used to develop the continent. Their Political

advisers always inflated the amounts before transferring to foreign

accounts, so I also used the opportunity to divert part of the funds hence

I am aware that there is no official trace of how much was transferred as

all the accounts used for such transfers were being closed after transfer.

I acted as the Bank Officer to most of the politicians and when I

discovered that they were using it to succeed in their greedy act; I also

cleaned some of their banking records from the Bank files and no one cared

to ask me because the money was too much for them to control. They

laundered over $5billion Dollars during the process.

Before I send this message to you, I have already diverted ($10.5million

Dollars,) to an escrow account belonging to no one in the bank. The bank is

anxious now to know who the beneficiary to the funds is because they have

made a lot of profits with the funds. It is more than Eight years now and

most of the politicians are no longer using our bank to transfer funds

overseas. The ($10.5million Dollars) has been laying waste in our bank and

I don=E2=80=99t want to retire from the bank without transferring the funds=

to a

foreign account to enable me share the proceeds with the receiver (a

foreigner). The money will be shared 60% for me and 40% for you. There is

no one coming to ask you about the funds because I secured everything. I

only want you to assist me by providing a reliable bank account where the

funds can be transferred.

You are not to face any difficulties or legal implications as I am going to

handle the transfer personally. If you are capable of receiving the funds,

do let me know immediately to enable me to give you detailed information on

what to do. For me, I have not stolen the money from anyone because the

other people that took the whole money did not face any problems. This is

my chance to grab my own life opportunity but you must keep the details of

the funds secret to avoid any leakages as no one in the bank knows about my

plans. Please get back to me if you are interested and capable of handling

this project, I shall intimate you on what to do when I hear from your

confirmation and acceptance. If you are capable of being my trusted

associate, do declare your consent to me. I am looking forward to hearing

from you immediately for further information.

Thanks with all my best regards

Mr.Abdul

--000000000000d5a362063ceed894

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Greetings to you. I wish to inform you that this letter is=

not a hoax mail and I urge you to treat it seriously. This letter must com=

e to you as a big surprise, but I believe it is only a day that people meet=

and become great friends and business partners. I must apologize for bargi=

ng this message into your mailbox without any formal introduction due to th=

e urgency and confidentiality of this business and I know that this message=

will come to you as a surprise. Please this is not a joke and I will not l=

ike you to joke with it ok, with due respect to your person and much sincer=

ity of purpose, I make this contact with you as I believe that you can be o=

f great assistance to me. My name is Mr.Abdul Mannan from Burkina Faso, Wes=

t Africa. I work in Soci=C3=A9t=C3=A9 G=C3=A9n=C3=A9rale Burkina Faso (SG;B=

F) as telex manager, please see this as a confidential message and do not r=

eveal it to another person and let me know whether you can be of assistance=

regarding my proposal below because it is top secret.

I am about to=

retire from active Banking service to start a new life but I am skeptical =

to reveal this particular secret to a stranger. You must assure me that eve=

rything will be handled confidentially because we are not going to suffer a=

gain in life. It has been 10 years now that most of the greedy African Poli=

ticians used our bank to launder money overseas through the help of their P=

olitical advisers. Most of the funds which they transferred out of the shor=

es of Africa were gold and oil money that was supposed to have been used to=

develop the continent. Their Political advisers always inflated the amount=

s before transferring to foreign accounts, so I also used the opportunity t=

o divert part of the funds hence I am aware that there is no official trace=

of how much was transferred as all the accounts used for such transfers we=

re being closed after transfer. I acted as the Bank Officer to most of the =

politicians and when I discovered that they were using it to succeed in the=

ir greedy act; I also cleaned some of their banking records from the Bank f=

iles and no one cared to ask me because the money was too much for them to =

control. They laundered over $5billion Dollars during the process.

B=

efore I send this message to you, I have already diverted ($10.5million Dol=

lars,) to an escrow account belonging to no one in the bank. The bank is an=

xious now to know who the beneficiary to the funds is because they have mad=

e a lot of profits with the funds. It is more than Eight years now and most=

of the politicians are no longer using our bank to transfer funds overseas=

. The ($10.5million Dollars) has been laying waste in our bank and I don=E2=

=80=99t want to retire from the bank without transferring the funds to a fo=

reign account to enable me share the proceeds with the receiver (a foreigne=

r). The money will be shared 60% for me and 40% for you. There is no one co=

ming to ask you about the funds because I secured everything. I only want y=

ou to assist me by providing a reliable bank account where the funds can be=

transferred.

You are not to face any difficulties or legal implicat=

ions as I am going to handle the transfer personally. If you are capable of=

receiving the funds, do let me know immediately to enable me to give you d=

etailed information on what to do. For me, I have not stolen the money from=

anyone because the other people that took the whole money did not face any=

problems. This is my chance to grab my own life opportunity but you must k=

eep the details of the funds secret to avoid any leakages as no one in the =

bank knows about my plans. Please get back to me if you are interested and =

capable of handling this project, I shall intimate you on what to do when I=

hear from your confirmation and acceptance. If you are capable of being my=

trusted associate, do declare your consent to me. I am looking forward to =

hearing from you immediately for further information.
Thanks with all my=

best regards

Mr.Abdul=C2=A0

--000000000000d5a362063ceed894--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 22 Aug 2025 01:05:00 -0600

Received: from mail-ed1-f41.google.com ([209.85.208.41]:41307)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upLoI-000000008k8-1SrT

for dave@doctor.nl2k.ab.ca;

Fri, 22 Aug 2025 01:04:03 -0600

Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-61c25ad57ffso11515a12.1

for ; Fri, 22 Aug 2025 00:02:51 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1755846164; x=1756450964; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=igRyf+25jy7thVe9RFriWy4YBvLys4uDmPDU0HNUU7c=;

b=jet16Z1/BTt2mARAJIN/B8XlpbOsOGshlx+XMUW1Kiahyx4QZjJ+c1PWKEt49u0Kd2

Bix80znLMcWNdU6cq79k8gY11ql63kriVRhbygdcHrAldFxXGq3sLDG1t9XEHElKKaTT

RTifOdPQdS2P7UYeWeB/XNdaFfCEU3qPrDtYj6+uSa6qV0UPx6DEelBJKm2GIH1AZ6Sl

D7CiiHgh+IDXQCaciYmuKYUVtrSpo/Nl0600ZsUgDN7jaA3Ktb+n6Wr0FohwtnM2/MUD

GiQw/ZSaMRAiUAbhZ/fvH9dAUDji7tkuzZlwf5v0EAoQnYyUQZp5zD0h5KEenE14Coyp

bnMQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1755846164; x=1756450964;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=igRyf+25jy7thVe9RFriWy4YBvLys4uDmPDU0HNUU7c=;

b=VbNtVu7aB3fqUigEzcEfGLAAB603G7xqKhGbdNUajyGqRSFka/+dLThCMFPcWR8gSW

M6uDdeQ5OiAJrdx1HNxhtFA90ERrFrdmOv3zoJJMJmZ2owKzN+dRQ//6mgV6dCh1P57D

GP1vesPyFu54AbEnHlDR64Y8YRA/fOFbeIOd1ncSwJQzE+xgviT00AZ52jDgam1mc9Hk

4e8119VQxY/VahN7qo7tO1ViNSUy+Jpl3hI812CeUNB9rKmFMAeMBymf1Vc3Jrk54Lak

LPh1KIlw67T8362q0g3mcH8JtMIlTTNw9S3iasszKo6DSaCqgMTD0hm/Wfp+1pzqLP9O

XAsg==

X-Forwarded-Encrypted: i=1; AJvYcCXPgEOJBcJu9D5z3liIhwwBMk9nEfIrTcgNmSwzqf6VayUmMxcTqLT7LtOJkUdUg6F+6eYo@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Ywqvy2Q5kzYxFdp/YTE1W6InFQWua0wHSjfF9eOZ7GO8m+dfBrP

WS6h0ZNfU8prVufZJ3/kuQge6FaKso4CJnMucshwuFkMVzhGZ3Q9ghLWe/ab1u4YeVLYr1U/nqx

jL5ZRrBe72YjZ3OUz1zazAmG+69fZhfU=

X-Gm-Gg: ASbGncubTPQDP6hI3qgdoy9vchaTfrLfDaTOFauQxTl66iTCmSQloZ53aSnL7RH0KGS

fS3iTIh9xHQPhCA9ZR1eZ78IzD6CJRHDjvNwG+/a2LLQz0ANz+PD1oDxMnyrrV5OdMvlWZrU2J2

4cD+Hrfm6Jsvv4svdvqbeAGJHq+iOn3VL71BnlwTZpLLi8ze7Xy+VIr997XAh6dxgPy7jbBnBIX

suRbtvS/+YIRAq81vMqp6I8S58E39ygby14IjH2Gvg=

X-Google-Smtp-Source: AGHT+IHR96coJeay3V11gDt74d6B0kkfGrr+HrgIJq5hHuOBsVOvNdCNJDN95UElkIaXrx9afggHm3gwO3rCl93z5EU=

X-Received: by 2002:a05:6402:5112:b0:61a:8b68:c01c with SMTP id

4fb4d7f45d1cf-61c1b4ccd85mr838226a12.4.1755846164068; Fri, 22 Aug 2025

00:02:44 -0700 (PDT)

MIME-Version: 1.0

From: Mr Abdul Mannan

Date: Wed, 20 Aug 2025 23:46:42 -0700

X-Gm-Features: Ac12FXyJOUTYehLXdp33Ci0Pfij_qkM36KxVJuGtSBimajxdZOQoA0NhW-qcFmw

Message-ID:

Subject: Hello Dear,

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000e3bc71063ceecaac"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 8.2

X-Spam_score_int: 82

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello Dear, Greetings to you. I wish to inform you that this

letter is not a hoax mail and I urge you to treat it seriously. This letter

must come to you as a big surprise, but I believe it is only a day that peo

[...]

Content analysis details: (8.2 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.41 listed in dnsbl.ahbl.org]

[209.85.208.41 listed in dnsbl.ahbl.org]

[209.85.208.41 listed in dnsbl.ahbl.org]

[209.85.208.41 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.41 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.41 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.41 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.41 listed in sa-accredit.habeas.com]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.41 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.41 listed in wl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.41 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.41 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[abumade759(at)gmail.com]

0.5 DATE_IN_PAST_24_48 Date: is 24 to 48 hours before Received: date

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[abumade759(at)gmail.com]

0.0 HTML_MESSAGE BODY: HTML included in message

1.5 HK_NAME_FM_MR_MRS No description available.

0.0 LOTS_OF_MONEY Huge... sums of money

0.0 T_MONEY_PERCENT X% of a lot of money for you

0.5 MONEY_FRAUD_8 Lots of money and very many fraud phrases

2.3 UNDISC_MONEY Undisclosed recipients + money/fraud signs

1.8 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money

Subject: {SPAM?} Hello Dear,

--000000000000e3bc71063ceecaac

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello Dear,

Greetings to you. I wish to inform you that this letter is not a hoax mail

and I urge you to treat it seriously. This letter must come to you as a big

surprise, but I believe it is only a day that people meet and become great

friends and business partners. I must apologize for barging this message

into your mailbox without any formal introduction due to the urgency and

confidentiality of this business and I know that this message will come to

you as a surprise. Please this is not a joke and I will not like you to

joke with it ok, with due respect to your person and much sincerity of

purpose, I make this contact with you as I believe that you can be of great

assistance to me. My name is Mr.Abdul from Burkina Faso, West Africa. I

work in Soci=C3=A9t=C3=A9 G=C3=A9n=C3=A9rale Burkina Faso (SG;BF) as telex =

manager, please see

this as a confidential message and do not reveal it to another person and

let me know whether you can be of assistance regarding my proposal below

because it is top secret.

