NetKnow Corporate Blog

Business proposal spam from Google Gmail Part 2

Business proposal spam from Google Gmail Part 1

Friendly Hello Greetings spam from Google Gmail

Business proposal spam from Google Gmail

Business proposal spam from Google Gmail

Web/SEO/App Spam from Google Gmail

Web/SEO/App Spam from Google Gmail

Web/SEO/App Spam from Google Gmail Part 2

Web/SEO/App Spam from Google Gmail Part 1

Business proposal spam from Google Gmail

Web/SEO/App Spam from Google Gmail Part 2

Web/SEO/App Spam from Google Gmail Part 1

Web/SEO/App Spam from Google Gmail Part 2

Posted by Dave Yadallee on Saturday, December 13. 2025

Content analysis details: (14.9 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

[209.85.214.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

[209.85.214.232 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in sa-accredit.habeas.com]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.214.232 listed in wl.mailspike.net]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.232 listed in list.dnswl.org]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.214.232 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.214.232 listed in bl.score.senderscore.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--14da1bab14540aaf3b0fafbcf078de42d--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 22:51:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUIWQ-00000000Ebi-0oVr

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 22:50:26 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 22:50:26 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f232.google.com ([209.85.214.232]:43318)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUHd0-00000000BZC-1mEA

for doctor@mail.nl2k.ab.ca;

Fri, 12 Dec 2025 21:53:18 -0700

Received: by mail-pl1-f232.google.com with SMTP id d9443c01a7336-297e239baecso12635155ad.1

for ; Fri, 12 Dec 2025 20:51:27 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765601482; x=1766206282;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=A0ONl/XraIXQMQjnJDaaMgi3vr+G7+gLIkwLsLG8w90UZHrcP4apvLdEVBoasNl2gt

aJ8Fsfvvxjgs5X2s5Zcfr1+Cd05YrTsba4wNArnS+u+pjMUZu3OqlncySYE+/av363wJ

vdWU2yCMTcvs9eWeY1K1YgdGlVQ2fK2Zyx0BgJj7rCWBSE6dBNfYcFuMkD/XpEMb8ogC

azzzqJ0HfX80F0NgaNLQX/yh+qXqmqzQuqStg24DHLugoevaoc2jKi37FaA1I1TjPyRh

yeffsQXA/2+Dv3aQcbeRcyKJxikCvlYkywZx33l9tf2afJHnWtJyqOofyixlVywI5EvI

mgcw==

X-Forwarded-Encrypted: i=1; AJvYcCW8yr2mSyVp8JyvsYeQzMJfzHfoW2GY//RoOP2/ebAKuKOfHMZ2IeKWcYu6pZK2A5/1l4hcrwE=@mail.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxQu7RrtoutaQt/yREebYyOjPiDOW9aPyQFPpizcJA1Iw+3DWR3

5j78q/bRC8b4Pf+wAprY/wyujwe+t+qlq5dt+H92QbYIPNyVfOeOPLF1yZeuIQ6Gky0ILzcVQ0B

oTlWH0JZ0hBrY0nx7QKuTHyF6irPDNXAH6eF0

X-Gm-Gg: AY/fxX7kQb9JgN/HeVmYCPKRHZCsKJe6Vb0BSvYHcPFftdINAjCUQp/hs4W60zNsA7w

ChK7gF8t8T/WKuU+roN7JfpkftTGC5HnfZg5QmFQiU6E+Mlu9YwUzf9eOKMzZCXwMDwnqWMKzEn

VS1H7p2dmxj96VC2RwcdkByN3xRTPBSTVnH+bXQztYxW9AzqZR0BGrbPWQooZhDGJOQdc9Ej+0l

DgIhNTCOtf7l9KEU/p4KKGAdbQCLsMA1qL5rE3Xf/IWkKezSuRiOgyYZGTMZefUenG9XzqYKQ7s

oHrpwVLuP6d8TCRmSOS2HIYLhUSvxJC5MyxmkAPFL2+SWb93G4qzzTSm+SvhqpNU4hBIkjE4kYb

cnwzKN6NzwMWULVNF6v4q3A==

X-Google-Smtp-Source: AGHT+IH3GOt6ps9lOSAWeV3+2yGvttF1OjoDKfyV72lqD70I9ZibncJjmsOnvDCd0NCcc5doP6ppeq4nEyvk

X-Received: by 2002:a17:903:2a90:b0:295:99f0:6c65 with SMTP id d9443c01a7336-29eeec38ae8mr79036355ad.30.1765601481970;

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a08df4a425sm2222055ad.23.2025.12.12.20.51.21

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 20:51:21 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id C4674146016;

Fri, 12 Dec 2025 22:51:13 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765601481; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=NsHY5ca9FNWe30NYizON2atR5FOPwCa7VkPC6ZVcdQc=;

b=QOOxxPl0j4lT0LG2b4GMbazYOUXtjhpXfn/c2nZ55mX0TfZ7Zwg2Xa1N+x2otPu+3QbpX6

943ggxwXnsPfmeFNm6BLevK4rIznuIUNmlkaCorLnCiAULLvg1b9teN4YjFqmxs6bGYumh

xKwgZBdh/47PS3Q6nDlfkE50K9v7IX2uE19jSEKwEeJN4t+M5dHlGutdgg73SGW43PCla+

o6dmvBU4UHR5dXbV1pOLwm7T79MASDZUapNpGAGE6pfC6a9twMTd60qm7P9VZQxY5a+cRK

tmCgpApY8zKaaGgeUTeIrgRyR3T2UHKI9TEHB3dRQ2wsAZ2dg9YNeromcLBR/w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID: <60df76e3919315de5c349bc5c265eeb5@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="14da1bab14540aaf3b0fafbcf078de42d"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 14.9

X-Spam_score_int: 149

X-Spam_bar: ++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 20:23:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUGCt-000000006E4-0qrE

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 20:22:07 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 20:22:07 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-lj1-f196.google.com ([209.85.208.196]:60611)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUFaj-000000003Kb-1Izc

for doctor@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 19:42:50 -0700

Received: by mail-lj1-f196.google.com with SMTP id 38308e7fff4ca-37a2dcc52aeso15827991fa.0

for ; Fri, 12 Dec 2025 18:41:56 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=gmail.com; s=20230601; t=1765593709; x=1766198509; darn=doctor.nl2k.ab.ca;

h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc

:subject:date:message-id:reply-to;

bh=hg6yT7ppGRbhNH7XMg2vFFLQ4ORbrxFq6y1JdNuFT9M=;

b=klgu8AGF7nJKhdGyGUqvaxg2p4byoh119b7sRG2tJQyBwI5Ko603O5g1tSi9o+6Bz9

l8pUZwUGDpADY6OYb0nUQkrJrK3R+4d9rwIW9TNBBBsw5d6d/Jp45UchGYXAgl/De4qY

NYJqrXw/yXfiQPKCJHL4h9ijWvAq6/hyxXic9reMPJyYp91PPDfYccxDtbNCY89GFNbU

RUIm2AQK5y9Js2LRCj70qwZKyDusmNNE0J0yAJWfM7iRKpLcNFh9UQfrvrp06aGaUB7/

mDx+kAkeIy4mPDD5v4XfMR57JN+dC4+XuTihZSkH0ltSrzqJGEiBRdZSJX33wFkzeQto

0wHQ==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765593709; x=1766198509;

h=to:subject:message-id:date:from:reply-to:mime-version:x-gm-gg

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=hg6yT7ppGRbhNH7XMg2vFFLQ4ORbrxFq6y1JdNuFT9M=;

b=XUI+1jX+YthiVS0oMzjYEsX/RintJGbyjlFrT251EpmJxnBKZADFN0Q2hxHGk8Islg

KNWKYhh/5irZHK+T8slxnTZxwkGF3nrjxjSpOHAVmuGriqQzwwCk0ZqpJHtZcQ7eaPe4

uMOLMtZ5OoGmtlx1nItAfPc4Bf+9xNO97BSwIqqww0beAxRMEIapHnKXO9pGiQkc/1Yb

pB0clkIEWOvzmCssZs9R7sSoiQCFC/6PxbntE0QoxKCkbOwLrKNTA5A0Riu0MJzNQSbo

YK0W+IKYWYqazJRaigxXaHMHPtZbjD+uuhr5D0m40bYUeE+Q3aet71Jouutm5HTMSQL3

c8sA==

X-Forwarded-Encrypted: i=1; AJvYcCWCLzZfuRBnVPiVei0Fnjhbc2K1wJxRm+rJKS16j8yFzkal6vSIvosLO6Kn1oOgvKOW15lf4RQ=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyNS2wMkbRXA4IkgnUBhBpHl7f1i/oiIz63JFsnlI1YRfIe/TZy

JF+xClY/YEtN6wtoHDY80aaDSSl0Fw6C8r8BpYip98K/0xLUotCfVHuY4URmQS0ELu9hdQekw+k

m9E6TywdtCXndGFvdt3J3anOcbGfwDm0=

X-Gm-Gg: AY/fxX5xOtY+VB95W3pqR6A+4ouTiSTI0OIK+aNZOh1tjA0oB8i1DqVyPH+QX/Ga6PS

RXwE+RE7K/DtIAP6aJL1w5mn1bsFS3LwgaUgvwpvgWv/4ZYUBc2eSvAlJRiGlkRilHK/sUw3OWJ

mEhubyQNsY6dNL5fPxiBX+9/AK5KNmAvp8Z7NnXhVpVGRcP5JktsgnAh7z1sV4KjKkSv8JJW+i+

ndIjoFIwk6fvQMTcCG4yXD170rlZy3HUQL4TRqEMOUxVzz5FZdcXZs8MKpvo0oTjLLoesfqog4D

Sg==

X-Google-Smtp-Source: AGHT+IFdaDs56PMH4MJ2Xvj8hnhc2a4LBkY9id+ZFF+3VyJNAl9vFsQV2YaI+7C5nDTqlqogEIAF97gS0GiZCZ7SA6A=

