| Current File : //home/itiffy/mail/.spam/new/1752061593.M35254P3011205.premium223.web-hosting.com,S=6104,W=6222 |
Return-Path: <test@test.com>
Delivered-To: itiffy+spam@premium223.web-hosting.com
Received: from premium223.web-hosting.com
by premium223.web-hosting.com with LMTP
id UCcUAZlWbmiF8i0AqUc79Q
(envelope-from <test@test.com>)
for <itiffy+spam@premium223.web-hosting.com>; Wed, 09 Jul 2025 07:46:33 -0400
Return-path: <test@test.com>
Envelope-to: info@itiffy.com
Delivery-date: Wed, 09 Jul 2025 07:46:33 -0400
Received: from [138.197.191.184] (port=35946 helo=email-globaldatabase.com)
by premium223.web-hosting.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.98.2)
(envelope-from <test@test.com>)
id 1uZTFw-0000000Cl8I-1hTW
for info@itiffy.com;
Wed, 09 Jul 2025 07:46:32 -0400
Received: from User (unknown [197.211.59.238])
by email-globaldatabase.com (Postfix) with SMTP id C9C9E13252C;
Wed, 9 Jul 2025 14:13:33 +0300 (EEST)
Reply-To: <mcphillip.johnson@consultant.com>
From: "From Mcphillip Johnson"<test@test.com>
Date: Wed, 9 Jul 2025 04:28:09 -0700
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1081
X-Spam: Yes
X-Spam-Status: Yes, score=22.8
X-Spam-Score: 228
X-Spam-Bar: ++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "premium223.web-hosting.com",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Attention: Dear Sir / Madam. I am brokering an Investment
deal on behalf of a client, this deal will involve a huge amount (US$500M)
for investment in your country. By this letter, I am offering to have you
manage the funds in a [...]
Content analysis details: (22.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
7.5 PCCC_HDR_REPLYTO RBL: Address in email headers associated with
compromised uris (https://raptor.pccc.com/RBL)
[listed in consultant.com.wild.pccc.com]
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[138.197.191.184 listed in sa-accredit.habeas.com]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[138.197.191.184 listed in bl.score.senderscore.com]
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[138.197.191.184 listed in sa-trusted.bondedsender.org]
4.0 SPF_HELO_FAIL SPF: HELO does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=helo;id=email-globaldatabase.com;ip=138.197.191.184;r=premium223.web-hosting.com]
0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
Alignment
1.7 DEAR_SOMETHING BODY: Contains 'Dear (something)'
0.0 NSL_RCVD_FROM_USER Received from User
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
1.2 MISSING_HEADERS Missing To: header
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 T_HK_NAME_FROM No description available.
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
1.9 REPLYTO_WITHOUT_TO_CC No description available.
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 FROM_MISSP_USER From misspaced, from "User"
0.5 TO_NO_BRKTS_MSFT To: lacks brackets and supposed Microsoft tool
0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
0.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
1.8 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_FROM_MISSP_FREEMAIL From misspaced + freemail provider
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free email?
0.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Flag: YES
Subject: ***SPAM*** From Mr. Mcphillip Johnson
<HTML><HEAD><TITLE></TITLE>
</HEAD>
<BODY bgcolor=#FFFFFF leftmargin=5 topmargin=5 rightmargin=5 bottommargin=5>
<FONT size=2 color=#000000 face="Arial">
<DIV>
<FONT size=4><B>Attention: Dear Sir / Madam.</B></FONT></DIV>
<DIV>
<FONT size=4><B> </B></FONT></DIV>
<DIV>
<FONT size=4><B>I am brokering an Investment deal on behalf of a client, this deal will involve a huge amount (US$500M) for investment in your country. By this letter, I am offering to have you manage the funds in a viable profitable sector in your country.</B></FONT></DIV>
<DIV>
<FONT size=4><B> </B></FONT></DIV>
<DIV>
<FONT size=4><B>Reply for more details.</B></FONT></DIV>
<DIV>
<FONT size=4><B> </B></FONT></DIV>
<DIV>
<FONT size=4><B>Best regards.</B></FONT></DIV>
<DIV>
<FONT size=4><B>Mcphillip Johnson</B></FONT></DIV>
<DIV>
<FONT size=4><B>wwwofficedetails@gmail.com</B></FONT></DIV>
</FONT>
</BODY></HTML>