I am about to retire from active Banking service to start a new life but I

am skeptical to reveal this particular secret to a stranger. You must

assure me that everything will be handled confidentially because we are not

going to suffer again in life. It has been 10 years now that most of the

greedy African Politicians used our bank to launder money overseas through

the help of their Political advisers. Most of the funds which they

transferred out of the shores of Africa were gold and oil money that was

supposed to have been used to develop the continent. Their Political

advisers always inflated the amounts before transferring to foreign

accounts, so I also used the opportunity to divert part of the funds hence

I am aware that there is no official trace of how much was transferred as

all the accounts used for such transfers were being closed after transfer.

I acted as the Bank Officer to most of the politicians and when I

discovered that they were using it to succeed in their greedy act; I also

cleaned some of their banking records from the Bank files and no one cared

to ask me because the money was too much for them to control. They

laundered over $5billion Dollars during the process.

Before I send this message to you, I have already diverted ($10.5million

Dollars,) to an escrow account belonging to no one in the bank. The bank is

anxious now to know who the beneficiary to the funds is because they have

made a lot of profits with the funds. It is more than Eight years now and

most of the politicians are no longer using our bank to transfer funds

overseas. The ($10.5million Dollars) has been laying waste in our bank and

I don=E2=80=99t want to retire from the bank without transferring the funds=

to a

foreign account to enable me share the proceeds with the receiver (a

foreigner). The money will be shared 60% for me and 40% for you. There is

no one coming to ask you about the funds because I secured everything. I

only want you to assist me by providing a reliable bank account where the

funds can be transferred.

You are not to face any difficulties or legal implications as I am going to

handle the transfer personally. If you are capable of receiving the funds,

do let me know immediately to enable me to give you detailed information on

what to do. For me, I have not stolen the money from anyone because the

other people that took the whole money did not face any problems. This is

my chance to grab my own life opportunity but you must keep the details of

the funds secret to avoid any leakages as no one in the bank knows about my

plans. Please get back to me if you are interested and capable of handling

this project, I shall intimate you on what to do when I hear from your

confirmation and acceptance. If you are capable of being my trusted

associate, do declare your consent to me. I am looking forward to hearing

from you immediately for further information.

Thanks with all my best regards

Mr.Abdul Mannan

--000000000000e3bc71063ceecaac

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello Dear,

Greetings to you. I wish to inform you =

that this letter is not a hoax mail and I urge you to treat it seriously. T=

his letter must come to you as a big surprise, but I believe it is only a d=

ay that people meet and become great friends and business partners. I must =

apologize for barging this message into your mailbox without any formal int=

roduction due to the urgency and confidentiality of this business and I kno=

w that this message will come to you as a surprise. Please this is not a jo=

ke and I will not like you to joke with it ok, with due respect to your per=

son and much sincerity of purpose, I make this contact with you as I believ=

e that you can be of great assistance to me. My name is Mr.Abdul=C2=A0 from=

Burkina Faso, West Africa. I work in Soci=C3=A9t=C3=A9 G=C3=A9n=C3=A9rale =

Burkina Faso (SG;BF) as telex manager, please see this as a confidential me=

ssage and do not reveal it to another person and let me know whether you ca=

n be of assistance regarding my proposal below because it is top secret.
>
I am about to retire from active Banking service to start a new life b=

ut I am skeptical to reveal this particular secret to a stranger. You must =

assure me that everything will be handled confidentially because we are not=

going to suffer again in life. It has been 10 years now that most of the g=

reedy African Politicians used our bank to launder money overseas through t=

he help of their Political advisers. Most of the funds which they transferr=

ed out of the shores of Africa were gold and oil money that was supposed to=

have been used to develop the continent. Their Political advisers always i=

nflated the amounts before transferring to foreign accounts, so I also used=

the opportunity to divert part of the funds hence I am aware that there is=

no official trace of how much was transferred as all the accounts used for=

such transfers were being closed after transfer. I acted as the Bank Offic=

er to most of the politicians and when I discovered that they were using it=

to succeed in their greedy act; I also cleaned some of their banking recor=

ds from the Bank files and no one cared to ask me because the money was too=

much for them to control. They laundered over $5billion Dollars during the=

process.

Before I send this message to you, I have already diverted=

($10.5million Dollars,) to an escrow account belonging to no one in the ba=

nk. The bank is anxious now to know who the beneficiary to the funds is bec=

ause they have made a lot of profits with the funds. It is more than Eight =

years now and most of the politicians are no longer using our bank to trans=

fer funds overseas. The ($10.5million Dollars) has been laying waste in our=

bank and I don=E2=80=99t want to retire from the bank without transferring=

the funds to a foreign account to enable me share the proceeds with the re=

ceiver (a foreigner). The money will be shared 60% for me and 40% for you. =

There is no one coming to ask you about the funds because I secured everyth=

ing. I only want you to assist me by providing a reliable bank account wher=

e the funds can be transferred.

You are not to face any difficulties=

or legal implications as I am going to handle the transfer personally. If =

you are capable of receiving the funds, do let me know immediately to enabl=

e me to give you detailed information on what to do. For me, I have not sto=

len the money from anyone because the other people that took the whole mone=

y did not face any problems. This is my chance to grab my own life opportun=

ity but you must keep the details of the funds secret to avoid any leakages=

as no one in the bank knows about my plans. Please get back to me if you a=

re interested and capable of handling this project, I shall intimate you on=

what to do when I hear from your confirmation and acceptance. If you are c=

apable of being my trusted associate, do declare your consent to me. I am l=

ooking forward to hearing from you immediately for further information.
=

Thanks with all my best regards

Mr.Abdul Mannan

--000000000000e3bc71063ceecaac--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 17:02:00 -0600

Received: from mail-pl1-f178.google.com ([209.85.214.178]:43407)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upEHP-00000000M4a-2LQF

for dave@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 17:01:20 -0600

Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-246151aefaaso7976045ad.1

for ; Thu, 21 Aug 2025 16:00:24 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1755817219; x=1756422019; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=3nXea754k2pPMzUDSPVbZxljQMd4sLhffiwT/MbW4k0=;

b=LFcfdNWcwYCgKEugoj+YB+uRfDsATrjwXxrKbsjj0GJEN9tkjd3X5nvM1E7eNekgZA

zaeFpQq/4LQEeUKIdpsYa0K2P6e2o5WhKQBWE1cU7ENS+/O9fvb0X9uXQIxiVpCG7Dfi

k7WinFdTUZnzS+8IQEpwHEpVybt2RhChKu6+dVOr00QwTG5gR2B7CXutqMcRUe2Q8NYt

y+xghOWq27NDXQsVmgrz0vIAjnIaL1K/tf+iyYPOu9lbFzuyG9yhe2+kAEFx5A4LRvoX

0cDu8bGu8ZbSZMfzxEouY0cCvTDT3Bbvd1FWvssCz93deLoFEeJhpVH7Lq1Hgg7G7bIR

tvPw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1755817219; x=1756422019;

h=to:subject:message-id:date:from:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=3nXea754k2pPMzUDSPVbZxljQMd4sLhffiwT/MbW4k0=;

b=qI7+eecImDhx/3AuKe/flta+ijzsIVqXwjDujtyyVrIOuR88uj5IAe/1py0pQudlEd

6DDyHpiCC8neiFZj7Z79RrvcUWD/g0MzCDeFfujzYpiCHQAvaIK2/KxSbndR4WLZOAo9

dA8CAY5YFKKzny5hTQExISgFfAtSnTPx4I0kzha4785vRuD4o3svGEL6CT0IDdOlvZYC

O1gFg7YTaJf2PybhyREYmzCsR8utMCWFW/rYvYFHs2fNnTk8JbKyw/XJt45VTczbAZyc

A9q6/V06CzxNiK2HU3lmxy21u9IqDsvGyfcjtlDnQIorqhdqzANJSQcJpaNkVd0j5TOQ

yoqQ==

X-Forwarded-Encrypted: i=1; AJvYcCU6HnUnTkTCKmb1LR55yu47XsKgf7uyn2WeBlIZTmbN9DvZpX4NeiO+GwsjP61xA+L5haUV@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0Yw8pDJ9wIYJbJDFNdn3FXgz9XOAI6LK+e/GvrpAEV344GfgFse5

lv5jARsLCdN1a9Ss2iyiPF/fm0drkO3hWETMuwWaNwhZsIGOP797Km2cBbQ+iPqxvB4MQ7BfMoI

U1Ut5ePrVseC9YlalRWzXkFcw/jcStHg=

X-Gm-Gg: ASbGnctE7UHBv8rqxTmAEZDyC69M9B39XZpa5hqX1yBdxj6HA4MXDt9k8FTlIH6m8Tk

CkGbwfHGUIypcSC6aumqHbu88KprUUX+zeJQpr89E4GZu8+pZF8utDwqOwVPpA/D4hGnXkhIY1m

fk5SE2yuaO14g1b6AVKIM83ycsLvK2S0uvSHOIwknSsSkxl9uVomgh8fEJ8wOOm7p30ZSHlwrel

SgMk6gxkiViFtB9/hQbwSk=

X-Google-Smtp-Source: AGHT+IH5yfbRZUfOLv8U/kJ9mX2IFYK+/w+uqD28E+ixw+EzYonXCgH0BQvNFS/nfpmJlSkBgWdttIHHoxnEYIW89wE=

X-Received: by 2002:a17:903:32cb:b0:235:f091:11e5 with SMTP id

d9443c01a7336-24632981a74mr10021735ad.10.1755817218575; Thu, 21 Aug 2025

16:00:18 -0700 (PDT)

MIME-Version: 1.0

From: Neil Fichaud

Date: Fri, 22 Aug 2025 06:59:45 +0800

X-Gm-Features: Ac12FXwFQQRQnG0hMEpoHPlhHhmWpuhymZu4jMw_7lPsoN3A3TTugSZ_wzVKThU

Message-ID:

Subject: =?UTF-8?Q?Kiitos_jo_etuk=C3=A4teen_nopeasta_vastauksestasi?=

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000009a941d063ce80de4"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 8.9

X-Spam_score_int: 89

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Tervehdys, *Nimeni on Barr. Neil Fichaud, olen Neil Fichaud

Solicitorsin pÃ¤Ã¤asianajaja tÃ¤Ã¤llÃ¤ Torontossa, Kanadassa. LÃ¤hetÃ¤n tÃ¤mÃ¤n

sÃ¤hkÃ¶postin uudelleen, koska ette vastanneet edelliseen sÃ¤hkÃ¶postii [...]

Content analysis details: (8.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

[209.85.214.178 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.178 listed in dnsbl.ahbl.org]

[209.85.214.178 listed in dnsbl.ahbl.org]

[209.85.214.178 listed in dnsbl.ahbl.org]

[209.85.214.178 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.178 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.178 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.178 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.178 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.178 listed in list.dnswl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[kelvinwalt4(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[kelvinwalt4(at)gmail.com]

0.1 TW_KU BODY: Odd Letter Triples with KU

2.3 MANGLED_LIST BODY: mangled list

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.178 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} =?UTF-8?Q?Kiitos_jo_etuk=C3=A4teen_nopeasta_vastauksestasi?=

--0000000000009a941d063ce80de4

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Tervehdys,

Nimeni on Barr. Neil Fichaud, olen Neil Fichaud Solicitorsin p=C3=A4=C3=A4=

asianajaja

t=C3=A4=C3=A4ll=C3=A4 Torontossa, Kanadassa. L=C3=A4het=C3=A4n t=C3=A4m=C3=

=A4n s=C3=A4hk=C3=B6postin uudelleen, koska

ette vastanneet edelliseen s=C3=A4hk=C3=B6postiini. Kuolleella asiakkaallam=

me on

"lunastamaton pysyv=C3=A4 henkivakuutus".