X-Received: by 2002:a2e:9a12:0:b0:37a:95c9:4745 with SMTP id

38308e7fff4ca-37fd08c7a93mr12514031fa.40.1765593709055; Fri, 12 Dec 2025

18:41:49 -0800 (PST)

MIME-Version: 1.0

Reply-To: louisa244love@gmail.com

From: Louisa

Date: Sat, 13 Dec 2025 09:41:37 +0700

X-Gm-Features: AQt7F2pho8Xis1q1fAf7gJR36-xrstLxWy6jDGAgM5WYva0rG56t9QOHYxXtqVA

Message-ID:

Subject: HELLO

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000d895010645cc514d"

Bcc: doctor@doctor.nl2k.ab.ca

X-Spam_score: 6.3

X-Spam_score_int: 63

X-Spam_bar: ++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello , How are you and your family doing today? I hope all

is well with you? Hello ,

Content analysis details: (6.3 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

[209.85.208.196 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

[209.85.208.196 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.208.196 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The

query to Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in sa-trusted.bondedsender.org]

-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact

cert-sa@returnpath.net

[Excessive Number of Queries | ]

-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact

safe-sa@returnpath.net

[Excessive Number of Queries | ]

0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in sa-accredit.habeas.com]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.208.196 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.208.196 listed in wl.mailspike.net]

1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,

https://senderscore.org/blacklistlookup/

[209.85.208.196 listed in bl.score.senderscore.com]

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to

Validity was blocked. See

https://knowledge.validity.com/hc/en-us/articles/20961730681243

for more information.

[209.85.208.196 listed in bl.score.senderscore.com]

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[louisab354(at)gmail.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[louisab354(at)gmail.com]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different

freemails

2.7 UNDISC_FREEM Undisclosed recipients + freemail reply-to

Subject: {SPAM?} HELLO

--000000000000d895010645cc514d

Content-Type: text/plain; charset="UTF-8"

Hello ,

How are you and your family doing today? I hope all is well with you?

--000000000000d895010645cc514d

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

:Helvetica,Arial,sans-serif">Hello ,

r:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif">

:13px;color:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif">
=3D"font-size:13px;color:rgb(0,0,0);font-family:Helvetica,Arial,sans-serif"=

>How are you and your family doing today? I hope all is well with you?=C2=

=A0

--000000000000d895010645cc514d--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 20:22:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUGCf-000000006Cg-3Kbb

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 20:21:53 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 20:21:53 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ua1-f103.google.com ([209.85.222.103]:57580)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUEp6-000000000Oz-31vz

for root@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 18:53:36 -0700

Received: by mail-ua1-f103.google.com with SMTP id a1e0cc1a2514c-93f5667f944so1103144241.2

for ; Fri, 12 Dec 2025 17:52:43 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765590757; x=1766195557;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=dutKWXB6qWezxV7ePGOU87aIyoiLN4AGBrtyOSZE6dY=;

b=Jsb/VrXRLbxTOikVdbiT6+kmS+qL4i/Kz83HRgWUPB+mXS7o0HHHlewpe+UCj3OaEG

oJPSFkSMHIlBOCv3O2MvsHZDPzNWwX2wJsCD3ZteGm7LdTJVc1RP+MXmZ+Lo2uvgBQab

6/Z1YCovY7Z793Co1HOSt+j0Wi+PopNxEiThrJ2MjdzY6qcWdjiV+Ze1vxCj5aYP4wbw

iPSZeyw27NZqn23MNFCRQDMl8IAkp5zCFM1FZI0c3hEk4wVUO5f7yPW8BwiF7TLbKZ3t

2SA+xWLR0+5pZ/pts0o2hYhF88As/N7gZCRTW1ZEMrlgqD1rMKE3HrbmQUFvVfXfCjlK

lazA==

X-Forwarded-Encrypted: i=1; AJvYcCUQXXwVnUEvE88WmCIIKYaWkYt22MIzE0AF0wWbM9Gv6x5y27/aVuX0Flgp5dKirN6TeL+u@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YxC8jcNrQ9ZM/jDf3e0RROUkUeu07qtWdAdHEhVr4fYfMqaYJHj

x8wOfeCED5c9drWEkZe8ZhP6AMrH1BIt9eMt4MZqZE8C2llZO99nje3jJ38Xb+EEYocO6CON1La

PPJQJrwLSPT1tof1ccSlB2S6mfI9AEmWb1wEm

X-Gm-Gg: AY/fxX7iUExbnMUXiF02euIifHplf9LLw+mT1aemlrtZEo7UjlpINtXDqhlnRb236eZ

Eem4r6zIP3EvcT6oJUTUasui7xAPz25tEGEOJANAVh/ZoesEGx/otdn0MyflfuWklpp38+RvVGQ

LAh8X2ys9PUVkKE8U7waOiWfSNVFIcYt2TSQ1dWpn7lZ+3u8vdGqgWUhVgad2ylYrrnYE46F/K9

65SraDI8cW0bXADG3wdSM9kcY/6xsT83nRXrTuUXAZ96WvmsLniKLNaaMjU3DOJalePbSy8XjLu

1CKV5t2vdLr7f+fqXoH8kwUQWWlNcX7A2XxCbiYqdOkNbqsDd6K37lzcWFvGovWgKYgF9HimFU/

Lpx3nEEan2ihGq8alG3P+fg==

X-Google-Smtp-Source: AGHT+IElSQJD4EuzNyeT/wLN5Wwq9ADndnKpPMprIFVBKutX19Z1D22HAf1YDiiuyLyeE7WRt0breOugPj1x

X-Received: by 2002:a05:6102:e12:b0:5d6:254f:4e24 with SMTP id ada2fe7eead31-5e827835869mr1664251137.32.1765590757385;

Fri, 12 Dec 2025 17:52:37 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id ada2fe7eead31-5e7c85bb9b4sm1037051137.0.2025.12.12.17.52.37

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 17:52:37 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 2C749146138;

Fri, 12 Dec 2025 19:52:05 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765590755; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=dutKWXB6qWezxV7ePGOU87aIyoiLN4AGBrtyOSZE6dY=;

b=CGH8PWZCCPViEU8XqCia5znE5HX0enPvVKB06I4R/A3U3r6HAs2uO33UV0ivGdFvakhadR

BtJmvH7ig2j6PGJv34TgI/uAMmv4Y7sTWxPgj9j0/uSxbpJOpyTietikXZkRWow//ezAwx

QS2cBCtOXsiQjJkG3owfGjtJ9+o5EaB0pSb18yiwHO1Bs6bWpUz2zCDZitGq9lDWxMpQ5Q

rWhA4IfqzYyDweuwGsjtRGuoG3U7pHpqImjb0gzw2+CUMNDHcVnGZ1sY4JnphsgyDyp5wf

LU9EIcJkyBJDi8v+4GMas/g5HNANNN7aPNx8Ds0bADoA3Jo7VIsvQqACJwoD+w==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="12595d64276c0482262d2ac7c83b13fd7"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 17.5

X-Spam_score_int: 175

X-Spam_bar: +++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Content analysis details: (17.5 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

[209.85.222.103 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

[209.85.222.103 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.222.103 listed in list.dnswl.org]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.222.103 listed in wl.mailspike.net]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

0.0 LOTS_OF_MONEY Huge... sums of money

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--12595d64276c0482262d2ac7c83b13fd7

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--12595d64276c0482262d2ac7c83b13fd7

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--12595d64276c0482262d2ac7c83b13fd7--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 18:17:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUEFN-00000000Ogv-1uVN

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 18:16:33 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 18:16:33 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oa1-f102.google.com ([209.85.160.102]:47174)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUDwV-00000000MVM-3Stq

for root@nl2k.ab.ca;

Fri, 12 Dec 2025 17:57:12 -0700

Received: by mail-oa1-f102.google.com with SMTP id 586e51a60fabf-3f5ec7636e2so701197fac.2

for ; Fri, 12 Dec 2025 16:56:19 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765587373; x=1766192173;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=zjsRaBwSPWugIk7xdXzVHorPhdxwmzUkSZGQ3TBtdi4=;

b=pspZ3hQ6SpCj3vWSGZcvpPn0v6kPa8PHFGDovbbYVqDmJQZlGl6j07j1CzD883QgB9

je+OqRA+1TToYUM+M1DV3vLmb+sJtMNwFu8ttEjybc481KldnMwWzNYlQTbqXhmzSfQk

M5A/cPox35E+VtvIdmQtT+IFQ5UXbsDR7VpYlj8DfCNQUJOjJnigaICHs8tMZpyglRoM

079HO35ayGB4hU+5TswHxWKPI4G+wGAISegnVcdwrZ13mq8K478e7Vw6yUUMuUafcoKX

/1ppKB54dEkYv2iKQduEnP8kvQwUNSSokK2PmeulVBknYdN8ITGr38moA79DqMlHUbBm

pVCw==

X-Forwarded-Encrypted: i=1; AJvYcCUBb9O7LH5B8q1375xCb1EI/yCVG3zynCo3iFJkzw1YM1Rkz+WC2XMzg5Vnzma/XC6Oywml@nl2k.ab.ca

