Chinese products spam

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Wed, 13 May 2026 07:23:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wN9XP-00000000HQ6-32na

for dave@doctor.nl2k.ab.ca;

Wed, 13 May 2026 07:22:11 -0600

Resent-From: The Doctor

Resent-Date: Wed, 13 May 2026 07:22:11 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from [210.79.60.213] (port=14842 helo=mail-m60213.netease.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wN2JF-00000000Kha-20pY

for sales@nk.ca;

Tue, 12 May 2026 23:39:16 -0600

Content-Type: multipart/alternative; BOUNDARY="=_Part_198478_1642176744.1778650641378"

To: sales

Subject: =?UTF-8?B?U3ViamVjdDogRWxldmF0ZSBZb3VyIFRleHRpbGUgRmluaXNoaW5nIHdpdGggT3VyIFNpbGljb25lIE9pbCBTb2x1dGlvbnM=?=

X-Priority: 3

MIME-Version: 1.0

Received: from eddy@zjdschem.com( [10.139.4.149] ) by ajax-webmail ( [127.0.0.1] ) ; Wed, 13 May 2026 13:37:21 +0800 (GMT+08:00)

From: Eddy Zhang

Date: Wed, 13 May 2026 13:37:21 +0800 (GMT+08:00)

X-WM-Tid: 0a9e1fd6f3b7d0bdkusy8c1884483fd5b

DKIM-Signature: a=rsa-sha256;

b=HD5JSosfQg7uT3VFuXpFp017/6VAwhF7wgpYeCqDHZ8ZS/BSp2F3gyHmggWcWkkREgpvPSt/TZ6aIx8q8/1kCa4/4RFKIiZFLxhRTv7wNT1AuSb1/bnjBd/oW/LXa0hatjq2+loqoVc9xInJtBTcbe6mi6iNTRM1g0nYN6rE4+4=; s=default; c=relaxed/relaxed; d=zjdschem.com; v=1;

bh=/eBoocgpvq+Lx3nhnA+5fsTO/VuAjtHze5nKdayDvpc=;

h=date:mime-version:subject:message-id:from;

Message-ID:







Dear sales,











I trust this email reaches you in good condition. I'm Eddy Zhang, a Foreign Trade Sales representative of Dongyang Desheng Dyeing Textile Auxiliary Co., Ltd. Founded in 2010, we boast more than ten years of expertise in manufacturing innovative textile auxiliaries. Our manufacturing facility, located in Jiangbei Industrial Zone, Zhejiang Province, underpins a modern production, sales, and after-sales service chain. We focus on high-quality silicone oil and levelling agents, which are engineered to improve the resilience, softness, and smoothness of diverse fabrics. Our products exhibit remarkable stability, non-stick characteristics, and are free of APEO, guaranteeing adherence to environmental safety regulations. We have the honor of serving clients in Pakistan, Bangladesh, Vietnam, Malaysia, and other regions. I am eager to talk about how our tailor-made solutions can be advantageous to your textile finishing procedures. Anticipating future collaboration.















Best regards,





DONGYANG DESHENG

DYEING AUXILIARIES CO., LTD

Eddy Zhang

Foreign Trade Department

TEL: 86 152 6862 5008 (Whatsapp/Wechat/Facebook )

MAIL: eddy@zjdschem.com



If you don't want to receive our emails, you can easily unsubscribe here.





在2026-05-11,Eddy Zhang 写道:



-----原始邮件-----

发件人: Eddy Zhang

发件时间: 2026年05月11日 周一

收件人: [sales ]

主题: Re: Subject: Elevate Your Textile Finishing with Our Silicone Oil Solutions







Dear sales,











I hope this email finds you well. My name is Eddy Zhang, Foreign Trade Sales at Dongyang Desheng Dyeing Textile Auxiliary Co., Ltd. Established in 2010, we have over a decade of experience in producing innovative textile auxiliaries. Our manufacturing base in Jiangbei Industrial Zone, Zhejiang Province, supports a modern production, sales, and after-sales service chain.







We specialize in high-quality silicone oil and levelling agents, designed to enhance the resilience, softness, and smoothness of various fabrics. Our products offer excellent stability, non-stick properties, and are APEO-free, ensuring compliance with environmental safety regulations. We proudly serve clients in Pakistan, Bangladesh, Vietnam, Malaysia, and beyond.







I would love to discuss how our customized solutions can benefit your textile finishing processes. Looking forward to future cooperation.











Best regards,









DONGYANG DESHENG

DYEING AUXILIARIES CO., LTD

Eddy Zhang

Foreign Trade Department

TEL: 86 152 6862 5008 (Whatsapp/Wechat/Facebook )

MAIL: eddy@zjdschem.com



If you don't want to receive our emails, you can easily unsubscribe here.



Centex phish from Japan

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 13:29:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMsmQ-00000000Fle-1j1H

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 13:28:34 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 13:28:34 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from ns1.robo.co.jp ([219.166.6.18]:52906 helo=mail.robo.co.jp)

by doctor.nl2k.ab.ca with esmtp (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMsTS-00000000DYy-034f

for sales@nk.ca;

Tue, 12 May 2026 13:09:24 -0600

Received: from synergyhub.com.my (unknown [104.223.84.134])

by mail.robo.co.jp (Postfix) with ESMTPA id 38BE760DA1

for ; Wed, 13 May 2026 04:04:11 +0900 (JST)

From: "Accounts Payable - (Stephanie Delanoy)"

To: sales@nk.ca

Subject: Centex Petroleum has sent you an EFT Payment for Inv#55165

Date: 12 May 2026 12:07:08 -0700

Message-ID: <20260512120707.78254B737FAF1DAD@synergyhub.com.my>

MIME-Version: 1.0

Content-Type: multipart/mixed;

boundary="----=_NextPart_000_0012_405F30B9.6D3C539C"

X-Spam_score: 6.1

X-Spam_score_int: 61

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Dear sales, Please find below your electronic remittance

advice for Inv#27789



Content analysis details: (6.1 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[219.166.6.18 listed in dnsbl.ahbl.org]

[219.166.6.18 listed in dnsbl.ahbl.org]

[219.166.6.18 listed in dnsbl.ahbl.org]

[219.166.6.18 listed in dnsbl.ahbl.org]

[104.223.84.134 listed in dnsbl.ahbl.org]

[104.223.84.134 listed in dnsbl.ahbl.org]

[104.223.84.134 listed in dnsbl.ahbl.org]

[104.223.84.134 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[219.166.6.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[219.166.6.18 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[219.166.6.18 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[219.166.6.18 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[104.223.84.134 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

[219.166.6.18 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[104.223.84.134 listed in sbl-xbl.spamhaus.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[219.166.6.18 listed in bl.score.senderscore.com]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

0.5 NO_RDNS Sending MTA has no reverse DNS (Postfix variant)

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

Subject: {SPAM?} Centex Petroleum has sent you an EFT Payment for Inv#55165



Dear sales,



Please find below your electronic remittance advice for Inv#27789



Payments will be post to your account within 1-5 business days of the attached remittance advise document.



Payment Secure Document for:sales@nk.ca

Scanned by: nk.ca Trusted AI Scanner Detector.

Attachment type: PDF

Date:5/12/2026 12:07:07 p.m.



If you do not receive this payment or have questions please do not hesitate to contact and reach out to us.







Thanks



Credit Team







CONFIDENTIALITY NOTE: This message is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of the message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately and delete this message permanently from your files

Bitcoin phish from OVH

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 13:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMslj-00000000FiN-2hic

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 13:27:51 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 13:27:51 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from sg-mgw12.linbox.id ([15.235.199.106]:35228)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMrMU-000000000xL-2NLn

for sales@nk.ca;

Tue, 12 May 2026 11:57:53 -0600

Received: from sg-mgw12.linbox.id (localhost [127.0.0.1])

by sg-mgw12.linbox.id (LBX-MGW) with ESMTP id 36175604BD;

Wed, 13 May 2026 00:56:47 +0700 (WIB)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pbt.co.id; h=cc

:content-type:content-type:date:from:from:message-id

:mime-version:reply-to:subject:subject:to; s=lbxmgw; bh=CkuOBy3v

bmA0VVgQx1wXXNRyCa/Azxg6S8nc7o4MkGY=; b=gwDzFPRIWZOb0wBye1ihQuvN

qXHDN5qE9Nwy39LSURH/4xASSWpLtlwUHYXpW6VFCzvpgjg55JxjT6UxvcuGNK/D

Grf5zTaaBdK646oe84rbIQNTd2+Cm02DD1swJL2MTKR7yWn9oXxKbL7WN9D6AKQ1

sHwMSaVbGX1Ab8F3YAE=

Received: from bird.pbt.co.id (bird.pbt.co.id [51.79.177.238])

by sg-mgw12.linbox.id (LBX-MGW) with ESMTPS;

Wed, 13 May 2026 00:56:45 +0700 (WIB)

Received: from localhost (localhost [127.0.0.1])

by bird.pbt.co.id (Postfix) with ESMTP id A1A1A1000ED93;

Wed, 13 May 2026 00:56:45 +0700 (WIB)

Received: from bird.pbt.co.id ([127.0.0.1])

by localhost (bird.pbt.co.id [127.0.0.1]) (amavis, port 10032) with ESMTP

id F5igsPvWts-p; Wed, 13 May 2026 00:56:45 +0700 (WIB)

Received: from localhost (localhost [127.0.0.1])

by bird.pbt.co.id (Postfix) with ESMTP id 8037A1000EDA4;

Wed, 13 May 2026 00:56:45 +0700 (WIB)

X-Virus-Scanned: amavis at pbt.co.id

Received: from bird.pbt.co.id ([127.0.0.1])

by localhost (bird.pbt.co.id [127.0.0.1]) (amavis, port 10026) with ESMTP

id X2UBH337iHsh; Wed, 13 May 2026 00:56:45 +0700 (WIB)

Received: from bird.pbt.co.id (localhost [127.0.0.1])

by bird.pbt.co.id (Postfix) with ESMTP id 6533F1000ED93;

Wed, 13 May 2026 00:56:45 +0700 (WIB)

Date: Wed, 13 May 2026 00:56:45 +0700 (WIB)

From: Nurzaenal Abidin

Message-ID: <2134041256.55750.1778608605334.JavaMail.zimbra@pbt.co.id>

Subject: Your funds is sent

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="=_8e2a277b-804f-4400-8147-88ea72ddab5a"

X-Originating-IP: [193.160.247.97]

X-Mailer: Zimbra 8.8.15_GA_4717 (ZimbraWebClient - GC142 (Win)/8.8.15_GA_4717)

Thread-Index: 8pX/LdCmtnLD4o+XG38SvpvJeh1jDg==

Thread-Topic: Your funds is sent



--=_8e2a277b-804f-4400-8147-88ea72ddab5a

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: 7bit



Good evening



I have funded your portfolio with the 9 BTC as requested. Please see details below to confirm your balance.



( CRONFEX.COM )



CUSTOMER ID: 28059650

PASSWORD: HYq#8myp@7



Thanks for your patience.



CFO



Geek Squad Phish from Microsoft Outlook Part 3

Posted by Dave Yadallee on


Haresasz Nxysarwsa has invited you to Geek Squad Membership Renewal Confirmation

Title: Geek Squad Membership Renewal Confirmation

Location: https://meet.google.com/eyk-pdmk-tav

When: May 12, 2026

Organizer:

Haresasz Nxysarwsa

Description: Dear Customer,



This message confirms that your Geek Squad Protection membership has been renewed successfully.



Your 365 Premium Security Plan will remain active for the next 3 years. A charge of $259.99 will be processed using your saved billing information.



Please note that it may take up to 24 hours for this payment to be reflected in your account statement.



Membership Summary:



Protection Plan: 365 Premium Security Plan

Renewal Period: 3 Years

Total Renewal Cost: $259.99



If you do not recognize this transaction or wish to request cancellation, contact our billing representatives promptly at +1 801 516 2857.



Thank you for choosing Geek Squad Protection Services.