Tapahtuma koskee lunastamatonta "henkivakuutusta" (LIP), jonka summa on

kolmetoista miljoonaa kahdeksansataa kahdeksankymment=C3=A4tuhatta Yhdysval=

tain

dollaria (13 880 000 U$D). Vakuutuksenottaja oli yksi asiakkaistamme,

edesmennyt herra Tomas, joka oli kiinteist=C3=B6sijoittaja ja jalokivikaupp=

ias.

H=C3=A4n oli covid-19-uhri ja kuoli viisi vuotta sitten. H=C3=A4nen kuolema=

nsa

j=C3=A4lkeen kukaan ei ole ilmoittautunut korvausvaatimuksen esitt=C3=A4j=

=C3=A4ksi, ja

kaikki pyrkimyksemme l=C3=B6yt=C3=A4=C3=A4 h=C3=A4nen sukulaisiaan ovat ep=

=C3=A4onnistuneet.

Vakuutusyhti=C3=B6iden s=C3=A4=C3=A4nn=C3=B6t m=C3=A4=C3=A4r=C3=A4=C3=A4v=

=C3=A4t, ett=C3=A4 lunastamaton "vakuutettu pysyv=C3=A4

vakuutus" on luovutettava osavaltion hyl=C3=A4ttyjen kiinteist=C3=B6jen osa=

stolle 5=E2=80=936

vuoden kuluttua.

Siksi pyyd=C3=A4n suostumustanne yhteisty=C3=B6h=C3=B6ni t=C3=A4m=C3=A4n v=

akuutuksen edun

hakemisessa, ottaen huomioon saman sukunimen ja kansalaisuuden kuin

vainajalla. Jos sallitte minun lis=C3=A4t=C3=A4 nimenne vakuutukseen, kaikk=

i tuotot

k=C3=A4sitell=C3=A4=C3=A4n puolestanne. Haluan huomauttaa, ett=C3=A4 haluan=

10 % t=C3=A4st=C3=A4 summasta

jaettavan hyv=C3=A4ntekev=C3=A4isyysj=C3=A4rjest=C3=B6jen kesken ja loput 9=

0 % jaetaan meid=C3=A4n

kesken.

T=C3=A4m=C3=A4 on 100 % riskit=C3=B6nt=C3=A4. Minulla on kaikki tarvittava=

t asiakirjat

prosessin nopeuttamiseksi eritt=C3=A4in ammattimaisella ja luottamuksellise=

lla

tavalla. Toimitan kaikki asiaankuuluvat asiakirjat edunsaajavaatimuksenne

tueksi. T=C3=A4m=C3=A4 vaatimus edellytt=C3=A4=C3=A4 korkeaa luottamukselli=

suuden tasoa, ja sen

k=C3=A4sittely voi kest=C3=A4=C3=A4 jopa nelj=C3=A4toista (14) arkip=C3=A4i=

v=C3=A4=C3=A4 suostumuksenne

vastaanottamisp=C3=A4iv=C3=A4st=C3=A4.

Arvostan pikaista vastaustanne s=C3=A4hk=C3=B6postiini.

Yst=C3=A4v=C3=A4llisin terveisin!

Barr. Neil Fichaud Esq.

--0000000000009a941d063ce80de4

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Tervehdys,

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Nimeni on Barr. Neil Fichaud, olen Nei=

l Fichaud Solicitorsin p=C3=A4=C3=A4asianajaja

t=C3=A4=C3=A4ll=C3=A4 Torontossa, Kanadassa. L=C3=A4het=C3=A4n t=C3=A4m=C3=

=A4n s=C3=A4hk=C3=B6postin uudelleen, koska ette

vastanneet edelliseen s=C3=A4hk=C3=B6postiini. Kuolleella asiakkaallamme on

"lunastamaton pysyv=C3=A4 henkivakuutus".=

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Tapahtuma koskee lunastamatonta "=

henkivakuutusta" (LIP), jonka

summa on kolmetoista miljoonaa kahdeksansataa kahdeksankymment=C3=A4tuhatta

Yhdysvaltain dollaria (13 880 000 U$D). Vakuutuksenottaja oli yksi

asiakkaistamme, edesmennyt herra Tomas, joka oli kiinteist=C3=B6sijoittaja =

ja

jalokivikauppias. H=C3=A4n oli covid-19-uhri ja kuoli viisi vuotta sitten. =

H=C3=A4nen

kuolemansa j=C3=A4lkeen kukaan ei ole ilmoittautunut korvausvaatimuksen esi=

tt=C3=A4j=C3=A4ksi,

ja kaikki pyrkimyksemme l=C3=B6yt=C3=A4=C3=A4 h=C3=A4nen sukulaisiaan ovat =

ep=C3=A4onnistuneet.

Vakuutusyhti=C3=B6iden s=C3=A4=C3=A4nn=C3=B6t m=C3=A4=C3=A4r=C3=A4=C3=A4v=

=C3=A4t, ett=C3=A4 lunastamaton "vakuutettu pysyv=C3=A4

vakuutus" on luovutettava osavaltion hyl=C3=A4ttyjen kiinteist=C3=B6je=

n osastolle

5=E2=80=936 vuoden kuluttua.

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Siksi pyyd=C3=A4n suostumustanne yhtei=

sty=C3=B6h=C3=B6ni t=C3=A4m=C3=A4n vakuutuksen edun

hakemisessa, ottaen huomioon saman sukunimen ja kansalaisuuden kuin vainaja=

lla.

Jos sallitte minun lis=C3=A4t=C3=A4 nimenne vakuutukseen, kaikki tuotot k=

=C3=A4sitell=C3=A4=C3=A4n

puolestanne. Haluan huomauttaa, ett=C3=A4 haluan 10 % t=C3=A4st=C3=A4 summa=

sta jaettavan

hyv=C3=A4ntekev=C3=A4isyysj=C3=A4rjest=C3=B6jen kesken ja loput 90 % jaetaa=

n meid=C3=A4n kesken.

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">T=C3=A4m=C3=A4 on 100 % riskit=C3=B6nt=

=C3=A4. Minulla on kaikki tarvittavat asiakirjat

prosessin nopeuttamiseksi eritt=C3=A4in ammattimaisella ja luottamuksellise=

lla

tavalla. Toimitan kaikki asiaankuuluvat asiakirjat edunsaajavaatimuksenne

tueksi. T=C3=A4m=C3=A4 vaatimus edellytt=C3=A4=C3=A4 korkeaa luottamukselli=

suuden tasoa, ja sen

k=C3=A4sittely voi kest=C3=A4=C3=A4 jopa nelj=C3=A4toista (14) arkip=C3=A4i=

v=C3=A4=C3=A4 suostumuksenne

vastaanottamisp=C3=A4iv=C3=A4st=C3=A4.

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Arvostan pikaista vastaustanne s=C3=A4=

hk=C3=B6postiini.

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Yst=C3=A4v=C3=A4llisin terveisin!
>

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">=C2=A0

ize:11pt;font-family:"Calibri","sans-serif"">
tyle=3D"font-size:12pt;line-height:115%;font-family:"Garamond",&q=

uot;serif";color:rgb(64,64,64)">Barr. Neil Fichaud Esq.
span>

--0000000000009a941d063ce80de4--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: davef@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 15:07:02 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uotbK-00000000N1f-25zW

for davef@doctor.nl2k.ab.ca;

Wed, 20 Aug 2025 18:56:22 -0600

Resent-From: The Doctor

Resent-Date: Wed, 20 Aug 2025 18:56:22 -0600

Resent-Message-ID:

Resent-To: davef@doctor.nl2k.ab.ca

Received: from mail-vk1-f197.google.com ([209.85.221.197]:50633)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uos3F-00000000Li4-3U3o

for doctor@netknow.ca;

Wed, 20 Aug 2025 17:17:12 -0600

Received: by mail-vk1-f197.google.com with SMTP id 71dfb90a1353d-53b173a1b6cso831562e0c.1

for ; Wed, 20 Aug 2025 16:16:19 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1755731773; x=1756336573; darn=netknow.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=hMZ8WdhSuktlLNLlvzapLrGe2s/6DdKSMrDREhdjVrU=;

b=XD7ddm54cEoDQVzWj8Hr3SRE1sujNTCnwfWYsKvf/Tf/+V4wAfGqLN/mazymjep8H8

0Pv1MPXgaIOgrKqgvTQUQPjMs3IHex91nG4hnLfdPVCSlTZBoJCSts8NwSCh3eTYQqIi

Tt2CHHuFXHNRl70cFFCBmbVvG50Kq5KAJjh6QwDiie/4hu1UBa/Dzu1HhRCuQ2XhKZUu

AM7FjxSWOfgUXe6N4So8HAVXA89Axn2z3+Z82jiyFRyr857tJ3aFt8SjHw5flNvJRSi6

V4dFigfvjflXPwzbqJ8ALMSFmGDqWYYQHDcjaD98TIbuc3O6kdGZjXKtD4e3F+V17u7c

M32Q==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1755731773; x=1756336573;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=hMZ8WdhSuktlLNLlvzapLrGe2s/6DdKSMrDREhdjVrU=;

b=kDkxersNUoftdaWK+XNB5eHfnS4NW8SsrkFP1sQiXxoUfbEPYaN8YDwUceiHKuX9vM

qmggS6+kyyWCQQe9ruSqOGGJUs6iHliz0NTQpRXYy1uKvkF+shIT7UB7b6QvpYpbQv7e

qNTOe3/3N1aLfAbT4x0DM3etjDDITPJbBiN4Q4wXbfvihghghHI8tcjHZhMgJQzbvGN0

BbS2auXn/t3UGLXhkYD2PxN/RkgoAByxcQnK8TCPMV1b/+FNYnRlRRMZaHYQ5tFDchok

2pI/mzC6H2zobLEcdUzNTJItEx90qiVllMaDrJEIgVnUIQbbhcMkJu5XKKY64QHR3Qxu

U20w==

X-Gm-Message-State: AOJu0Yx/8SV1BJXH/6TrerwwjPFqYzuWWmPb+yjzzOFfS6usORK363L/

4ITBr/o3EC8s4cxK8586AOHQmDfQBmu/a+wkbGACDIQtTQt/MX299u2TzxVKe89sAGUbfPji2Iv

HKdWKiAXYig==

X-Google-Smtp-Source: AGHT+IHbCK9vOI/LkK6ZG8k32mQLh51GWhY9IEC2rCkhROqOXUgVwB3k279jjuCvvaz/ucGY8xkhGSwOAJJN1fA=

MIME-Version: 1.0

X-Received: by 2002:a05:6122:130c:b0:539:2a2c:6ef3 with SMTP id

71dfb90a1353d-53c7d867b88mr86519e0c.7.1755731773232; Wed, 20 Aug 2025

16:16:13 -0700 (PDT)

Message-ID: <000000000000aa1798063cd428df@google.com>

Date: Wed, 20 Aug 2025 23:16:13 +0000

Subject: =?UTF-8?Q?Unlock_Your_True_Manhood_Tonight=2C_Take_Control=E2=80=93_Fr?=

