| Current Path : /proc/thread-self/root/home/ift/mails/14/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/14/1478260582.zrspam.142480_2016_11_04 |
From tebsgyhga@hut234.com Fri Nov 4 12:56:22 2016
Return-Path: <tebsgyhga@hut234.com>
X-Original-To: tjungblut@ift-informatik.de
Delivered-To: tjungblut@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id 375263752540B; Fri, 4 Nov 2016 12:56:22 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Fri, 04 Nov 2016 12:56:22 +0100
From: "Caitlin Godwin" <Godwin_Rydel@dsaconsulting.com>
To: tobias.jungblut@ift-informatik.de
Subject: *****SPAM***** Eager to H00kup
Date: Fri, 04 Nov 2016 06:53:19 -0600
Message-Id: <64198250006-WEYWCJBUBANLTSEXSDNNUTK@kytbvuxoa.dsaconsulting.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: **************************
X-Spam-Status: Yes, score=26.7 required=5.0 tests=BAYES_60,
CK_HELO_DYNAMIC_SPLIT_IP,CK_HELO_GENERIC,DIGEST_MULTIPLE,HELO_DYNAMIC_IPADDR2,
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,HTTP_EXCESSIVE_ESCAPES,MIME_HTML_ONLY,
PYZOR_CHECK,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,RCVD_IN_MSPIKE_BL,
RCVD_IN_MSPIKE_L5,RCVD_IN_PBL,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_XBL,
RDNS_NONE autolearn=no autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_581C7766.D85B1EE1"
This is a multi-part message in MIME format.
------------=_581C7766.D85B1EE1
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Hi sweetie, where have u been? i've been trying to get a hold
of u since i left my BF last week... do u want to c0me over? i have a special
surpr1se for you ;) i need s*x so bad!!! i have some recent p1cs i want to
show you. you can *see them here* [...]
Content analysis details: (26.7 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[109.194.114.141 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
0.2 CK_HELO_GENERIC Relay used name indicative of a Dynamic Pool or
Generic rPTR
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[109.194.114.141 listed in psbl.surriel.com]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[109.194.114.141 listed in bl.score.senderscore.com]
2.4 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[109.194.114.141 listed in bl.mailspike.net]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?109.194.114.141>]
1.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[109.194.114.141 listed in bb.barracudacentral.org]
1.6 HTTP_EXCESSIVE_ESCAPES URI: Completely unnecessary %-escapes inside a
URL
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.5 BAYES_60 BODY: Bayes spam probability is 60 to 80%
[score: 0.6643]
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
1.4 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
3.6 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr
2)
0.3 DIGEST_MULTIPLE Message hits more than one network digest check
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_581C7766.D85B1EE1
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from 109x194x114x141.dynamic.omsk.ertelecom.ru (unknown [109.194.114.141])
by ift-informatik.de (Postfix) with SMTP id EBF403752540A
for <tobias.jungblut@ift-informatik.de>; Fri, 4 Nov 2016 12:56:19 +0100 (CET)
Message-ID: <64198250006-WEYWCJBUBANLTSEXSDNNUTK@kytbvuxoa.dsaconsulting.com>
From: "Caitlin Godwin" <Godwin_Rydel@dsaconsulting.com>
Subject: Eager to H00kup
To: tobias.jungblut@ift-informatik.de
Date: Fri, 04 Nov 2016 06:53:19 -0600
Mime-Version: 1.0
Content-Type: text/html;
Content-Transfer-Encoding: 7Bit
Hi sweetie, where have u been? i've been trying to get a hold of u since i left my BF last week... do u want to c0me over? i have a special surpr1se for you ;) i need s*x so bad!!! i have some recent p1cs i want to show you. you can <a href="https://www.google.com/url?hl=en&q=http://%73%65%78%79%2d%64%72%65%61%6d%37%2e%74%6f%70/?u%3D79h8kwf%26o%3Depgkvze%26t%3D&source=gmail&ust=1477978111650000&usg=AFQjCNGz1q7_VnpxRRKXRvP6uWDW1Ecakw">*see them here*</a>
------------=_581C7766.D85B1EE1--