File: /home/govancoz/mail/.spam/new/1723290865.M919998P3259694.zacp120.ve.host,S=6497,W=6622
Return-Path: <zhengct@teetronics.com>
Delivered-To: govancoz+spam@zacp120.ve.host
Received: from zacp120.ve.host
by zacp120.ve.host with LMTP
id f9UqNvFUt2YuvTEAvcbEzQ
(envelope-from <zhengct@teetronics.com>)
for <govancoz+spam@zacp120.ve.host>; Sat, 10 Aug 2024 13:54:25 +0200
Return-path: <zhengct@teetronics.com>
Envelope-to: cheryl@govan.co.za
Delivery-date: Sat, 10 Aug 2024 13:54:25 +0200
Received: from server.cyberframe.in ([23.227.134.218]:56032)
by zacp120.ve.host with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.97.1)
(envelope-from <zhengct@teetronics.com>)
id 1sckfw-0000000Dfs4-42qk
for cheryl@govan.co.za;
Sat, 10 Aug 2024 13:54:25 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=unistarglobal.com; s=default; h=Content-Transfer-Encoding:Content-Type:
MIME-Version:Message-ID:Date:Subject:To:From:Reply-To:Sender:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=UzukO6+8URMa9+3ZkZDOU5PoI0pJphF+Mo7aLgcdDQQ=; b=MRY8MGmjm2Br3V50/c3Ox2iiun
cxLpswji6+QofYwKHGcy5dcADEBMVjUlsY9LCjYy6PjUjqa7B43B+XEn9ZOvu+sx8sIODr2eHn186
IF6w00F5vxeR9GybXFgF7pStT6/p4wElAJzU84z/Tpt0QroyzzYHWKScQWEqc7be6Ds2oa54cpJFo
1weSfwrSztR91Z8dIEAeEX0Iw64JfUVE0zqYrNQXZHbm/QcK6o9LOgpzHXYR7B7/wMAFMUU9CMMO8
O6hOaTwnPRnpfZIwuclfPXhrnLpjAMXB8WQcCZM3N7/JCekMcnjkmTZNsMei8A8R4kby0ngYrN1AE
AqdWB8EA==;
Received: from [185.244.30.6] (port=54407)
by server.cyberframe.in with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.96.2)
(envelope-from <zhengct@teetronics.com>)
id 1sckfF-00026m-0O
for cheryl@govan.co.za;
Sat, 10 Aug 2024 17:23:40 +0530
Reply-To: "Randell Waters"<randellwaters147@gmail.com>
From: "Randell Waters"<zhengct@teetronics.com>
To: cheryl@govan.co.za
Date: 10 Aug 2024 04:53:38 -0700
Message-ID: <20240810045337.B3B49389F6BA2744@teetronics.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server.cyberframe.in
X-AntiAbuse: Original Domain - govan.co.za
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - teetronics.com
X-Get-Message-Sender-Via: server.cyberframe.in: authenticated_id: accounts@unistarglobal.com
X-Authenticated-Sender: server.cyberframe.in: accounts@unistarglobal.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-Spam-Status: Yes, score=8.0
X-Spam-Score: 80
X-Spam-Bar: ++++++++
X-Spam-Report: Spam detection software, running on the system "zacp120.ve.host",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Greetings, One of my clients, a Russian Oligarch, just contacted
me through his financial consultant requesting that we move his money out
immediately because the European and USA Governments are seizing all his
[...]
Content analysis details: (8.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: unistarglobal.com]
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in
bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?23.227.134.218>]
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[23.227.134.218 listed in sa-accredit.habeas.com]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[23.227.134.218 listed in bl.score.senderscore.com]
1.5 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit
[randellwaters147[at]gmail.com]
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.0 LOTS_OF_MONEY Huge... sums of money
0.9 URG_BIZ Contains urgent matter
0.0 MONEY_FROM_MISSP Lots of money and misspaced From
0.0 MONEY_FREEMAIL_REPTO Lots of money from someone using free
email?
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
1.5 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Flag: YES
Subject: ***SPAM*** Urgent Response
<!DOCTYPE HTML>
<html><head><title></title>
<meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge">
</head>
<body style=3D"margin: 0.4em;">
<p><br></p><p>Greetings,</p><p>One of my clients, a Russian Oligarch, just =
contacted me through his<br>financial consultant requesting that we move hi=
s money out immediately<br>because the European and USA Governments a=
re seizing all his assets.</p><p>He wants the money to be moved out t=
hrough Bitcoin to avoid any trace to<br>him. The amount is over ̈́=
4;900 Million Euro, and he recommended an<br>investment platform to help mo=
ve the money out to individuals that can<br>
manage/ keep the money safe for him. The owner wants this to be an<br>inves=
tment for up to 10 years.</p><p>If you are interested in this please let me=
know.</p><p>Regards,<br>Randell Waters.</p>
</body></html>