=?UTF-8?Q?ee_Bottle_Ends_Soon=21?=

From: Your ED Solution

To: doctor@netknow.ca

Content-Type: multipart/alternative; boundary="000000000000aa178e063cd428dc"

X-Spam_score: 15.5

X-Spam_score_int: 155

X-Spam_bar: +++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview:

Content analysis details: (15.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

2.3 EMPTY_MESSAGE Message appears to have no textual parts and no

Subject: text

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

[209.85.221.197 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.221.197 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.221.197 listed in list.dnswl.org]

2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL

[209.85.221.197 listed in psbl.surriel.com]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.221.197 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.7 MPART_ALT_DIFF BODY: HTML and text parts are different

0.0 MIME_HTML_MOSTLY BODY: Multipart message mostly text/html MIME

0.3 HTML_IMAGE_ONLY_04 BODY: HTML: images with 0-400 bytes of words

0.0 HTML_EXTRA_CLOSE BODY: HTML contains far too many close tags

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

3.4 HTML_SHORT_CENTER HTML is very short with CENTER tag

0.1 HTML_SHORT_LINK_IMG_1 HTML is very short with a linked image

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?UTF-8?Q?Unlock_Your_True_Manhood_Tonight=2C_Take_Control=E2=80=93_Fr?=

=?UTF-8?Q?ee_Bottle_Ends_Soon=21?=

--000000000000aa178e063cd428dc

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

--000000000000aa178e063cd428dc

Content-Type: text/html; charset="UTF-8"

--000000000000aa178e063cd428dc--

Posted by Dave Yadallee on Friday, August 22. 2025

0001pt;font-size:11pt">H=

i There,

in 0in 0.0001pt;font-size:11pt">
serif">=C2=A0

rgin:0in 0in 0.0001pt;font-size:11pt">
orgia, serif">Any Update on my previous email?

"gmail-MsoNoSpacing" style=3D"margin:0in 0in 0.0001pt;font-size:11pt">
lang=3D"EN-IN">=C2=A0

ass=3D"gmail-MsoNoSpacing" style=3D"margin:0in 0in 0.0001pt;font-size:11pt"=

>If you are interested?<=

/font>

0001pt;font-size:11pt">=

=C2=A0

0in 0.0001pt;font-size:11pt">
, serif">I can share our Methodologies, past work details, client Testimoni=

als, and Prices List.

style=3D"margin:0in 0in 0.0001pt;font-size:11pt">
face=3D"georgia, serif">=C2=A0

cing" style=3D"margin:0in 0in 0.0001pt;font-size:11pt">
>Best Regard,

ail-MsoNoSpacing" style=3D"margin:0in 0in 0.0001pt;font-size:11pt">
ng=3D"EN-IN">Jane=C2=A0

lass=3D"gmail-MsoNoSpacing" style=3D"margin:0in 0in 0.0001pt;font-size:11pt=

">Business Development E=

xecutive

ontainer">

On Tue, Aug 19, 2025 at 6:5=

4=E2=80=AFPM Jane Geary <janegea=

ary@gmail.com> wrote:

le=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);paddi=

ng-left:1ex">

v class=3D"m_-4178721336996778397WordSection1">

.0001pt;background:white">
quot;,sans-serif;color:rgb(34,34,34)">Hello -
" target=3D"_blank">sales@nk.ca,

rgin:0in 0in 0.0001pt;background:white">
crosoft YaHei",sans-serif;color:rgb(34,34,34)">=C2=A0
pan>

=3D"font-family:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)"=

>Managing client campaigns can be challenging, especially when deadlines an=

d expectations keep growing.
serif;color:rgb(34,34,34)">

0in 0.0001pt;background:white">
aHei",sans-serif;color:rgb(34,34,34)">=C2=A0
-family:Calibri,sans-serif;color:rgb(34,34,34)">

style=3D"margin:0in 0in 0.0001pt;background:white">
ily:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">That is why=

agencies across in the Canada choose us as their silent partner for SEO, p=

aid ads, and social media, fully under their own brand, so they always look=

great to their clients.
f;color:rgb(34,34,34)">

0.0001pt;background:white">
",sans-serif;color:rgb(34,34,34)">=C2=A0
ily:Calibri,sans-serif;color:rgb(34,34,34)">

le=3D"margin:0in 0in 0.0001pt;background:white">
ly:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Here is how =

we support your agency:
erif;color:rgb(34,34,34)">

in 0.0001pt;background:white">
Hei",sans-serif;color:rgb(34,34,34)">=C2=A0
family:Calibri,sans-serif;color:rgb(34,34,34)">

style=3D"margin-right:0in;margin-left:0.25in;margin-bottom:0.0001pt;backgro=

und:white">
f;color:rgb(34,34,34)">1.
4,34)">=C2=A0=C2=A0=C2=A0=C2=A0
icrosoft YaHei",sans-serif;color:rgb(34,34,34)">Complete SEO Services:=

f;color:rgb(34,34,34)">=C2=A0Audits, on-page fixes, backlinks, keyword trac=

king=E2=80=94all with your agency=E2=80=99s branding.
font-family:Calibri,sans-serif;color:rgb(34,34,34)">
p>

ckground:white">
-serif;color:rgb(34,34,34)">2.
(34,34,34)">=C2=A0=C2=A0=C2=A0=C2=A0
uot;Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Google & Meta=

Ads Management:
",sans-serif;color:rgb(34,34,34)">=C2=A0From campaign setup and ad cop=

ywriting to A/B testing, retargeting, and clear ROI reporting.
style=3D"font-family:Calibri,sans-serif;color:rgb(34,34,34)">=

0001pt;background:white">
uot;,sans-serif;color:rgb(34,34,34)">3.
color:rgb(34,34,34)">=C2=A0=C2=A0=C2=A0=C2=A0
family:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Social M=

edia Management:
",sans-serif;color:rgb(34,34,34)">=C2=A0Posts, creative designs, video=

content, and monthly content planning tailored to your clients.
n style=3D"font-family:Calibri,sans-serif;color:rgb(34,34,34)">
u>

0.0001pt;background:white">
",sans-serif;color:rgb(34,34,34)">4.
t;color:rgb(34,34,34)">=C2=A0=C2=A0=C2=A0=C2=A0
t-family:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Real-T=

ime Branded Dashboards:
t YaHei",sans-serif;color:rgb(34,34,34)">=C2=A0Integrated with Moz, Ah=

refs, and SEMrush for transparent tracking.
y:Calibri,sans-serif;color:rgb(34,34,34)">

=3D"margin-right:0in;margin-left:0.25in;margin-bottom:0.0001pt;background:w=

hite">
or:rgb(34,34,34)">5.
">=C2=A0=C2=A0=C2=A0=C2=A0
oft YaHei",sans-serif;color:rgb(34,34,34)">Dedicated Account Manager:<=

/span>
;color:rgb(34,34,34)">=C2=A0Your single point of contact for fast, easy com=

munication.
4,34,34)">

:0.25in;margin-bottom:0.0001pt;background:white">
:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">6.
style=3D"font-size:7pt;color:rgb(34,34,34)">=C2=A0=C2=A0=C2=A0=C2=A0
>
:rgb(34,34,34)">Experienced In-House Team:
mily:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">=C2=A07+ y=

ears=E2=80=99 support to 80+ agencies, no freelancers, no delays.
an style=3D"font-family:Calibri,sans-serif;color:rgb(34,34,34)"><=

/u>

tyle=3D"font-family:"Microsoft YaHei",sans-serif;color:rgb(34,34,=

34)">=C2=A0
4,34,34)">

ground:white">
s-serif;color:rgb(197,90,17)">If you want details, case studies, portfolio,=

or pricing
;,sans-serif;color:rgb(197,90,17)">,=C2=A0-
amily:"Microsoft YaHei",sans-serif">May I send?
or:rgb(34,34,34)">

n 0in 0.0001pt;background:white">
YaHei",sans-serif;color:rgb(34,34,34)">=C2=A0
nt-family:Calibri,sans-serif;color:rgb(34,34,34)">
=

amily:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Looking f=

orward to helping streamline your client delivery.
t-family:Calibri,sans-serif;color:rgb(34,34,34)">
<=

p style=3D"margin:0in 0in 0.0001pt;background:white">
mily:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">=C2=A0
an>
u>
<=

span style=3D"font-family:"Microsoft YaHei",sans-serif;color:rgb(=

34,34,34)">Best regards,
f;color:rgb(34,34,34)">

0.0001pt;background:white">
",sans-serif;color:rgb(34,34,34)">Jane Geary
<=

p style=3D"margin:0in 0in 0.0001pt;background:white">
mily:"Microsoft YaHei",sans-serif;color:rgb(34,34,34)">Business D=

evelopment Executive
lor:rgb(34,34,34)">
=

=C2=A0

--0000000000002ba3a5063ce1178f--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 15:07:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1upCJS-000000004Jc-0R1Q

for dave@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 14:55:10 -0600

Resent-From: The Doctor

Resent-Date: Thu, 21 Aug 2025 14:55:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japanwestazolkn19012051.outbound.protection.outlook.com ([52.103.66.51]:52701 helo=OS8PR02CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up6Ux-000000007RX-19iR

for doctor@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 08:42:49 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=f44RhQPpRZSKXSlMyXbKhJ6N2dZSz5pcvHFYPZpMKIMmEw8nPIMpofY14292k+ICr8s0C+EIvw1TdTjPCx6EGZ3nje9i18Ly4tnanimKXowmoIPPtLrkR3dcWcNR3Q3JfTUQ3EDe7LplCuXeFp8jDD60EdVtxvEizFbyPoq/QT1WlzQiJxG4g6TKzKI8rq8+X7Cn6DjPPIuJNUYK3Ffgp2r3ZggNIo3D3/n4KRkve1cgcrCx4zwMeAJkvhuXma/6ti9mY10Qa1k6W+rxyQ/eaBdPeyQQwdwb5t0T2TZj+Z1qvoqFyS4nHNzw0KDh9/t2ippkLZ1+7h7PSdvCn8dcZA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=CfDt3uBzRTpcMPSwJ6RBRmAqVFd9QVZU8UeZyMjxk8M=;

b=D3Zq19xCJA06jVfPFbyVtb5McTqlWB4dj25meDhOyUhGU59VA2D/zCLEBzvtaiMGgYGMutBPGs7ML+RUeJbYx4bbU0Kpx2T0ZcuXmQ5os3H17cq+Tx7mVQF1IqIBK4L1U9Wm7gZ5FevYht2YnMR/LFojDw06oaQgNKkxezVfVpGj2AyaDBWXpSTB2uB0TTNy7/4FRq0pfCreMUmgCjDFXouLf9CoAAsqNebmBVOlQnbkQ3bzM6Jssa1IQAZ+0e2KtiOF6HAhiyGuuegfpLpEFrZ/t/5iYxn/w8t+unMOCznup25gfUf8hIfVEYbxcvrzegtTZyFqEoTyG1V+2PPfGA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=CfDt3uBzRTpcMPSwJ6RBRmAqVFd9QVZU8UeZyMjxk8M=;

b=cbkXpf2KAG3levgkOS5QoR7xZBh1FlBZWwgQtfp0f9EmM8DG0oiSJFwIKltYlBebpJaeaLdiO2ocLfzZIlXSam8Q4bYqxb0AyohnUPLEk+pCfO2yTuZhJ/vf9vj3kAVExepUvyPzfB6XYipfeKnGoaM67KgWK3pqFsxJ1lsQ6KHfKaLe16RIhy/mXqoLvLDOBfpbFtUJuGPSFSEBiPkaSBjsNdTRUge1qD/cWSe8FZnopMZPNDHfxoeN1ADmZmltKXjGYl6hLWQdAcz1J7GKXB9S4REKX5Eub3zsK1jJgXUPlPoXLsAzdJYHj+5OA7NUXFmi3MOftKboZIL0YSvsAw==