X-Gm-Message-State: AOJu0YyaJqtuAt/1MKX8cnZK6yvoF2E63r31UCbVc01gyV1Dof42cIMk

YFFCwZBZdYs6SDp71BFVObEGwR6+SIvlZ94kRXX2wFkO7pV09l36/hSFbMZ9wS9rwORs35flAK1

EfNLrxhNukWEDXT5ZmVZ5FwSwT30OhyJscsYs

X-Gm-Gg: AY/fxX6WDRgtYKZGfcmAfLJ8npzjGJr0TDzGFMfARiwDulkhyZpO7DZiDaNnyEXtY1j

xDfHxuiS0VXB00zmgQ61jZk3VLfcKdJDnJX/r692AFoAnZCOIUBS0HynqsFm8cIKprgiQMjBG+3

rZy1XKmYD3gfrpd/lNAtSaKLqCzhdtCkNe5Vm2wgna7gIo8IqV2s69iV2Y8l+WoAugRGU+LPzZS

oscKT3fqM3P6jNE7SBWonHs3nzmzDkRFyXnjYQo7BfibrnI0HwojCoChPYEWuyCVUOj+NqGqaaV

cmn+NfTEDAN6pliyaNdLLersfmTR+rP5uIbfqJsEji2YPA00Y0ob7TRZcvCrNaLohoqPeE58eg/

hX8Dyvu0Ooq7kBg8u6cPeOw==

X-Google-Smtp-Source: AGHT+IFIo9C5/8/cKAIdrCRqkTvea/x5Xtn9Ok0uvrEkGryPvViyTtSKdf+K0trsRza2vdZf+o+SxGIuL4DF

X-Received: by 2002:a05:6870:a18c:b0:3e8:8e57:a7a9 with SMTP id 586e51a60fabf-3f5f8980e04mr2028122fac.52.1765587372720;

Fri, 12 Dec 2025 16:56:12 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id 586e51a60fabf-3f614bffc1csm76875fac.7.2025.12.12.16.56.12

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 16:56:12 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 9E6301461C3;

Fri, 12 Dec 2025 18:55:54 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765587371; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=zjsRaBwSPWugIk7xdXzVHorPhdxwmzUkSZGQ3TBtdi4=;

b=H405Z5ALnh1t4YDmoLw7lIY63iLRnthHfR8py2HKfAm06vtaHo8gc5XM0SBexb8hzGBXv6

q0L6x4+oqNO562y6G3VhwluMIauqMf2ZOttMzJtwY489DDXc5FZYfzu+rKz85aA54IprnO

kNpH66b8ILflZn8yTR6dFAoSiLhFRmGTTe2ZTkTyhk0z9n2N0kakRB9iJjbZ+2ogpCggbG

5xeJvh0/uKrufCR8FN2m9BG5Gon47dWomb/uXaTOHYNjUsvnXhoQp18s6+miRf2VOluUpZ

aCEDAl6ZdIgaRJ1XmrhyZsxb/76bS+Tx3f8coQO6n6W9aSkrQZb8d+sZoZXeiQ==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID: <208b85492aa1bf76f5f70fcafd792ea1@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="145d4ad381e29caccfe6ce29f1aaf0268"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 17.7

X-Spam_score_int: 177

X-Spam_bar: +++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Content analysis details: (17.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

[209.85.160.102 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.160.102 listed in dnsbl.ahbl.org]

[209.85.160.102 listed in dnsbl.ahbl.org]

[209.85.160.102 listed in dnsbl.ahbl.org]

[209.85.160.102 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.102 listed in list.dnswl.org]

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.160.102 listed in wl.mailspike.net]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

2.0 US_8BIT US-ASCII isn't an eight bit charset

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--145d4ad381e29caccfe6ce29f1aaf0268

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--145d4ad381e29caccfe6ce29f1aaf0268

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--145d4ad381e29caccfe6ce29f1aaf0268--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 18:17:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUEFJ-00000000Ogq-2eQP

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 18:16:29 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 18:16:29 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-oa1-f103.google.com ([209.85.160.103]:49377)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vUDP6-00000000JxL-0UUJ

for doctor@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 17:22:40 -0700

Received: by mail-oa1-f103.google.com with SMTP id 586e51a60fabf-3e12fd71984so1329798fac.2

for ; Fri, 12 Dec 2025 16:21:47 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765585301; x=1766190101;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=Nz/VuTZpQ4hYPOuVsX1zetcBX75a5fZP3mJgmr2cJrU=;

b=fL/4fYebkR9y6xAMnjjYr9te56y3EtkulJ9U7gv5roPF2RUTMpZRg9PiIKTXyPVduu

jD1FUnnzPxcSnEjxb1GkZiH6Dsnb0sceAFN/kFGeHdxTTbY80v5yBsHmIb5NiJXIkrTz

Iuoqm7GLFAYIR3QSDndTBOj2HTu+QZdWvl3WiakBs/Cpu5wP19pnKHHNQltOPG6Nsx+Q

BoCF2nVFp8HcQiPrZMsEXjFwmKjml4wELaV7tc5wwkW/iqno30Hj5EUPeCvB8f4NW04o

1BWsmKr3ooAI8P46ztts/GSeeC6H4hmXTCDmorCCMrIhsDXyhE+QiQiOIofPjGpqXKf9

bzrQ==

X-Forwarded-Encrypted: i=1; AJvYcCWSnMMUYcahTbe2UZcB8+wKPBcaQ6eERdhO4GKBz1gZOjzzwztuwvxLGYrxLxSjJ9jsZ5IbV1M=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YyBBQYOYE7CrUBsB38ZduON43a0BsyQYVtDgb8/3iksioNFMJfz

g7g7M91/DrW8xjGAh8hf2+uFEwm0mXEOfp1FuNgBLxJfz73491AYkpUOMsDhDLw5yQiMaoxzjnL

V0bMTAESRyNBvRbc0+pyFRGsRJYbC+eCDrG6G

X-Gm-Gg: AY/fxX7HYsPLtXRZJXauX+GaPuFjycwSwccBMJYzDja6NmEsMiA0s5KEMltSQY6JDLT

a5iqfqnCfanhJILFfUydhyV0Yj6iTicfOepMnzx0FQ/F1VYGdJX2vEkt7JKFjKkffnIAFESEX0q

A6qXRGZlq9YRkjWxkebB1WTX8p9IK5M5NyfA/ybCotzrGsyPKI4wJW+QYfAHDUw+N19sT/JtI76

lpDMR4gPUFMDvCcrBFJTDpOMx7q1By58d1hvE1ZNovn6uXWErRinyzQ6vwjY7suugesmlT8wNMJ

0phLuIsjBVT5lpNyBJBfrNOpkSJTillLTkMrac4LVwXxGVZ0tDWkDQaNHXVm0lmks00pJqDo3vU

7niXbnG0tc2DWckvJypFg7g==

X-Google-Smtp-Source: AGHT+IGxeLPwdk2MT9ATW1qya9DOEdh6k/Z5mJAGHD0NfNRFopDnC+pLhBKfKFwmBARRH9+hQMHXFqtSL7te

X-Received: by 2002:a05:6870:e309:b0:3ec:e09e:6c0 with SMTP id 586e51a60fabf-3f5f8943bd0mr2264044fac.39.1765585301234;

Fri, 12 Dec 2025 16:21:41 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id 586e51a60fabf-3f614b838c0sm70432fac.3.2025.12.12.16.21.41

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 16:21:41 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 03ED6145CA0;

Fri, 12 Dec 2025 18:21:21 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765585299; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=Nz/VuTZpQ4hYPOuVsX1zetcBX75a5fZP3mJgmr2cJrU=;

b=pXCMilchlagwyGb5VGhbZW7ayJP6F1DLy7urkJQOKJF7al9JE3Drj3sCJlSjw2RaOT5Kds

k4K19m5TR1s2PRaA+5XZr1GV/DIdRnDyWixbuAZeEau27MCiz8oYyueR2BHm663VTiU4iX

7XfHQb50QUGsk4tFV4tQFGZgE14xZawOQFOXYHJ7zrW7fwX88fX//RTtk/VyJzHJ+P+wct

pI4GgZDBN69iY09dHqFAsRjW8fQSxBdbGSMyS15e9toVX/K1Us4ykrHzftZV1d+x6wkG3B

ECumSio5BL9ZVzIierdoSDlsjRihC6vBW7/hNVpWV8mI5xx408xb/OrivRgulg==

Date: Sat, 13 Dec 2025 01:07:28 +0100

To: undisclosed-recipients:;

From: FRANK STOCKTON

Reply-To: franktsockton654@outlook.com

Subject: BUSINESS PROPOSAL !!!

Message-ID:

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1eac57b4d12dcb2595f32c83bb3f7eacc"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 17.7

X-Spam_score_int: 177

X-Spam_bar: +++++++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: I have a Business proposal worth $35M USD, please contact

me for more information. Sincerely, Frank Stockton I have a Business proposal

worth $35M USD, please contact me for more information. Sincerely, Frank

Stockton

Content analysis details: (17.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

[209.85.160.103 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.160.103 listed in dnsbl.ahbl.org]

[209.85.160.103 listed in dnsbl.ahbl.org]

[209.85.160.103 listed in dnsbl.ahbl.org]

[209.85.160.103 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.160.103 listed in list.dnswl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[franktsockton654(at)outlook.com]

1.6 SUBJ_ALL_CAPS Subject is all capitals

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

0.0 LOTS_OF_MONEY Huge... sums of money

2.0 US_8BIT US-ASCII isn't an eight bit charset

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

0.9 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?

2.9 UNDISC_MONEY Undisclosed recipients + money/fraud signs

Subject: {SPAM?} BUSINESS PROPOSAL !!!

This is a multi-part message in MIME format.

--1eac57b4d12dcb2595f32c83bb3f7eacc

Content-Type: text/plain; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--1eac57b4d12dcb2595f32c83bb3f7eacc

Content-Type: text/html; charset=us-ascii

I have a Business proposal worth $35M USD, please contact me for more information.

Sincerely,

Frank Stockton

--1eac57b4d12dcb2595f32c83bb3f7eacc--

Posted by Dave Yadallee on Saturday, December 13. 2025

Hi

Resurfacing this, tell me if now=E2=80=99s not a good time.=

Cheers,
Natalia J=C3=B3zefara

<=

div class=3D"gmail_quote">

On Tue, Dec 9, 2025 at 06:43 PM =

UTC Natalia J=C3=B3zefara <
co">natalia.jozefara@groupacclaim.co> wrote:

border-left:1px solid rgb(204,204,204); padding-left:1ex">
I=E2=80=99ve=

seen you guys at Netknow do impressive work in web development.=

We=E2=80=99re a Polish agency and we often assist =

companies like yours with developing websites in Webflow and WordPress when=

they need extra hands.

