X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 03 Jan 2026 08:13:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vc3JK-00000000MKH-21LD

for dave@doctor.nl2k.ab.ca;

Sat, 03 Jan 2026 08:12:58 -0700

Resent-From: The Doctor

Resent-Date: Sat, 3 Jan 2026 08:12:58 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ot1-f69.google.com ([209.85.210.69]:59673)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vc08z-00000000Az3-2mkO

for doctor@nk.ca;

Sat, 03 Jan 2026 04:50:14 -0700

Received: by mail-ot1-f69.google.com with SMTP id 46e09a7af769-7c70546acd9so29356675a34.3

for ; Sat, 03 Jan 2026 03:49:17 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=firebaseapp.com; s=20230601; t=1767440951; x=1768045751; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=WTn2HMhNHZOFS3ZXsRvlSK0nPhSv8z+N0sDwqWxuiIM=;

b=gQ75i18Vxs/gk3ECxcQBOovCfzuf2bKQMwMR3v/wD599bHGRVvi5wZIkPXzkoPYqe2

yiLmGoKhM8lyGLd6U/JZoBmK8FzG9DJcRS28f9yYeN99WOkLB3i1ykkxHuTPDePacrdp

cACU0ynHUIueQtUt3eie9JZFLdljQkNUKaULWLFIzf387vGkqjPovSiFEfXWqS6szNPt

miEPAFoCQRrFpZ4UKuEUdVUOTZbYiD5XZJRe9ewre4XzWsZWxPQV6DQgo1F+Seg0yP3S

/pLSB8r4vaQzu5SqeWbZbkTUsN8pU6Pjmm7bwMDCl0Bseo1Z/zgIemB5iAB+nCm/mYH+

JNQQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1767440951; x=1768045751;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=WTn2HMhNHZOFS3ZXsRvlSK0nPhSv8z+N0sDwqWxuiIM=;

b=azYDh7AOJ3PObFQbeQx57tXQdHYicExVjj14QbND6IDee3NChhYsRjzhMyzB/PQv25

CV03WfGbsMgSradQS8cdYmfz8krvkF3tZAG/f4MK0bJCPRz64UC2cDmGQJb3eRybVYg3

QTe3621qCLZFq12Ni2Xu8iiEhA+W27Is3CuHBwVyPHkdDmE8fA1qXyI+uoQsQZ46Ich/

mCCK8UNIdbk4UPxeAFw4wRAxw8NbluuV191j7eQuOcYPSrJz7owjTCutT0k5FfHVmaHG

fkv5pwUhv9quP7eXZJ5rqLQogcfRYS8DpiorQitqChDiFMFP6Cz8uUCobr8XsIdv1unu

dRkA==

X-Gm-Message-State: AOJu0YwfV0v638n3+Basxmh7oP+lErJH9CAZqnwMVkyDohZXlgqpPnK3

qqVkevHZ4d6epha5v39Pk8v7pBUMYuto3bLylK5dBVjxcS9bF6e1QRFrw6/MNSk434hcTzvamq5

cA7VyHpBUGA==

X-Google-Smtp-Source: AGHT+IHpg1pbo2Ao1ahNt5zMDpf5ZNHetn6QjXUl8JkYh3aujAWMkqCeG5zyxsWjP3Y1U9CMazqTCyOdSQBAEBk=

MIME-Version: 1.0

X-Received: by 2002:a9d:6010:0:b0:7c7:541f:64c1 with SMTP id

46e09a7af769-7cc66a46842mr20529417a34.31.1767440951455; Sat, 03 Jan 2026

03:49:11 -0800 (PST)

Message-ID: <00000000000012b06906477a6a3f@google.com>

Date: Sat, 03 Jan 2026 11:49:11 +0000

Subject: New Invoice (20250527) is available.