Received: from TYSPR04MB8532.apcprd04.prod.outlook.com (2603:1096:405:c1::5)

by SEYPR04MB5642.apcprd04.prod.outlook.com (2603:1096:101:3f::11) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9052.13; Thu, 21 Aug

2025 14:41:23 +0000

Received: from TYSPR04MB8532.apcprd04.prod.outlook.com

([fe80::4039:9799:d404:142d]) by TYSPR04MB8532.apcprd04.prod.outlook.com

([fe80::4039:9799:d404:142d%5]) with mapi id 15.20.9052.013; Thu, 21 Aug 2025

14:41:23 +0000

From: Ramesh Juneja

To: Ramesh Juneja

Subject: Re: SEO Pricing

Thread-Topic: SEO Pricing

Thread-Index: AQHcEe8zOJnErGUNvEmweZpth2iC2rRrur1igAF0gjaAAAAvfQ==

Date: Thu, 21 Aug 2025 14:41:23 +0000

Message-ID:

References:

In-Reply-To:

Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TYSPR04MB8532:EE_|SEYPR04MB5642:EE_

x-ms-office365-filtering-correlation-id: be34b425-1e40-426a-6fb2-08dde0c0cd13

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|15030799006|8060799015|8062599012|19110799012|31061999003|461199028|7071999006|56899033|40105399003|39145399003|51005399003|440099028|3412199025|39105399003|102099032|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?FFV9TcMCQTuLKXN1QF8RRw2wLyP2cKNY+kiZ37G4eZzkw+q1TLIK5YHL?=

=?Windows-1252?Q?Hool/XC/FQ0IHu5sy6EXYLe+pkMHB/RVuiTE3dYePva40DfAjTtxCM7A?=

=?Windows-1252?Q?jLZ/CdPgAeLmCkHZGfeiIDgBaDB3XIMeK98TPRxB/m8Y2hOdcEmJSxnU?=

=?Windows-1252?Q?C4cokdjesiTbzOEG6/VmbS4axo4ko3dxVyjlv+zyzn+2FNwMTAD9slqs?=

=?Windows-1252?Q?YXfpIoVU6pMunx1E6eHQUOOOphXj1/M0m2XfktbPxStHkTV+xcl7K4sf?=

=?Windows-1252?Q?/Ga3VbYbOS5xYEJY5khe5L9HWSJgjkU88f1knJGUJhyMKW/Arv7k0W0Y?=

=?Windows-1252?Q?fnLOEAjHOS4MQZ5/xjPD732ogKZe1mGUmBn/jWLlMhkFD4kvN2La0Hcq?=

=?Windows-1252?Q?6VLDyHXigPdUDNTTRbmx60PRjUNoIGkBcST6KNa/NY8/XawWG1o47TDm?=

=?Windows-1252?Q?yjn1ig4OSQjbmwGtXf+PDS5Izmqyo+QemeVJ40cS3vrlIs+IDURkq8Pk?=

=?Windows-1252?Q?zAC0E7faNkFyFkni1myHbjtmjb3c8MFqR+wq2XoPVGEnmpHzHPLOa3aK?=

=?Windows-1252?Q?N/EVda1HoSzzf+NQ6in68kzQQ65EjnSoIDw1U1yVX70R2j8hhggHcgIY?=

=?Windows-1252?Q?U3RYL1yGXdXTLEvYGD9hytXLOCFxNF+NGPFAOpSJE0ZgO14iWr70bsS2?=

=?Windows-1252?Q?/U37+brpshCuDwCOIlcaQJgvIafaF66RF0sldxwI1YNJWZROt8g74Gzz?=

=?Windows-1252?Q?hRZbYa1qX5ZOjAyS8/yBO6F9vrmH2VayApOl7dfoGRVI5mNYQX/YRTRB?=

=?Windows-1252?Q?jkWahChR5E+ZYdg+vxSuaRLpCMCMVL5DRyONsN5Fn0Gb8tBFIEPPKc65?=

=?Windows-1252?Q?v7nuftPBG92TD/ThlrXtknUClg2hfoLluCSn/lYcX6+B1cuzEHUY0v0o?=

=?Windows-1252?Q?f2+BR7ey5HeNjbyBIwMreLrvLhCXE3g0MGHbpzAmXbN3Q/466OORWbHK?=

=?Windows-1252?Q?jaGweqquPFBIwowCHaUaWzDsBWQo194//kZjU3Y6VCYUG6gf7Tqnp5/b?=

=?Windows-1252?Q?obBhhbs2qDM96N5FKalJ21t6g8PoGyfFPhH/oQ/xUK7IEZRc4qekgi2O?=

=?Windows-1252?Q?0QC2YGAP0saAznlB7Q6ybyLrVqj1JVJM2eqzgp/Nw1zUcin0STFK+rK2?=

=?Windows-1252?Q?v0rE1bDA/BqM3dLBqvwYVNFENa+iegHzsYEgXRPMikE8JBOeguMBoB+h?=

=?Windows-1252?Q?RMxVsKUBQCAYeoVx1QkX0wRdWPUiiFx2ptmA/F6ZNL/yHbeVufL0Yhg0?=

=?Windows-1252?Q?lyyOIkrCmXEHc1IHW3/4bZEvwJp9N+XvLuYL0UtyGtgBsN0KVk06Bv9k?=

=?Windows-1252?Q?iZNb0E4ENbdla+SkFH+WBNG+nSuMH2l2MsBECv3t4SasaxcQ3lWkoR45?=

=?Windows-1252?Q?487yyX6Wn1JOLYPs4UlNiw=3D=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?+vuEEZU9CWgVFjbIkjrJJLYBie969Z7Cb97X9tCGTDLUgaUaRccWb1Lb?=

=?Windows-1252?Q?hUc3yPvw6VZ0QdN+Bo70Maqa+iWv36IhePRXCU6V/MeL6O2iLDKKjhuz?=

=?Windows-1252?Q?BFf4T7Puvuice3OI8YltqRLWZ+gBE43iSBZIlvJfvr8iMHjPQG/nEgkl?=

=?Windows-1252?Q?Bhcx8WJstc2aAfcDkBlaJ8sT6Z+d+5mVPJa45Phr3YqCGQO0sCdshRn/?=

=?Windows-1252?Q?psBMQgnarHiSaIBP6zr5zjjFalQI+3sA5K1ONvZJ8Dr+e3lN1AbS6Ype?=

=?Windows-1252?Q?mubcS6A8AOKDXnr46tXxjE0AA4lXq8HPHSuRUQxwmcVOsoSlzWYiclMb?=

=?Windows-1252?Q?d6SLHgNN3VDP3WHVUGljcrG3dptbuGt2uJYznrWGKdrkkwIY1DwryQTd?=

=?Windows-1252?Q?u6MApf3Q6+QxljazlTtJ1w2W87LcUh5GUxkNfNxo2yY0e5+gB+wTeSQW?=

=?Windows-1252?Q?LDOm42wy9APWmil9hfXcJjVBnQqSeixOSNJSOWc91NOQIKZ3byzaaG3u?=

=?Windows-1252?Q?vGmi3/AXrmPxqfEn2rrHl9rBdC0erD0b6dWrDzSgdmy096hY8SHKiWFy?=

=?Windows-1252?Q?T1BBQy99z7Te1T2oX6zAqwOrlEca+vDQCRoFKng3ve1wTErGZEMfb/ZT?=

=?Windows-1252?Q?3ZT+8WmOz+5oOejoS8qu89x2fgz+QThDv+02s/ZNfBiXqQYzh/+O0jX8?=

=?Windows-1252?Q?wkTaVWGWz9f9fgpjduqsCZ95rLgQKiCemIGQs3K/mgkispfMNRzMq4+9?=

=?Windows-1252?Q?wEI0KENeiNYPqrzbk/9tm97j/blvoAdziC/TplLmnssqoZ34kM607l/a?=

=?Windows-1252?Q?U8V9lcsdbpDgtgjuzzOW1P1JXVd8Ty8j8OIXQrXWas6KEV8J021W14NJ?=

=?Windows-1252?Q?38EsMl7XxeaMabD3UHqGpp/C8roPAQWJhGqClyj6e14a0LXv1edRJfWJ?=

=?Windows-1252?Q?7whMddbJ4iTO33Pq2eaNYevtwu9bhtBhiuydR1QvTwZcD8gog0WVJ88e?=

=?Windows-1252?Q?5rJzMAuBAcv+lJnanaqdI0NATAkErguJi1TkKKMcRFxch3/fdbEPP5fO?=

=?Windows-1252?Q?FxwxkAK8+u2ChVJHMIwESeA5B/LxRJoLqx1awBg476leYy21qyW8gvKX?=

=?Windows-1252?Q?eANj9vhedKiM3GHQIlAy944wzDgufAnUZfKcOemG6MNjtCSBIH/Efma4?=

=?Windows-1252?Q?XeEZ5tRJCLFgYD6ZtukMZriLeInUOGPWu9y66Uw054VnotKbTXDWXHdY?=

=?Windows-1252?Q?gxRR8uR8YKKjWnNb10km3neMU542q24GMuE6d3ZKxhxi6U5LEUJ8laVf?=

=?Windows-1252?Q?aQT91wkj5eLj2O+xErLxyTHAmszWJMGm8/kbRgT/tjjWXyC4WzyIWGJ5?=

=?Windows-1252?Q?1K2tptIYoMVO0Jn9upH0wIg8QUYvi3nrz1k2o85pLHv6BALcjH5r+zFJ?=

=?Windows-1252?Q?wWXmosv9Rxt2R31VVYLylQ=3D=3D?=

Content-Type: multipart/alternative;

boundary="_000_TYSPR04MB8532174E767F6551CF73C2B6CB32ATYSPR04MB8532apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TYSPR04MB8532.apcprd04.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: be34b425-1e40-426a-6fb2-08dde0c0cd13

X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2025 14:41:23.5400

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: SEYPR04MB5642

X-Spam_score: 6.0

X-Spam_score_int: 60

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi, Still waiting for a reply from you. Thank you! Ramesh

Juneja

Content analysis details: (6.0 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

[52.103.66.51 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.66.51 listed in dnsbl.ahbl.org]

[52.103.66.51 listed in dnsbl.ahbl.org]

[52.103.66.51 listed in dnsbl.ahbl.org]

[52.103.66.51 listed in dnsbl.ahbl.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[dnsbl.ahbl.org]

[2603:1096:405:c1:0:0:0:5 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.66.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.66.51 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.66.51 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.66.51 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.1 ARC_VALID Message has a valid ARC signature

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[webdevelopment.services545(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[webdevelopment.services545(at)outlook.com]

0.3 OFFER_2 BODY: Offers you Something (2)

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[52.103.66.51 listed in wl.mailspike.net]

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 MR_DIFF_MID No description available.

Subject: {SPAM?} Re: SEO Pricing

--_000_TYSPR04MB8532174E767F6551CF73C2B6CB32ATYSPR04MB8532apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

Hi,

Still waiting for a reply from you.

Thank you!