Would you like to take a look at =

a few websites we recently created for another agency in Canada?=

Be Well,
Natalia J=C3=B3zefara =

The Acclaim Agency

agency" >acclaim.agency

=20

----_NmP-b4ad167cb857e624-Part_1--

Posted by Dave Yadallee on Saturday, December 13. 2025

------=_NextPart_000_2D32B_01DC6BC4.7D2326D0

Content-Type: text/html;

charset="us-ascii"

Content-Transfer-Encoding: quoted-printable

xmlns:o=3D"urn:schemas-microsoft-com:office:office" =

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =

xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" =

xmlns=3D"http://www.w3.org/TR/REC-html40">
HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =

charset=3Dus-ascii">
(filtered medium)">

class=3DWordSection1>

class=3Dselected>Hello

class=3Dselected>Hope you’re doing =

well!

I came across your =

website www.nk.ca and noticed you have a =

great business. Our team specializes in getting businesses like yours to =

the top of Google. We handle all the SEO, guaranteeing results 80-90 % =

keywords first page of Google may be 100% within 4 - 6 months its =

totally depends upon keywords competition, with improvements starting =

from the first month.

Here =

are our most popular packages (all include complimentary social media =

management):

style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =

lfo1'>
style=3D'font-size:10.0pt;font-family:Symbol'>
style=3D'mso-list:Ignore'>·
Roman"'> =

$149/month =

for 10 keywords

style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =

lfo1'>
style=3D'font-size:10.0pt;font-family:Symbol'>
style=3D'mso-list:Ignore'>·
Roman"'> =

$250/month =

for 20 keywords

style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =

lfo1'>
style=3D'font-size:10.0pt;font-family:Symbol'>
style=3D'mso-list:Ignore'>·
Roman"'> =

$399/month =

for 50 keywords

style=3D'margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 =

lfo1'>
style=3D'font-size:10.0pt;font-family:Symbol'>
style=3D'mso-list:Ignore'>·
Roman"'> =

$1499/month =

for up to 200 keywords

Let's discuss =

how we can help. Just reply to this email, Share your =

WhatsApp or connect with us on WhatsApp at +91 =

8076676731.

class=3Dselected>Regards

Ronak

class=3Dm-964764026150880602m-1019625599386040824msonospacing =

style=3D'margin:0in;margin-bottom:.0001pt;background:white'>
lang=3DEN-IN =

style=3D'font-family:"Calibri","sans-serif";color:red;background:white'>P=

.S.: If you'd prefer not to receive further emails from me, simply reply =

with "NO" in the subject line.

class=3DMsoNormal>
lang=3DEN-IN>

------=_NextPart_000_2D32B_01DC6BC4.7D2326D0--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 13:14:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU9Vu-00000000GY7-0kBG

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 13:13:18 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 13:13:18 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pl1-f195.google.com ([209.85.214.195]:50608)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU82E-00000000N3H-0q0P

for sales@nk.ca;

Fri, 12 Dec 2025 11:38:42 -0700

Received: by mail-pl1-f195.google.com with SMTP id d9443c01a7336-29555b384acso15777245ad.1

for ; Fri, 12 Dec 2025 10:37:49 -0800 (PST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=hiremeforphp.com; s=google; t=1765564663; x=1766169463; darn=nk.ca;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:from:to:cc:subject:date:message-id:reply-to;

bh=u052chVTZhGHu7pOWHdSbD1EFeu+d6W2juCoqbglhDQ=;

b=hGvQGnngfczkDUFpFF1z/OpJGF7ATBdBthGY0b4LHHGfId7RsOLlMjbHboFTpB8r2J

2emjONfR1/Isy28eFUuZxqy0a+sMbjWkTiWn1GDk2FkZyflSDoI+tIwf78PpBUCsMOZ4

QBmBtOlpKSvI0c5lTD0KOiZb4WU1RPqwCNaYA=

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765564663; x=1766169463;

h=content-language:thread-index:mime-version:message-id:date:subject

:to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date

:message-id:reply-to;

bh=u052chVTZhGHu7pOWHdSbD1EFeu+d6W2juCoqbglhDQ=;

b=BtaD6H8taxMnjmOmhgFblGEwcfo+KHjvz+npJKalAN5EEZYP/5f+4I/XU5wXdDX5rp

iEZTSXTwIBMR1xAhr/k6AiOzXDSEcaKnCFRnz/whZkKAjEztV71vxTONc/z5iJg8Ncb/

IhyVKibO57RwI+Lc7vuK0gPi/BCb0bZNB+GmWfQrvG3zSG+9HUi3Tdp6f8Z8E2Wc8l6e

g5UQP+XhNBq7whGVZvbZLifK0t9kLQEjCD/0WpJk9Qbkh8wxmYer8H8oYWhZ25GJBjou

9i1cYzr7vhbuEdul9b+NAqyYU2frFBwu9u5FQfAc+tWKs3wncioP98A3XCR3wn+pM6cV

39xw==

X-Gm-Message-State: AOJu0Yxy+qEP99oO6IU4GFCK1GZZ19IZL95HTUS/EsBWK02f+VUZB09o

ZVXQc/UgPDOwrKewafHpr504cDrssfbMcmjwSneq7ZlzniZmfOgn9ufjNuJfIzbwM5Yy1ZeGTS2

typzHwvA=

X-Gm-Gg: AY/fxX693YuQ+u7bzLCSKlNU//8vI5IUXxjke4vpJl+xQqZrTlIF8ktDJ+ICnGLbP0A

r0EN1c5PByyyxRpoU/L1/rW/21OluWYTGtr4y4cjotW4Z7unke/lokGsYU4m6Zh9qIdbVZm9RCm

DDfBIz0ouQ1/2kLUsUnMnfsTa+tLH11x1OEvLi+ifgsGMeAgEGPHRZyjLaX0b44Szr3B04y17JL

mqxr/sweJT4C2WIff0ST/WJNbDP6lZiBSlpmE0HAbxwDzEuohmc8lYVem69vMkJHd6z0SA7x69f

LEWds/JAzRcJvgfieeE2QUGgWqZGic/oVs6/PLMzpEdFq/s/LiDrj3QQupjFVeG50f+ZFizmhqW

o9B+HBPfurShRvtp8Qod+SvOh4V26cI54GkDVLHKDKArsu1fqAbijHUx/VEJ2zDiB+twNE9i+og

6f+wIE+sBIM01uVUav9RgiwRF9VNhYMGbYvIU0Fg==

X-Google-Smtp-Source: AGHT+IHRW9NK/n77qoQQZMRh6W+05iLQWz9EbGEKePP9lKGYo2ChK097F7alsOFkQ8Fcabk7I4rAVg==

X-Received: by 2002:a17:903:11c4:b0:295:557e:746a with SMTP id d9443c01a7336-29f23e01f0emr28686905ad.13.1765564662907;

Fri, 12 Dec 2025 10:37:42 -0800 (PST)

Received: from ArvindKumar ([2405:201:404f:103b:509f:bca3:4ef5:81fc])

by smtp.gmail.com with ESMTPSA id d9443c01a7336-29f301bf609sm17731505ad.23.2025.12.12.10.37.41

for

(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);

Fri, 12 Dec 2025 10:37:42 -0800 (PST)

From: "Ronak"

To:

Subject: 1st page on google

Date: Fri, 12 Dec 2025 23:55:15 +0530

Message-ID: <2d32a01dc6b96$636aead0$2a40c070$@com>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="----=_NextPart_000_2D32B_01DC6BC4.7D2326D0"

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AdxrFoFcaDXu3TPiT96QY/azI7HW3w==

Content-Language: en-us

X-Spam_score: 7.8

X-Spam_score_int: 78

X-Spam_bar: +++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello Hope you're doing well! I came across your website www.nk.ca

and noticed you have a great business. Our team specializes in getting businesses

like yours to the top of Google. We handle all the SEO, guaranteeing results

80-9 [...]

Content analysis details: (7.8 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

[209.85.214.195 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

[209.85.214.195 listed in dnsbl.ahbl.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[dnsbl.ahbl.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[dnsbl.ahbl.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[dnsbl.ahbl.org]

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.214.195 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.214.195 listed in list.dnswl.org]

1.5 RCVD_IN_CBL RBL: Received via a relay in cbl.abuseat.org

[Listed by XBL, see ]

1.5 RCVD_IN_SBL_XBL RBL: Received via a relay in Spamhaus SBL+XBL

[2405:201:404f:103b:509f:bca3:4ef5:81fc listed in]

[sbl-xbl.spamhaus.org]

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.214.195 listed in wl.mailspike.net]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} 1st page on google

This is a multi-part message in MIME format.

------=_NextPart_000_2D32B_01DC6BC4.7D2326D0

Content-Type: text/plain;

charset="us-ascii"

Content-Transfer-Encoding: 7bit

Hello

Hope you're doing well!

I came across your website www.nk.ca and noticed you have a great business.

Our team specializes in getting businesses like yours to the top of Google.

We handle all the SEO, guaranteeing results 80-90 % keywords first page of

Google may be 100% within 4 - 6 months its totally depends upon keywords

competition, with improvements starting from the first month.

Here are our most popular packages (all include complimentary social media

management):

. $149/month for 10 keywords

. $250/month for 20 keywords

. $399/month for 50 keywords

. $1499/month for up to 200 keywords

Let's discuss how we can help. Just reply to this email, Share your WhatsApp

or connect with us on WhatsApp at +91 8076676731.