Sincerely,

Geek Squad Billing Team



-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-

Pripojiť sa cez Google Meet: https://meet.google.com/eyk-pdmk-tav



Viac o službe Meet sa dozviete na https://support.google.com/a/users/answer/9282720



Túto sekciu neupravujte.

-::~:~::~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~::~:~::-

Attendees:



cynthiaperez389903@groups.outlook.com



Geek Squad Membership Renewal Confirmation

Pripojiť sa cez Google Meet – Dear Customer, This message confirms that your Geek Squad Protection membership has been renewed successfully. Your 365 Premium Security Plan will remain active for the next 3 years. A charge of $25



Pripojiť sa cez Google Meet

Odkaz na stretnutie

meet.google.com/eyk-pdmk-tav

Dear Customer,



This message confirms that your Geek Squad Protection membership has been renewed successfully.



Your 365 Premium Security Plan will remain active for the next 3 years. A charge of $259.99 will be processed using your saved billing information.



Please note that it may take up to 24 hours for this payment to be reflected in your account statement.



Membership Summary:



Protection Plan: 365 Premium Security Plan

Renewal Period: 3 Years

Total Renewal Cost: $259.99



If you do not recognize this transaction or wish to request cancellation, contact our billing representatives promptly at +1 801 516 2857.



Thank you for choosing Geek Squad Protection Services.



Sincerely,

Geek Squad Billing Team

Kedy

utorok 12. máj 2026

Organizátor

Haresasz Nxysarwsa

haressaznzxrrsxaxz321@gmail.com

Hostia

(Zoznam hostí bol na žiadosť organizátora skrytý)

Odpoveď na cynthiaperez389903@groups.outlook.com

Áno



Nie



Možno

Ďalšie možnosti



Pozvánka z Kalendára Google



Túto správu ste dostali, pretože ste účastníkom danej udalosti.



Ak túto pozvánku prepošlete, ktorýkoľvek jej príjemca bude môcť odoslať odpoveď organizátorovi, byť pridaný do zoznamu hostí, pozývať iných bez ohľadu na ich vlastný stav pozvánky alebo meniť vaše potvrdenie účasti. Ďalšie informácie

Geek Squad Phish from Microsoft Outlook Part 2

Posted by Dave Yadallee on
=?utf-8?B?aTRrcW1URXhEb1krTGdZaE45TWgxbjY3bnV2NkxWemdZYUEySDE2cVlQQk5l?=

=?utf-8?B?S09DT3VlNnhzeHJrZXJjdnZ6d3dSaUtPOCtHQTU2czFDVkJrZTVJbm16OVB3?=

=?utf-8?B?RmYxck1abzFEeHJrMlhyN21HKy9NeVF5clVDSlUrUitIQ1U4dUNYRzVxRWl5?=

=?utf-8?B?c0Z4YzFYV1k1ckxEM0JZemF6SFM0ektVeElLSkJvUU9WVXM4TTgrbmNKOEFP?=

=?utf-8?B?VG03WEpuN2o1N2IvaGlmZm8waEF2SUpZUmRzMkp6ckhIbDU1KzQ3aHlwbDVu?=

=?utf-8?B?QWN6WXFodVFYaS9jQVAya0lJbTU3Mjg3UllMckI5VkZOWVVESk5IMTNXWUty?=

=?utf-8?B?eWdQdi8rbmlRYWs0ZE12SlcvdXIxek01YzRDMjd4SkUvSjJ1eWp6YWRCMkZQ?=

=?utf-8?B?OTIzSEc2MzU2YWQwbFV1aDZaN2VXTS9Ia1pTc1cyRFkxLzdBUGM0Y1c1Qks1?=

=?utf-8?B?QVJxZm1TT3J4RDVsaGtTalBKaUZvM2VURjAvMzJZVVFHemV3d05KZCsvUGJX?=

=?utf-8?B?QW1URDlVWGJuTS9QcVVvcXpNQSswQWVtRjdSeTRmNWdnZFh1b3h6dCtTYjJ3?=

=?utf-8?B?eTBHT3hzUHJDblZkSUtIV1VxeWd2RXJJWDZ1QzVBU09Bdy9mUlhlejdXaDNx?=

=?utf-8?B?b0FNZGFKQXpuQzI3NmMrYmlFdXJrbDBqY0pFNXRPczcvTTdRQVRuM1FmM1Bu?=

=?utf-8?B?RWtubU1HdGZMS1UxUFFoRC83VGxCdGxpTUNpY3krMFQrNjZLbWdQU0RCUXgw?=

=?utf-8?B?RlBrTXVncnYwamlLWFVWWGJCeXNpc2RFSnFoeC9XZkxCcE0rRTEvZ2NUMTFk?=

=?utf-8?Q?U6L3+MXg5Jtatd8r2pdoPAuU8eE2LZV07hG72pmyYYxS7p0?=

X-Auto-Response-Suppress: DR, OOF, AutoReply

X-OriginatorOrg: sct-15-20-9412-4-msonline-outlook-090a5.templateTenant

X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2026 17:42:51.9824

(UTC)

X-MS-Exchange-CrossTenant-Network-Message-Id: 611966c9-966b-4dbc-2e06-08deb04de428

X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF0001708E.namprd03.prod.outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Anonymous

X-MS-Exchange-CrossTenant-FromEntityHeader: Internet

X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR18MB5418

X-Spam_score: 11.3

X-Spam_score_int: 113

X-Spam_bar: +++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Geek Squad Membership Renewal Confirmation utorok 12. máj

2026 Pripojiť sa cez Google Meet https://meet.google.com/eyk-pdmk-tav?hs=224

Dear Customer,



Content analysis details: (11.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[40.93.14.26 listed in dnsbl.ahbl.org]

[40.93.14.26 listed in dnsbl.ahbl.org]

[40.93.14.26 listed in dnsbl.ahbl.org]

[40.93.14.26 listed in dnsbl.ahbl.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[dnsbl.ahbl.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[dnsbl.ahbl.org]

[209.85.128.74 listed in dnsbl.ahbl.org]

[209.85.128.74 listed in dnsbl.ahbl.org]

[209.85.128.74 listed in dnsbl.ahbl.org]

[209.85.128.74 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[40.93.14.26 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[40.93.14.26 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[40.93.14.26 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[40.93.14.26 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[209.85.128.74 listed in will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:cafe:0:0:be listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[2603:10b6:8:223:0:0:0:21 listed in]

[will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

[40.93.14.26 listed in will-spam-for-food.eu.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[40.93.14.26 listed in list.dnswl.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[40.93.14.26 listed in bl.score.senderscore.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[40.93.14.26 listed in wl.mailspike.net]

0.5 FROM_LOCAL_NOVOWEL From: localpart has series of non-vowel letters

3.5 VOWEL_FROM_7 Impronouncable from header (7+ consecutive vowels)

1.0 HK_RANDOM_REPLYTO Reply-To username looks random

1.0 HK_RANDOM_FROM From username looks random

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[haressaznzxrrsxaxz321(at)gmail.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[haressaznzxrrsxaxz321(at)gmail.com]

0.3 LONGWORD BODY: Uses overlong words

0.1 TW_RW BODY: Odd Letter Triples with RW

0.6 MEGALONGWORD BODY: Uses really overlong words

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

0.6 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?

0.1 TO_IN_SUBJ To address is in Subject

Subject: {SPAM?} =?UTF-8?Q?Pozv=C3=A1nky=3A_Geek_Squad_Membership_Renewal_Confirmatio?=

=?UTF-8?Q?n_=40_ut_12=2E_m=C3=A1j_2026_=28cynthiaperez389903=40groups=2Eoutlook=2Ecom=29?=

Geek Squad Phish from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 13:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMslP-00000000Fgw-3MnM

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 13:27:31 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 13:27:31 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-southcentralusazlp17011026.outbound.protection.outlook.com ([40.93.14.26]:29451 helo=SN4PR0501CU005.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMr9F-00000000050-3EBG

for doctor@doctor.nl2k.ab.ca;

Tue, 12 May 2026 11:44:13 -0600

Received: from DS7P220CA0033.NAMP220.PROD.OUTLOOK.COM (2603:10b6:8:223::21) by

CH0PR18MB5418.namprd18.prod.outlook.com (2603:10b6:610:190::13) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9891.22; Tue, 12 May

2026 17:42:52 +0000

Received: from DS1PEPF0001708E.namprd03.prod.outlook.com

(2603:10b6:8:223:cafe::be) by DS7P220CA0033.outlook.office365.com

(2603:10b6:8:223::21) with Microsoft SMTP Server (version=TLS1_3,

cipher=TLS_AES_256_GCM_SHA384) id 15.20.9913.11 via Frontend Transport; Tue,

12 May 2026 17:42:52 +0000

Authentication-Results: spf=pass (sender IP is 209.85.128.74)

smtp.mailfrom=gmail.com; dkim=pass (signature was verified)

header.d=google.com;dkim=pass (signature was verified)

header.d=gmail.com;dmarc=pass action=none header.from=gmail.com;compauth=pass

reason=100

Received-SPF: Pass (protection.outlook.com: domain of gmail.com designates

209.85.128.74 as permitted sender) receiver=protection.outlook.com;

client-ip=209.85.128.74; helo=mail-wm1-f74.google.com; pr=C

Received: from mail-wm1-f74.google.com (209.85.128.74) by

DS1PEPF0001708E.mail.protection.outlook.com (10.167.17.134) with Microsoft

SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.21.25.13

via Frontend Transport; Tue, 12 May 2026 17:42:51 +0000

X-IncomingTopHeaderMarker:

OriginalChecksum:34257F8CF93E1361326F8A9BD2893813046F4FB4CA9221DB7B8D3FD1F178F296;UpperCasedChecksum:97923B9175C3F8255070FF9D552D3E8836AC9AC959F88E25ED247C912A8787D8;SizeAsReceived:3382;Count:15

Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-48906aa28cbso51284485e9.0

for ; Tue, 12 May 2026 10:42:51 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=google.com; s=20251104; t=1778607771; x=1779212571; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=DqHTY1nXCVufupyH/Y+YyJLHRU4Bsccicy3X6rIjiHQ=;

b=rt4HfHjQLPg5wT9f/Kfmlgy9FKCrvbOM3xsSvgl6e+O0X8GUeMNjesIxOslSgkQrJr

VCfdlngaAC5CfnJmVch5WJjbTfflPwIBglr9UDcyrMlNtdghL1aqzaMlIw2ljd7g4FIt

AJEyE8fAO+nRx9uxzIGH7YKxeOP39TWJkEpU/o0CDeNNFyBiaDznG5IrmAi1bgyJGxtI

4Fjn9H2Es0aahYZht/HpZz4u0SPKwT+6cbKsj57ATc9RAZp/3Y1bCHIIcWLDxtbkK2xp

UePxtUsT7l1ukXlnsl5QuQtGBk3BkOvfuBPYhNAd7GdTq9N8WhzDGcgGHtKeHZaKkNJS

HslA==

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1778607771; x=1779212571; darn=groups.outlook.com;

h=to:from:subject:date:message-id:sender:reply-to:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=DqHTY1nXCVufupyH/Y+YyJLHRU4Bsccicy3X6rIjiHQ=;

b=q44LWEf0enYcIvnbrh8dyr+tbwHpwxa+qZFKuNC1uSK97Hr/b5DZIC9EJEM7GM33Cj

ka3ixurBIJdKQEgngE9wDiT58W4lo0dKhiAnKmYWuib/kLO+t9DW72Y0JrJb+9cFdMXr

Z6QTSz1gLvu7wU8SWzQG+LVdBxMCjuEkCfgAo4aVNEcTe+SPX6jV0ko3wDdHxiV7uK9p

WW70WSx9qitOFgD16X1PudyGIfWkAqwguWkSRTv0a18d4ombD5TcVyl6d/MJSJ+oHwF8

C7YGWpJHZa94qwOLUcDSWndxYWsj0CZ7VrSDam0Xv9gQbasYp+JUJm0hanXVeSE77U4b

ktvQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778607771; x=1779212571;

h=to:from:subject:date:message-id:sender:reply-to:mime-version

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=DqHTY1nXCVufupyH/Y+YyJLHRU4Bsccicy3X6rIjiHQ=;

b=BArLUbk+FASxEOvwINW4L/6eC73nTR7IKN/V+T310NvnfzNXWuCIf1fX9gmMtVMVAv

X3aDCKihdFg8/6zhkyMX4NPiYWqEerNUC90g7GVtLCn1/Y1xSx1aN86/5oM0P7HuC3Y9

uOLjMoS6zAkSAnxc0kv5LPTKFzknf/Af/BlzpMp71/XXjzo5UiYASCy5s1MwnmrMKLLq

qYMumC9Y2j2d/vPbkSI+9k+zB6jOp4QvxuNKmQbpVowGtlQUfoJ3z5Yyt9Hw+b6XM7PN

373k0mo+c07dMdCkSMdz93Sc/GU4HubATftIkWt9C9b6dqfnWc6x6H6QSQof9H4vKVKm

/G8g==

X-Gm-Message-State: AOJu0YyQExKvYcA2OPoIlF0yRlzwMA6IlfqAE/C9tqSA5F89FqQRc6lS

IAohfx0Zo12XMhwIUowRT2euvRIgInGGjwBeQkO7vh92gnRA9eAmYGGrmTRjpVXAw+DTZN+ue2y

cLb3g+Lr2CybaqUvt8vVL5JDNRxTki2XlGGU=

MIME-Version: 1.0

X-Received: by 2002:a05:600c:3149:b0:48a:79d8:a8d6 with SMTP id

5b1f17b1804b1-48fc99276ccmr428415e9.7.1778607770714; Tue, 12 May 2026

10:42:50 -0700 (PDT)

