Chinese products spam part 1
Posted by Dave Yadallee onX-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-path:
Envelope-to: dave@doctor.nl2k.ab.ca
Delivery-date: Mon, 22 Jun 2026 05:34:00 -0600
Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.99.3 (FreeBSD))
(envelope-from
id 1wbcue-00000000Fo5-1lP5
for dave@doctor.nl2k.ab.ca;
Mon, 22 Jun 2026 05:34:00 -0600
Resent-From: The Doctor
Resent-Date: Mon, 22 Jun 2026 05:34:00 -0600
Resent-Message-ID:
Resent-To: Dave Yadallee
Received: from [210.79.60.58] (port=57558 helo=mail-m6058.netease.com)
by doctor.nl2k.ab.ca with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.99.3 (FreeBSD))
(envelope-from
id 1wbZEK-0000000062y-1nOo
for sales@nk.ca;
Mon, 22 Jun 2026 01:38:23 -0600
Content-Type: multipart/alternative; BOUNDARY="=_Part_1519968_391243307.1782113820732"
To: sales
Subject: =?UTF-8?B?UmU65Lit5Zu95Y+R5Yqg5ou/5aSn5pW05p+c5Lu35qC8wqA1LjE1LTUuMzE=?=
X-Priority: 3
MIME-Version: 1.0
Received: from julin@yunsongtrans.com( [10.139.1.59] ) by ajax-webmail ( [127.0.0.1] ) ; Mon, 22 Jun 2026 15:37:00 +0800 (GMT+08:00)
From: Julin
Date: Mon, 22 Jun 2026 15:37:00 +0800 (GMT+08:00)
X-WM-Tid: 0a9eee42dfa800f5kunm075a0cc51e7cc6
DKIM-Signature: a=rsa-sha256;
b=asezRNYEJYWChLe/c8MKhCFg8Nm+6NkMV+xq+u4I9n517u2GK6cC/SJcFLQQrlDSdw8amcSnRMNrS05n/N0k3FzVz5yNvzpSFOrznEBjG5GbkUvZdR0uJVHURcn8wakKeC+lnCw6VJ38FV8+moKZY+2zeXMeLIm3elxQ3fimTAnhhC+2Cv1ixMq8H4yQoJaII7XX+cJMws8Uo9ubBus3ugKzRV3Ht5Y6SE7lrj4tW238mbQM08IcmoO1YxZruRIzomgrRsbcVcVw40ehE2LFzcwxQy/mnApfDAbVclSITMQE0ga+3MDv+B94bHL82eS0SSgU43JB/5bblac01NqSOQ==; c=relaxed/relaxed; s=default; d=yunsongtrans.com; v=1;
bh=D9O4+3Fuf8oZkx9Z8Eq1iHpXhHKH4I1XzWG41NnHxr0=;
h=date:mime-version:subject:message-id:from;
Message-ID:
X-Spam_score: 15.3
X-Spam_score_int: 153
X-Spam_bar: +++++++++++++++
X-Spam_report: Spam detection software, running on the system "doctor.nl2k.ab.ca",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hi sales, I hope this email finds you well. Thank you for
reading our introductory email. We're here to assist if you have any further
questions or need more information. I am excited to inform you that we are
currently offering a special promotion on our products.If you have any needs,
please let me know as soon as possible so I can secure a discounted spot
for you. T [...]
Content analysis details: (15.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 RCVD_IN_WSFF RBL: Received via a relay in will-spam-for-food.eu.org
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
[210.79.60.58 listed in will-spam-for-food.eu.org]
1.5 RCVD_IN_AHBL RBL: AHBL: sender is listed in dnsbl.ahbl.org
[210.79.60.58 listed in dnsbl.ahbl.org]
[210.79.60.58 listed in dnsbl.ahbl.org]
[210.79.60.58 listed in dnsbl.ahbl.org]
[210.79.60.58 listed in dnsbl.ahbl.org]
1.5 RCVD_IN_AHBL_SPAM RBL: AHBL: Spam Source in dnsbl.ahbl.org
[210.79.60.58 listed in dnsbl.ahbl.org]
0.0 RCVD_IN_AHBL_RTB RBL: AHBL: Real-Time Blocked in dnsbl.ahbl.org
[210.79.60.58 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_SMTP RBL: AHBL: Open SMTP relay in dnsbl.ahbl.org
[210.79.60.58 listed in dnsbl.ahbl.org]
0.5 RCVD_IN_AHBL_PROXY RBL: AHBL: Open Proxy server in dnsbl.ahbl.org
[210.79.60.58 listed in dnsbl.ahbl.org]
2.5 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist
[URI: yunsongtrans.com]
-3.0 RCVD_IN_RP_CERTIFIED RBL: Sender in ReturnPath Certified - Contact
cert-sa@returnpath.net
[Excessive Number of Queries |
-2.0 RCVD_IN_RP_SAFE RBL: Sender in ReturnPath Safe - Contact
safe-sa@returnpath.net
[Excessive Number of Queries |
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[210.79.60.58 listed in bl.score.senderscore.com]
-0.0 SPF_PASS SPF: sender matches SPF record
0.6 J_CHICKENPOX_52 BODY: 5alpha-pock-2alpha
1.0 OPT_OUT BODY: No description available.
0.0 HTML_FONT_SIZE_HUGE BODY: HTML font size is huge
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 VOWEL_URI_5 URI hostname with 5 consecutive vowels
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
2.6 HTML_TEXT_INVISIBLE_STYLE HTML hidden text + other spam signs
2.0 MIXED_HREF_CASE Has href in mixed case
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
3.0 LONG_INVISIBLE_TEXT Long block of hidden text - bayes poison?
Subject: {SPAM?} =?UTF-8?B?UmU65Lit5Zu95Y+R5Yqg5ou/5aSn5pW05p+c5Lu35qC8wqA1LjE1LTUuMzE=?=
Hi sales,
I hope this email finds you well.
Thank you for reading our introductory email. We're here to assist if you have any further questions or need more information.
I am excited to inform you that we are currently offering a special promotion on our products.If you have any needs, please let me know as soon as possible so I can secure a discounted spot for you.
Thank you for your attention, and I look forward to hearing from you soon.
Best regards,
Enable premium notifications for product growth via . Keep My Alerts Active
To override these emails, visit Tweak Email Delivery.
Miss Julin
With 13 years of dedicated focus on US-Canada dedicated shipping lines,we save your time, effort and money with DDP PRICE.
Shenzhen Ethan Freight Forwarding Co., Ltd.
Room 2806, 28th Floor, Building 1, Evergrande Metropolis Plaza, Bantian Street, Longgang District, Shenzhen City, Guangdong, China
T.0755-84826401/ M.13798412845/E.julin@ethanfreight.com
www.ethantrans.com