| Current Path : /proc/thread-self/root/home/ift/mails/39/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/39/1544500836.zrspam.394262_2018_12_11 |
From DavidBaker@mknetwork.com.br Tue Dec 11 05:00:36 2018
Return-Path: <DavidBaker@mknetwork.com.br>
X-Original-To: cgabriel@ift-informatik.de
Delivered-To: cgabriel@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id 786FA3D200081; Tue, 11 Dec 2018 05:00:36 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Tue, 11 Dec 2018 05:00:36 +0100
From: "Maddox" <DavidBaker@mknetwork.com.br>
To: "Maddox" <info@ift-informatik.de>
Subject: *****SPAM***** Die gro?te Hilfe fur Manner in Verzweiflung!
Date: Tue, 11 Dec 2018 06:43:48 +0300
Message-Id: <0A24E91A.4DC43BE1@mknetwork.com.br>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: ****************************
X-Spam-Status: Yes, score=28.8 required=5.0 tests=BAYES_80,
CK_HELO_DYNAMIC_SPLIT_IP,DRUGS_ERECTILE,FR_3TAG_3TAG,HELO_DYNAMIC_IPADDR2,
HTML_MESSAGE,MIME_HTML_ONLY,PLING_QUERY,RAZOR2_CF_RANGE_51_100,
RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_BRBL_LASTEXT,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RCVD_IN_PSBL,
RCVD_IN_RP_RNBL,RCVD_IN_XBL,RDNS_DYNAMIC,TVD_RCVD_IP,URIBL_BLOCKED,
URIBL_DBL_SPAM,URIBL_JP_SURBL,URIBL_SBL,URIBL_SBL_A autolearn=spam
autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5C0F3664.C4205CE4"
This is a multi-part message in MIME format.
------------=_5C0F3664.C4205CE4
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Erfüllen Sie alle Ihre Wünsche. Kaufen Sie Cialis in unserer
Apotheke. Jetzt neues Leben kaufen! http://bestmedshop.su [...]
Content analysis details: (28.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: bestmedshop.su]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: bestmedshop.su]
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[177.190.145.234 listed in zen.spamhaus.org]
1.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: bestmedshop.su]
0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist
[URIs: bestmedshop.su]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[177.190.145.234 listed in psbl.surriel.com]
0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
0.0 TVD_RCVD_IP No description available.
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?177.190.145.234>]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[177.190.145.234 listed in bl.score.senderscore.com]
2.4 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[177.190.145.234 listed in bl.mailspike.net]
1.7 URIBL_DBL_SPAM Contains an URL listed in the DBL blocklist
[URIs: bestmedshop.su]
1.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[177.190.145.234 listed in bb.barracudacentral.org]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
2.0 BAYES_80 BODY: Bayes spam probability is 80 to 95%
[score: 0.8474]
1.0 FR_3TAG_3TAG RAW: Looks like 3 <e> small tags.
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
3.6 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr
2)
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
1.0 PLING_QUERY Subject has exclamation mark and question mark
2.0 DRUGS_ERECTILE Refers to an erectile drug
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_5C0F3664.C4205CE4
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from 234-145-190-177.mknetwork.com.br (234-145-190-177.mknetwork.com.br [177.190.145.234])
by ift-informatik.de (Postfix) with ESMTP id 99CFE3D20003E
for <info@ift-informatik.de>; Tue, 11 Dec 2018 05:00:31 +0100 (CET)
Received: from unknown (HELO relay37.vosimerkam.net) (Tue, 11 Dec 2018 06:59:39 +0300)
by smtp.endend.nl with NNFMP; Tue, 11 Dec 2018 06:59:39 +0300
Received: from asx121.turbo-inline.com [170.125.143.209] by qnx.mdrost.com with QMQP; Tue, 11 Dec 2018 06:43:48 +0300
Message-ID: <0A24E91A.4DC43BE1@mknetwork.com.br>
Date: Tue, 11 Dec 2018 06:43:48 +0300
From: "Maddox" <DavidBaker@mknetwork.com.br>
User-Agent: The Bat! (v1.52f) Business
MIME-Version: 1.0
To: "Maddox" <info@ift-informatik.de>
Subject: Die gro?te Hilfe fur Manner in Verzweiflung!