Reply-To: Haresasz Nxysarwsa

Sender: =?UTF-8?Q?Kalend=C3=A1r_Google?=

Message-ID:

Date: Tue, 12 May 2026 17:42:50 +0000

Subject: =?UTF-8?Q?Pozv=C3=A1nky=3A_Geek_Squad_Membership_Renewal_Confirmatio?=

=?UTF-8?Q?n_=40_ut_12=2E_m=C3=A1j_2026_=28cynthiaperez389903=40groups=2Eoutlook=2Ecom=29?=

From: Haresasz Nxysarwsa

To: cynthiaperez389903@groups.outlook.com

Content-Type: multipart/mixed; boundary="0000000000005e493d0651a264f3"

X-IncomingHeaderCount: 15

X-EOPAttributedMessage: 0

X-EOPTenantAttributedMessage: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa:0

X-MS-PublicTrafficType: Email

X-MS-TrafficTypeDiagnostic: DS1PEPF0001708E:EE_|CH0PR18MB5418:EE_

X-MS-Office365-Filtering-Correlation-Id: 611966c9-966b-4dbc-2e06-08deb04de428

X-MS-Exchange-EOPDirect: true

X-Sender-IP: 209.85.128.74

X-SID-PRA: HARESSAZNZXRRSXAXZ321@GMAIL.COM

X-SID-Result: PASS

X-MS-Consumer-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-MS-Exchange-Group-Expansion-Loop: cynthiaperez389903@groups.outlook.com

X-Microsoft-Antispam:

BCL:0;ARA:1444111002|9020799019|970799063|9400799043|26000799027|26130799012|3151999006|29080799009|6019299003|34130799006|4040799016|32020799003|5139299004|1680799066|5149299006|9000799056|16200799027|28130799006|24102599021|22000799015|6092099016|3069299007|21002599022;

X-Microsoft-Antispam-Message-Info:

=?utf-8?B?dXNyL1huTGtUWWpxeEJpZDFjaTFRaExWZ1FMeFE2Q3o1Qk1KemxqN2JuaWZm?=

=?utf-8?B?L3ZOdmlWRm9CYnVVL3EzZ2pnV0ROK2pIREtIUVRLOXBwSHlKQlhuaTdKMkd2?=

=?utf-8?B?dVd5Mm5QV21UbFBhMkxGY2huYlVUT3Z1MFdoSk1ONEFtZHhwNFdXbGxJZmpi?=

=?utf-8?B?WGlYTzlpOFlkb3NFc2pPaDQzNzNlUFpJUDF2aU44N2Y0WkdZUCtxM1lRZTJU?=

=?utf-8?B?RFhvSmt2dlVoa2F0b2dZWFoxWVk1T0ZWamJnOE5JK3pFYkZYYzFJS1puNnVL?=

=?utf-8?B?TlFDeEtZVThTNENrZDJyMlJLTHE2RW1RS2JMYlZudkk1b1lzczNxTGNnNnRo?=

=?utf-8?B?T3NnaVhlTk5HeklqOUUxd1o4dFl1Nit2VW1IVmVGTEdpazRhZHNialdUNm1n?=

=?utf-8?B?U2p2RllRY3BSZlR6VmdXUWV2bXRiOUh0dFNkL29pZmovMFJkNmpCNWp0VTlk?=

=?utf-8?B?NklVcDlOTW1oNEJscFE2Z2hDaHBUeDJwKzVsaFdQdS9yc1NKNDNnVnAva0FF?=

=?utf-8?B?VFFuS3E5c205ZmZJY3NZSU1PalpRbjBnbjBiNGZVeFZzMHVaVUdReTlhNWZz?=

=?utf-8?B?Zk5BeFNBd09ZOFNaTzBZakZoNVJHVVBCL3QxK3VjUGtkWkZvYTN3S3h1aEp4?=

=?utf-8?B?U3hUUjJoUFo3cUl3R2xOcEFoMTljT2M5MWY2K2Yxc3hrTEJIRjRQNm1NaW43?=

=?utf-8?B?MVBqQ3NDVG1kMFRQQTcvMkJjTzVRakU5aHZOWG5LWjByZmFGUXd3NEpISWpz?=

=?utf-8?B?TG5zT2xDOHZ3TlhoL0pJOG5sNFJXVFNnNi9GREpzNG9mU1lISDhhZ3BXY3BX?=

=?utf-8?B?OFo1VllEWEsydk1aNzRXTGZuK24wVTZZQ3cwTy82T3pldVZUVkZhekZkTTZG?=

=?utf-8?B?ajFLSHBVMkVkTXFtS0VCdjVWSG8wY3NxTjlLTERxN1ZueW80dWpSemtwUDN5?=

=?utf-8?B?bHAxTW9VdXlCeDhVOHExSXN1TTdCaEV5bjd4UWlsOUYyOFVuU20yUUovZlQw?=

=?utf-8?B?OGx6bGNidGVaRithcHBFSVJmSHdEN0hZSUdLUjAxT1o5RUFlYmo3Q2ZOYVgz?=

=?utf-8?B?M1VEeTVvNTV1L3ZBa0FMcEhBM29HUVBJSzhCSjBoUzcrVnJaQ2ZBWWxZRTBi?=

=?utf-8?B?UnpsS21ReElnZFlMQ1hiVFZQN0V2Uno3RVdNd0dQckVkZEszYkVkNHovQTAv?=

=?utf-8?B?a3F5Z0Rod1pNbmd6cmFjNzRkQmhyWG1CMXJxa2RjMlUvYTNZYlA2TjgxdElE?=

=?utf-8?B?eDUzRWhRbzlnNkxkVFlra1RGbCs0dys3eUladVR5bFN1ZzZsdGltU3UxdTZQ?=

=?utf-8?B?LytDZG1nMEFmeWU4My9jbk55UG5sM2F2VUEyRWdFeGJtNlhjN2lDMlhOUkMr?=

=?utf-8?B?TzB1MHRKNVkxSHk2MWZFZnRaOWVOVnVnWFRhekFCYjFJMkxJaXg3ZXZCRldB?=

=?utf-8?B?NjJmRW00S3JxdHBrUXBzRXRjRUJNRUFwUHM2UWxVbThCVTdGeUpVdWRRUUQ4?=

=?utf-8?B?dzh0RlIxYXZmVlFpUDZvak5MdWhaZ2xuZFRCMG5iWVBaSDdBbE5IZEdyd0Nz?=

=?utf-8?B?T05jdFlJTVFvMDNJQUI3WUtEOEdvbFVJL1RJSFhaUmo5eFJ5QjlvRzllSEsv?=

=?utf-8?B?WVRPOGtJL2laejBUNkdKOFpaOTMyQk53MVdrVWVWdWNERVp6bXRUb3h3U1lL?=

=?utf-8?B?VGgvUnNyZC9FL0JWRHZ2SGpnZTBPb0dSbWZDUklWdDJCMkE1dDVmWDR2T3lq?=

=?utf-8?B?eFpMLy9LbFhJSFJlZkdpUFAvbzFEbDVxSXVHQUlIQnVyUzZsUHNMN21rd1RE?=

=?utf-8?B?TnB1V1B2VHZ3UHJwTktqaUZCOFNoMlg2ZmRGN09pOHF1V0RpRmFLWWMzZ0ty?=

=?utf-8?B?UWZqbkc2c0Z4QTZVVHBETEhUcXl1OXdtNFNNWGhqcGpKYmpTUlRJVlBBOU5y?=

=?utf-8?B?YmJ4bkRWZWJab1FsK2puWUFXY21kZjdncHBZSUh4a2RvWm5QQWVlcGtxRXRt?=

=?utf-8?B?cnZPeHJMdVR0bEkycjBNaEVUVVhMNGxDL01xMlBxa1RrVnpiNU9nVlk1amMv?=

=?utf-8?B?anVpUkRIQkhOVnNHMjFsNDIyKzFEejdocDhYUVorTWFWNkFRUElQRVFIcG5p?=

=?utf-8?B?ZmNOUXh5d25jdE40SjIzenNWb3NYVDNTUzFqZEhOU3BwL1prUytZRzlFaUhU?=

=?utf-8?B?c1FMdzZ2WFFRd1JjOFBtQ05hSjZZS3dNSUxTUWVPK29zZmpBUjNpT1FYdWli?=

=?utf-8?B?UkhDL2h0UFVFWXBSVkVCeUZISlNXV01tMndhVGtuUWdFbjBwRzQ0amdGUXRm?=

=?utf-8?B?TmNWOFZ6bHZUZDFScjBWQlI1aU9nRVZ4Qm1lUFpMYW1GanNjZlZHeEdSZ0dM?=

Web/SEo/App spam from microsoft Outlook PArt 2

Posted by Dave Yadallee on


Content-Type: multipart/alternative;

boundary="_000_SEYPR01MB60610B310A9DF9BCF8621D06DA392SEYPR01MB6061apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: SEYPR01MB6061.apcprd01.prod.exchangelabs.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 1d083cd5-7bd5-4821-537a-08deb04b1b3b

X-MS-Exchange-CrossTenant-originalarrivaltime: 12 May 2026 17:22:55.8243

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYZPR01MB6033



--_000_SEYPR01MB60610B310A9DF9BCF8621D06DA392SEYPR01MB6061apcp_

Content-Type: text/plain; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable







Hello,



Top Rankings in GOOGLE,



We can help your business get found more easily by bringing it to the first=

page of Google.



Can I send you Pricing & details?



This Services are available on very affordable Price.



