Mrs Adoraw Illan <[email protected]>

Header Analysis Quick Report<br>Originating IP: 197.239.66.59<br>Originating ISP: Airtel Burkina Faso<br> City: Ouagadougou<br>Country of Origin: Burkina Faso<br>* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.58.38 with SMTP id n6csp398681pdq;
Wed, 25 Dec 2013 09:01:55 -0800 (PST)
X-Received: by 10.50.30.166 with SMTP id t6mr30827972igh.7.1387990915265;
Wed, 25 Dec 2013 09:01:55 -0800 (PST)
Return-Path: <[email protected]>
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com. [184.154.1.124])
by mx.google.com with ESMTPS id aj4si8889919icc.92.2013.12.25.09.01.54
for <snipped>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Wed, 25 Dec 2013 09:01:55 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 184.154.1.124 as permitted sender) client-ip=184.154.1.124;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning [email protected] does not designate 184.154.1.124 as permitted sender) [email protected];
dkim=fail [email protected]
Received: from webmail-201.76.63.57.ig.com.br ([201.76.63.57]:47121 helo=saul0001-201.76.63.57.ig.com.br)
by r8-chicago.webserversystems.com with esmtp (Exim 4.80)
(envelope-from <[email protected]>)
id 1VvrqD-00096w-Cq
for <snipped>; Wed, 25 Dec 2013 11:01:54 -0600
DKIM-Signature: <snipped>
DomainKey-Signature: <snipped>;
Received: from saul0001.ig.correio.pw (127.0.0.1) by ig.com.br id hnc7o21oqgos for <snipped>; Wed, 25 Dec 2013 15:01:51 -0200 (envelope-from <[email protected]>)
Received: from mike0013.ig.correio.pw (unknown [10.30.248.54])
by saul0001.ig.correio.pw (Postfix) with ESMTP id 12B3E4020C;
Wed, 25 Dec 2013 15:01:51 -0200 (BRST)
Received: from webmail.ig.com.br (localhost [127.0.0.1])
by mike0013.ig.correio.pw (Postfix) with ESMTP id F25431F3A532;
Wed, 25 Dec 2013 15:01:50 -0200 (BRST)
Received: from [197.239.66.59]
via [10.30.251.5]
by webmail.ig.com.br
with HTTP (HTTP/1.1 POST); Wed, 25 Dec 2013 15:01:50 -0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_cf492a60d09c379d6fee7a0abbbdbe9a"
Date: Wed, 25 Dec 2013 15:01:50 -0200
From: [email protected]
To: undisclosed-recipients:;
Message-ID: <[email protected]>
X-Sender: [email protected]
User-Agent: Roundcube Webmail/0.9.5
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=WIjxXxcR c=1 sm=1 tr=0
a=c0ap5lyp4l3MsQc5MzEkOA==:117 a=2mhjNb98rjwA:10 a=tF0GPNsNAAAA:8
a=60JEb36KwgQA:10 a=ZVmDcM3qHq1XMhgPR78A:9 a=_2_SFlUKiFZpfapj:21
a=Qn4FUOQwkzgmynjK:21 a=QEXdDO2ut3YA:10 a=fpdR5SCr_osA:10
a=coXkeoFmENYZUEUjAOIA:9 a=_W_S_7VecoQA:10
X-Spam-Status: Yes, score=17.3
X-Spam-Score: 173
X-Spam-Bar: +++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: I am mrs adoraw illan, am suffering from a long time cancer
of the breast and my doctor have courageously advised me that I may not live
beyond next month, I was married to my late husband for many years without
child and after his death I sold most of my inherited belongings and deposited
all the sum of Two million nine hundred thousand dollars with a Bank. It
is my last wish to see that my fund is invested in any charity work or motherless
baby's orphanage homes before my death. I want to present you as my beneficiary
to the bank. I hope you will be honest to fulfill my final WISH. Hope to
hear from you soonest. Contact my email [email protected] [...]

Content analysis details: (17.3 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 0.9998]
0.6 URG_BIZ BODY: Contains urgent matter
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mrsadorawillan[at]ig.com.br)
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[201.76.63.57 listed in bb.barracudacentral.org]
-0.0 SPF_PASS SPF: sender matches SPF record
-0.5 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.0 LOTS_OF_MONEY Huge... sums of money
1.0 FREEMAIL_REPLY From and body contain different freemails
2.0 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP addr
1)
0.0 ADVANCE_FEE_4_NEW Appears to be advance fee fraud (Nigerian 419)
0.0 ADVANCE_FEE_5_NEW Appears to be advance fee fraud (Nigerian 419)
0.8 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419)
2.2 ADVANCE_FEE_4_NEW_MONEY Advance Fee fraud and lots of money
0.0 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money
3.4 MONEY_FRAUD_5 Lots of money and many fraud phrases
0.0 ADVANCE_FEE_3_NEW_MONEY Advance Fee fraud and lots of money
2.0 MONEY_FRAUD_3 Lots of money and several fraud phrases
X-Spam-Flag: YES
Subject: ***SPAM*** Urgent reply.
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r8-chicago.webserversystems.com
X-AntiAbuse: Original Domain - <snipped>
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ig.com.br
X-Get-Message-Sender-Via: r8-chicago.webserversystems.com: none
X-Source:
X-Source-Args:
X-Source-Dir:

I am mrs adoraw illan, am suffering from a long time cancer of the breast and my doctor have courageously advised me that I may not live beyond next month, I was married to my late husband for many years without child and after his death I sold most of my inherited belongings and deposited all the sum of Two million nine hundred thousand dollars with a Bank. It is my last wish to see that my fund is invested in any charity work or motherless baby's orphanage homes before my death. I want to present you as my beneficiary to the bank. I hope you will be honest to fulfill my final WISH. Hope to hear from you soonest.
Contact my email [email protected]