| Current Path : /proc/thread-self/root/home/ift/mails/39/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/39/1545229026.zrspam.398305_2018_12_19 |
From JamesHall@esoo.ru Wed Dec 19 15:17:06 2018
Return-Path: <JamesHall@esoo.ru>
X-Original-To: cgabriel@ift-informatik.de
Delivered-To: cgabriel@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id B691D3D20009B; Wed, 19 Dec 2018 15:17:06 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Wed, 19 Dec 2018 15:17:06 +0100
From: "Tapia" <JamesHall@esoo.ru>
To: "Tapia" <christian.gabriel@shortnote.de>
Subject: *****SPAM***** Fuhlen Sie sich nicht wecken? Geben Sie eine starke Resonanz zur Schwache!
Date: Wed, 19 Dec 2018 16:35:22 +0300
Message-Id: <21C4D3F5.62576332@esoo.ru>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: *********************************
X-Spam-Status: Yes, score=33.8 required=5.0 tests=BAYES_95,
CK_HELO_DYNAMIC_SPLIT_IP,DKIM_ADSP_ALL,HELO_DYNAMIC_HCC,HELO_DYNAMIC_IPADDR2,
HTML_MESSAGE,MIME_BASE64_TEXT,MIME_HTML_ONLY,PLING_QUERY,
RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,RCVD_IN_MSPIKE_BL,
RCVD_IN_MSPIKE_L5,RCVD_IN_PBL,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_XBL,
RDNS_DYNAMIC,TVD_RCVD_IP,TVD_RCVD_SPACE_BRACKET,UNPARSEABLE_RELAY,
URIBL_BLOCKED,URIBL_JP_SURBL,URIBL_SBL,URIBL_SBL_A autolearn=spam
autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5C1A52E2.D18B14A6"
This is a multi-part message in MIME format.
------------=_5C1A52E2.D18B14A6
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Wählen Sie ED-Medikamente der neuen Generation! Klicken Sie
hier und kaufen Sie! http://bestmedshop.su [...]
Content analysis details: (33.8 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: bestmedshop.su]
1.2 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: bestmedshop.su]
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[85.192.128.218 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[85.192.128.218 listed in psbl.surriel.com]
1.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: bestmedshop.su]
0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist
[URIs: bestmedshop.su]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?85.192.128.218>]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[85.192.128.218 listed in bl.score.senderscore.com]
2.4 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[85.192.128.218 listed in bl.mailspike.net]
0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
0.0 TVD_RCVD_SPACE_BRACKET No description available.
0.0 TVD_RCVD_IP No description available.
0.8 DKIM_ADSP_ALL No valid author signature, domain signs all mail
1.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[85.192.128.218 listed in bb.barracudacentral.org]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
3.0 BAYES_95 BODY: Bayes spam probability is 95 to 99%
[score: 0.9611]
0.0 HTML_MESSAGE BODY: HTML included in message
1.7 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
3.6 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr
2)
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
1.0 PLING_QUERY Subject has exclamation mark and question mark
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
2.8 HELO_DYNAMIC_HCC Relay HELO'd using suspicious hostname (HCC)
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_5C1A52E2.D18B14A6
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from 85-192-128-218.dsl.esoo.ru (85-192-128-218.dsl.esoo.ru [85.192.128.218])
by ift-informatik.de (Postfix) with ESMTP id 35D5B3D200073
for <christian.gabriel@shortnote.de>; Wed, 19 Dec 2018 15:17:04 +0100 (CET)
Received: from [198.69.96.12] by smtp.endend.nl with ESMTP; Wed, 19 Dec 2018 17:14:34 +0300
Received: from m1.gns.snv.thisdomainl.com ([Wed, 19 Dec 2018 16:59:14 +0300])
by mts.locks.grgtween.net with NNFMP; Wed, 19 Dec 2018 16:59:14 +0300
Received: from smtp-server1.cfdenselr.com ([88.175.129.149]) by nntp.pinxodet.net with QMQP; Wed, 19 Dec 2018 16:44:42 +0300
Received: from mts.locks.grgtween.net ([21.240.188.225]) by mtu23.bigping.com with LOCAL; Wed, 19 Dec 2018 16:35:22 +0300
Message-ID: <21C4D3F5.62576332@esoo.ru>
Date: Wed, 19 Dec 2018 16:35:22 +0300
Reply-To: "Tapia" <JamesHall@esoo.ru>
From: "Tapia" <JamesHall@esoo.ru>
User-Agent: Mozilla/4.78 [ja] (Windows NT 5.0; U)
X-Accept-Language: en-us
MIME-Version: 1.0
To: "Tapia" <christian.gabriel@shortnote.de>
Subject: Fuhlen Sie sich nicht wecken? Geben Sie eine starke Resonanz zur Schwache!
