| Current Path : /proc/thread-self/root/home/ift/mails/40/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //proc/thread-self/root/home/ift/mails/40/1546195255.zrspam.403037_2018_12_30 |
From JoeSanchezpwuz@rapidus.com.br Sun Dec 30 19:40:55 2018
Return-Path: <JoeSanchezpwuz@rapidus.com.br>
X-Original-To: tjungblut@ift-informatik.de
Delivered-To: tjungblut@ift-informatik.de
Received: by ift-informatik.de (Postfix, from userid 5555)
id 00A2C3D200073; Sun, 30 Dec 2018 19:40:54 +0100 (CET)
Received: from localhost by h2486555.stratoserver.net
with SpamAssassin (version 3.4.0);
Sun, 30 Dec 2018 19:40:54 +0100
From: "Cornell" <JoeSanchezpwuz@rapidus.com.br>
To: "Cantu" <tobias.jungblut@ift-informatik.de>
Subject: *****SPAM***** This will be a hot night after you pop this tab!
Date: Sun, 30 Dec 2018 15:41:11 -0200
Message-Id: <353AEFF0.0ACC2EB3@rapidus.com.br>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
h2486555.stratoserver.net
X-Spam-Flag: YES
X-Spam-Level: **************************
X-Spam-Status: Yes, score=26.6 required=5.0 tests=BAYES_99,DRUGS_ERECTILE,
HELO_DYNAMIC_SPLIT_IP,HTML_MESSAGE,HTML_OBFUSCATE_05_10,MIME_HTML_ONLY,
RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,
RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_BRBL_LASTEXT,RCVD_IN_MSPIKE_BL,
RCVD_IN_MSPIKE_L5,RCVD_IN_PSBL,RCVD_IN_RP_RNBL,RCVD_IN_XBL,RDNS_NONE,
TVD_RCVD_IP,URIBL_BLOCKED,URIBL_JP_SURBL,URIBL_SBL,URIBL_SBL_A autolearn=spam
autolearn_force=no version=3.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_5C291136.BF928F70"
This is a multi-part message in MIME format.
------------=_5C291136.BF928F70
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Spam detection software, running on the system "h2486555.stratoserver.net",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: Cialis Brand. For those gentlemen who like it hot. To find
the right stuff in our shop is simple! http://bestmedshop.su [...]
Content analysis details: (26.6 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.2 URIBL_JP_SURBL Contains an URL listed in the JP SURBL blocklist
[URIs: bestmedshop.su]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: bestmedshop.su]
0.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[187.84.254.254 listed in zen.spamhaus.org]
0.1 URIBL_SBL_A Contains URL's A record listed in the SBL blocklist
[URIs: bestmedshop.su]
1.6 URIBL_SBL Contains an URL's NS IP listed in the SBL blocklist
[URIs: bestmedshop.su]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[187.84.254.254 listed in psbl.surriel.com]
3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
0.0 TVD_RCVD_IP No description available.
3.5 HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname (Split
IP)
2.4 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
[187.84.254.254 listed in bl.mailspike.net]
1.3 RCVD_IN_RP_RNBL RBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
[187.84.254.254 listed in bl.score.senderscore.com]
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?187.84.254.254>]
1.4 RCVD_IN_BRBL_LASTEXT RBL: No description available.
[187.84.254.254 listed in bb.barracudacentral.org]
0.0 HTML_MESSAGE BODY: HTML included in message
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.3 HTML_OBFUSCATE_05_10 BODY: Message is 5% to 10% HTML obfuscation
0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
[cf: 100]
1.9 RAZOR2_CF_RANGE_E8_51_100 Razor2 gives engine 8 confidence level
above 50%
[cf: 100]
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
2.0 DRUGS_ERECTILE Refers to an erectile drug
0.0 RCVD_IN_MSPIKE_BL Mailspike blacklisted
The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
------------=_5C291136.BF928F70
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: attachment
Content-Transfer-Encoding: 8bit
Received: from 254.254.84.187.rapidus.com.br (unknown [187.84.254.254])
by ift-informatik.de (Postfix) with ESMTP id B068B3D200051
for <tobias.jungblut@ift-informatik.de>; Sun, 30 Dec 2018 19:40:49 +0100 (CET)
Received: from relay.2yahoo.com ([160.32.196.126]) by mxs.perenter.com with SMTP; Sun, 30 Dec 2018 16:32:34 -0200
Received: from unknown (126.68.167.215)
by smtp.mixedthings.net with NNFMP; Sun, 30 Dec 2018 16:22:53 -0200
Received: from [130.232.222.77] by mtu67.syds.piswix.net with QMQP; Sun, 30 Dec 2018 16:17:31 -0200
Received: from unknown (167.182.111.63)
by smtp.endend.nl with ASMTP; Sun, 30 Dec 2018 16:05:44 -0200
Message-ID: <353AEFF0.0ACC2EB3@rapidus.com.br>
Date: Sun, 30 Dec 2018 15:41:11 -0200
From: "Cornell" <JoeSanchezpwuz@rapidus.com.br>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007
X-Accept-Language: en-us
MIME-Version: 1.0
To: "Cantu" <tobias.jungblut@ift-informatik.de>
Subject: This will be a hot night after you pop this tab!