Ramesh Juneja

From: Ramesh Juneja

Sent: Monday, June 23, 2025, 11:14 PM

Subject: Website Issues

Hi,

This season we=92re offering huge SEO discounts.

Want more visibility and clients? Let=92s talk!

Best,

Ramesh Juneja

--_000_TYSPR04MB8532174E767F6551CF73C2B6CB32ATYSPR04MB8532apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

252">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,
v>

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;=

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);">

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;=

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);">

Still waiting for a reply from you.

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;=

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);">

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;=

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);">

Thank you!

ndonsend">

plyFwdMsg">

d-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt; font-family: Calibri=

, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Ramesh Juneja

color: rgb(255, 255, 255); margin-top: 0px; margin-bottom: 0px;">

; color: rgb(79, 98, 40);">

: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">

; color: black;">From:
lvetica, sans-serif; font-size: 12pt; color: rgb(36, 36, 36);">
>
t; color: black;">Ramesh

Juneja <webdevelopment.services545@outlook.com>

: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">

; color: black;">Sent: Monday, June 23, 2025, 11:14 PM
p>

: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">

; color: black;">Subject: Website Issues

: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;">

; color: rgb(34, 34, 34); background-color: white;">

: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 10pt;">

; color: rgb(0, 0, 0);">Hi,

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 0.0001pt;=

font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0=

, 0, 0);">

This season we=92re offering huge SEO discounts.

; font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(=

0, 0, 0);">

; font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(=

0, 0, 0);">

Want more visibility and clients? Let=92s talk!

; font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(=

0, 0, 0);">

ht: normal; background-color: rgb(255, 255, 255); margin: 0cm 0cm 10pt; fon=

t-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0,=

0);">

Best,

Ramesh Juneja

x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x=

_x_x_x_x_x_x_x_x_x_x_x_x_appendonsend">

x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x_x=

_x_x_x_x_x_x_x_x_x_x_x_x_divRplyFwdMsg">

--_000_TYSPR04MB8532174E767F6551CF73C2B6CB32ATYSPR04MB8532apcp_--

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 11:03:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up4P3-000000009HS-13qN

for dave@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 06:28:25 -0600

Resent-From: The Doctor

Resent-Date: Thu, 21 Aug 2025 06:28:25 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from m42-3.mailgun.net ([69.72.42.3]:62102)

by doctor.nl2k.ab.ca with utf8esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uovSL-00000000GEh-3arW

for doctor@nk.ca;

Wed, 20 Aug 2025 20:55:28 -0600

DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=revhc.ca; q=dns/txt; s=smtp; t=1755744862; x=1755752062;

h=Content-Type: Content-Transfer-Encoding: Message-Id: List-Unsubscribe: Reply-To: To: To: From: From: Subject: Subject: Mime-Version: Date: Sender: Sender;

bh=hEycCMv7SjNiYJFXtmKS1bQ5LKCiJyFT8TsHCIqF040=;

b=RV5nkrdbrLaedbJWHEIm8nSu9cNi2FXN0tP0Fu+kiu0Cifpd2OyikYDfRP89vot1pmTn+EpZwtjp4QuynzUVkVxo0qgIuUsSu7RnQchhm74ThFsIZ7iUSNu5/SAPar0VNathtI2GXXSIlSJdtD47GqVQ9gojTAf1Wkx68tn6tG8=

X-Mailgun-Sid: WyJiMzQ2OSIsImRvY3RvckBuay5jYSIsImIwMzExIl0=

Received: by f560eab1f6849a6a6abe2851b040dbfef14c09bb45be2c37fb9f5f6eb5a42042 with HTTP

id 68a68a5e19596705241b3d7e; Thu, 21 Aug 2025 02:54:22 GMT

X-Mailgun-Sending-Ip: 69.72.42.3

Sender: info@revhc.ca

Date: Thu, 21 Aug 2025 02:54:22 +0000

Mime-Version: 1.0

Subject: Your package is waiting for instructions

From: FedEx Tracking

To: doctor@nk.ca

Reply-To: support@revhc.ca

List-Unsubscribe:

Precedence: bulk

Message-Id: <20250821025422.172a61ff58a4dbab@revhc.ca>

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset="utf-8"

w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

/>

1.0" />

FedEx Delivery Notification

round-color: #f7f7f7;">

ng=3D"0" width=3D"600">

=20

=20

=20

Hello, doct=

or@nk.ca

=20

We would like to inform you that your parcel has arrived at=

the FedEx facility and is currently awaiting the next step in processing.

=20

Tracking Number:
t: bold; color: #4D148C;">767890843785

Status: Received at local FedEx terminal 2=

025-08-20 19:54:22

Action Required: Delivery pending confirma=

tion and fee settlement

=20

To continue with delivery, a standard clearance and handlin=

g fee of $12.47 CAD is required.

=20

nt-size: 16px;">Confirm and Resolve Charges

=20

or: #4D148C; text-decoration: underline;">Track shipment

=3D"color: #4D148C; text-decoration: underline;">Customer Support

Phone: 1.800.463.3339

=20

Thank you f=

or using FedEx.

=20

Sincerely,

FedEx Canada

Posted by Dave Yadallee on Friday, August 22. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 11:03:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up65i-00000000Dbp-0Gkq

for dave@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 08:16:34 -0600

Resent-From: The Doctor

Resent-Date: Thu, 21 Aug 2025 08:16:33 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ucmail1.sendbyte.tech ([117.50.12.154]:19629)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from <173847d8-7e98-11f0-8858-5254001bd3a2@kecljwj.cn>)

id 1up5xE-00000000236-1nJb

for doctor@nk.ca;

Thu, 21 Aug 2025 08:07:56 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kecljwj.cn;

i=@kecljwj.cn; q=dns/txt; s=mail; t=1755785213;

h=content-transfer-encoding : from : sender : to : reply-to : subject

: message-id : date : mime-version : content-type : list-unsubscribe :

from : list-unsubscribe-post : feedback-id;

bh=YcMvlKP+YKZPis+PFRcHkRysKWaQf79c8p6u8Iyl1Cg=;

b=jHmL+RYUxfVsUVBK/CixlWuYgDDOng7L5aa3lLcHo7/aHSg5gWKrT8X/VbH5sjL8/MssK

aS6rUWY5/PmIhMVRVKpYjz7LNPiSGXWcw9fheSiEGXZ8yOhUYboDM9+T2FZYNeOPa3GM9DY

eIaR+03lmQHJTrFisTPoBm07vSC4Wjk=

Received: from [127.0.0.1] (Unknown [127.0.0.1]) by SendCloud Inbound Server with ESMTPSA id 2DD9BB98-C295-4368-8418-0599CBEDDD86.1 envelope-from (authenticated bits=0) (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256); Thu, 21 Aug 2025 22:06:53 +0800

Content-Transfer-Encoding: base64

From: Alison

Sender: Alison

To: doctor@nk.ca

Reply-To: Alison

Subject: =?utf-8?q?Network_Equipment_Partner?=

Message-ID: <1755785213783_69593_97021_2384.sc-10_9_13_213-inbound0@kecljwj.cn>

Date: Thu, 21 Aug 2025 14:06:53 +0000

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

X-SENDCLOUD-UUID: 1755785213783_69593_97021_2384.sc-10_9_13_213-inbound0$doctor@nk.ca

X-SENDCLOUD-LOG: 1755785213783_69593_97021_2384.sc-10_9_13_213-inbound0$doctor@nk.ca#doctor@nk.ca&292640;69593&0;false&false;-1#-1#

X-SENDCLOUD-LOG-NEW: MTc1NTc4NTIxMzc4M182OTU5M185NzAyMV8yMzg0LnNjLTEwXzlfMTNfMjEzLWluYm91bmQwJGRvY3RvckBuay5jYSNkb2N0b3JAbmsuY2EjMjkyNjQwIzY5NTkzIzAjZmFsc2UjZmFsc2UjLTEjLTEj

List-Unsubscribe:

X-Spam_score: 12.5

X-Spam_score_int: 125

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi , FLINES, a leading OEM/ODM manufacturer with 26 years'

experience.

Content analysis details: (12.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: kecljwj.cn]

0.6 J_CHICKENPOX_36 BODY: 3alpha-pock-6alpha

1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words

0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.5 VOWEL_FROM_5 Impronouncable from header (6 consecutive vowels)

1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?utf-8?q?Network_Equipment_Partner?=

PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5PjxwPkhpICw8L3A+CjxwPiZuYnNwOzwvcD4KPHA+RkxJ

TkVTLCBhIGxlYWRpbmcgT0VNL09ETSZuYnNwO21hbnVmYWN0dXJlciB3aXRoIDI2IHllYXJzJyBl

eHBlcmllbmNlLjwvcD4KPHA+T2ZmZXJzIDxzdHJvbmc+MTAwRy80MDBHLzEyLjhUIDwvc3Ryb25n

PnN3aXRjaGVzIChsaXF1aWQtY29vbGVkLCAxOCUgbG93ZXIgY29zdCB0aGFuIEVkZ2Vjb3JlKS4m

bmJzcDs8L3A+CjxwPjczJSBsb2NhbGl6ZWQgY29tcG9uZW50cywgNE0gYW5udWFsIGNhcGFjaXR5

LCBQYXJ0bmVyZWQgd2l0aCA8c3Ryb25nPkgzQywgTkVDLEluc3B1cixCdWZmYWxvPC9zdHJvbmc+

IGVjdC4mbmJzcDs8L3A+CjxwPlNlZWsgTmV0a25vdyBJbnRlcm5ldCBTZXJ2aWNlIGNvbGxhYm9y

YXRpb246IGpvaW50IFImYW1wO0QsIGN1c3RvbSBzb2x1dGlvbnMuJm5ic3A7PC9wPgo8cD4mbmJz

cDs8L3A+CjxwPkFsaXNvbiBHdTwvcD4KPHA+QkRN77yIT3ZlcnNlYXPvvIk8L3A+PC9ib2R5Pjwv

aHRtbD48ZGl2PjxpbWcgd2lkdGg9IjAiIGhlaWdodD0iMCIgYWx0PSJjc29rNHlzb3p3Y3EwIiBz

dHlsZT0iZGlzcGxheTpmbGV4IiBzcmM9Imh0dHBzOi8va2VjbGp3ai5jbi9jZW50ZXIvci9jc29r

NHlzb3p3Y3EwLnBuZyIvPjwvZGl2Pg==

Posted by Dave Yadallee on Thursday, August 21. 2025

Return-path:

Envelope-to: dave@nk.ca

Delivery-date: Thu, 21 Aug 2025 08:40:00 -0600

Received: from mail-japaneastazolkn19013072.outbound.protection.outlook.com ([52.103.43.72]:5456 helo=TYDPR03CU002.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up6Rz-000000004hJ-3VQb

for dave@nk.ca;