From: Payment Receipt

To: doctor@nk.ca

Content-Type: multipart/alternative; boundary="00000000000012b05506477a6a3c"

X-Spam_score: 7.0

X-Spam_score_int: 70

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: 📦 Your Order Summary A quick glance at what's next Order

NumberORD:20250527-7005



Content analysis details: (7.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.210.69 listed in dnsbl.ahbl.org]

[209.85.210.69 listed in dnsbl.ahbl.org]

[209.85.210.69 listed in dnsbl.ahbl.org]

[209.85.210.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.210.69 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.210.69 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.210.69 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.210.69 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

[209.85.210.69 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.69 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.210.69 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 VOWEL_URI_6 URI hostname with 6 consecutive vowels

0.0 SARE_FROM_SPAM_WORD4 From address suggests this may be spam

Subject: {SPAM?} New Invoice (20250527) is available.



--00000000000012b05506477a6a3c

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



8J+TpiBZb3VyIE9yZGVyIFN1bW1hcnkNCg0KQSBxdWljayBnbGFuY2UgYXQgd2hhdCdzIG5leHQN

Cg0KDQpPcmRlciBOdW1iZXJPUkQ6MjAyNTA1MjctNzAwNQ0KDQpUcmFuc2FjdGlvbiBEYXRlIDog

MDMvMDEvMjAyNg0KDQpBbW91bnQgUGFpZDogMTI5LjUwIENBRA0KDQoNCkV2ZXJ5dGhpbmcgeW91

IG5lZWTigJRpdGVtaXplZCBjb3N0cywgd2FycmFudHkgaW5mbywgYW5kIGNhbmNlbGxhdGlvbiBz

dGVwc+KAlCAgDQpsaXZlcyBpbiB0aGUgYXR0YWNobWVudCBmaWxlLg0KDQpUbyBtYWtlIHN1cmUg

dGhlcmUgYXJlIG5vIHN1cnByaXNlczoNCg0KDQpPcGVuIHRoZSBhdHRhY2hlZCBmaWxlIGZvciBm

dWxsIGRldGFpbHMuDQpDb25maXJtIHRoZSBpdGVtcyBhbmQgc2VydmljZXMgeW91J3ZlIGJlZW4g

Y2hhcmdlZC4NCklmIHRoaXMgd2Fzbid0IHlvdSwgZm9sbG93IHRoZSDigJxDYW5jZWwgT3JkZXLi

gJ0gc2VjdGlvbi4NCkRvd25sb2FkIE9yZGVyIERldGFpbHMNClRoYW5rIHlvdSBmb3IgY2hvb3Np

bmcgdXPigJR5b3VyIHRydXN0IG1hdHRlcnMuDQoNCk5lZWQgaGVscD8gUmVhY2ggb3V0IGFueSB0

aW1lIHRvIEJpbGxpbmcgU3VwcG9ydC4NCg0K

--00000000000012b05506477a6a3c

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

 

=F0=9F=93=A6 Your Order Summary

A quick glance at what's next

Order NumberORD:20250527-7005

Transaction Date : 03/01/2026

Amount Paid: 129.50 CAD

Everything you need—itemized costs, warranty info, and cancellatio=

n steps— lives in the attachment file.

To make sure there are no surprises:

• Open the attached file for full details.



• Confirm the items and services you've been charged.



• If this wasn't you, follow the “Cancel Order” section.

oice/dzXf/T3PCAQ/AQ/2cddb915-98e8-445c-b90c-4bfdea66371f/1/mBWYd8J27c">Down=

load Order Details

Thank you for choosing us—your trust matters.

Need help? Reach out any time to Billing Support.
v>

--00000000000012b05506477a6a3c--

/ Secondary Blue Box /

.dark-blue-box {

background-color: #E3F2FD;

padding: 15px;

font-weight: 600;

font-size: 14px;

color: #0d47a1;

line-height: 1.4;

}



/ Body Text /

.context-text {

padding: 0 30px;

font-size: 14px;

color: #666;

margin-bottom: 25px;

}



/ Buttons (Flat Design) /

.btn {

text-decoration: none;

padding: 16px 32px;

border-radius: 4px;

font-weight: bold;

display: inline-block;

margin: 10px 0;

text-transform: uppercase;

font-size: 14px;

transition: opacity 0.2s;

}



.btn-blue {

background-color: #1976d2;

color: white;

}



.btn-red {

background-color: #d32f2f;

color: white;

width: 80%;