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: base64
PCFkb2N0eXBlIGh0bWw+DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgY2hhcnNldD0idXRmLTgiPg0K
PC9oZWFkPg0KDQo8Ym9keT4NCgk8cCBzdHlsZT0iZm9udC1zaXplOjE4cHg7dGV4dC1hbGlnbjog
Y2VudGVyOyI+Q2lhbGlzIEJyYW5kLiAgRm9yIHRobzxTUEFOPnNlIDwvU1BBTj5nZW50bGVtZW4g
dzxGT05UIGNvbG9yPSNmMTQxYjk+aG88L0ZPTlQ+IGxpa2UgaXQgIGhvdC4gIDwvcD48b2w+PC9v
bD4NCjxwICBzdHlsZT0idGV4dC1hbGlnbjogIGNlbnRlcjsiPjxhIHN0eWxlPSJ0ZXh0LWRlY29y
YXRpb246IG5vbmU7IHBhZGRpbmc6IDE1cHggMzBweDsgZm9udC1zaXplOiAgMTVweDsgdGV4dC1h
bGlnbjogY2VudGVyOyBjb2xvcjojZmZmZmZmOyBiYWNrZ3JvdW5kLWNvbG9yOiNmNTU7ICIgIGhy
ZWY9Imh0dHA6Ly9iZXN0bWVkc2hvcC5zdSI+VG8gZmluZCB0aGUgIHJpZ2h0IHN0dWZmIGluICBv
dXIgc2hvcCBpcyAgc2ltPFU+cDwvVT5sZSE8L2E+PC9wPjxhcnRpY2xlPjwvYXJ0aWNsZT4NCjxw
IHN0eWxlPSJ0ZXh0LWFsaWduOiBjZW50ZXI7Ij4mbmJzcDs8L3A+DQoJPHAgc3R5bGU9InRleHQt
YWxpZ246ICBjZW50ZXI7IGZvbnQtc2l6ZTogMThweDtjb2xvcjogIzQ4OEUzRjsiPjxhIGhyZWY9
Imh0dHA6Ly9iZXN0bWVkc2hvcC5zdSIgIHN0eWxlPSJjb2xvcjogIzQ4OEUzRjsiPmh0dDxTUEFO
PnA6Ly88L1NQQU4+YmVzdG1lZHNoPFNQQU4+b3AuPC9TUEFOPnN1PC9hPjx0YWJsZSB3aWR0aD0i
MDUlIiBib3JkZXI9IjAiPjx0Ym9keT48dHI+PHRkPjwvdGQ+PHRkPjwvdGQ+PHRkPjwvdGQ+PHRk
PjwvdGQ+PC90cj48L3Rib2R5PjwvdGFibGU+PC9wPg0KPGRpdiBiYWNrZ3JvdW5kPSJodHRwOi8v
NjY2a2IuY29tL2kvZHphcGFjY25xd2ptMXpzZmMuanBnIiB2YWxpZ249InRvcCIgIHN0eWxlPSJi
YWNrZ3JvdW5kOiB1cmwoaHR0cDovLzY2NmtiLmNvbS9pL2R6YXBhZXVhYTByMTlsbXNvLmpwZykg
bm8tcmVwZWF0IGNlbnRlcjtiYWNrZ3JvdW5kLWNvbG9yOiAjZmZmO2JhY2tncm91bmQtcG9zaXRp
b246IGNlbnRlcjsiPg0KPGhyPg0KPGRpdj4NCjxjZW50ZXI+DQo8dGFibGUgd2lkdGg9IjYwMCIg
aGVpZ2h0PSIzNzAiPg0KPHRyPg0KPHRkIHZhbGlnbj0ibWlkZGxlIiBzdHlsZT0icGFkZGluZy1y
aWdodDogIDE1cHg7cGFkZGluZy1sZWZ0OiAxNXB4O3RleHQtYWxpZ246bGVmdDsiICAgIGhlaWdo
dD0iMzcwIj48YnI+DQo8L3RkPg0KPC90cj4NCjwvdGFibGU+DQo8L2NlbnRlcj4NCjwvZGl2Pg0K
PC9kaXY+PHRhYmxlICB3aWR0aD0iNjIlIiBib3JkZXI9IjAiPjx0Ym9keT48dHI+PHRkPjwvdGQ+
PHRkPjwvdGQ+PC90cj48L3Rib2R5PjwvdGFibGU+DQo8cCBzdHlsZT0iY29sb3I6ICNhMWExYTE7
IHRleHQtYWxpZ246IGNlbnRlcjsiPlVuc3Vic2NyaWJlIGZyb20gIHRoaXMgbGV0dGVyIDxhICBo
cmVmPSJodHRwOi8vYmVzdG1lZHNob3Auc3UiPmhlcmU8L2E+PC9wPg0KPC9ib2R5Pg0KPC9odG1s
Pg0K
------------=_5C291136.BF928F70--