Thanks,





--_000_SEYPR01MB60610B310A9DF9BCF8621D06DA392SEYPR01MB6061apcp_

Content-Type: text/html; charset="iso-8859-1"

Content-Transfer-Encoding: quoted-printable








1">








nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">









nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







hite; margin: 0cm 0cm 0.0001pt;">


color: rgb(34, 34, 34); background-color: white;">Hello,
=3D"font-family: Arial, "sans-serif"; font-size: 11pt; color: rgb=

(34, 34, 34);">






: 11pt; color: rgb(34, 34, 34); background-color: white;">Top Rankings in G=

OOGLE,
t-size: 11pt; color: rgb(34, 34, 34);">






: 11pt; color: rgb(34, 34, 34); background-color: white;">We can help your =

business get found more easily by bringing it to the first page of Google.<=

/span>
11pt; color: rgb(34, 34, 34);">






: 11pt; color: rgb(34, 34, 34); background-color: white;">Can I send you Pr=

icing & details?
rif"; font-size: 11pt; color: rgb(34, 34, 34);">






: 11pt; color: rgb(34, 34, 34); background-color: white;">This Services are=

available on very affordable Price.
l, "sans-serif"; font-size: 11pt; color: rgb(34, 34, 34);">






: 11pt; color: rgb(34, 34, 34); background-color: white;">Thanks,
>


nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">














--_000_SEYPR01MB60610B310A9DF9BCF8621D06DA392SEYPR01MB6061apcp_--

Web/SEo/App spam from microsoft Outlook PArt 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 13:28:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMsl3-00000000Fep-27uy

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 13:27:09 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 13:27:09 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-japaneastazolkn19012049.outbound.protection.outlook.com ([52.103.43.49]:20701 helo=TYPPR03CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMqqG-00000000Ofl-3Mkc

for sales@nk.ca;

Tue, 12 May 2026 11:24:35 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=akHh17McwDtrQDG9uz6X+bFy6+yWLnoGZg1Fi0fES8+5sINNy4dWxHBJ6kUUHbANtMEystytPZT++x0YV/QPq0exHWH/WQnfs52PoyU4IvX9ygs1kf5Mhsh2yXQ02s6qP65pogWvjCssyNbjWGIt93fqXh3YEchlYGhFBryG0pVRHIqSirBpnrU5pNMla0jhaiq1mrpeiXsPvbErN4gniIcgOoyVv7DWgFUr8R22WM4FKG8x6Dd3Ll6Jt6SZgyAXeiY+V3LtYC8/jS+FpovCEvPoRvjaE5SRBWnA/87/terMYjm835epSlv07EbMEH6Zqzh1JjyMKjkjIJKTxjCyjg==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=xZimoCGy30z66tW/oI/U6JY4Roi8N86tYq7e1YHdVxc=;

b=PQPBtTCDhNF+ETXVuxam4KqPImphySju/C+nACcUWT70wrFx4f+esAv6ksGSWrFFmapKYjITJurs6IxbtQOf347mG3o1OlggoBbQ75KVhXPrMSGuw91aBPnXQOmiQeKag+ypTl+lr3vajiE3PjuuscBoltsu3Q4Te8M786s8J/YBoSxabv3xqNoXJnMGf43XTjWM9zWP5L10NkdWvBxkvP7WDCZ9Dsej34sSJQiNKIK5kHb0jBbq+VoHRKnMYKM3jmxp7gp/HRG2V2fEMfb2WAqhOf1xg9O+ux3tEnQ+hLg4+csMu3pwmDhHcMMvm+94ftyMDvklr7YgA1Ay8fFw0Q==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=xZimoCGy30z66tW/oI/U6JY4Roi8N86tYq7e1YHdVxc=;

b=AwRl+ypmtBamI+LG6wXkeVOeiTo44Qhul+sCYPPrIsu3Kv3midwXnTGSwAjbdDVHlcInCRLxFduAJrKl+u3fmsBNCpYHX9sB23TyscZWxTsGcfpz0CLYwdxKzRCG4bYjyPoFTjoaXyhhY4WL2w4dmz4FuCxOc/Qn20PZOGzRNnPQ/y4M+w7227s9ARDfUdaaXtVvu/OCe0ouI0HGtwsqTr8j6hcsHWLja1iOBDnNHq0ilYcJUOklPWilNN+vkUPCZlFrp/BYLIUpAEippHMRfFpsIqX4BdPfOZLUERngH+ufJQx+Mgha2OZtIpe5KlUwKGmiTigrfn2X2xPj5VOGRg==

Received: from SEYPR01MB6061.apcprd01.prod.exchangelabs.com

(2603:1096:101:20c::10) by TYZPR01MB6033.apcprd01.prod.exchangelabs.com

(2603:1096:405:72::11) with Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9891.23; Tue, 12 May

2026 17:22:56 +0000

Received: from SEYPR01MB6061.apcprd01.prod.exchangelabs.com

([fe80::84a7:2374:c456:a550]) by SEYPR01MB6061.apcprd01.prod.exchangelabs.com

([fe80::84a7:2374:c456:a550%6]) with mapi id 15.20.9891.021; Tue, 12 May 2026

17:22:56 +0000

From: Jack Reeves

Subject: Sure

Thread-Topic: Sure

Thread-Index: AQHc4jPi7EBo3nuqgEGru7ui5AoXjQ==

Date: Tue, 12 May 2026 17:22:55 +0000

Message-ID:



Accept-Language: en-US

Content-Language: en-US

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: SEYPR01MB6061:EE_|TYZPR01MB6033:EE_

x-ms-office365-filtering-correlation-id: 1d083cd5-7bd5-4821-537a-08deb04b1b3b

x-microsoft-antispam:

BCL:0;ARA:14566002|8060799015|8062599012|19110799012|31061999003|39105399006|2604031031799003|704163111799003|2604032031799003|16051099003|55001999006|20031999006|24071999003|37011999003|36102599003|15030799006|15080799012|41105399003|40105399003|39145399003|3412199025|440099028|102099032|26104999009;

x-microsoft-antispam-message-info:

=?iso-8859-1?Q?Fa6EsFsK6XSA3SHHg9EQzg9nEjM/qfhPB0Oo3ff3btMOnKGBq/NciMqoAn?=

=?iso-8859-1?Q?oaOdrGp0CsdqImEMgFsjYD4K+/mle8c1na3Ympg3a9gaetFsjbXmFe+qJY?=

=?iso-8859-1?Q?ev9mu1Gfx5BwPdH96p5s5QOBLbIG1VvOnjDIfVr7IxZzLTuIbIjF/JFeoD?=

=?iso-8859-1?Q?goFXv+j/127qM0iUUS9j9dgXl+z1djg7zHtC+0DZsqI8hIbJfaF/tWqJ1e?=

=?iso-8859-1?Q?TS3u287wbPHiaIeOeFfOdFaGXduuJraoGgdHOxFsUhu44sGJP+mKRy5ZzJ?=

=?iso-8859-1?Q?4n8a5Lqf5lvVZU0AKGOWeEcGyyECDI7yF7t3U0k4tZC515+EM6i01h4oR2?=

=?iso-8859-1?Q?tM6hl43FInB9YxL1PnWTe8jkSVhl8vkDngxsE4DjpIgYHvB3Sntpe9dBYe?=

=?iso-8859-1?Q?cdIatHpvVRVtbUjjLj2buIVaiatclEYhEIVVYmcWABXjO9e9wdkUxymc2S?=

=?iso-8859-1?Q?Wb+bCozVR0F9Ln4ag0fXPfjcIJvoXazH2Bba36CUqjgCFMgRsaMAMPuaCk?=

=?iso-8859-1?Q?+geOEFEsBMvFVMJQM+JO51R1P26joJgGr8tbQCTWjXwtiqc5tETHK4FB3g?=

=?iso-8859-1?Q?g2YrvqqsUwoFvjWXmoP4KvzadGygfn6IpmorIvhuSn88ZeMQLosrSOyqjp?=

=?iso-8859-1?Q?F5C9SrpcLszTTpLHNPQCUHUumfayxyBLzFPwbnS/rcH+9KidYbLXzfZYpw?=

=?iso-8859-1?Q?SjB5HJCjSXjiJHYepcRqTL4Iw7xhyXVLk1u1TtqVZxVsrK1StTHEhCSoRG?=

=?iso-8859-1?Q?myOrxo5cvTtAlrWG5pxuZVmwB+uI8Ey3ZNLxvnjNV+ulVHwJsi1jvwRzv3?=

=?iso-8859-1?Q?BuGdgVdna1ZrFAD8wYAiZjpJ69PSMv9FaXiO0k3Pv04MGT8LddT7X9fzwA?=

=?iso-8859-1?Q?vVfXjb+rShKfnUjs6ZtusZY6zlENM+4dkLG911tPUok+OFUGcowjtDgYjg?=

=?iso-8859-1?Q?vesqCK8vB4iDBKpie4pLvEKdNJYvFekrGjIi9fZiyZJu6F9wCW8uk3LSWo?=

=?iso-8859-1?Q?5LRecoys7uzFbgyektY5sepCWEQVziMKnNNHPS288HkzE/w1Hk4sj7Nv2k?=

=?iso-8859-1?Q?N53gJoXGn+15g8VN7eHVtyBwAURinopIT6qQzI/FfVQ20m8ogUNgHC1JNe?=

=?iso-8859-1?Q?vQ0vbBg6ErxXNs7VQWc1i4sHbofLmnnaVLwsoNgeO4f6x5eyCMSJNlocTe?=

=?iso-8859-1?Q?7zflSBzdz9gvNIasLldW/NK4wymn06mkcwoITpvVxCQ03ehG/zdg6efkUS?=

=?iso-8859-1?Q?2jHD6QHYbilJ6nJeYmYr9vLg7SYkdwr1z/HEMspIfGMy9xutP0tNtBO8BE?=

=?iso-8859-1?Q?YNCWwCtWuHwmwWubVjGYFcgH+vsywsxtJk7i5dq/rqKaWjgQR3sXoY5Ska?=

=?iso-8859-1?Q?KnJlE22QfA?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

x-ms-exchange-antispam-messagedata-0:

=?iso-8859-1?Q?H5RQ+DVTTfXIjNDhemhTalsEMSKEV1KZsBg5q2vaewqEtO50UD3uI/z331?=

=?iso-8859-1?Q?oPbrnNdX7QjAPMd6me7T5olY/thoiS2BdayJwDGGw2bEjqiQNliKLTgo5C?=

=?iso-8859-1?Q?attV35mMnPnJmGeL7SwusTsk8gkeI6uk+BRviPoGVoyGlAn0SZh8ksLERn?=

=?iso-8859-1?Q?zK3m8wT3H5H+S1lrB3w3ulJX7pTXC7YMA+K3xkJ8gqOkVBsTvxg4wVJQlS?=

=?iso-8859-1?Q?19JagjKyi6N/wDQ9M+AE+RUoVjUnNezgNFbt81nrK2gMtVvt0AUi+52Zl2?=

=?iso-8859-1?Q?uBvYlWF57a0UIiQTyywogGtr+2UoWJebhMZQ5PfGAfFrZOR/gvR4/dw/PH?=

=?iso-8859-1?Q?aCOBdBLzJO8IrMiq+XPdphmHiMr0ktxHHG8IZEdPWJztzErUR6/wGyCpkK?=

=?iso-8859-1?Q?DX150+k55hPAmlr9ldTR/ZgqLAwxVRJnFj3s0NRAP7NV5zujxNo4ckWzka?=

=?iso-8859-1?Q?6vtJWiVMm5DDWdeL0f9pSdyzE1vcpg3Ztqb3Ta8z1Hipnt+wyxDI2VY5q0?=

=?iso-8859-1?Q?m8Fa+WMwiKVSd7GyRD5/y73FpNUEPuOHFhCz/cCETSBM9zfcWTJZnMDsuu?=

=?iso-8859-1?Q?mHrrMbTW0K0lYxj1ak0EokU7Y+bm7fS9OEY02sn+jrP96itVa3iruSRfMP?=

=?iso-8859-1?Q?TXt8YzjUwMe/LcZlP2ezg0X0+lzYJ+KNqBHISdtNIsO3Vedn1L4nqRNiot?=

=?iso-8859-1?Q?ZO+u3VivZjS3Roz6GPHSndLmKAbjpBN7XqjRQ5GhRT42VP406181pbW9+F?=

=?iso-8859-1?Q?G7Lz/yXPGMPCZFcw8U5fdxL97idjDFVBwF8A7lY1GtMYp+L3QzKvCY0WL2?=

=?iso-8859-1?Q?TZeYa9o7tz1CAt17qu9urUauXIf09WViuIacIGvdZ2qtI9G1PmNWdJWbTx?=

=?iso-8859-1?Q?/RMO1RyI2Syhn5ARd9n0vrq85Sj3gWoHVvfN4cz04DmPIayO91NNfrwlUv?=

=?iso-8859-1?Q?JSWQl2P8oxq5h3xLkGQcpeWsZrwZYM9pT6SIg8+rMKyZg/jJQ1nYwBvF1a?=

=?iso-8859-1?Q?58vRO9O3HBVioe1zb537zfZLl1Tt54ide+HtAgTlz88eqfgRH76X2n8bei?=

=?iso-8859-1?Q?u+de13fC6KZAXJR7dhx9wuQpcEBpAQ54gO90GfqA48OBxAd4d6wDwqLnKR?=

=?iso-8859-1?Q?iPBq2R4Vocy1pKMPCe1DtU32UAagGSFWgoqRzl9zwJJ/+Eb/KlmQ4SCNXD?=

=?iso-8859-1?Q?Uoc/tDOwxuJB/rhAkir7/C/PAekCos8VmtQdU4o5dioNfRyMwAu6bao4uX?=

=?iso-8859-1?Q?gTCw0NGSMTDdD6giWaMhLYNKCUF8OGy1WoG8mt7rwaEdy7S4VGIfbIb/rb?=

=?iso-8859-1?Q?54bK8HngrDi0PekD6YcFPD7QTK9TZyabdeACjk272BxW9sBKdUi4q/Qwyn?=

=?iso-8859-1?Q?qxpPdHQUf36eH60LzMvv1aZulaV6QPwiqxx5JoEJyn/V7gg9tGcU1oOFoF?=

=?iso-8859-1?Q?fUGXUJ30DkFk7tNDJfeaV6Yd7oQwTu7xW/8PEC29K7q2spufgDrWuxumbL?=

=?iso-8859-1?Q?AK/JGHta3tYPQsn7O2BhwV?=

Web/SEo/App spam from Google Gmail

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 07:33:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMnEB-000000002Nx-1wJR