}



.btn:hover {

opacity: 0.8;

}



/ NEW DESIGN: Dashed Receipt / Log Box /

.receipt-wrapper {

padding: 0 20px;

}



.receipt-box {

border: 2px dashed #bdbdbd;

/ Dashed border /

background-color: #fafafa;

padding: 15px;

margin: 20px 0;

text-align: left;

}



.receipt-header {

font-size: 12px;

text-transform: uppercase;

color: #999;

border-bottom: 1px solid #eee;

padding-bottom: 5px;

margin-bottom: 10px;

text-align: center;

letter-spacing: 1px;

}



.receipt-row {

display: flex;

justify-content: space-between;

margin-bottom: 8px;

font-size: 14px;

}



.receipt-label {

color: #666;

font-weight: 600;

}



.receipt-value {

color: #333;

font-family: "Courier New", Courier, monospace;

/ Monospace for technical feel /

font-weight: 700;

}



.status-danger {

color: #d32f2f;

background-color: #ffebee;

padding: 2px 6px;

border-radius: 3px;

}



/ Footer /

.footer {

font-size: 11px;

color: #999;

margin-top: 30px;

padding-bottom: 20px;

background-color: #f4f4f4;

border-top: 1px solid #e0e0e0;

padding-top: 20px;

}



.footer a {

color: #555;

text-decoration: underline;

}

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 03 Jan 2026 08:11:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vc3H1-00000000MDD-05Fs

for dave@doctor.nl2k.ab.ca;

Sat, 03 Jan 2026 08:10:35 -0700

Resent-From: The Doctor

Resent-Date: Sat, 3 Jan 2026 08:10:34 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [45.141.234.70] (port=55913 helo=adrarlis.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vbw8q-00000000NBO-0i2I

for sales@netknow.ca;

Sat, 03 Jan 2026 00:33:47 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=netknow.ca;

h=Date:Message-Id:To:From:Subject:Content-Type:Mime-Version:Content-Transfer-Encoding; i=sales@netknow.ca;

bh=K95xSKGqjMk8FQjXErXTLkWbSOI=;

b=saflOmWQRYjVcdPxa7oOKrKdFiCf7HbHmy6yU7Mnpnr8HAH4zXWZKL2d5SdQUOf+49HcEWWc6O/D

wWZfsYZgTe/u0W2/Nxr0ujl32DOe0O/cUHTadZNPc+y+Kfl0zrLPBWpWFYEzmMz/+9JQv5VwJ50S

qPDCshYBZF3/vSIWkik=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=netknow.ca;

b=B1euFQ3lX/T7pt/sVIIz2XMoUlRLCUtLyyoevlX2OiKNrMsS4w4OSfu7nsaGLXECVcr6J6C5K+E6

iWgjs06mfZb6U+ySpykD88pHEJy0zZZZTqmMwslokev366fcNuV5lA+faOsvsIKxzEd6jvvojbcr

Lm4Kn6bIoTKocEP4d80=;

Date: Sat, 03 Jan 2026 07:32:20 +0000

Message-Id: <831353027697902.9.RTG8440292622@adrarlis.com>

To: sales@netknow.ca

From: Cloud Storage

Subject: Final Warning: Your photos will be deleted today

Content-Type: text/html; charset="UTF-8"

Mime-Version: 1.0

Content-Transfer-Encoding: 8bit

X-Spam_score: 23.9

X-Spam_score_int: 239

X-Spam_bar: +++++++++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Critical Storage Alert ! Transaction Declined: Payment Failed





Content analysis details: (23.9 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[45.141.234.70 listed in sbl-xbl.spamhaus.org]

3.6 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS

[45.141.234.70 listed in zen.spamhaus.org]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: 31.129.22.185]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: 31.129.22.185]

1.7 URIBL_BLACK Contains an URL listed in the URIBL blacklist

[URI: 31.129.22.185]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

1.6 RCVD_IN_MSPIKE_L3 RBL: Low reputation (-3)

[45.141.234.70 listed in bl.mailspike.net]

1.0 OFFER_URI URI: Offer in link address

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

1.8 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

Subject: {SPAM?} Final Warning: Your photos will be deleted today

!

