| Current Path : /proc/thread-self/root/home/ift/mails/39/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/39/1545519347.zrspam.399901_2018_12_22 |
From JosephWilson@starweb.net.br Sat Dec 22 23:55:47 2018
Return-Path: <JosephWilson@starweb.net.br>
X-Original-To: cgabriel@ift-informatik.de
Delivered-To: cgabriel@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id B34803D200073; Sat, 22 Dec 2018 23:55:47 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Sat, 22 Dec 2018 23:55:47 +0100
From: "Foster" <JosephWilson@starweb.net.br>
To: "Foster" <christian.gabriel@ift-informatik.de>
Subject: *****SPAM***** Der bequemste Einkauf ist bei unserem Online-Shop!
Date: Sat, 22 Dec 2018 22:37:18 +0300
Message-Id: <227DF735.B867CFF1@starweb.net.br>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: ***************************
X-Spam-Status: Yes, score=27.4 required=5.0 tests=BAYES_99,
CK_HELO_DYNAMIC_SPLIT_IP,CK_HELO_GENERIC,DRUGS_ERECTILE,FR_3TAG_3TAG,
HELO_DYNAMIC_IPADDR2,HTML_MESSAGE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,
RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,
RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L4,RCVD_IN_PBL,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,
RCVD_IN_XBL,RDNS_DYNAMIC,TVD_RCVD_IP,URIBL_BLOCKED,URIBL_JP_SURBL,URIBL_SBL,
URIBL_SBL_A autolearn=spam autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5C1EC0F3.4AE04E25"
This is a multi-part message in MIME format.
------------=_5C1EC0F3.4AE04E25
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Brauchen Sie perfekte Medikamente? Cialis Brand. Machen Sie
einen profitablen Schritt! Erhaltlich in unserem Online-Shop! http://bestmedshop.su
[...]
Content analysis details: (27.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: bestmedshop.su]
1.2 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: bestmedshop.su]
0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist
[URIs: bestmedshop.su]
1.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: bestmedshop.su]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[177.75.214.149 listed in psbl.surriel.com]
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[177.75.214.149 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
0.0 TVD_RCVD_IP No description available.
0.2 CK_HELO_GENERIC Relay used name indicative of a Dynamic Pool or
Generic rPTR
0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
(Split IP)
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?177.75.214.149>]
0.0 RCVD_IN_MSPIKE_L4 RBL: Bad reputation (-4)
[177.75.214.149 listed in bl.mailspike.net]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[177.75.214.149 listed in bl.score.senderscore.com]
0.0 HTML_MESSAGE BODY: HTML included in message
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
1.0 FR_3TAG_3TAG RAW: Looks like 3 <e> small tags.
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
2.0 DRUGS_ERECTILE Refers to an erectile drug
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
3.6 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP addr
2)
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_5C1EC0F3.4AE04E25
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from 177-75-214-149.dynamic.starweb.net.br (177-75-214-149.dynamic.starweb.net.br [177.75.214.149])
by ift-informatik.de (Postfix) with ESMTP id E03643D200051
for <christian.gabriel@ift-informatik.de>; Sat, 22 Dec 2018 23:55:41 +0100 (CET)
Received: from unknown (181.3.59.99)
by mx.reskind.net with SMTP; Sat, 22 Dec 2018 22:49:36 +0300
Received: from [149.176.139.85] by smtp4.cyberemailings.com with QMQP; Sat, 22 Dec 2018 22:48:23 +0300
Received: from relay-x.misswldrs.com [89.228.82.24] by mtu67.syds.piswix.net with LOCAL; Sat, 22 Dec 2018 22:37:18 +0300
Message-ID: <227DF735.B867CFF1@starweb.net.br>
Date: Sat, 22 Dec 2018 22:37:18 +0300
Reply-To: "Foster" <JosephWilson@starweb.net.br>
From: "Foster" <JosephWilson@starweb.net.br>
User-Agent: Opera7.20/Win32 M2 build 2981
X-Accept-Language: en-us
MIME-Version: 1.0
To: "Foster" <christian.gabriel@ift-informatik.de>
Subject: Der bequemste Einkauf ist bei unserem Online-Shop!
