HEX
Server: Apache
System: Linux zacp120.webway.host 4.18.0-553.50.1.lve.el8.x86_64 #1 SMP Thu Apr 17 19:10:24 UTC 2025 x86_64
User: govancoz (1003)
PHP: 8.3.26
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/govancoz/mail/.spam/new/
Upload Files
File: /home/govancoz/mail/.spam/new/1752067830.M373419P2381337.zacp120.webway.host,S=5501,W=5616
Return-Path: <info@bs-consulting.co.jp>
Delivered-To: govancoz+spam@zacp120.webway.host
Received: from zacp120.webway.host
	by zacp120.webway.host with LMTP
	id 0H0PFvZubmgZViQA8rC0kQ
	(envelope-from <info@bs-consulting.co.jp>)
	for <govancoz+spam@zacp120.webway.host>; Wed, 09 Jul 2025 15:30:30 +0200
Return-path: <info@bs-consulting.co.jp>
Envelope-to: nilam@govan.co.za
Delivery-date: Wed, 09 Jul 2025 15:30:30 +0200
Received: from [203.159.90.34] (port=61418)
	by zacp120.webway.host with esmtp (Exim 4.98.2)
	(envelope-from <info@bs-consulting.co.jp>)
	id 1uZUsW-0000000A0F6-0aHM
	for nilam@govan.co.za;
	Wed, 09 Jul 2025 15:30:30 +0200
From: "Admin Support" <info@bs-consulting.co.jp>
To: nilam@govan.co.za
Date: 9 Jul 2025 06:29:44 -0700
Message-ID: <20250709062944.39D792EF9B967FDA@bs-consulting.co.jp>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: Yes, score=11.9
X-Spam-Score: 119
X-Spam-Bar: +++++++++++
X-Spam-Report: Spam detection software, running on the system "zacp120.webway.host",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  Important Security Update Dear nilam@govan.co.za, We've made
    a quick update to enhance protection against bots and brute-force attacks.
    
 Content analysis details:   (11.9 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  4.7 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
                             [203.159.90.34 listed in zen.spamhaus.org]
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was blocked.
                             See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URI: cloudfront.net]
                             [URI: oranjemeisias.co.za]
  2.5 URIBL_DBL_PHISH        Contains a Phishing URL listed in the Spamhaus DBL
                             blocklist
                             [URI: oranjemeisias.co.za]
  1.5 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
  0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [203.159.90.34 listed in sa-accredit.habeas.com]
  0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
                              Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                             [203.159.90.34 listed in bl.score.senderscore.com]
  0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
                             query to Validity was blocked.  See
                             https://knowledge.validity.com/hc/en-us/articles/20961730681243
                              for more information.
                          [203.159.90.34 listed in sa-trusted.bondedsender.org]
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  0.0 HTML_IMAGE_RATIO_06    BODY: HTML has a low ratio of text to image area
  0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
  1.0 HTML_IMAGE_ONLY_16     BODY: HTML: images with 1200-1600 bytes of words
  0.0 MXG_EMAIL_FRAG         BODY: URI with email in fragment
  0.0 HTML_MESSAGE           BODY: HTML included in message
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  0.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML only
  0.0 T_REMOTE_IMAGE         Message contains an external image
X-Spam-Flag: YES
Subject:  ***SPAM***  Security Update

<html><head>
<meta http-equiv=3D"X-UA-Compatible" content=3D"IE=3Dedge">
<style>
=2Ebutton {
background-color: #003366;
color: white;
padding: 14px 24px;
text-align: center;
text-decoration: none;
display: inline-block;
border-radius: 6px;
font-weight: bold;
}
</style>
</head>
<body style=3D"color: rgb(51, 51, 51); font-family: Arial,sans-serif;"><tab=
le style=3D"width: 1055px; height: 346px;" cellpadding=3D"20">
<tbody>
<tr>
<td align=3D"center"><img style=3D"width: 89px; height: 77px; margin-bottom=
: 20px; max-width: 150px;" alt=3D"MailGuard Logo" src=3D"https://d1yjjnpx0p=
53s8.cloudfront.net/styles/logo-thumbnail/s3/0009/3984/brand.gif?itok=3Dzwu=
Esh1p" width=3D"200" height=3D"200">=20
<h2>Important Security Update</h2>
<p>Dear nilam@govan.co.za,<br><br>We've made a quick update to enhance prot=
ection against bots and brute-force attacks. </p>
<p>Please make sure your settings are up to date.<br><br></p>
<p>Click below to apply the latest mail security improvements</p><a style=
=3D"background-color: #003366;
color: white;
padding: 14px 24px;
text-align: center;
text-decoration: none;
display: inline-block;
border-radius: 6px;
font-weight: bold" class=3D"button" href=3D"https://oranjemeisias.co.za/npa=
g#nilam@govan.co.za">Update Now</a> </td></tr></tbody></table></body></html=
>
@ Telegram