Transaction Declined: Payment Failed

Your billing information is outdated. Immediate action is required to avoid permanent file

deletion. If your storage is full, incoming data will be rejected.

Final Notice: Data purge scheduled for today

Automatic renewal failed.


Without an active plan, your secure cloud environment has been suspended.

Your Cloud synchronization service protects your photos, videos, and documents. Without a valid

subscription, access to these files will be revoked across all devices.

Update Payment Information

System Log: Transaction Error

Subscription ID:

48521556984

Product:

Cloud Storage 1TB

Termination Date:

Today

Reactivate Account Now

If you no longer wish to receive billing alerts, you may unsubscribe here.


Cloud Services Inc.

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path: <>

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Sat, 03 Jan 2026 00:30:00 -0700

Received: from [45.141.234.70] (port=59169 helo=adrarlis.com)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

id 1vbw59-00000000Mvd-0vo9

for dave@doctor.nl2k.ab.ca;

Sat, 03 Jan 2026 00:29:59 -0700

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=smtp; d=doctor.nl2k.ab.ca;

h=Date:Message-Id:To:From:Subject:Content-Type:Mime-Version:Content-Transfer-Encoding; i=dave@doctor.nl2k.ab.ca;

bh=3bj15M9TAzDPXZ2XDJya4b1wi94=;

b=PI925MnGbhQeD0NoCE+7Xu/NHqz6mqnY69GXLJXHLYlKkmJ/0I/HvOgpULQPD8eu23+qkZCPrD56

q+KN2CGD3o2fvU99bUycdZVsJ4UDQEzxKvgLM7FYP8FjmG8QoFwWlf8OKZzM/PhT5quJboKUr1tE

wQulIXsLuzZ3+4wz1ZQ=

DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=smtp; d=doctor.nl2k.ab.ca;

b=Rvek+UA34zdEChoR5WqTDFSFer9usI73c1mYWWcSmBZ0+YcJMK4Ds9xHiUFsBVXkckSnxH8+hduw

7++1tKz/Okvaj70TghZ0uA7JfN+409HG23pH6VRBmk4eFqHzxn0Q8VRySAzAWUimxnZlOvUrt79A

eVI+Ro689/emgYuS2Ks=;

Date: Sat, 03 Jan 2026 07:28:26 +0000

Message-Id: <990437716604498.3.TBQ5507834337@adrarlis.com>

To: dave@doctor.nl2k.ab.ca

From: Cloud Storage

Subject: Final Warning: Your photos will be deleted today

Content-Type: text/html; charset="UTF-8"

Mime-Version: 1.0

Content-Transfer-Encoding: 8bit

X-Spam_score: 12.7

X-Spam_score_int: 127

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Critical Storage Alert ! Transaction Declined: Payment Failed





Content analysis details: (12.7 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

[45.141.234.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[45.141.234.70 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

[45.141.234.70 listed in will-spam-for-food.eu.org]

1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist

[URI: 31.129.22.185]

1.9 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist

[URI: 31.129.22.185]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.141.234.70 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.141.234.70 listed in sa-accredit.habeas.com]

1.6 RCVD_IN_MSPIKE_L3 RBL: Low reputation (-3)

[45.141.234.70 listed in bl.mailspike.net]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[45.141.234.70 listed in bl.score.senderscore.com]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[45.141.234.70 listed in bl.score.senderscore.com]

1.0 OFFER_URI URI: Offer in link address

0.0 NORMAL_HTTP_TO_IP URI: URI host has a public dotted-decimal IPv4

address

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted

1.3 RDNS_NONE Delivered to internal network by a host with no rDNS

0.0 T_STY_INVIS_DIRECT HTML hidden text + direct-to-MX

1.8 TO_EQ_FM_DOM_HTML_ONLY To domain == From domain and HTML only

0.4 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX

0.0 TO_EQ_FM_HTML_DIRECT To == From and HTML only, direct-to-MX

Subject: {SPAM?} Final Warning: Your photos will be deleted today