Thu, 21 Aug 2025 08:39:45 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=Aeaeb6RrBFdrzN2/pIyRrLLBmA9KYyHZtzbSNib8zM2UZAaiipuKte2TEuabD+geumdOCARsHUrYdCDdu5CRESiB89ONWVvujf2g/+/wj+L3Yx63anQ9FfXgax9NhyE/8x/jCO4KoyrzRfnw95uVbd/HkdpTitfYcD+LQyBKzf2TedYJ9VpQvuHQ3Js+gJEXE82awbYs1SU8Iz1gqJphkXw95v6b0xx0CJinBkFd2nO1ljV1f07P+sPOW05qR9zHSH1iTiSq6bf3MlA16rxdRuOCSuymzZgvFke/XTJkHOF20u36d6cbtjBeteQkHKAXT3E+XMBG/F8xEyuRGcnyUQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=kBJjMuJxWuvmK1tTftvIKnxvK0eHsi3FWzO5+v1nmCA=;

b=DtodPBzlTnd8ru+xj1hWJE94v+5g3PS7u6J94O6bVrXYBwiaYv9RkK1WHpnWK37euwGqwT+g4TlG0mjJvgKk2B21uXqdUhLR2PwRlkXZa4mGTTtiQ7yuGQaUyfqpd6om/n8xuwKa4paNFJ2e20Ri+XqDOgVIlZ50X1nUyf51PvdR8V4HEurihrCx8VounbgIq2pjFJ8kN6JMdcSzgivmMbooYJhvbD5Kq6h2DkltM8slsPMwJ2DoxDi8adpukfvTv6Ckwcn4gCtUXQpxS5e3LFf6sgyx8YMPCzqyOtkcRs+XXZMDZa6/llKvFcg3jOYXLLPHgO0yzo+A2SjhTXYYHA==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=kBJjMuJxWuvmK1tTftvIKnxvK0eHsi3FWzO5+v1nmCA=;

b=eWPzFWPZjhGe8YJSENnEoQ3Ob+RtuGtI49+b5uf2RoqAaDmfxVmnZ8Qft9591vMXCHQtZ0nuonANSoOkgUtvDN8IdehY5eyhlZv/Rt/LalGhogXIzwmbVEztWGdKQeGeacxAODrTeIuWyydoHgbfbjEHtbI0AHeF4QkooSG434TF2qqUsXff/86rd9wpQzvzacMCe+ZiSG98OgG/+HfNqV7oTTSBJdq17ClrvOXYlmDiYridAS5UGBbHKoNW1p1+LWHLjx3qGhLO5Xz2ZLwcaxOaeVCDwIq1YCUYeGKlCXciDAHsArlEYKNuW4cKKaNzKBvu+nuUK8vMh65kaMyO1Q==

Received: from TYZPR03MB5853.apcprd03.prod.outlook.com (2603:1096:400:120::12)

by TY0PR03MB8329.apcprd03.prod.outlook.com (2603:1096:405:19::5) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9052.14; Thu, 21 Aug

2025 14:38:12 +0000

Received: from TYZPR03MB5853.apcprd03.prod.outlook.com

([fe80::1eaa:4907:8f5a:2d62]) by TYZPR03MB5853.apcprd03.prod.outlook.com

([fe80::1eaa:4907:8f5a:2d62%5]) with mapi id 15.20.9052.013; Thu, 21 Aug 2025

14:38:12 +0000

From: Tony Smith

To: Tony Smith

Subject: Re: Complete SEO Action Plan?

Thread-Topic: Complete SEO Action Plan?

Thread-Index: AQHcEqkFiL+zoH/TlkWRiQWdmJTOCw==

Date: Thu, 21 Aug 2025 14:38:12 +0000

Message-ID:

Accept-Language: en-GB, en-US

Content-Language: en-GB

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: TYZPR03MB5853:EE_|TY0PR03MB8329:EE_

x-ms-office365-filtering-correlation-id: 81a12139-86e2-430f-284e-08dde0c05b3f

x-microsoft-antispam:

BCL:0;ARA:14566002|15080799012|15030799006|8060799015|8062599012|19110799012|31061999003|461199028|40105399003|41105399003|440099028|3412199025|39145399003|39105399003|102099032|1710799026;

x-microsoft-antispam-message-info:

=?Windows-1252?Q?M6NnYdaUSYefH9g/s/MctjJO89o685o+o2yfBQvYFN93jZCFArks5aee?=

=?Windows-1252?Q?hy7ijGpVJq5ZMvNxiZUUlvmMBriTNv7NLh0OsM0HJlqhsrrFHGM3SwH1?=

=?Windows-1252?Q?x9fc6banloQ0/wZkOJ2KZf3EWWgvIwTgvTWrKMJVyeSEdAarRMiLdi/q?=

=?Windows-1252?Q?1abU32HWoHNAFTk/wJ41uNRyy5B5YbLau/PA/6ycXlAIofEpqXjlZarn?=

=?Windows-1252?Q?a3DGparCwr5HDAuDIXelZEPqbtakmBFs6qy3qv+30cOrOqld2v+sS54k?=

=?Windows-1252?Q?U+0YQZwfmfuhxbkDgGPMCfP2ropBLTs2GBdZWSJvuGJNKu0G6MNeRLlW?=

=?Windows-1252?Q?bHRbDJytzMZeqUhpacp8/hOVXcANoldM5gVGLpbidlQ6Zf0SktZap9ws?=

=?Windows-1252?Q?a38HT+zqMP08jyn5QHXeF9t9K5KNFT13RyRwajM2qgWJSKz1HPsUQGso?=

=?Windows-1252?Q?0W9KZHv6Pt4UJ/12PHSZ73FmDFL4+udI/T2d8RiwMOTnZSnfezsjs+PB?=

=?Windows-1252?Q?F5u2coHPeajAQgDQKs38AF5nGualCKkWfgn+sUCo6rrnzyUkTE2tn+6a?=

=?Windows-1252?Q?dLEUXv0aJWjmyDut6xgIo/mFgY/vir3+JPJn5ifFr38Hj1XCNCb9kVsy?=

=?Windows-1252?Q?DhBeVWUDOvYjAn57YlEB/7I+FOd/ZjZqgdkhyKAng7lhskWDq6h63ppk?=

=?Windows-1252?Q?f2YaiiRWj9wpd08BgauViBlb/lgxonYXV3AAvsAZUHORJqSqshr0xeRC?=

=?Windows-1252?Q?1aGgtSexLQ9cHGA26koJLpdaegpkcAEy2dsk9qrBV7k9pqTUY34O4mbc?=

=?Windows-1252?Q?YMPGvWT4eneiQnktbz5VkE9d4feU4H3GStCPp08HNcsbveFdEg3RCTbX?=

=?Windows-1252?Q?jPOBZ02lOAb3yWw1faRgwt9hstyK9bhVHqoE7Z7GWOtK8NeVUAoItDzc?=

=?Windows-1252?Q?pe9eTtj6jnI9xQDHewjzblHcCaf++8xq1SFxhC3WishEoyvxPJXEAJ0X?=

=?Windows-1252?Q?0qzcdZyACHOPAz7C/q1542kVkn++jgyTJYgdDKqwmQibCEerfbAxqRFm?=

=?Windows-1252?Q?kG+g4MZCaRiA60ClgljYACvHCKhKwQT5UPb47xJ4q6gKQ5DZdtkWCWcJ?=

=?Windows-1252?Q?/WUFIaGVJNK4DMbY1HlAPnshiSDdxE4X5tRehErv6qWtNNaCX8Uiiwvp?=

=?Windows-1252?Q?EpMIwLygLiKpZo6mYTqw3nQVw8XY9DXA1gzciE3O28junybbHKeHn403?=

=?Windows-1252?Q?lISgW6Q5vjIA0qPSN03dMeyULGoHVshdIAbArrkwIolXEDPFPgx4e4Dl?=

=?Windows-1252?Q?1updtDGgHLUWAGMfk/Cyk2rH+fpYf6G+cR6TjMthJX0M30KH5p8Fn8mj?=

=?Windows-1252?Q?Ia+upN021bZxwKfDsJLLGIZ32mKFBp0THu0=3D?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?Windows-1252?Q?ePNqZVGdTGs1zvmZ422Fi+9tpGyxdVNMMWgxX1Z3+XgXdCTl88JZqZrt?=

=?Windows-1252?Q?6Tae49AGQmG/a+9oq2DwMa71t8er0r7rD7pN83gcvmUWbiEF7W8Sc/3J?=

=?Windows-1252?Q?v6iyzaAUQ6l43g4uC/2B5anQUJ2AdblkHqxf9DoOn/IYlIIWkcM7U+M7?=

=?Windows-1252?Q?kQpNUDQyM2Oi/ALAJLAidJIROklDDU0B922/K6sH6E1X7LriqZhAjmRw?=

=?Windows-1252?Q?dvbMYVyZDrqKUqKQYOgmzTQLDLUzYT608IU8reL4xAovd076BdjmZ6Gb?=

=?Windows-1252?Q?sj4N9BsZ6NuXvi6BY7b9TA/N/LLluUjLs3+lzbC7OxjlTXkh984LqcFK?=

=?Windows-1252?Q?dhBW4+zul3lKtPU4jCswhmwDfBm4QGRcs9R6/LGLV+8BCy0jT50U3VJn?=

=?Windows-1252?Q?36jcxAABCx6+pV/VdnPnPZ90mB3yrdplb+uz6D2mbqYUvKkds+c1XpmJ?=

=?Windows-1252?Q?XMnn6VrMTf2vaCpQDSi6iJ2xp5dtM/+6Q33iRYqePLN/5iDgIvRrFXKO?=

=?Windows-1252?Q?4f77exupMMx8jsoSoEV3YdtJ8/oSBNAkp5SyoJGai29LNAw4s3u0nW3T?=

=?Windows-1252?Q?RMsM0WdGNvq4dq5BR1R/irxZDrLDlRXLaQr8tOu7oUgC6EQ4GmfvRwWr?=

=?Windows-1252?Q?cAXwo/kCWBU3C/lbkv4y0qWwViFuYp7/mwwvb4M2f5rF+5bw+IlFTO9H?=

=?Windows-1252?Q?lcZ0VvUrK8515RGSMGFaNceGtcPRMRR+Jg1DgGcbMEfvY7NPXCc+pAFS?=

=?Windows-1252?Q?Zj6tG0ku/ihc3fnw1vehxt9q1GJoLv3qnV45DYuWBlGpAn0pXA9lDWq6?=

=?Windows-1252?Q?bAaBbB4lANx/gIMMbBXpe8fz+9xIufE89DyBvHkh4j3Qtmary3hrvSa8?=

=?Windows-1252?Q?X89cXhsBhXwV+g0SA2/bQzmBrVEtE4627clMlPOjx4kOrhZidSvXuYyr?=

=?Windows-1252?Q?xYEcQdgAVdIXnemwfKnF2asCmA5PWK1C0OWJ6CfJUHCScy3FDYeLc5MQ?=

=?Windows-1252?Q?meNtgjs0ShYR8UgOyJ84dDzDWO1Ax6pQRUZIabNSVYbNJTQzYxywSUIg?=

=?Windows-1252?Q?Dmb2bQh4inwg9SJDt6rbGPaX5Vqlknt5xwSsSeEK6Mbz3QzsosX4/8Nc?=

=?Windows-1252?Q?rP7Ld395WUDGqB3gdZI2E67OLOU+dvhLcUnpWXUrswtMmV4Rrvl8E/0A?=

=?Windows-1252?Q?Za7vpzxw1FKqjeKdXG/uxyr3AYtAaTc0H8B86G7mkYcNpi9lIPwtJzrl?=

=?Windows-1252?Q?L+TUlnfAF9zmtE3cobuID6FYZBTSMfiyuK0ZNYYIib09NWl2HUcBg1/4?=

=?Windows-1252?Q?imweGw555+hYaT02FZjjuczoZ5SFxZyh04vLexxmNkzub4HkZD7kvPAT?=

=?Windows-1252?Q?kDdfNAbjBG0lmSWkWidCC83JKPt1ysQlam8MoY+D3b2b1MULSupXAww8?=

Content-Type: multipart/alternative;

boundary="_000_TYZPR03MB5853F606B8A1038852C8E4F7FD32ATYZPR03MB5853apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: TYZPR03MB5853.apcprd03.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 81a12139-86e2-430f-284e-08dde0c05b3f

X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2025 14:38:12.5245

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TY0PR03MB8329

--_000_TYZPR03MB5853F606B8A1038852C8E4F7FD32ATYZPR03MB5853apcp_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

Hello,

Have a good day,

I was looking at your website and noticed that you aren=92t at the top of G=

oogle search. I can fix that for you and make your company more profitable.