Regards

Ronak

P.S.: If you'd prefer not to receive further emails from me, simply reply

with "NO" in the subject line.

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 13:13:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU9V0-00000000GRw-0p1C

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 13:12:22 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 13:12:22 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-pf1-f232.google.com ([209.85.210.232]:49520)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU7UJ-00000000DNy-0ll9

for doctor@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 11:03:39 -0700

Received: by mail-pf1-f232.google.com with SMTP id d2e1a72fcca58-7e2762ad850so1543137b3a.3

for ; Fri, 12 Dec 2025 10:02:46 -0800 (PST)

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765562560; x=1766167360;

h=content-transfer-encoding:mime-version:message-id:subject:reply-to

:from:to:date:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc

:subject:date:message-id:reply-to;

bh=rQ0JF8P5CqED2LaeUmFEq1AleZLKAxQcu8aURq/NTBE=;

b=S07VYgE5Jv5+bl2/3PpThqppOBqvrU8IUCM+scixSrpHyQMvBDfizgPB2ScpRESNtI

qvAYFKiNTkYmH+0uNjqhafPq+lyH29q/7VNwBp0GxmwAIrgD6lkHtWWPZzaPZtpJ4D3D

jYHDHCSR1uJ6xdKrQy4uTuDG+rKMg/jwgt71POdZUT4W5wCj61YDCjFa2MDq882y1Mo+

wJlLeNTUqpypxTHxszRJ/Q+Hiu28G8/LJrMPkMjkvDfN9kPKqWBmIIl/7IrCmWYFvw+8

ZeygP+9FwSFrbVuE5Ah/CtKCQEoMGzR5ginE2SobrEUpqh4g97R1DmQwn26ItdtC4+wk

29Ow==

X-Forwarded-Encrypted: i=1; AJvYcCWfYpYscypL1aXSezM0pBx67/jHmIsj/qo0S6mcxK/gfFXfkO28ZA9D2iQqnwy/912wKHTSHmY=@doctor.nl2k.ab.ca

X-Gm-Message-State: AOJu0YzjU0afA42E84Sf9gXZiWtA4ekn5B6us4uQjbi9FarKB6DwzSCZ

MKLYc5qsJbpB1oRKikOn5grOQ/1d+hjJcqdXpU5UzJjLBa2dte6xtofhWgmcgoIdxCImsoO8bYz

H9xW9M4Plf8uXhCD8PTn/cHmhrm7zBpIDCXyz

X-Gm-Gg: AY/fxX4RJ2g1RdRHn5Yao53U8uzcR2FNyYyATdS3+0CYFAoLTD88h2PW5gNf5JrEHnx

odsHEc5/lob+48DK+RD/kXiYUR8EJSV4b7brCheJdx8qVdjEXzPIoJgL7vNweqSoYBvqsmS0QE5

caAyFX3yg633WnGeHD8Z7gHG0H15y5hgAiS/EGawuuMt4e4XlW9vFnCbuvgFwQxyiTjw5GHq8pS

wl/oRdK6R0341aJYoyh1apLnxYdxFW1rkmThWDO3RGaUwja9f6hCaRPHMePsQJCji+g3VyfNE2j

ixhUisOI+Rq7cGKRI/An+4L40q2xkUN4gGSMwQWQvJDoALl1UupRkfoyN0/dho7uyQdPVdTTPnn

3NmaX4z/gW9T0iV+EipChlg==

X-Google-Smtp-Source: AGHT+IHigllbhrkQkZT5QksQmWY2RKQdFlC1oGuyK1iowep4sjyx1atPWg+QPc6BNNK7TyL6TC6+0LdF2di8

X-Received: by 2002:a05:6a20:3ca3:b0:35d:5d40:6d75 with SMTP id adf61e73a8af0-369ae1a0e99mr2906642637.29.1765562560251;

Fri, 12 Dec 2025 10:02:40 -0800 (PST)

Received: from mail.iadmexico.mx (mail.iadmexico.mx. [34.231.63.135])

by smtp-relay.gmail.com with ESMTPS id 98e67ed59e1d1-34abe3a28e5sm209469a91.5.2025.12.12.10.02.40

(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);

Fri, 12 Dec 2025 10:02:40 -0800 (PST)

X-Relaying-Domain: iadmexico.mx

Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id C54B114615D;

Fri, 12 Dec 2025 12:02:12 -0600 (CST)

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iadmexico.mx;

s=mailcow; t=1765562554; h=from:from:reply-to:reply-to:subject:subject:date:date:

message-id:message-id:to:to:cc:mime-version:mime-version:

content-type:content-type: content-transfer-encoding:content-transfer-encoding;

bh=rQ0JF8P5CqED2LaeUmFEq1AleZLKAxQcu8aURq/NTBE=;

b=TmQdkPzP0W2ysN9kPGcVLAUSHJAdJ0uRAFvhEYz4kw1tpJhzLEvePtA3gT8heB5uchgQii

3x+ECzqrEQAIbuebG5yQK5Ess4m0BATJ8HqixiXnnPNxowfcPKvSuFyvNycCjzXuz1duAB

vFgJdlJaFrQHwA6gwhRjJZPj1OH6fizMSvcVL+gayn3HiGQ0GXK3er9kfT9WgGj8WkQxOh

M0QlLFRHN1ti6eqQYf0DDh6sv96SXXuCa1CQih+6glU4uKcGQIpu1FFtcL8Ap3OXWG+ffR

Ln6+W4e5vOWPSD2BSdYRXRDu7pQng0SWY2yxYW4F4LsP8s3DFyYGOMxNdWonMQ==

Date: Fri, 12 Dec 2025 17:39:56 +0100

To: undisclosed-recipients:;

From: Peggy Chan

Reply-To: peggychan177@outlook.com

Subject: Honesty

Message-ID: <46b9a744d710a4fc2746e9cf61f2e03c@iadmexico.mx>

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary="1d87e793ea3d52c59cb6ed1d69308a266"

Content-Transfer-Encoding: 8bit

X-Last-TLS-Session-Version: TLSv1.2

X-Spam_score: 12.7

X-Spam_score_int: 127

X-Spam_bar: ++++++++++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Good day, I hope you're doing well. I would like to share

a proposal that I believe could potentially impact our lives. I would like

to do this business with you. Warm regards,Peggy. &n [...]

Content analysis details: (12.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[34.231.63.135 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

[209.85.210.232 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[34.231.63.135 listed in dnsbl.ahbl.org]

[209.85.210.232 listed in dnsbl.ahbl.org]

[209.85.210.232 listed in dnsbl.ahbl.org]

[209.85.210.232 listed in dnsbl.ahbl.org]

[209.85.210.232 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[34.231.63.135 listed in dnsbl.ahbl.org]

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.210.232 listed in list.dnswl.org]

1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net

[Blocked - see ]

-0.2 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)

[209.85.210.232 listed in wl.mailspike.net]

0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror)

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit

[peggychan177(at)outlook.com]

0.6 J_CHICKENPOX_75 BODY: 7alpha-pock-5alpha

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

2.0 US_8BIT US-ASCII isn't an eight bit charset

2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From

Subject: {SPAM?} Honesty

This is a multi-part message in MIME format.

--1d87e793ea3d52c59cb6ed1d69308a266

Content-Type: text/plain; charset=us-ascii

Good day,

I hope you're doing well. I would like to share a proposal that I believe could potentially impact our lives. I would like to do this business with you.

Warm regards,Peggy.

--1d87e793ea3d52c59cb6ed1d69308a266

Content-Type: text/html; charset=us-ascii

Good day,

I hope you're doing well. I would like to share a proposal that I believe could potentially impact our lives. I would like to do this business with you.

Warm regards,
Peggy.

--1d87e793ea3d52c59cb6ed1d69308a266--

Posted by Dave Yadallee on Saturday, December 13. 2025

Subject: Mobile App Solution For Your Business?

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="00000000000077e7d10645c0f77a"

Bcc: davistmason5@knitinfotech.co.in

X-Original-Sender: davistmason@gmail.com

X-Original-Authentication-Results: mx.google.com; dkim=pass

header.i=@gmail.com header.s=20230601 header.b=SB7BbkU2; spf=pass

(google.com: domain of davistmason@gmail.com designates 209.85.220.41 as

permitted sender) smtp.mailfrom=davistmason@gmail.com; dmarc=pass

(p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=neutral header.i=@knitinfotech.co.in

Precedence: list

Mailing-list: list davistmason5@knitinfotech.co.in; contact davistmason5+owners@knitinfotech.co.in

List-ID:

X-Spam-Checked-In-Group: davistmason5@knitinfotech.co.in

X-Google-Group-Id: 1005984932606

List-Post: ,

List-Help: ,

List-Archive:

List-Subscribe: ,

List-Unsubscribe: ,

X-Spam_score: 5.7

X-Spam_score_int: 57

X-Spam_bar: +++++

X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",

has identified this incoming email as possible spam. The original

message has been attached to this so you can view it or label

similar future email. If you have any questions, see

@@CONTACT_ADDRESS@@ for details.

Content preview: Hello, We develop Android, iOS, Hybrid and Custom mobile apps

for all industries (Real Estate, Travel, Food Delivery, E-commerce, Taxi,

Healthcare, AI + Automation Services, etc.). Please share your app idea and

exact requirements with us. Tell us what kind of mobile app you need.

