<[email protected]>

Header Analysis Quick Report
Originating IP: 209.85.217.196
Originating ISP: Google
City: Mountain View
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.80.134 with SMTP id r6csp243380pdx;
Wed, 27 Aug 2014 13:00:50 -0700 (PDT)
X-Received: by 10.69.26.134 with SMTP id iy6mr49944056pbd.115.1409169650031;
Wed, 27 Aug 2014 13:00:50 -0700 (PDT)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (si-002-i86.relay.mailchannels.net. [173.236.122.36])
by mx.google.com with ESMTP id f8si2478306pdp.85.2014.08.27.13.00.48
for <snipped>;
Wed, 27 Aug 2014 13:00:50 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 173.236.122.36 as permitted sender) client-ip=173.236.122.36;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning [email protected] does not designate 173.236.122.36 as permitted sender) [email protected];
dkim=pass [email protected];
dmarc=pass (p=NONE dis=NONE) header.from=gmail.com
X-Sender-Id: _forwarded-from|209.85.217.196
Received: from r8-chicago.webserversystems.com (ip-10-236-1-24.us-west-2.compute.internal [10.236.1.24])
by relay.mailchannels.net (Postfix) with ESMTPA id 51F74100369
for <snipped>; Wed, 27 Aug 2014 20:00:43 +0000 (UTC)
X-Sender-Id: _forwarded-from|209.85.217.196
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.253.92.5])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.2.12);
Wed, 27 Aug 2014 20:00:43 GMT
X-MC-Relay: Forwarding
X-MailChannels-SenderId: _forwarded-from|209.85.217.196
X-MailChannels-Auth-Id: wwwh
X-MC-Ingress-Time: 1409169643641
Received: from mail-lb0-f196.google.com ([209.85.217.196]:41843)
by r8-chicago.webserversystems.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1XMjNp-0009cg-EQ
for <snipped>; Wed, 27 Aug 2014 15:00:12 -0500
Received: by mail-lb0-f196.google.com with SMTP id p9so279932lbv.3
for <snipped>; Wed, 27 Aug 2014 12:59:51 -0700 (PDT)
DKIM-Signature: <snipped>
MIME-Version: 1.0
X-Received: by 10.112.25.102 with SMTP id b6mr34581703lbg.17.1409169591154;
Wed, 27 Aug 2014 12:59:51 -0700 (PDT)
Received: by 10.112.204.4 with HTTP; Wed, 27 Aug 2014 12:59:51 -0700 (PDT)
Date: Wed, 27 Aug 2014 20:59:51 +0100
Message-ID: <CAFs6rAx-JaiWgzvyKyu_aQHhOw2Qoc1K5XHRbQ0Y9t1g7SGvQw@mail.gmail.com>
Subject: loan offer = prêt
From: Banco Popular <[email protected]>
To: undisclosed-recipients:;
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-0.6
X-Spam-Score: -5
X-Spam-Bar: /
X-Ham-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Bonjour Je suis un financier et je dispose d'un capital important
pour aider un bon nombre de personnes . J'offre de prêt de 2500€ à 10.000.000€
à toute personne de bonne foie capable de le rembourser avec intérêt au
taux de 2 % selon le montant demandé.Pour cela si vous êtes dans le besoin
d’un prêt pour sortir de l'impasse ou pour vos différents besoins, veuillez
simplement m'envoyer votre demande en me contactant par mail: ([email protected])
pour obtenir votre prêt en 48h au plus. Offre valable à toute personne.E-Mail:
([email protected] ) [...]

Content analysis details: (-0.6 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(bancopopular8[at]gmail.com)
-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low
trust
[209.85.217.196 listed in list.dnswl.org]
-0.0 SPF_PASS SPF: sender matches SPF record
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (bancopopular8[at]gmail.com)
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
X-Spam-Flag: NO
X-MC-Forward: <snipped>
X-AuthUser:

Bonjour
Je suis un financier et je dispose d'un capital important pour aider un
bon nombre de personnes .
J'offre de prêt de 2500€ à 10.000.000€ à toute personne de bonne foie
capable de le rembourser avec intérêt au taux de 2 % selon le montant
demandé.Pour cela si vous êtes dans le besoin d’un prêt pour sortir de
l'impasse ou pour vos différents besoins, veuillez simplement m'envoyer
votre demande en me contactant par mail: ([email protected])
pour obtenir votre prêt en 48h au plus.
Offre valable à toute personne.E-Mail: ([email protected] )

Alors si vous ètre d'accord s'il vous plaît envoyez-moi votre:


Nom: .......................................

Prénom: ...................................

Pays: .......................................

Ville: ..........................................

Adresse: ...................................

Code postal: ............................

Revenu mensuel .....................

N tel ................................

Google translation:

Hello there
I am financially and I have a large capital to help a
many people.
I offer loan of € 2500 to € 10 million to every person of good liver
able to repay it with interest at 2% depending on the amount
request.For this if you are in need of a loan to get out of
deadlock or to your individual needs, please send me
your request by contacting me by email ( [email protected] )
to get your loan in 48 hours or less.
Valid any personne.E-Mail offers: ( [email protected] )

So if you agree please send me your:


Name: .......................................

First name: ...................................

Country: .......................................

City: ..........................................

Address: ...................................

Postal Code: ............................

Monthly income .....................

N such ................................