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: base64
PCFkb2N0eXBlIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgY2hhcnNldD0idXRmLTgiPg0K
PC9oZWFkPg0KDQo8Ym9keT4NCgk8cCBzdHlsZT0iZm9udC1zaXplOjE4cHg7dGV4dC1hbGlnbjog
Y2VudGVyOyI+RXJmw7xsbGVuIFNpZSBhbGxlIElocmUgV8O8bnNjaGUuIEthdWZlbiBTaWUgQ2lh
bGlzIGluIHVuc2VyZXIgQXBvdGhla2UuPC9wPjxicj4NCjxwIHN0eWxlPSJ0ZXh0LWFsaWduOiBj
ZW50ZXI7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lOyBwYWRkaW5nOiAxNXB4IDMw
cHg7IGZvbnQtc2l6ZTogMTVweDsgdGV4dC1hbGlnbjogY2VudGVyOyBjb2xvcjojZmZmZmZmOyBi
YWNrZ3JvdW5kLWNvbG9yOiNmNTU7ICIgaHJlZj0iaHR0cDovL2Jlc3RtZWRzaG9wLnN1Ij5KZXR6
dCBuZXVlcyBMZWJlbiBrYXVmZW4hPC9hPjwvcD48bmF2PjwvbmF2Pg0KPHAgc3R5bGU9InRleHQt
YWxpZ246IGNlbnRlcjsiPiZuYnNwOzwvcD4NCgk8cCBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVy
OyBmb250LXNpemU6IDE4cHg7Y29sb3I6ICM0ODhFM0Y7Ij48YSBocmVmPSJodHRwOi8vYmVzdG1l
ZHNob3Auc3UiIHN0eWxlPSJjb2xvcjogIzQ4OEUzRjsiPmh0dHA6Ly9iZXN0bWVkc2hvcC5zdTwv
YT48ZGl2PjwvZGl2PjwvcD4NCjxkaXYgYmFja2dyb3VuZD0iaHR0cDovLzY2NmtiLmNvbS9pL2R6
YXBhODQzNHR3aDA3ZGV3LmpwZyIgdmFsaWduPSJ0b3AiIHN0eWxlPSJiYWNrZ3JvdW5kOiB1cmwo
aHR0cDovLzY2NmtiLmNvbS9pL2R6YXBhYTQ3am81dDN4NjA4LmpwZykgbm8tcmVwZWF0IGNlbnRl
cjtiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmO2JhY2tncm91bmQtcG9zaXRpb246IGNlbnRlcjsiPg0K
PG9sPjxwPjwvcD48L29sPg0KPGRpdj4NCjxjZW50ZXI+DQo8dGFibGUgd2lkdGg9IjYwMCIgaGVp
Z2h0PSIzNzAiPg0KPHRyPg0KPHRkIHZhbGlnbj0ibWlkZGxlIiBzdHlsZT0icGFkZGluZy1yaWdo
dDogMTVweDtwYWRkaW5nLWxlZnQ6IDE1cHg7dGV4dC1hbGlnbjpsZWZ0OyIgIGhlaWdodD0iMzcw
Ij48ZGl2PjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPC9jZW50ZXI+DQo8L2Rpdj4N
CjwvZGl2Pjxicj48YnI+DQo8cCBzdHlsZT0iY29sb3I6ICNhMWExYTE7IHRleHQtYWxpZ246IGNl
bnRlcjsiPlVuc3Vic2NyaWJlIGZyb20gdGhpcyBsZXR0ZXIgPGEgaHJlZj0iaHR0cDovL2Jlc3Rt
ZWRzaG9wLnN1Ij5oZXJlPC9hPjwvcD4NCjwvYm9keT4NCjwvaHRtbD4NCg==
------------=_5C0F3664.C4205CE4--