Thanks, Mason

Content analysis details: (5.7 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.220.41 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

[209.85.218.70 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.220.41 listed in dnsbl.ahbl.org]

[209.85.218.70 listed in dnsbl.ahbl.org]

[209.85.218.70 listed in dnsbl.ahbl.org]

[209.85.218.70 listed in dnsbl.ahbl.org]

[209.85.218.70 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[209.85.220.41 listed in dnsbl.ahbl.org]

-0.0 SPF_PASS SPF: sender matches SPF record

0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is

CUSTOM_MED

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

0.0 ARC_VALID Message has a valid ARC signature

1.5 GR_DOMAIN_UNDISC1 To contains undisclosed recipient (undisc)

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[davistmason(at)gmail.com]

0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail

domains are different

-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no

trust

[209.85.218.70 listed in list.dnswl.org]

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list

manager

0.2 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and EnvelopeFrom

freemail headers are different

-0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3)

[209.85.218.70 listed in wl.mailspike.net]

-0.0 RCVD_IN_MSPIKE_WL Mailspike good senders

Subject: {SPAM?} Mobile App Solution For Your Business?

--00000000000077e7d10645c0f77a

Content-Type: text/plain; charset="UTF-8"

Hello,

We develop Android, iOS, Hybrid and Custom mobile apps for all industries

(Real Estate, Travel, Food Delivery, E-commerce, Taxi, Healthcare, AI +

Automation Services, etc.).

Please share your app idea and exact requirements with us.

Tell us what kind of mobile app you need.

Thanks,

Mason

--00000000000077e7d10645c0f77a

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello=

,

We develop Android, iOS, Hybrid and Custom mobile apps for all=

industries (Real Estate, Travel, Food Delivery, E-commerce, Taxi, Heal=

thcare, AI + Automation Services, etc.).

Please share your app idea=

and exact requirements with us.
gb(255,255,0)">Tell us what kind of mobile app you need.

>
Thanks,

olor=3D"#000000">Mason

--00000000000077e7d10645c0f77a--

Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 07:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU4DK-00000000B2R-0fc2

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 07:33:46 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 07:33:46 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ej1-f70.google.com ([209.85.218.70]:38269)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU2ur-00000000MeX-1SOu

for root@nk.ca;

Fri, 12 Dec 2025 06:10:47 -0700

Received: by mail-ej1-f70.google.com with SMTP id a640c23a62f3a-b7338d5c6d4sf22982466b.1

for ; Fri, 12 Dec 2025 05:09:52 -0800 (PST)

ARC-Seal: i=2; a=rsa-sha256; t=1765544985; cv=pass;

d=google.com; s=arc-20240605;

b=Nqu+/C2oJKNyTz82mHqbAcEGtFXnhoLqTCostHq94eBWTiqxau3wWMSLU6DsYklGoH

tjD4P2xFbAZid7lwmH9llJILslJHPNvFoZSSrlKvT27FvUhLcjXFHnVgClNgbmi75CeA

h9Bl9tVfTyL4aJMJqauhcqSlF9uUaESr5XH42rJziU3Dk4//+C8PoYl4CA8tqaIvUD7W

m2bQk441Hzla26Cy3kPcQmJCKE1LSSLBdBo8QVxHMOXpIIIP/+oWap9XNRN5iszti1dC

kSY/u9ohhWGPy50piDlN6OWKhqpVxDZ/Mxi8GfbwdBpVpv6vIyyKlaZEltEslx65We+9

z9qg==

ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:to:subject:message-id:date:from

:mime-version:dkim-signature;

bh=JOkyEO3DW95orBVlwpARsk5cZJn75rpVR85+g7w+0u0=;

fh=wpJhYkMSidzNeSKTAl3KeOdlh7w5RM+V01acIQJLyos=;

b=TyTKPnlSPPgu/tPH1c35l6PIextp4zD0nbJR7/QcIC0XLBiYCHAwdYy4poqmXG9D5L

7SXf9bh8g7QbJJOxyUm+Nx0rVtCmZ067uA3MQeHz0nxtgK6vCQFwSUoB8gJcckKWmGYB

Nh+8KfuPaTmXOEbBtcL6LoFbIy5xoORSzrcSTHwN/xmsGW5r1FKdEz0v6aaW//iXOA4y

NPajdghztGvln1fflqngxkeN00XZ40gUJfZlnKEXH1VyhenAr4XmgsAVBXorKE0xwJ4g

6WFk46ymJear5f308EkexWPza9BXwuwDL5uQx0Fw2IzbC8UfQcDtC4F4wKAi+CTRh9mv

gysw==;

darn=nk.ca

ARC-Authentication-Results: i=2; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20230601 header.b=SB7BbkU2;

spf=pass (google.com: domain of davistmason@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=davistmason@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=knitinfotech-co-in.20230601.gappssmtp.com; s=20230601; t=1765544985; x=1766149785; darn=nk.ca;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:x-original-authentication-results

:x-original-sender:to:subject:message-id:date:from:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=JOkyEO3DW95orBVlwpARsk5cZJn75rpVR85+g7w+0u0=;

b=R/B2fhOyAhTUxUT0ZGIGq7y3xo5DbyV138rNq9dt1gbRQ/v/7DbBZRch7Pgp5Ph4Vv

HbOktwUam/q4IIizrgclWZElgiDLTK6tHEi5d/lY9okHtWshdgDUeFFV9/NerUcalYVK

olynmcXs7yirst4E5IQwOqc0WZa7yBGUFDnsROUfQIp691fHfIwXUOA9Pa0agbJx/yTI

7EIkfFD8ZmHh3QV/C1Nz54CAM3rJDsat/HWBUN6I02F9/0sNeFtHe4IN2m19l0V/817y

EolWACC98LSV8X+++2sMr/SAQA4XATDBSxVzss06UF5cAIurCH56sWfc1hX5YIEYS9/4

d/4A==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765544985; x=1766149785;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:x-spam-checked-in-group:list-id:mailing-list:precedence

:x-original-authentication-results:x-original-sender:to:subject

:message-id:date:from:mime-version:x-gm-gg:x-beenthere

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=JOkyEO3DW95orBVlwpARsk5cZJn75rpVR85+g7w+0u0=;

b=UQnsielumiYWdmNTgt4jR4IojJF9XZo4tqo/Ew6T6ulde5pbyex39y7SSYILk7T7DK

8OalZHPRHvXZoAg+Oa460mSa8EnpIkQvWEAAskSR5itOJGbT+TmrjTs3PMcPRflNxEgt

0n3oEP7eS0GjDWBOM4H5VrWY576LydnZCPW1eurJ3bpN1WtlUkpOlUyXxjf7uqvqcE52

YF2AVxoOOjHutGvwBIG1AgqZyhUKRCdn5mErnnCJ0y7tar9M1BqfYWk2OCtC6GNMn9/+

2UowmqB0Kl83dZ6/QEzMGirxVIJL0Dwmv57fkhRHOgFr5mf8jkkPq5ME39ZcLLmNBI2F

EnWA==

X-Forwarded-Encrypted: i=2; AJvYcCUDqgYZDds3k0bYG+nOiZGA5rrPLb+j1T+V7sry+yGtCzUGx/NtEXeRsdma+FnL++BoQTJV@nk.ca

X-Gm-Message-State: AOJu0YyQw2C2sq2LtCBkR+OI+eq69+MO2dNxcHzuA58iVH8MzTGlHwXw

/Ri4d4bJJTsP+HMJv0a0AWE4tdkW5mCypH1nVl8ma6hLb5CxGjQTSIj9N5Lm20aHOyI=

X-Google-Smtp-Source: AGHT+IGTxRDPr5YSUGCISP3np+I3j6l73BgADr9xVdYBpCFXljykJ9lIEHgs/iStPqxt3nSrPWiFmg==

X-Received: by 2002:a05:6402:2351:b0:649:9aff:9f42 with SMTP id 4fb4d7f45d1cf-6499b043186mr1133694a12.0.1765544985367;

Fri, 12 Dec 2025 05:09:45 -0800 (PST)

X-BeenThere: davistmason5@knitinfotech.co.in; h="AWVwgWYliYSjQr1nSqSK+tJjRfO1yuuIkv6D0O+8RllnYIKN/Q=="

Received: by 2002:a50:9e25:0:b0:643:fe2:54cd with SMTP id 4fb4d7f45d1cf-6499a071ce8ls755227a12.0.-pod-prod-06-eu;

Fri, 12 Dec 2025 05:09:10 -0800 (PST)

X-Forwarded-Encrypted: i=2; AJvYcCVv/xR0fDMPaj+ayEI/VzNG/82l8ShMQB0i/1sWrS1VPiMF9iu1UsmcqFczk4vMOBU35tYynTUewqehdHg=@knitinfotech.co.in

X-Received: by 2002:a17:907:980f:b0:b73:7715:ac83 with SMTP id a640c23a62f3a-b7d23ad6a78mr173675666b.44.1765544949778;

Fri, 12 Dec 2025 05:09:09 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1765544949; cv=none;

d=google.com; s=arc-20240605;

b=HiqjMG9pVc34eAu2PD9M/JqOt706L9WeSejO7iy+NGFkLmmyny1i+OtbCmtbCFtoEj

5RGXwIpTDLqCdOnih74/0a4OZdhYfbZkVdaxv+mWIYy0Kc7cXB0UYs8bZM8u6kd6A6T1

al+8mT2vM3Xdwc6SSb+uFGZU9qu0WvNg3vQLt2xR0UNrIS7I2ZmbNVSPTWnQ9t+mspp9

X+XbFt9zkbINI+kqcNz6StggwKBxm8bsia9OMbJp6fP3P8JNKMaRaRtsFZZdK6kG+B4G

34klIKnNmDcSlIpsL9vZE/yvTUAR6fcWEz9EKrSdY1ATLhtQUT1usGDpJcbj5MQGtrLa

WX4A==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=JOkyEO3DW95orBVlwpARsk5cZJn75rpVR85+g7w+0u0=;

fh=D2m80rfZ7YWcNAfik0ji5hXXBpImoxKuCupsWGjt/lo=;

b=HUcqEja63fYtdlJ0bklZSxH9DmL0vMYvhylzk2i9kCdT3neZjwDw3DhG5nll52FBYS

4UHed4K4xCxYjMSYyjcYgIcKDfL6NDy74/bLJijph+sVXE9hq4ZS9iWINj1El1A4YXd0

4TSupYPuDajv174GZ9J6laJLPX5xJ7lvAvRB0krQdr1OQwHYqEnXFJARCGOOVWs0c9LV

1Sx5qmFeZA0rCrOVpiKarMXF7cUd4bKOOF0mPoijcC6NpDeOt4kTtIROpsXk2Y73GYaL

SwLCZ3O9bif0NjdLyLgNRHEZbczuGWmZmh8AY0yow4ma8JRdcJj0zrZpr1gkH3+SJOXn

aUxA==;

dara=google.com

ARC-Authentication-Results: i=1; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20230601 header.b=SB7BbkU2;

spf=pass (google.com: domain of davistmason@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=davistmason@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41])

by mx.google.com with SMTPS id a640c23a62f3a-b7cfa73e105sor170985566b.15.2025.12.12.05.09.09

for

(Google Transport Security);