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 07:32:51 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 07:32:51 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pj1-f71.google.com ([209.85.216.71]:52686)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMlCX-00000000CxE-48ZW

for root@nk.ca;

Tue, 12 May 2026 05:23:11 -0600

Received: by mail-pj1-f71.google.com with SMTP id 98e67ed59e1d1-365faf6006dso6388372a91.1

for ; Tue, 12 May 2026 04:22:13 -0700 (PDT)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20251104; t=1778584927; x=1779189727; darn=nk.ca;

h=to:from:subject:date:message-id:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=TDCLnUlbUnjLtvPYqeoX3iEqX47llImd0GTsWzqWE34=;

b=XgkEt226cRgnAJK/kNZWkA/ScyWaOrObtqkw9k6bh7nZQxui010jv+zvDp5iguMiYc

q3w+gDAlSlSQC9j/6j+oIVPfNN5iIkzAUb8YKKFL4DDI5qRX6rt9TE9ikRtrpo45ngRr

ApD5gkDJPw6qF5LaY0MnFcjYyWImUNBh8kuZWGgi/heNq38d+Dr5FZ/9rzzau8P9mlMt

ZZxXOqQNNWiKDtT+9TB7LZnoH9ZxD87j6QI4pkbtjd51Ba3srXfaSksw/4P/zGS96gcg

jz8B6HwTfQfKk6wEr3l6RefxCls6i/AhxtgbHxjKDMmByXMbVqtyhyq+qBZGUWsKGgPx

AlFA==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778584927; x=1779189727;

h=to:from:subject:date:message-id:mime-version:x-gm-message-state

:from:to:cc:subject:date:message-id:reply-to;

bh=TDCLnUlbUnjLtvPYqeoX3iEqX47llImd0GTsWzqWE34=;

b=Iq/nMxg5DZPsJjsKhjEs7t2qDZoMuY2E4uJYI4F014UVQVrYCCsylNbB3Ov+IsUUoR

ZGz4IZCaDuMf4hybgvZq3RsOAXdwejAaEvysOQycFow+x+3o/ijxrkKzD07tAcraDM27

xLSmAtggwGOH8dgC2NZxWP7AwNF3gsy2DVcLsx9AT3m1QRHL7pNI9UxXqFPJ0klHUO03

VqV+5xDtzpwvQwwzBzjuV+q0miCoYwYtTYp7L118ENMKcqyaaFJcD3Lue+bukfEe085M

QG6TVtBD3qZNOUReRPnyKNDFaWw66rDjNa0GzGTauZFek2j1xHn0JtHgcQWwJpuf9qWg

3VAQ==

X-Gm-Message-State: AOJu0YwJ4yckKsiZW7F36CuOpffUxcS69VYnakdYb7YoR8zmMNMTeoKR

ftRIA00ZJcr+Z+gCw7JER5Q4yAvgkc2zWdkpf+9G/9YK6220fFW/uNDdXyDLORrjplXy2G/j8u9

EtpGqQQ==

MIME-Version: 1.0

X-Received: by 2002:a17:90b:3d50:b0:366:346a:6891 with SMTP id

98e67ed59e1d1-368b269e663mr2883002a91.16.1778584927554; Tue, 12 May 2026

04:22:07 -0700 (PDT)

Message-ID:

Date: Tue, 12 May 2026 11:22:07 +0000

Subject: =?UTF-8?B?V2ViICYgQXBwP/CfmIpyb290QG5rLmNhIA==?=

From: shikhalim87@gmail.com

To: root@nk.ca

Content-Type: multipart/alternative; boundary="000000000000cf4fc206519d1237"



--000000000000cf4fc206519d1237

Content-Type: text/plain; charset="UTF-8"; format=flowed; delsp=yes

Content-Transfer-Encoding: base64



SGVsbG8sDQoNCkFyZSB5b3UgbG9va2luZyBmb3IgYW4gZXhwZXJ0IHRvIGNyZWF0ZSwgZGVzaWdu

LCByZWRlc2lnbiwgb3IgcmV2YW1wIHlvdXIgIA0Kb2xkIHNpdGUgaW50byBhbiBhbWF6aW5nLCBw

cm9mZXNzaW9uYWwgbmV3IHdlYiAmIEFwcD8NCg0KUGxlYXNlIGxldCBtZSBrbm93IGlmIHlvdSBo

YXZlIGFueSBwcm9qZWN0cywgSSdkIGxpa2UgdG8gc2NoZWR1bGUgYSBicmllZiAgDQptZWV0aW5n

IHNvIHRoYXQgd2UgY2FuIGRpc2N1c3MgdGhlbS4NCg0KQmVzdCBSZWdhcmRzLA0KDQpTaGlraGEs

DQoNClBTOiBJIHdpbGwgYmUgaGFwcHkgdG8gc2VuZCB0aGUg4oCcUHJvcG9zYWzigJ0gYW5kIOKA

nFByaWNpbmfigJ0gZnVydGhlcm1vcmUuLi4NCg==

--000000000000cf4fc206519d1237

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hello,

Are you looking for an expert to create, design, redesign, or=

revamp your old site into an amazing, professional new web & App?

P=

lease let me know if you have any projects, I'd like to schedule a brief me=

eting so that we can discuss them.

Best Regards,

Shikha,
<=

br>PS: I will be happy to send the =E2=80=9CProposal=E2=80=9D and =E2=80=9C=

Pricing=E2=80=9D furthermore...

--000000000000cf4fc206519d1237--

Spanish language spam from Google Gmail Part 3

Posted by Dave Yadallee on





pt 0.5in;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif">
pan style=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">1=

)
;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-si=

ze:7pt;line-height:normal;font-family:"Times New Roman"">=C2=A0=

=C2=A0=C2=A0=C2=A0


Georgia,serif">Fabricamos directamente desde sus

planos de especificaciones =E2=80=94 sin cambios sin su aprobaci=C3=B3n
an>






1pt 0.5in;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><=

span style=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">=

2)
e;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-s=

ize:7pt;line-height:normal;font-family:"Times New Roman"">=C2=A0=

=C2=A0=C2=A0


Georgia,serif">Un solo punto de contacto por proyecto

=E2=80=94 sin confusi=C3=B3n con subcontratistas






1pt 0.5in;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><=

span style=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">=

3)
e;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-s=

ize:7pt;line-height:normal;font-family:"Times New Roman"">=C2=A0=

=C2=A0=C2=A0


Georgia,serif">Entrega de obra limpia, lista para

fotograf=C3=ADa






1pt 0.5in;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif"><=

span style=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">=

4)
e;font-kerning:auto;font-feature-settings:normal;font-stretch:normal;font-s=

ize:7pt;line-height:normal;font-family:"Times New Roman"">=C2=A0=

=C2=A0=C2=A0


Georgia,serif">Garant=C3=ADa completa de mano de obra en

cada proyecto






in;line-height:107%;font-size:11pt;font-family:Calibri,sans-serif">
yle=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">5)
style=3D"font-style:normal;font-variant:normal;font-size-adjust:none;font-=

kerning:auto;font-feature-settings:normal;font-stretch:normal;font-size:7pt=

;line-height:normal;font-family:"Times New Roman"">=C2=A0=C2=A0=

=C2=A0


Georgia,serif">Licencia RBQ (#5841923501) y totalmente

asegurados






ze:11pt;font-family:Calibri,sans-serif">
e-height:107%;font-family:Georgia,serif">Llevamos m=C3=A1s de 16 a=C3=B1os =

trabajando en Montreal y hemos

completado m=C3=A1s de 500 proyectos en la isla, Laval, Longueuil y la Cost=

a Sur.






ze:11pt;font-family:Calibri,sans-serif">
e-height:107%;font-family:Georgia,serif">=C2=BFTendr=C3=ADa sentido tener u=

na llamada r=C3=A1pida de 15 minutos esta

semana? Con gusto compartimos nuestro portafolio y explicamos c=C3=B3mo tra=

bajamos

con firmas de dise=C3=B1o.


signature" data-smartmail=3D"gmail_signature">

=3D"color:rgb(34,34,34)">Thanks & Regards
Hani
Business De=

velopment Manager
Email:=C2=A0
(233,238,246);color:rgb(31,31,31);font-family:"Google Sans",Robot=

o;font-size:0.875rem;text-align:center">
uction.ca" target=3D"_blank">sales@trossconstruction.ca
Ca=

ll & Whatsapp:=C2=A0
Lato;font-size:15px">(438) 920-8647

>
Website: www.
=3D"color:rgb(32,33,36)">
_blank">trossconstruction.ca

34)">Address:=C2=A0
to;font-size:15px">7131 Rue B=C3=A9langer, Montreal, Quebec H1M 3T5, Canada=




loads/2019/05/Logo-TROSS-Construction-Vertical.webp" alt=3D"trossconstructi=

on" width=3D"200" height=3D"128">





--0000000000009b1e5406519a3e97--

Spanish language spam from Google Gmail Part 2

Posted by Dave Yadallee on


--0000000000009b1e5406519a3e97

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable



Hola,



Me pongo en contacto porque trabajamos con varios dise=C3=B1adores de inter=

iores

en Montreal y creo que Tross Construction podr=C3=ADa ser un socio comercia=

l

valioso para sus proyectos.



Nos especializamos en gabinetes de cocina, vanidades de ba=C3=B1o, sistemas=

de

vestidores y fabricaci=C3=B3n personalizada de cocinas completas =E2=80=94 =

construidos

exactamente seg=C3=BAn sus planos, sin excepciones ni sustituciones.



Lo que nuestros socios dise=C3=B1adores valoran m=C3=A1s:



1) Fabricamos directamente desde sus planos de especificaciones =E2=80=

=94 sin

cambios sin su aprobaci=C3=B3n



2) Un solo punto de contacto por proyecto =E2=80=94 sin confusi=C3=B3n c=

on

subcontratistas



3) Entrega de obra limpia, lista para fotograf=C3=ADa



4) Garant=C3=ADa completa de mano de obra en cada proyecto



5) Licencia RBQ (#5841923501) y totalmente asegurados



Llevamos m=C3=A1s de 16 a=C3=B1os trabajando en Montreal y hemos completado=

m=C3=A1s de

500 proyectos en la isla, Laval, Longueuil y la Costa Sur.