I can give you our Complete SEO Action Plan along with a customary reach an=

d add great value to your product/ service.

Can I send you a quotation and price list?

Waiting for quick reply.

Regards,

Tony Smith

--_000_TYZPR03MB5853F606B8A1038852C8E4F7FD32ATYZPR03MB5853apcp_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

252">

ground-color: rgb(255, 255, 255); margin: 0in 0in 10pt; font-family: Aptos,=

Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; f=

ont-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

I was looking at your website and noticed that you aren=92t at the top o=

f Google search. I can fix that for you and make your company more prof=

itable.

ground-color: rgb(255, 255, 255); margin: 0in 0in 10pt; font-family: Aptos,=

Aptos_EmbeddedFont, Aptos_MSFontService, Calibri, Helvetica, sans-serif; f=

ont-size: 12pt; color: rgb(0, 0, 0);" class=3D"elementToProof">

I can give you our Complete SEO Action Plan along with a custom=

ary reach and add great value to your product/ service.

, 255, 255); margin: 0px; font-family: Aptos, Aptos_EmbeddedFont, Aptos_MSF=

ontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, =

0, 0);" class=3D"elementToProof">

Tony Smith

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

--_000_TYZPR03MB5853F606B8A1038852C8E4F7FD32ATYZPR03MB5853apcp_--

Posted by Dave Yadallee on Thursday, August 21. 2025

Return-path:

Envelope-to: dave@nk.ca

Delivery-date: Thu, 21 Aug 2025 08:07:00 -0600

Received: from ucmail1.sendbyte.tech ([117.50.12.154]:23563)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up5w4-000000001md-1kXv

for dave@nk.ca;

Thu, 21 Aug 2025 08:06:44 -0600

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sufifl.cn;

i=@sufifl.cn; q=dns/txt; s=mail; t=1755785123;

h=content-transfer-encoding : from : sender : to : reply-to : subject

: message-id : date : mime-version : content-type : list-unsubscribe :

from : list-unsubscribe-post : feedback-id;

bh=cyYycjNdPBJb/aGantl2OgECzQBiaO+LVV7N8Mjw5g4=;

b=hkv9dKE5lwTu1cZEJdHOls1RMeVb0yzOKmpT7y65j6pKd3vI3kVotdCyBwU/aQ5A7vRN6

0i/oDSVDrpikUrGv0J2W2zjvVqVwRmbkM8bpTB9QU9tKrLoHydgrReyiiW2LAvX2jbXuyF9

r/VkQ2luo4ALptBSGoxzg/lG8Sz/cs4=

Received: from [127.0.0.1] (Unknown [127.0.0.1]) by SendCloud Inbound Server with ESMTPSA id F1B3E836-5AC9-455D-B317-285C8A9B7E25.1 envelope-from (authenticated bits=0) (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256); Thu, 21 Aug 2025 22:05:22 +0800

Content-Transfer-Encoding: base64

From: Alison

Sender: Alison

To: dave@nk.ca

Reply-To: Alison

Subject: =?utf-8?q?Network_Equipment_Partner?=

Message-ID: <1755785122993_69593_52740_4594.sc-10_9_51_122-inbound0@sufifl.cn>

Date: Thu, 21 Aug 2025 14:05:22 +0000

MIME-Version: 1.0

Content-Type: text/html; charset="UTF-8"

X-SENDCLOUD-UUID: 1755785122993_69593_52740_4594.sc-10_9_51_122-inbound0$dave@nk.ca

X-SENDCLOUD-LOG: 1755785122993_69593_52740_4594.sc-10_9_51_122-inbound0$dave@nk.ca#dave@nk.ca&290441;69593&0;false&false;-1#-1#

X-SENDCLOUD-LOG-NEW: MTc1NTc4NTEyMjk5M182OTU5M181Mjc0MF80NTk0LnNjLTEwXzlfNTFfMTIyLWluYm91bmQwJGRhdmVAbmsuY2EjZGF2ZUBuay5jYSMyOTA0NDEjNjk1OTMjMCNmYWxzZSNmYWxzZSMtMSMtMSM=

List-Unsubscribe:

X-Spam_score: 8.5

X-Spam_score_int: 85

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hi , FLINES, a leading OEM/ODM manufacturer with 26 years'

experience.

Content analysis details: (8.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

[117.50.12.154 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

[117.50.12.154 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[117.50.12.154 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.6 J_CHICKENPOX_36 BODY: 3alpha-pock-6alpha

1.8 HTML_IMAGE_ONLY_08 BODY: HTML: images with 400-800 bytes of words

0.0 HTML_IMAGE_RATIO_08 BODY: HTML has a low ratio of text to image area

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 T_REMOTE_IMAGE Message contains an external image

Subject: {SPAM?} =?utf-8?q?Network_Equipment_Partner?=

PGh0bWw+PGhlYWQ+PC9oZWFkPjxib2R5PjxwPkhpICw8L3A+CjxwPiZuYnNwOzwvcD4KPHA+RkxJ

TkVTLCBhIGxlYWRpbmcgT0VNL09ETSZuYnNwO21hbnVmYWN0dXJlciB3aXRoIDI2IHllYXJzJyBl

eHBlcmllbmNlLjwvcD4KPHA+T2ZmZXJzIDxzdHJvbmc+MTAwRy80MDBHLzEyLjhUIDwvc3Ryb25n

PnN3aXRjaGVzIChsaXF1aWQtY29vbGVkLCAxOCUgbG93ZXIgY29zdCB0aGFuIEVkZ2Vjb3JlKS4m

bmJzcDs8L3A+CjxwPjczJSBsb2NhbGl6ZWQgY29tcG9uZW50cywgNE0gYW5udWFsIGNhcGFjaXR5

LCBQYXJ0bmVyZWQgd2l0aCA8c3Ryb25nPkgzQywgTkVDLEluc3B1cixCdWZmYWxvPC9zdHJvbmc+

IGVjdC4mbmJzcDs8L3A+CjxwPlNlZWsgTmV0a25vdyBJbnRlcm5ldCBTZXJ2aWNlIGNvbGxhYm9y

YXRpb246IGpvaW50IFImYW1wO0QsIGN1c3RvbSBzb2x1dGlvbnMuJm5ic3A7PC9wPgo8cD4mbmJz

cDs8L3A+CjxwPkFsaXNvbiBHdTwvcD4KPHA+QkRN77yIT3ZlcnNlYXPvvIk8L3A+PC9ib2R5Pjwv

aHRtbD48ZGl2PjxpbWcgd2lkdGg9IjAiIGhlaWdodD0iMCIgYWx0PSJmZjZjN3BjdnR3aWplIiBz

dHlsZT0iZGlzcGxheTpmbGV4IiBzcmM9Imh0dHBzOi8vc3VmaWZsLmNuL2NlbnRlci9yL2ZmNmM3

cGN2dHdpamUucG5nIi8+PC9kaXY+

Posted by Dave Yadallee on Thursday, August 21. 2025

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Thu, 21 Aug 2025 07:01:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1up4Os-000000008Ux-2Ei2

for dave@doctor.nl2k.ab.ca;

Thu, 21 Aug 2025 06:28:14 -0600

Resent-From: The Doctor

Resent-Date: Thu, 21 Aug 2025 06:28:14 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from m42-3.mailgun.net ([69.72.42.3]:53752)

by doctor.nl2k.ab.ca with utf8esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1uourP-00000000BBS-2qHL

for root@nk.ca;

Wed, 20 Aug 2025 20:17:10 -0600

DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed; d=revhc.ca; q=dns/txt; s=smtp; t=1755742565; x=1755749765;

h=Content-Type: Content-Transfer-Encoding: Message-Id: List-Unsubscribe: Reply-To: To: To: From: From: Subject: Subject: Mime-Version: Date: Sender: Sender;

bh=Un8sNAFRF6yoD/CtflMGkC5OFbB5lCMMo5Qm7rimWtY=;

b=pn45+ihuMClDqnafTDgvvtz97eeiLLAuX11ytbJomwW6b4IajJkA41rzfFVP4cmVhyzb+l8+QTtyf1Qm/gv+LiN5yes7J7r4FWLcIMSJw7aG9Xv5e6LxWBrDSZs/7+ZjAmHvsgFRthg2bm+HGQ3HCAGq5aNFxPXba347IKuHWEc=

X-Mailgun-Sid: WyI2ZGJiYSIsInJvb3RAbmsuY2EiLCJiMDMxMSJd

Received: by 52b5da96627fe01f0a0132ee5d3d94ed064c71103e396f716d17518926fcc0e1 with HTTP

id 68a68165fb14af796d3a2447; Thu, 21 Aug 2025 02:16:05 GMT

X-Mailgun-Sending-Ip: 69.72.42.3

Sender: info@revhc.ca

Date: Thu, 21 Aug 2025 02:16:05 +0000

Mime-Version: 1.0

Subject: Your package is waiting for instructions

From: FedEx Tracking

To: root@nk.ca

Precedence: bulk

Reply-To: support@revhc.ca

List-Unsubscribe:

Message-Id: <20250821021605.656c2ed02944362d@revhc.ca>

Content-Transfer-Encoding: quoted-printable

Content-Type: text/html; charset="utf-8"

X-Spam_score: 8.5

X-Spam_score_int: 85

X-Spam_bar: ++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: FedEx Delivery Notification FedEx Canada – Package Notification

Content analysis details: (8.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

[69.72.42.3 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[69.72.42.3 listed in dnsbl.ahbl.org]

[69.72.42.3 listed in dnsbl.ahbl.org]

[69.72.42.3 listed in dnsbl.ahbl.org]

[69.72.42.3 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[69.72.42.3 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[69.72.42.3 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[69.72.42.3 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[69.72.42.3 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[69.72.42.3 listed in list.dnswl.org]

0.9 SPF_FAIL SPF: sender does not match SPF record (fail)

[SPF failed: Rejected by SPF record.]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

0.5 L_HELLO_ADDRESS BODY: Greets you by address, not by name

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 HTML_MESSAGE BODY: HTML included in message

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} Your package is waiting for instructions

w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

/>

1.0" />

FedEx Delivery Notification

round-color: #f7f7f7;">

ng=3D"0" width=3D"600">

=20

=20

=20

Hello, root=

@nk.ca

=20

We would like to inform you that your parcel has arrived at=

the FedEx facility and is currently awaiting the next step in processing.

=20

Tracking Number:
t: bold; color: #4D148C;">328831072785

Status: Received at local FedEx terminal 2=

025-08-20 19:16:05

Action Required: Delivery pending confirma=

tion and fee settlement

=20

To continue with delivery, a standard clearance and handlin=

g fee of $12.47 CAD is required.

=20

nt-size: 16px;">Confirm and Resolve Charges

=20

August '25

or: #4D148C; text-decoration: underline;">Track shipment

=3D"color: #4D148C; text-decoration: underline;">Customer Support

Phone: 1.800.463.3339

=20

Thank you f=

or using FedEx.

=20

Sincerely,

FedEx Canada