Fri, 12 Dec 2025 05:09:09 -0800 (PST)

Received-SPF: pass (google.com: domain of davistmason@gmail.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41;

X-Forwarded-Encrypted: i=1; AJvYcCUq0uPaO+kJl8N1lunMG+DYaE2SF+lH5KqzXfI3raH/qo+mnTpi+H2GtKbIveKtH8KhOJN1sL4oUcmXcQ0=@knitinfotech.co.in

X-Gm-Gg: AY/fxX65jcdj0eOtP6A6oxgSgem/4OjtSEq0IKZpH9UZ1eVPGpGm9piEJ+CvlctNbc9

KrGA6A/tKhdkfo5KW3gBsrWYrdIz8kW8pBMRTAp+eZQmWsgEbiqu9vlNnQ5Csq9LqwZogu8BRXw

+KGIv788LV/ZGaRp1BLBrTab+iZ6UofkJz5egaUQWI55lTLthTtcbindmSirPYXN53qSY+Uvks+

dYtLjftUlGEorD262q3JP7BNXB+7g2X1iLOtwV3FTXD/zYxiBFMvhVdSgIhclaCdUEuma/p9PQ4

pwmgVCQsGHRSf5ZMu80sTZP4w9U=

X-Received: by 2002:a17:907:2d94:b0:b73:6b24:14b5 with SMTP id

a640c23a62f3a-b7d23a98395mr198865366b.31.1765544948130; Fri, 12 Dec 2025

05:09:08 -0800 (PST)

MIME-Version: 1.0

From: Mason Davist

Date: Fri, 12 Dec 2025 18:38:55 +0530

X-Gm-Features: AQt7F2rauXbIF7Z1buP5kRYeIh5fzmbG4Cyrf7Gt7FarlN8t1pVsiDWbBO02oh0

Message-ID:

December '25

Posted by Dave Yadallee on Saturday, December 13. 2025

--000000000000088bc80645c0f398

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello sir

We specialize in developing Android, iOS, hybrid, and fully custom mobile

applications across a wide range of industries, including Real Estate,

Travel, Food Delivery, E-commerce, Taxi Services, Healthcare, and

AI/Automation solutions.

Please share your app idea and detailed requirements with us. Let us know

what type of mobile app you=E2=80=99re looking to develop, and we=E2=80=99l=

l be happy to

assist.

Regards,

Sopra

--000000000000088bc80645c0f398

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Hello sir

We spe=

cialize in developing Android, iOS, hybrid, and fully custom mobile applica=

tions across a wide range of industries,<=

/b> including Real Estate, Travel, Food Delivery, E-commerce, Taxi Services=

, Healthcare, and AI/Automation solutions.

Please share your app ide=

a and detailed requirements with us. Let us know what type of mobile app yo=

u=E2=80=99re looking to develop, and we=E2=80=99ll be happy to assist.
<=

br>Regards,

na, sans-serif">Sopra

--000000000000088bc80645c0f398--

Categories: Google Gmail Spam

0 Comments

Web/SEO/App Spam from Google Gmail Part 1
Posted by Dave Yadallee on Saturday, December 13. 2025

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Fri, 12 Dec 2025 07:34:00 -0700

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU4DE-00000000Ay8-3m3w

for dave@doctor.nl2k.ab.ca;

Fri, 12 Dec 2025 07:33:40 -0700

Resent-From: The Doctor

Resent-Date: Fri, 12 Dec 2025 07:33:40 -0700

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from mail-ed1-f71.google.com ([209.85.208.71]:47130)

by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_128_GCM_SHA256

(Exim 4.98.2 (FreeBSD))

(envelope-from )

id 1vU2tQ-00000000MXa-0Fv9

for sales@nk.ca;

Fri, 12 Dec 2025 06:09:18 -0700

Received: by mail-ed1-f71.google.com with SMTP id 4fb4d7f45d1cf-640cdaf43aesf948442a12.2

for ; Fri, 12 Dec 2025 05:08:22 -0800 (PST)

ARC-Seal: i=2; a=rsa-sha256; t=1765544895; cv=pass;

d=google.com; s=arc-20240605;

b=TVfFSBjRbUy5IqKyG0zFwPfNWiULPpSc/QIpR7U5zkFnyU8CMzEGEpuTEEa0pPTE50

EkdAH2L+7sIZHJy2kPf7vO5N0NnHAI6foHr1l5k9pS3vdidcdVLEFH1uE4KgStaSTQfo

Zcg+jmlUPRJLLvV+7Kkqmy8UkiywGLxbEsawoqNKD6B997NF5Dgki87+cuo7FDUUJC0Z

1YShECOeKbgnyUUWk70OLR3djpq/o+XBJtlQV3H0iU0X/ufJSdoBfuIyOWq5RJbid9YY

PzPxl6pWWM519+zFdtt6UpSp2wcd7Z9juZPnvW/rtDU7/roQWza27KsT9TIwEnrQxHIj

BQ4Q==

ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:to:subject:message-id:date:from

:mime-version:dkim-signature;

bh=5PcV+4lxfci3aHV9JzA38H0odnsehxC8B/FxoCn8rQ4=;

fh=dpyH2ygprXuguPo8wWuplRbqL/ItR9KdcdZuA3t2di4=;

b=RwvkcTECLYV5avST84OdpOYCDs80jUaNFwPPSFmJ4AiATVQamgywA9rfBC5MAsgh+W

Z6HDi39VMEWsIGHylqDOygegDjAEJPLU3YxyIBrTDta2CJnkzQT15L+yfbYofSaw+xa7

NzuM2FR1IfeK4AnrHLe1x9HhPJQcZ5A+sO2DxNztp00sXrWeTj5rGkYnISjBOBMvcywp

ZPLzpZR7fU0ypjlGtCDsZGedWcT1l9tvyzilECIU9WKlR9KmZgat9GRtvpviau9tAjor

5/1riORuo9FGbOKgVa4JDyXnG+LJiEoYCskUEnB2Fv9wm05Tf7LD6hYuBYZ597ZTSfPH

ZTaQ==;

darn=nk.ca

ARC-Authentication-Results: i=2; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20230601 header.b=gz2vuWBZ;

spf=pass (google.com: domain of psopra582@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=psopra582@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=knitinfotech-co-in.20230601.gappssmtp.com; s=20230601; t=1765544895; x=1766149695; darn=nk.ca;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:list-id:mailing-list:precedence:x-original-authentication-results

:x-original-sender:to:subject:message-id:date:from:mime-version:from

:to:cc:subject:date:message-id:reply-to;

bh=5PcV+4lxfci3aHV9JzA38H0odnsehxC8B/FxoCn8rQ4=;

b=3Zp2oX3FARdzfHBPbrKIKWYzfdLsRlmSP1F6qFeWb+GiDa9c0trDNpnpt3j7AtdYLB

0tK0LsO8Jmw0aAJUedfVHG8/rZ7E9uyp1oCJS8UjL4pGHtg9l+viQXLM5/4O11wFXf/q

/sNz1eHVUVex3m0/IjN1PyVSnGm0NBKF3lhIXQGAgjQSWBhyk8aJp+xbaIiFuixxFgCx

QXRtc6ofM/ZiCi+hGOtQBipxbiD+Jbuox9NeWTNNqj6rHii/GM9dDMzUKFr5Eqt3rGI+

mDwCZgWT2uNvRnYQ5iSc1z4sR/7xaPThPIam+zh27ROd3wLHwTA0XfamDqQhebL6T4CV

xcgw==

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1765544895; x=1766149695;

h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post

:x-spam-checked-in-group:list-id:mailing-list:precedence

:x-original-authentication-results:x-original-sender:to:subject

:message-id:date:from:mime-version:x-gm-gg:x-beenthere

:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;

bh=5PcV+4lxfci3aHV9JzA38H0odnsehxC8B/FxoCn8rQ4=;

b=NWOBXUSShrMJbkiLqIVaSk4E1LKxXMG+kpSoN5Gk5SRgs0B18EvUqoMx+3Q+BRnMmt

jkOPX5KusEMZjOQEa/MhIUFw4SyoPDmfOgXoX6Ku53V8LoqLhbS9Lnneb05m+FlXBW5w

SD1W+v06c6hL/mUmU4b/6o2kEERe44IkHY0nBlLrrYJevIg392ZOnDQJ2zbYR9lAEfjn

y1G6fr82fPCvt5TiyCZC3j/+nfh+6lDv1Qgw1TCtbrD17Nx/CUSJlK3N2+cHPh59C/R7

ziADyDT0a79ifQhO4bMHLfYmvnzi6VuBZwciqGUUXq3GCwlN0Sgy2Je0ltNZZ3Ti4dHo

eXKw==

X-Forwarded-Encrypted: i=2; AJvYcCWFrNRha9f5ayvejdG+DVvQG4Wono7qWedRMVfAbR3DHyJ8t0QlAzQcME8pCrWsbbrZfPIl0A==@nk.ca