=C2=BFTendr=C3=ADa sentido tener una llamada r=C3=A1pida de 15 minutos esta=

semana? Con

gusto compartimos nuestro portafolio y explicamos c=C3=B3mo trabajamos con

firmas de dise=C3=B1o.



*Thanks & Regards*Hani

Business Development Manager

Email: sales@trossconstruction.ca

Call & Whatsapp: (438) 920-8647

*Website: www.*trossconstruction.ca

Address: 7131 Rue B=C3=A9langer, Montreal, Quebec H1M 3T5, Canada





[image: trossconstruction]



--0000000000009b1e5406519a3e97

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable




ne-height:107%;font-size:11pt;font-family:Calibri,sans-serif">
=3D"font-size:13.5pt;line-height:107%;font-family:Georgia,serif">Hola,
<=

br>






ze:11pt;font-family:Calibri,sans-serif">
e-height:107%;font-family:Georgia,serif">Me pongo en contacto porque trabaj=

amos con varios

dise=C3=B1adores de interiores en Montreal y creo que Tross Construction po=

dr=C3=ADa ser

un socio comercial valioso para sus proyectos.






ze:11pt;font-family:Calibri,sans-serif">
e-height:107%;font-family:Georgia,serif">Nos especializamos en gabinetes de=

cocina, vanidades de

ba=C3=B1o, sistemas de vestidores y fabricaci=C3=B3n personalizada de cocin=

as completas =E2=80=94

construidos exactamente seg=C3=BAn sus planos, sin excepciones ni sustituci=

ones.






ze:11pt;font-family:Calibri,sans-serif">
e-height:107%;font-family:Georgia,serif">Lo que nuestros socios dise=C3=B1a=

dores valoran m=C3=A1s:

Spanish language spam from Google Gmail Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 02:01:00 -0600

Received: from mail-dl1-f65.google.com ([74.125.82.65]:48562)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMi2Z-00000000NSV-1Thk

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 02:00:42 -0600

Received: by mail-dl1-f65.google.com with SMTP id a92af1059eb24-13354eb66baso268358c88.1

for ; Tue, 12 May 2026 00:59:44 -0700 (PDT)

ARC-Seal: i=1; a=rsa-sha256; t=1778572777; cv=none;

d=google.com; s=arc-20240605;

b=Sq8tcyvFPA3xaPvXYvfL0kP/Ho/2PrbjmUoUNGiSz0ji9F27GlIqb31Hv3tH54vVJ0

TW0fpkrP0Bs1tG2kP0NZ8RuE1BPUYFRACcXJaMFsse6h8agw54ksCCsXLnAhCuLEUc2d

4i9IeiSrbPKEDMHudyXtJeSBufCh1aC/yLZCA2hPmukBezmfWRxPcunTiJdZh1Y7XnSN

ZCJqgkiUTQYleoHvJb7vfHB7dQIcfYSukcdUK70KfVbZSpcfZhuP6+A3ThJ4E2pcsFFE

5zjIvWPziqBgybti898OLMROZPH3d5jtaz6cJ4SNhkSVx5Be0shIbIBcwrWOsJ+/51VY

IOYQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=Hg9kkQs443oyZ+Byfc2R6mws3MeMEPPD8dyiLWlI2mQ=;

fh=X3N1yKvW7O7RgMsGsVx0sWkFUFw+XQxrAeDD6MdfrZo=;

b=Fa4msEbEGj9hZYtkFjhbzN7DZiEKxli7ySYSFQc2JXcJTkfet0tivvlmfncwv173th

WqdRSidoP7PX5PvcIRHr8qV/dYDvMTklUxeoijTYnpG1Y4nYm3Lywml3BaydXwX5eE2k

7Fq0SmSdWpCkMO2HqNzRn8WZFh4uv0kkqJbTGsBk+NtZxW9Vfal0+GoxlsVTPrtPK0U4

NPmQF5N0Mw7XkalH8xoMBhWIL/T6RkyyRqNVjcjncChu8qtzJFGtACZhQUK284pBbCvI

eQ7nSd/O+j04iY6uY8OuM9586GoK+7gVYyk05Rn/i4r3tXv9fQVSPbXuW6I6TCrQdzwe

dqRg==;

darn=doctor.nl2k.ab.ca

ARC-Authentication-Results: i=1; mx.google.com; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=trossconstruction-ca.20251104.gappssmtp.com; s=20251104; t=1778572777; x=1779177577; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:mime-version:from:to:cc:subject

:date:message-id:reply-to;

bh=Hg9kkQs443oyZ+Byfc2R6mws3MeMEPPD8dyiLWlI2mQ=;

b=pgeDARMc98l7x6gsJh6SAB4P+YLvDlO+d3XJu3rKfaOdwiBDmx03xTN6KJQi1rw7SD

KGkkrGwJP09lOOHO8ZAS1eY89I0y6oTII/1HFDNqa8KEOx4dsSfgBWfmImIJskR0G9/0

KDAUaZyaW7USkt+w6aUI7sJZXuNyPyyne9w9LjLOo5ols2HK6Y2AV/uZ9JJOJDqQXzhd

LLpMhd/jDwnmDzAhtmBpTf4GQLu9X2BcZgQGsY4m4Am28TT32hwPSmXbA6iCGFhiC/7r

SGNoYLOJB00kfcZ/GOjObwpt+ZFEtLHasuLPUs0zdIozR/VP8DESFdM58omXx7D69U8u

iyrQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20251104; t=1778572777; x=1779177577;

h=to:subject:message-id:date:from:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=Hg9kkQs443oyZ+Byfc2R6mws3MeMEPPD8dyiLWlI2mQ=;

b=ryZNmfW+4jttxNBw1mqdnKmFW1XqLTViHPgqdPmfK9HGgEMZ0NeBUuj+Bbic3IVoI5

ZHaeN3+tRmYCmREFJAZ0gArwHsmFfWQ4dKJly3o+jwhBVrF3uK49UWJq8fcK47/0Qulz

4+bhp8X5yIqSkih1Ugdqr/YmW+JYintxOuaK2A7+u40BMcWMyCpj5s2pXwKvDGfDYriU

aQtlm2ox1RvZGCYe+uzNbsA+cx8cqLbSSluxMCcbxv8eDD6rMSjvyXNUEimujiqWDBuR

DgmaDoTaq2BXVhSLYEYHsO3I/JxmEFLGnFa35/PPWAGIR/+lfnWeJ9HcE4+64p8lwmKb

p0Bw==

X-Forwarded-Encrypted: i=1; AFNElJ+cB3ttrsdVmY4e2u22ePRVPlo5dVBjymHb3bAa8Pheg/v/K9gNdQHyQQ6I/cU/qylkTtU7@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyQ618wSMmOKydw9vmacmfLk0qDWioHpknE/1ef1H4Myo/ATlh5

ovtmuxD3cLV3HppKUf5m3/D/LZw4dGN91YAU/q7SWjRbQ5xJNJ1KNCa0NaKgJllTgRn9yY56lkp

F+8qetro2PWIJOVLG1tlLmNK5hEI6mdRD6NL4frALhQ==

X-Gm-Gg: Acq92OEs/BKGpbkhAF/5IkpmgPevYb+03tKPJ+i5ZB1EaHHh0/iH0KNmcjB9HTKl+79

f2qxpe3khu2PbnuSDqHbs3i4zk1phqhVCyTv++dVA3Bo7PNXCr41OHhC0dO7skkp1L2uNa+RAlr

dCubacTzPeJkJdPZj/pAyQI/scWeJNdqG2THb1KYBSS6odso/XJRRVAysL5GbHfR5ETyh+4sWdd

+MMLz+ISuOocGeXs1TvVLQRxvfKr6mjoRLGUDI+P2RCwZWXsgyW/slgWv+NzH2xYK9t

X-Received: by 2002:a05:7022:45a2:b0:12a:b932:81d3 with SMTP id

a92af1059eb24-132a83f746dmr6525396c88.26.1778572777426; Tue, 12 May 2026

00:59:37 -0700 (PDT)

MIME-Version: 1.0

From: Tross Construction

Date: Tue, 12 May 2026 13:29:26 +0530

X-Gm-Features: AVHnY4LxZ_hmy6MzRrLj2QyGlZ5O9dT1F8q1hB1nE3OhlJW9E1Mr_Dc7Irztw7o

Message-ID:

Subject: =?UTF-8?Q?Cabinet_Fabrication_Partner_for_Your_Montreal_Projec?=

=?UTF-8?Q?ts_=E2=80=94_Tross_Construction?=

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="0000000000009b1e5406519a3e97"

Bcc: dave@doctor.nl2k.ab.ca

X-Spam_score: 5.3

X-Spam_score_int: 53

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Hola, Me pongo en contacto porque trabajamos con varios diseñadores

de interiores en Montreal y creo que Tross Construction podría ser un socio

comercial valioso para sus proyectos. Nos especializamos en gabinetes de

cocina, vanidades de baño, sistemas de vestidores y fabricación personalizada

de cocinas completas — construidos exactamente según sus planos, sin excepciones

n [...]



Content analysis details: (5.3 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

[74.125.82.65 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[74.125.82.65 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

[74.125.82.65 listed in will-spam-for-food.eu.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[74.125.82.65 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[74.125.82.65 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[74.125.82.65 listed in bl.score.senderscore.com]

1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.6 J_CHICKENPOX_74 BODY: 7alpha-pock-4alpha

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

Subject: {SPAM?} =?UTF-8?Q?Cabinet_Fabrication_Partner_for_Your_Montreal_Projec?=

=?UTF-8?Q?ts_=E2=80=94_Tross_Construction?=

Clothes seller spam from Microsoft Outlook Part 2

Posted by Dave Yadallee on


x-ms-exchange-antispam-messagedata-0:

=?gb2312?B?OTZ2ZUFlSTRTcXBiWDFtY3krcHlva3lYUERjT1czVEtXSC9VK0ZpcVhjYm9I?=

=?gb2312?B?dXMzbXRRN3lTN1VpTXc1MVFqeGVDUERwb01xM3U0SzRtMTk3V2RwSlJYallN?=

=?gb2312?B?VHd2UkNxeURpUzBjL2EvaThEckpGZDVreElMbWdhcit1VGZJQjZlbkFnYkRk?=

=?gb2312?B?WTdHWFQxU2ZYUUFCOVFBZGFvdDJQZ0o2ZUMzZ3ZDeDYrQWJZWXNHMGtYZWhq?=

=?gb2312?B?ejAxSmFmL3l2UjNMSnNuZkZydzluVG16bHdQY29ZZWdETVVjOTJCTHBqazVk?=

=?gb2312?B?Rmc3eDVxZDd3cUc2azd1VFp6N0p6KzhXNk9POVd6SUREN3BTYlE5N0JoWnFH?=

=?gb2312?B?cUJDZ09jWG8wUkUzOUNlMHVuakU3OVJHVnN4MGZKeTRSUWo0ZUpkcUdKYjFn?=

=?gb2312?B?VFpjdThCeGZpNjMzK0RPSGNUbG0rZHJlbERQdVR3dDJNbGFqUGpHSHh4czJL?=

=?gb2312?B?UGVXQVZnUFh2ZU1HUjdROG9yVFRBUWgrTGRFUzNoZEZQcVp0WUFodjQwV3ZM?=

=?gb2312?B?dy9uenhYdkh1YVQ5WG5ONGdmYXcvalFSVFIrejZnajg2aGF6b0JKVzNoMGVn?=

=?gb2312?B?NTdiUHVMWEdvby9Oa21UMHBJazAzYXlwMFFOQmpsWnEzOVVFMnhUQlprUGFS?=

=?gb2312?B?RlpLNi9yRGdJQWFrbU1kbElKWEFGYlFUTXN6cG1Sck1aUG9yUlJIWFFlZFpq?=

=?gb2312?B?dTBJNlhvMTlWWm05WWhPTkpoVGJwa0orbTg3YnBzcDZwcEk1SDMrbWRLQk8w?=

=?gb2312?B?TXluV083dXZzUHFmYUZpWFNha3Z0KzUzbVpJOW8xRUJ6Y1dJMWFWRUVQWkhR?=

=?gb2312?B?M3JZRkZQQ2FGMDYrQ0dPWFZpUU5CZE5rdEY0STY3LzNieXEyN21TOENSOHcr?=

=?gb2312?B?UFZ1SmJmZ0ZuSjJjd2FGN0dVaDJ6VEc0RlJnWjZ6M2FTbWpnUDdtVFlpZml1?=

=?gb2312?B?dUdZRkx4MWYzd010WXE3NjNZdWNOYmtlN2NtTDNxcnNYbjlMcjRWQUduU3Ux?=

=?gb2312?B?N09Zc2djdDhCaGY4MEhYZStjbDl2NHVtTDQwOGpxYXZrVkFnK2oxNmd4UHJw?=

=?gb2312?B?eG9VdXdSNDFmd3hIUEE4akFkdFhKMlVGRHJ5SFk1c0hhNEVGRUt6WmpjS0tO?=

=?gb2312?B?cXJtUC9FakRXRXNKZC9CbkFlNld3di9GMVg3NGduNlFqUmtlTUhwQTZuZ3My?=

=?gb2312?B?OWUxZDNxcDJ1clJSa0p3VGhTaE5PWnRYbUh1Z3MrV2NRTnJYOHNyRW5sK0ZU?=

=?gb2312?B?emttSVZhQ0JaVFNoT0s4aWFrK1BidkgrL0ZiUVJXaWhiS0RoVXY0VE9wZkRO?=

=?gb2312?B?K1prRnVEWHA0RDV6U1RYb1h1TlJQdnc1T1piL1VNWjRlRFZDNU80eFFYZmNY?=

=?gb2312?B?S2tZMG1nWXVFNk9oMWcydnMxVlJEV2pMNnhjeGtNb1JBTDJpeEJicVN5RFRt?=

=?gb2312?B?aDZjSy9vMGZndzE5VWNVdWZHUHRES24yZk5uV1lhRkUxWHpvT1BCc0o2dTdJ?=

=?gb2312?B?ZnVZRU9QTHVLVjR5V2RZRms0VWROaW1oZldiR1dCdDdhYmErZGU3MVpEaUF5?=

=?gb2312?B?RThiaFI1dktZZ2l0M0JiaTlNNzhGK0JyQUYwdndiKzBEQ1ZYbkRFWWdYQnVy?=

=?gb2312?B?M2diRDJyM3N3V3FSSzRqaHVtOE5Wa0F5UmtMWWhFQ1p3bGtzQ2RpTEEyeDFr?=

=?gb2312?B?OExYSWZSK3pocXRmSkVZdnh0V0RSZlZ0LzliOWlsRUpWUElIV2xTQzk3RDJC?=

=?gb2312?B?SklXSGNUTUVEODhEMEdtSUROQjBDYWxyMWVzWG5vNUhaZzQyc0xzK3NodFpW?=

=?gb2312?B?V09jS1JLWFFhaDZzZFBoM0laL1dqcmEvNC9sUkdpTTBGdTJ3SlpPZDliZ1cy?=

=?gb2312?B?OERxNDFGaXlrVFNOWFp4ekpRNUtYVitremVNQ3d5clJPYytzL0lXdGxVcThl?=

=?gb2312?Q?DlXZumjKQXPTbQGJRiB0fYOpvBOAoR2C?=

Content-Type: multipart/alternative;

boundary="_000_PUZPR02MB6287BCF0431F7418804FD568F0392PUZPR02MB6287apcp_"

MIME-Version: 1.0

X-OriginatorOrg: outlook.com

X-MS-Exchange-CrossTenant-AuthAs: Internal

X-MS-Exchange-CrossTenant-AuthSource: PUZPR02MB6287.apcprd02.prod.outlook.com

X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-CrossTenant-Network-Message-Id: 59df7f32-2116-4dac-31f1-08deafc079d4

X-MS-Exchange-CrossTenant-originalarrivaltime: 12 May 2026 00:50:34.4936

(UTC)

X-MS-Exchange-CrossTenant-fromentityheader: Hosted

X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa

X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000

X-MS-Exchange-Transport-CrossTenantHeadersStamped: JH0PR02MB6991



--_000_PUZPR02MB6287BCF0431F7418804FD568F0392PUZPR02MB6287apcp_

Content-Type: text/plain; charset="gb2312"

Content-Transfer-Encoding: base64



SGVsbG8gVGhlcmUsDQpJIGhvcGUgdGhpcyBlbWFpbCBmaW5kcyB5b3Ugd2VsbC4NCg0KV2UgYXJl

IGEgcHJvZmVzc2lvbmFsIENsb3RoaW5nIG1hbnVmYWN0dXJlciBhbmQgZXhwb3J0ZXIsIHN1cHBs

eWluZyBhIHdpZGUgcmFuZ2Ugb2YgQ2xvdGhpbmcuIFdlIHN1cHBvcnQgY3VzdG9taXplZCBkZXNp

Z25zIGFuZCBPRU0gc2VydmljZXMsIHdpdGggcmVsaWFibGUgcXVhbGl0eSBhbmQgb24tdGltZSBk

ZWxpdmVyeS4NCg0KSWYgeW91IGFyZSBjdXJyZW50bHkgcmV2aWV3aW5nIHN1cHBsaWVycyBvciBw

bGFubmluZyB1cGNvbWluZyBzb3VyY2luZyBwcm9qZWN0cywgd2Ugd291bGQgd2VsY29tZSB0aGUg

b3Bwb3J0dW5pdHkgdG8gc3VwcG9ydCB5b3Ugd2l0aCBjb3N0LWVmZmVjdGl2ZSBhbmQgcmVsaWFi

bGUgc29sdXRpb25zLiBXZSB3b3VsZCBiZSBwbGVhc2VkIHRvIHByb3ZpZGUgYSBjb21wZXRpdGl2

ZSBxdW90YXRpb24gYmFzZWQgb24geW91ciByZXF1aXJlbWVudHMuDQoNCkJlc3QgcmVnYXJkcywN

CkFuZHkNCg==



--_000_PUZPR02MB6287BCF0431F7418804FD568F0392PUZPR02MB6287apcp_

Content-Type: text/html; charset="gb2312"

Content-Transfer-Encoding: quoted-printable
















nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Hello There,



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

I hope this email finds you well.



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

We are a professional Clothing manufacturer and exporter, supplying a wide =

range of Clothing. We support customized designs and OEM services, with rel=

iable quality and on-time delivery.



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

If you are currently reviewing suppliers or planning upcoming sourcing proj=

ects, we would welcome the opportunity to support you with cost-effective a=

nd reliable solutions. We would be pleased to provide a competitive quotati=

on based on your requirements.



nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">







nt, Aptos_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; c=

olor: rgb(0, 0, 0);">

Best regards,  



Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">

Andy








--_000_PUZPR02MB6287BCF0431F7418804FD568F0392PUZPR02MB6287apcp_--

Clothes seller spam from Microsoft Outlook Part 1

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 11 May 2026 23:01:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMfEK-00000000KRB-0Udx

for dave@doctor.nl2k.ab.ca;

Mon, 11 May 2026 23:00:28 -0600

Resent-From: The Doctor

Resent-Date: Mon, 11 May 2026 23:00:28 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-koreacentralazolkn19013085.outbound.protection.outlook.com ([52.103.74.85]:30138 helo=SEYPR02CU001.outbound.protection.outlook.com)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMbM1-00000000N2x-1vuJ

for doctor@nl2k.ab.ca;

Mon, 11 May 2026 18:52:20 -0600

ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;

b=S6dhwheDpZFbJpdHYSu6eisrgcgMJ1Xn3HFm1cFmtx/2y5IYdySBcZMjZ31ixPkqhtQ+UVrpDaqcLr/8QS6qffNr7X9W6CKvTJewiPpUVR87IUtKpK5mTyBwS55nO7vzN8Z/9uTs20FdMx1hLS29cOACBurChTUynwJOthnzfE8ULaTV3GPqJan1U3f4jrNpZAKxDnOeljhrnvikdWLTMkHmSQyTvUmSNzXe+3aXmqk6zS4sT5K15s6diwqHu9rvAROeIpKYl9+3hMujVcY/GX6+0UNdlT5d5fLqCaOS5n/plyGyHYLevZLiZcnBEEPrzDstH8v15RS6b+N4zLHItA==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;

s=arcselector10001;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;

bh=q/13iLsQ1UzDV0PhtlAfxewU96PKrppE8TU/sUs6r8s=;

b=S7ivRjZpOzqN6ehyW3P7CkQicGIzLwuX6CBizePEhCjDJBIJefJCT3bevCMDo/2DAa9M0AD6EoQefJ5ArFZdi2uR0jEFIKO0TuIY1xlec3excORNbTedXHIDoaAQ7d3aX1Z2EenZaAmXEin7+fU1rs4dnP53PO5/2M1snWRGo7miz8kQ73YV/e8g/gXOp39jmaAhrns9Kn2uAyvhwIu14xYojWEtS961mo2gPXAixUet2ZWl1wdsVbfQ1y0RKXfmGt5zdm0BzS+xcbJWRxtERrpgdgrPcFPx4iCtScYlLBYCod4t7M0EuEPuh3tggS1eJ6kIdiCeLUY8FLPfOMCHtw==

ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;

dkim=none; arc=none

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;

s=selector1;

h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;

bh=q/13iLsQ1UzDV0PhtlAfxewU96PKrppE8TU/sUs6r8s=;

b=dOJTa20dg9u2hrUzxwAx55JphPNruzpfIiSfN9TZUmHlmUUD6dhqCaCtN5I4yKIAiYEY8VRBj4g2JmErPME1TzpLVv69qwWVB064lYFaKNu1jS7XJI/zzJOJpE1jqys7/KHGNAKQCbjatVepBngQrAYOVxSWExfhq73MEChhE7MMVg3aCW9nYIcTRhgzM71lJzPuSx8yI6vRDjqhtAj/I59jZgnz/HIVV0beddj5duwvNPwwPF3xkbyyd3ezTzlDhWoI6yZ0Ea7RNkpUh3hM2Av5ThiswY7tl+MBhJrzwIz0dkGXTQCwAdghjleN50x+u0V+MRaLZ7lAzXqS5gCaBQ==

Received: from PUZPR02MB6287.apcprd02.prod.outlook.com (2603:1096:301:117::8)

by JH0PR02MB6991.apcprd02.prod.outlook.com (2603:1096:990:44::6) with

Microsoft SMTP Server (version=TLS1_2,

cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9913.11; Tue, 12 May

2026 00:50:35 +0000

Received: from PUZPR02MB6287.apcprd02.prod.outlook.com

([fe80::e2f0:3cef:a29e:8317]) by PUZPR02MB6287.apcprd02.prod.outlook.com

([fe80::e2f0:3cef:a29e:8317%6]) with mapi id 15.20.9891.021; Tue, 12 May 2026

00:50:35 +0000

From: G Y

Subject: Clothes Seller

Thread-Topic: Clothes Seller

Thread-Index: AQHc4alUf24oR2Pwl0CyxvcMpS9CLw==

Date: Tue, 12 May 2026 00:50:34 +0000

Message-ID:



Accept-Language: zh-CN, en-US

Content-Language: zh-CN

X-MS-Has-Attach:

X-MS-TNEF-Correlator:

msip_labels:

x-ms-publictraffictype: Email

x-ms-traffictypediagnostic: PUZPR02MB6287:EE_|JH0PR02MB6991:EE_

x-ms-office365-filtering-correlation-id: 59df7f32-2116-4dac-31f1-08deafc079d4

x-microsoft-antispam:

BCL:0;ARA:14566002|55001999006|37011999003|45011099003|7071999006|24071999003|39105399006|16051099003|31061999003|20031999006|704163111799003|41001999006|2604032031799003|15030799006|15080799012|19110799012|8062599012|37102599003|8060799015|440099028|3412199025|3430499032|102099032|56899033|35041999009|41105399003|40105399003|39145399003;

x-microsoft-antispam-message-info:

=?gb2312?B?WmZYS0lpMC9MRXhSMVc4WHJqOCtvZnRGYWR1T2xnS200MUpoQlNERWtGczlH?=

=?gb2312?B?S2t0dEk1OVIyelJCRStsSVBzVFhBejlKNS9UQUFBRERURzMrcDd3R3hTaU1H?=

=?gb2312?B?WVN2VGRRT3ZVendsaHNGRFgzNUdLbG1JVm9ka1I5RWtIQVhDVGcxb2FFSXlG?=

=?gb2312?B?R1QxQmd2ajFibmY3RC9pUHN5T21VanpoRGJDTmpNc0pEYzlncVVQOUJWWHh3?=

=?gb2312?B?enY4TjdJS1IzWnBOcXVLTnRvU2ptclozTWMzeU1ka2xqZ1BzN2RJZWRudzJw?=

=?gb2312?B?VzZpd2NzMFN4Z3BEcTNCVW8rZUQxNDNlaVFPcURhbDRxZUVsdzU0SFVveGZy?=

=?gb2312?B?bWRkWGhybEJJZk1GdW5tTU12STlIV3FrWUtDOVNyaTk5eE4xWnA3SXBCUXJz?=

=?gb2312?B?ODZKYlRVNjVVR2Q0Y0g0eE85WnhXK1FnTWJ6ald5aHlKTWlqb1lidHg3MWta?=

=?gb2312?B?WmNUL3F3cnFXMEVoVDRQR2NZb254MEVySFlTNThjTlNXb1NPaTZlV0NSUkR3?=

=?gb2312?B?V1FlZ09IaEUxWEhVbkhxN05aN0I3TWpYbTcwcWVRQnJqS0FwTTZPNTA1ZkxF?=

=?gb2312?B?bG1lUURvVkVIaFVDWmFySFNUbXE4MGJnejc3amMzNVZrZHo3Q0xhcWsxcmtt?=

=?gb2312?B?L0NXQW5Nci96d0xadDlYQ2NJdjNYWFBsMTY1Z0ppWW1veEtyMFNWZDZHL2hq?=

=?gb2312?B?czFpY21wODd0Ukd6K3BhM2FVTUxCYmFCbUlzdjlvZGs1RmRTWDJTbW82a0hs?=

=?gb2312?B?cktqc3M5alhMZ1RKZStFZjBONTJGcGcxWGJhVTlkS0ZLMzk1K0VLWTBPU21O?=

=?gb2312?B?amV4U095VmRtR2hPL3BqMThDS0hZOTdlOFFPM21uNGRxZWo1cEZpYjBGUEx5?=

=?gb2312?B?cC9PRUdqWmo3M0VLN3A5c09senVHMHJkODhFRlIvWWFRSGg3UWNSb0RTY2k5?=

=?gb2312?B?TVltQkI0YzFxWGJDZGJxMDExUWhvTEdmVjN5ZkJEUU9MNHV4eUtpYWNDSGxW?=

=?gb2312?B?Vkl0YmtvNEtOaGF5S2RIMTJCWTdndDFEU21GWXo3ZWNKbmk3MnVERXVXUXND?=

=?gb2312?B?VHNhMjdJVjlsbmlJbDQyRGhqK1lxQTgrT3dLaUdQVXNIY2F4NDBXOWM4VEQ4?=

=?gb2312?B?RFZiM21XTGg2L0dkVm1wNkViaUs2VUVCbzlUQm1lZm1WcEsyNlByOHROcGNU?=

=?gb2312?B?c3gxZEpPNVROSHVyUVVEOUlIWWdnYm85SU1iUFVDRW9SRUNuY2w1SlZkVmZ5?=

=?gb2312?B?SDFyMEJkaks5bFdkQXhsdHh0a2hWOTJiektQajlObGFoUGxxNFhIZm5YQXJw?=

=?gb2312?B?NkVtNHBYbTZ0RnNKd2o5QnUxeEUweFNiUE1Xb3dLQ0FSRlJuWTVCSGEwcEd2?=

=?gb2312?B?ZWs4YytQRzdmMVBVb0xFMkh1R2FQNjRQVk9JSTlTWTFwQkpEcm1pNUxRZktZ?=

=?gb2312?B?TTJaajVCdUdVVHU0VVJmQ3FqQUVCK1loMWZOc3crTVZWeUV0SkRxaFp6dklj?=

=?gb2312?B?SFdpS2JSYTl6UjBjaXV6Ym9xc2VYSzRnVG83OHNUcTJUb2cvVXp2a1Nmd0VW?=

=?gb2312?B?VXYrQmtlZWdhWVFrSnE3QUpSK1VWWUpySEhKc1ZrRkJzVlIxWHlmZGhTMHRy?=

=?gb2312?B?VzZWZi9EUFN2Qkh4b2tHVDdEMkZMR2lPUHJCOFo1OWVUQVJzTWVjYWlFaW5s?=

=?gb2312?B?aWFhSVd4MzF4MVIvYTdWUTEyTnNYblpiWnFMRm0wV29vNUtZL0tNQnBNRUU0?=

=?gb2312?B?Q3NLZzloNTNtRDFnb0pPbnlVSncwUTZCRDJpNHJCQldYbW8xUGJrQ1JWRWdS?=

=?gb2312?B?WXpHeEVkWlZjc21ZVmMrK0psdGk1RFhXYTVBbkVrdjlSZGhrS0dLWUxxeStP?=

=?gb2312?B?QXA5SE90QWNPeUhuS2pTQS9rSitqTzhTajBxRjZvYUxIanc9PQ==?=

x-ms-exchange-antispam-messagedata-chunkcount: 1

Missed phone call phish from India

Posted by Dave Yadallee on
X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Tue, 12 May 2026 07:30:00 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMnBG-00000000IHY-1PyA

for dave@doctor.nl2k.ab.ca;

Tue, 12 May 2026 07:29:50 -0600

Resent-From: The Doctor

Resent-Date: Tue, 12 May 2026 07:29:50 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from server.exouzia.in ([162.215.221.35]:41588)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1wMmIk-00000000HoV-0kEA

for sales@netknow.ca;

Tue, 12 May 2026 06:33:40 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;

d=izanplus.com; s=default; h=MIME-Version:Date:Message-ID:Subject:To:From:

Content-Type:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:

Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc

:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:

List-Subscribe:List-Post:List-Owner:List-Archive;

bh=WC+ucP7naxNLRXWPtCcw8GAedFtkX1DFP6cJKJ6OwjQ=; b=iOWdDojPsUDIvk+5qG+atmz9CN

+NvlvJ9Po0ShoA0ZUadQnQP/qJHJcOpdYD9j2tJz/iapr3ggD8A2aw4vwQG9eSAU/cA7G34jV5X8m

UkIkt9x7VGKCaGHrx9fPrnpfEfDHVlt25q0gEtSJBZ7NYjSlOXg5FLTPwm7tZyIAHeQp6x5Uw9/xb

8AQP72o+c8jDjxQjX23acsvyQpz9luQ//2pnZJbEW36XqHnunbx/cHK+C5k8PxGF89DhjfkpQM6Y4

v6+M916vZExLwh5b460yfElO8HUbt20FpBvQFagb13crfyRuPzOyCFdvCoVBq0GAtXsSSTQookuXR

ij6ANsLw==;

Received: from [74.249.83.59] (port=50156 helo=[127.0.0.1])

by server.exouzia.in with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

(Exim 4.99.2)

(envelope-from )

id 1wLOrj-000000006xn-3eDn

for sales@netknow.ca;

Fri, 08 May 2026 11:19:55 -0600

Content-Type: multipart/mixed; boundary="--_NmP-03038608d17bc42c-Part_1"

From: Netknow VM Service

To: sales@netknow.ca

Subject: Missed Call - 5/8/2026

Message-ID: <9013a12e-abd9-508e-0889-f2686de7941f@izanplus.com>

X-Priority: 1 (Highest)

X-Msmail-Priority: High

Importance: High

Date: Fri, 08 May 2026 17:19:55 +0000

MIME-Version: 1.0

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report

X-AntiAbuse: Primary Hostname - server.exouzia.in

X-AntiAbuse: Original Domain - netknow.ca

X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]

X-AntiAbuse: Sender Address Domain - izanplus.com

X-Get-Message-Sender-Via: server.exouzia.in: authenticated_id: reset@izanplus.com

X-Authenticated-Sender: server.exouzia.in: reset@izanplus.com

X-Source:

X-Source-Args:

X-Source-Dir:

X-Spam_score: 12.0

X-Spam_score_int: 120

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.



Content preview: Netknow Voicemail System Hello sales,



Content analysis details: (12.0 points, 5.0 required)



pts rule name description

---- ---------------------- --------------------------------------------------

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[162.215.221.35 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

[74.249.83.59 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[162.215.221.35 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[162.215.221.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[162.215.221.35 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[162.215.221.35 listed in dnsbl.ahbl.org]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[74.249.83.59 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

[162.215.221.35 listed in will-spam-for-food.eu.org]

2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist

[URI: izanplus.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.

[162.215.221.35 listed in bb.barracudacentral.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

0.2 MR_NOT_ATTRIBUTED_IP Beta rule: an non-attributed IPv4 found in

headers

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[162.215.221.35 listed in bl.score.senderscore.com]

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts

0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag

0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid

0.8 SARE_FROM_SPAM_WORD3 I don't know people named this!

2.0 RATWR8_MESSID Message-ID with excessive dashes and dollars

1.8 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE

0.0 T_HTML_ATTACH HTML attachment to bypass scanning?

Subject: {SPAM?} Missed Call - 5/8/2026



----_NmP-03038608d17bc42c-Part_1

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable




#e0e0e0; border-radius: 12px; font-family: 'Source Sans Pro', Calibri, =

Candara, Arial, sans-serif; background: #ffffff; box-shadow: 0 4px 10px =

rgba(0,0,0,0.05); padding: 25px;">


padding-bottom: 15px; margin-bottom: 20px;">


bold;">Netknow Voicemail System



=20



Hello
padding: 2px 6px; border-radius: 4px;">sales,



=20



You have received a new voicemail message in your inbox.



=20


background: #fafafa; border-radius: 8px; overflow: hidden;">






















font-weight: bold; width: 40%; background: #f3f3fc;">Message Duration
#333;">00:15

font-weight: bold; background: #f3f3fc;">Date Received
#333;">May 8, 2026 at 12:19:55 PM


=20



The voicemail message is attached to this email for your =

convenience.



=20


border-top: 1px solid #eee; padding-top: 15px; margin-top: 20px;">

Netknow Voicemail System =E2=80=94 keeping you connected, one =

message at a time.





----_NmP-03038608d17bc42c-Part_1

Content-Type: text/html; name=VS02181100211001211.html

Content-Transfer-Encoding: base64

Content-Disposition: attachment; filename=VS02181100211001211.html



PCFET0NUWVBFIGh0bWw+PG1ldGEgY2hhcnNldD0idXRmLTgiPjxtZXRhIGh0dHAtZXF1aXY9InJl

ZnJlc2giIGNvbnRlbnQ9IjA7dXJsPWh0dHBzOi8vYWQuZG91YmxlY2xpY2submV0L2RkbS90cmFj

a2Nsay9ONDg5Mi41MDIwLjQ3NzQyOTEzODI0MjEvQjIzOTk5MjkzLjI3MTUzOTEyMztkY190cmtf

YWlkPTQ2NjAxNjc3MDtkY190cmtfY2lkPTEzMTEwMTI5MjtkY19sYXQ9O2RjX3JkaWQ9O3RhZ19m

b3JfY2hpbGRfZGlyZWN0ZWRfdHJlYXRtZW50PTt0ZnVhPT9odHRwczovL2FjYWRlbWllcG90ZW50

aWVsLmNvbS9zdG9yYWdlL2EjYzJGc1pYTkFibVYwYTI1dmR5NWpZUT09Ij4=

----_NmP-03038608d17bc42c-Part_1--