Loan Offer <[email protected]>

Header Analysis Quick Report
Originating IP: 216.172.142.6
Originating ISP: Anchorfree
City: n/a
Country of Origin: Anonymous Proxy
* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.51.10 with SMTP id g10csp45253pdo;
Sat, 6 Dec 2014 07:47:34 -0800 (PST)
X-Received: by 10.68.213.138 with SMTP id ns10mr45305375pbc.50.1417880854404;
Sat, 06 Dec 2014 07:47:34 -0800 (PST)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (si-002-i29.relay.mailchannels.net. [184.154.112.194])
by mx.google.com with ESMTP id mu9si52429216pdb.192.2014.12.06.07.47.32
for <snipped>;
Sat, 06 Dec 2014 07:47:33 -0800 (PST)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=184.154.112.194;
Authentication-Results: mx.google.com;
spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected]
X-Sender-Id: wwwh|x-antiabuse|2862223733
Received: from r8-chicago.webserversystems.com (ip-10-204-4-183.us-west-2.compute.internal [10.204.4.183])
by relay.mailchannels.net (Postfix) with ESMTPA id 0614DADDF7
for <snipped>; Sat, 6 Dec 2014 15:47:29 +0000 (UTC)
X-Sender-Id: wwwh|x-antiabuse|2862223733
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.252.6.112])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.4.1);
Sat, 06 Dec 2014 15:47:30 GMT
X-MC-Relay: Junk
X-MailChannels-SenderId: wwwh|x-antiabuse|2862223733
X-MailChannels-Auth-Id: wwwh
X-MC-Loop-Signature: 1417880850208:1805142492
X-MC-Ingress-Time: 1417880850208
Received: from [89.42.219.12] (port=41364 helo=vps041.siteaccess.ro)
by r8-chicago.webserversystems.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1XxHZv-00037f-T3
for <snipped>; Sat, 06 Dec 2014 09:47:29 -0600
Received: from localhost.localdomain ([127.0.0.1]:34880 helo=webmail.aeroclubulromaniei.ro)
by vps041.whmpanels.com with esmtpa (Exim 4.82)
(envelope-from <[email protected]>)
id 1XxHbC-0005zq-JT; Sat, 06 Dec 2014 17:48:46 +0200
Received: from 216.172.142.6 ([216.172.142.6]) (proxying for 216.172.142.6)
(SquirrelMail authenticated user [email protected])
by webmail.aeroclubulromaniei.ro with HTTP;
Sat, 6 Dec 2014 17:48:46 +0200
Message-ID: <d5e2ce2446d66e46dadb196a6c8c4aa2.squirrel@webmail.aeroclubulromaniei.ro>
Date: Sat, 6 Dec 2014 17:48:46 +0200
Subject: loan offer
From: "yakubu james" <[email protected]>
Reply-To: [email protected]
User-Agent: SquirrelMail/1.5.2 [SVN]
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - vps041.whmpanels.com
X-AntiAbuse: Original Domain - scamwarners.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - aeroclubulromaniei.ro
X-Get-Message-Sender-Via: vps041.whmpanels.com: authenticated_id: [email protected]
X-Source:
X-Source-Args:
X-Source-Dir:
X-Spam-Status: No, score=3.6
X-Spam-Score: 36
X-Spam-Bar: +++
X-Ham-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: loan offer at 3% to pay up your bills email [email protected]
[...]

Content analysis details: (3.6 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
1.0 MISSING_HEADERS Missing To: header
0.2 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Spam-Flag: NO
X-AuthUser:

loan offer at 3% to pay up your bills email [email protected]