X-Gm-Message-State: AOJu0YzhdgHDcGCh14LcvBramDrD0mgEvkcbW1UztpAeLrCj8AVpVpYi

wKjoSgb/eUZ3Kw9/NAupVXEFp0Fg+ywd2vHQPq9yTUcMpuSMk4E3s6zTiKrhhPhxQG0=

X-Google-Smtp-Source: AGHT+IGnSisIktSHSczx6uqJFPZxZGY8VJnT5zrzEV6SUFhQeq07NxbU4LFDJLoFW/OQNxyVX6STnw==

X-Received: by 2002:a05:6402:2681:b0:63c:4da1:9a10 with SMTP id 4fb4d7f45d1cf-6499b331141mr1726138a12.31.1765544894493;

Fri, 12 Dec 2025 05:08:14 -0800 (PST)

X-BeenThere: psopra5@knitinfotech.co.in; h="AWVwgWbvGIcvakqCZP7uArrJtye7p9CFcjW7KGt3uscO48YcPg=="

Received: by 2002:aa7:d742:0:b0:641:68af:a582 with SMTP id 4fb4d7f45d1cf-6499a46cf01ls654986a12.2.-pod-prod-02-eu;

Fri, 12 Dec 2025 05:07:55 -0800 (PST)

X-Forwarded-Encrypted: i=2; AJvYcCXmU3sujxnv0DGcavgu2cxvcXYhPzqCm/BHhWMOLlHQ1W3A4YlMnV3gfsw5a1hfnPDc2SRxSmRk@knitinfotech.co.in

X-Received: by 2002:a17:906:9fc7:b0:b73:6987:e902 with SMTP id a640c23a62f3a-b7d23a1046cmr200470766b.48.1765544874680;

Fri, 12 Dec 2025 05:07:54 -0800 (PST)

ARC-Seal: i=1; a=rsa-sha256; t=1765544874; cv=none;

d=google.com; s=arc-20240605;

b=QHKotlhHlEx3ex0oJmVo5cpgiiXXMmUNQVVS6ADA6hHeyALLmgkXociO9nOb23c8DR

TvBNvED5U7cgab4GHP0ZFW9DdSHO92V7gQ5Slop7sHv/f1o6tgGhoU874IG3nN2Cz2rx

XA12omU+tnL38Iroh4W0RoKD2AiFm34o6ZygHWDrsnkpSqS4o6GrizKmIaHoUMvk0GIq

Vb98wPFjPjV7i8BExmixiF7cIk0hJR/5+C5ufGWzutwlbqWTU4tGaWV5CCVk128N/ZzQ

bBF4kNU6415nTWRTI69RLeIwBHrVekvK60L6ord6liZp93FJstaKuc1t8fUtM9n5GCVB

/kmQ==

ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;

h=to:subject:message-id:date:from:mime-version:dkim-signature;

bh=5PcV+4lxfci3aHV9JzA38H0odnsehxC8B/FxoCn8rQ4=;

fh=3rwu4AaspCoUdDpALaukB/bkZSuWbxiUaYN6y6OXWhI=;

b=HLNmJ2vQf6N58xNBi/EhYNn13uLJ2BheUmB8Vf/rg+pqjFdUj2lw9C/ueFFv+SNKR9

2SjNyehGu2FjnR7DJ8GuPGxm8x3cJGtguBxEcMySrMs+CoqiA3bSZNIoW5XM/9QEx7lp

NRoTMdB/gTG9Ity5a4Kn3qi7gb8mISXIFRTng6pPtMbO9qrUpuz0GeD5Yer3SLTe8BHD

zg5PjfsiQ1Fq+Jw0fdn+rNk4NuL1OtOkA6m3hwm+kRbots4C8ZYhF8MYrvneRDCafQ5U

365Rp0cuEMAHdOHx42wRhfL8eNSl27PbQfKD6Qa9iD4F+deY72uDpQSe54LjxTVqKM7l

2C/A==;

dara=google.com

ARC-Authentication-Results: i=1; mx.google.com;

dkim=pass header.i=@gmail.com header.s=20230601 header.b=gz2vuWBZ;

spf=pass (google.com: domain of psopra582@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=psopra582@gmail.com;

dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;

dara=neutral header.i=@knitinfotech.co.in

Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41])

by mx.google.com with SMTPS id a640c23a62f3a-b7cfa679199sor138074666b.23.2025.12.12.05.07.54

for

(Google Transport Security);

Fri, 12 Dec 2025 05:07:54 -0800 (PST)

Received-SPF: pass (google.com: domain of psopra582@gmail.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41;

X-Forwarded-Encrypted: i=1; AJvYcCVQUAO9oksTuPQrKjlJC2bv4MhYQUydRVNWZQeDvRQeMRhDPpnZOHQSpNI44rRccbd8yMmQgDxT@knitinfotech.co.in

X-Gm-Gg: AY/fxX6u+3sRBZ94L8RCLeAYkMFSuXKLCW7isKVjIhnIkqMj83r7H2LVAOXwYmqFFxa

h/4t/uWVZai2gFC9AL/XZqIej7ZWnOb2BF6FTJzFr0+eRgPtBb6hP91Nf7lTTVJ5bj4LMLyxHFn

oO45+f5keTsICMzIaNKIpw4LFBI3BI0fcc6LNtPIveKIGGCPUcjFc3fBuPFoHJiggcAmdNwzYiR

AuMZrNQRgUde/8hHQwsaRcLH6FejPoe/bZux2m+3pjqlofG5j/KqqccK5OeloKsT7LBNpd4snDi

zfSaMESTRTpasNE3DXPaQumhxww=

X-Received: by 2002:a17:907:3fa5:b0:b73:6d57:3e06 with SMTP id

a640c23a62f3a-b7d2356a79fmr179986066b.7.1765544873723; Fri, 12 Dec 2025

05:07:53 -0800 (PST)

MIME-Version: 1.0

From: Sopra

Date: Fri, 12 Dec 2025 18:37:40 +0530

X-Gm-Features: AQt7F2qtP-v2tRm4iFFwCRdgXcF4fncELNDomDsRkqYfBWYeOEF4huPDoWX-Ge4

Message-ID:

Subject: `Mobile Apps Development?

To: undisclosed-recipients:;

Content-Type: multipart/alternative; boundary="000000000000088bc80645c0f398"

Bcc: psopra5@knitinfotech.co.in

X-Original-Sender: psopra582@gmail.com

X-Original-Authentication-Results: mx.google.com; dkim=pass

header.i=@gmail.com header.s=20230601 header.b=gz2vuWBZ; spf=pass

(google.com: domain of psopra582@gmail.com designates 209.85.220.41 as

permitted sender) smtp.mailfrom=psopra582@gmail.com; dmarc=pass (p=NONE

sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=neutral header.i=@knitinfotech.co.in

Precedence: list

Mailing-list: list psopra5@knitinfotech.co.in; contact psopra5+owners@knitinfotech.co.in

List-ID:

X-Spam-Checked-In-Group: psopra5@knitinfotech.co.in

X-Google-Group-Id: 216295008108

List-Post: ,

List-Help: ,

List-Archive:

List-Subscribe: ,

List-Unsubscribe: ,

Categories: Google Gmail Spam

0 Comments

Web/SEO/App Spam from Microsoft Outlook Part 2
Posted by Dave Yadallee on Saturday, December 13. 2025

Content analysis details: (5.1 points, 5.0 required)

pts rule name description

---- ---------------------- --------------------------------------------------

1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

[52.103.67.15 listed in will-spam-for-food.eu.org]

1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org

[52.103.67.15 listed in dnsbl.ahbl.org]

[52.103.67.15 listed in dnsbl.ahbl.org]

[52.103.67.15 listed in dnsbl.ahbl.org]

[52.103.67.15 listed in dnsbl.ahbl.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[dnsbl.ahbl.org]

[2603:1096:a01:ea:0:0:0:11 listed in]

[dnsbl.ahbl.org]

1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org

[52.103.67.15 listed in dnsbl.ahbl.org]

0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org

[52.103.67.15 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org

[52.103.67.15 listed in dnsbl.ahbl.org]

0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org

[52.103.67.15 listed in dnsbl.ahbl.org]

-0.0 SPF_HELO_PASS SPF: HELO matches SPF record

-0.0 SPF_PASS SPF: sender matches SPF record

-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's

domain

0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid

0.0 ARC_SIGNED Message has a ARC signature

-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from

envelope-from domain

0.0 ARC_VALID Message has a valid ARC signature

0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider

[charlesexpert1971(at)outlook.com]

0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in

digit

[charlesexpert1971(at)outlook.com]

-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay

domain

0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge

0.0 HTML_MESSAGE BODY: HTML included in message

Subject: {SPAM?} Re: Sure..?

--_000_MA0PR01MB9852EE44952DB0960DB8F63FBEAEAMA0PR01MB9852INDP_

Content-Type: text/plain; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

Hi,

I personally visited your website when I was browsing it.

In order to significantly improve these search results for you, I would lik=

e to send you an Ranking report of your website.

Can I Send you Quote=94 and Cost/=94?

Best regards,

--_000_MA0PR01MB9852EE44952DB0960DB8F63FBEAEAMA0PR01MB9852INDP_

Content-Type: text/html; charset="Windows-1252"

Content-Transfer-Encoding: quoted-printable

252">

Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);" clas=

s=3D"elementToProof">

Hi,

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

I personally visited your website when I was browsing it.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

In order to significantly improve these search results for you, I would lik=

e to send you an Ranking report of your website.

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Can I Send you Quote=94 and Cost/=94?

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

_MSFontService, Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb=

(0, 0, 0);">

Best regards,

--_000_MA0PR01MB9852EE44952DB0960DB8F63FBEAEAMA0PR01MB9852INDP_--

Categories: Microsoft Outlook Hotmail Spam

0 Comments

Page 941 of 941, totaling 14104 entries

previous page

No entries to print