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: base64
PCFkb2N0eXBlIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgY2hhcnNldD0idXRmLTgiPg0K
PC9oZWFkPg0KDQo8Ym9keT4NCgk8cCBzdHlsZT0iZm9udC1zaXplOjE4cHg7dGV4dC1hbGlnbjog
Y2VudGVyOyI+QnJhdWNoZW4gU2llIHBlcmZla3RlIE1lZGlrYW1lbnRlPyBDaWFsaXMgQnJhbmQu
IE1hY2hlbiBTaWUgZWluZW4gcHJvZml0YWJsZW4gU2Nocml0dCE8L3A+PG5hdj48L25hdj4NCjxw
IHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij48YSBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBu
b25lOyBwYWRkaW5nOiAxNXB4IDMwcHg7IGZvbnQtc2l6ZTogMTVweDsgdGV4dC1hbGlnbjogY2Vu
dGVyOyBjb2xvcjojZmZmZmZmOyBiYWNrZ3JvdW5kLWNvbG9yOiNmNTU7ICIgaHJlZj0iaHR0cDov
L2Jlc3RtZWRzaG9wLnN1Ij5FcmhhbHRsaWNoIGluIHVuc2VyZW0gT25saW5lLVNob3AhPC9hPjwv
cD48YXJ0aWNsZT48L2FydGljbGU+DQo8cCBzdHlsZT0idGV4dC1hbGlnbjogY2VudGVyOyI+Jm5i
c3A7PC9wPg0KCTxwIHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7IGZvbnQtc2l6ZTogMThweDtj
b2xvcjogIzQ4OEUzRjsiPjxhIGhyZWY9Imh0dHA6Ly9iZXN0bWVkc2hvcC5zdSIgc3R5bGU9ImNv
bG9yOiAjNDg4RTNGOyI+aHR0cDovL2Jlc3RtZWRzaG9wLnN1PC9hPjxsYWJlbD48L2xhYmVsPjwv
cD4NCjxkaXYgYmFja2dyb3VuZD0iaHR0cHM6Ly9zMTUuZGlyZWN0dXBsb2FkLm5ldC9pbWFnZXMv
MTgxMjA2LzhsY3JpY3NwLmpwZyIgdmFsaWduPSJ0b3AiIHN0eWxlPSJiYWNrZ3JvdW5kOiB1cmwo
aHR0cHM6Ly9zMTUuZGlyZWN0dXBsb2FkLm5ldC9pbWFnZXMvMTgxMjA2LzhycDlzaWV0LmpwZykg
bm8tcmVwZWF0IGNlbnRlcjtiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmO2JhY2tncm91bmQtcG9zaXRp
b246IGNlbnRlcjsiPg0KPGhyPg0KPGRpdj4NCjxjZW50ZXI+DQo8dGFibGUgd2lkdGg9IjYwMCIg
aGVpZ2h0PSIzNzAiPg0KPHRyPg0KPHRkIHZhbGlnbj0ibWlkZGxlIiBzdHlsZT0icGFkZGluZy1y
aWdodDogMTVweDtwYWRkaW5nLWxlZnQ6IDE1cHg7dGV4dC1hbGlnbjpsZWZ0OyIgIGhlaWdodD0i
MzcwIj48YnI+DQo8L3RkPg0KPC90cj4NCjwvdGFibGU+DQo8L2NlbnRlcj4NCjwvZGl2Pg0KPC9k
aXY+PHRhYmxlIHdpZHRoPSI3OCUiIGJvcmRlcj0iMCI+PHRib2R5Pjx0cj48dGQ+PC90ZD48dGQ+
PC90ZD48dGQ+PC90ZD48L3RyPjwvdGJvZHk+PC90YWJsZT4NCjxwIHN0eWxlPSJjb2xvcjogI2Ex
YTFhMTsgdGV4dC1hbGlnbjogY2VudGVyOyI+VW5zdWJzY3JpYmUgZnJvbSB0aGlzIGxldHRlciA8
YSBocmVmPSJodHRwOi8vYmVzdG1lZHNob3Auc3UiPmhlcmU8L2E+PC9wPg0KPC9ib2R5Pg0KPC9o
dG1sPg0K
------------=_5C1EC0F3.4AE04E25--