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: base64
PCFkb2N0eXBlIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgY2hhcnNldD0idXRmLTgiPg0K
PC9oZWFkPg0KDQo8Ym9keT4NCgk8cCBzdHlsZT0iZm9udC1zaXplOjE4cHg7dGV4dC1hbGlnbjog
Y2VudGVyOyI+V8OkaGxlbiBTaWUgRUQtTWVkaWthbWVudGUgZGVyIG5ldWVuIEdlbmVyYXRpb24h
PC9wPjxicj4NCjxwIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48YSBzdHlsZT0idGV4dC1k
ZWNvcmF0aW9uOiBub25lOyBwYWRkaW5nOiAxNXB4IDMwcHg7IGZvbnQtc2l6ZTogMTVweDsgdGV4
dC1hbGlnbjogY2VudGVyOyBjb2xvcjojZmZmZmZmOyBiYWNrZ3JvdW5kLWNvbG9yOiNmNTU7ICIg
aHJlZj0iaHR0cDovL2Jlc3RtZWRzaG9wLnN1Ij5LbGlja2VuIFNpZSBoaWVyIHVuZCBrYXVmZW4g
U2llITwvYT48L3A+PG1haW4+PC9tYWluPg0KPHAgc3R5bGU9InRleHQtYWxpZ246IGNlbnRlcjsi
PiZuYnNwOzwvcD4NCgk8cCBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyBmb250LXNpemU6IDE4
cHg7Y29sb3I6ICM0ODhFM0Y7Ij48YSBocmVmPSJodHRwOi8vYmVzdG1lZHNob3Auc3UiIHN0eWxl
PSJjb2xvcjogIzQ4OEUzRjsiPmh0dHA6Ly9iZXN0bWVkc2hvcC5zdTwvYT48dGFibGUgd2lkdGg9
IjcyJSIgYm9yZGVyPSIwIj48dGJvZHk+PHRyPjx0ZD48L3RkPjwvdHI+PC90Ym9keT48L3RhYmxl
PjwvcD4NCjxkaXYgYmFja2dyb3VuZD0iaHR0cDovL2Z1bmt5aW1nLmNvbS9pLzJOVzVBLmpwZyIg
dmFsaWduPSJ0b3AiIHN0eWxlPSJiYWNrZ3JvdW5kOiB1cmwoaHR0cDovL2Z1bmt5aW1nLmNvbS9p
LzJOVzViLmpwZykgbm8tcmVwZWF0IGNlbnRlcjtiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmO2JhY2tn
cm91bmQtcG9zaXRpb246IGNlbnRlcjsiPg0KPHRhYmxlIHdpZHRoPSIxNCUiIGJvcmRlcj0iMCI+
PHRib2R5Pjx0cj48dGQ+PC90ZD48dGQ+PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT4NCjxkaXY+
DQo8Y2VudGVyPg0KPHRhYmxlIHdpZHRoPSI2MDAiIGhlaWdodD0iMzcwIj4NCjx0cj4NCjx0ZCB2
YWxpZ249Im1pZGRsZSIgc3R5bGU9InBhZGRpbmctcmlnaHQ6IDE1cHg7cGFkZGluZy1sZWZ0OiAx
NXB4O3RleHQtYWxpZ246bGVmdDsiICBoZWlnaHQ9IjM3MCI+PHVsPjxwPjwvcD48L3VsPg0KPC90
ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPC9jZW50ZXI+DQo8L2Rpdj4NCjwvZGl2PjxvbD48cD48L3A+
PC9vbD4NCjxwIHN0eWxlPSJjb2xvcjogI2ExYTFhMTsgdGV4dC1hbGlnbjogY2VudGVyOyI+VW5z
dWJzY3JpYmUgZnJvbSB0aGlzIGxldHRlciA8YSBocmVmPSJodHRwOi8vYmVzdG1lZHNob3Auc3Ui
PmhlcmU8L2E+PC9wPg0KPC9ib2R5Pg0KPC9odG1sPg0K
------------=_5C1A52E2.D18B14A6--