MRS PATRICIA KNEWL <[email protected]>

This scammer hijacked a business computer system to send out the scam email.

Header Analysis Quick Report
Originating IP: 46.51.217.225
Originating ISP: Amazon Aws Services - Cloudfront
City: n/a
Country of Origin: Singapore
* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.126.40 with SMTP id mv8csp217873pdb;
Sat, 8 Feb 2014 23:23:52 -0800 (PST)
X-Received: by 10.50.138.72 with SMTP id qo8mr5767344igb.8.1391930631809;
Sat, 08 Feb 2014 23:23:51 -0800 (PST)
Return-Path: <[email protected]>
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com. [184.154.1.124])
by mx.google.com with ESMTPS id pl2si10107151icc.6.2014.02.08.23.23.50
for <snipped>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Sat, 08 Feb 2014 23:23:51 -0800 (PST)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 184.154.1.124 as permitted sender) client-ip=184.154.1.124;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning [email protected] does not designate 184.154.1.124 as permitted sender) [email protected];
dkim=neutral (bad format) [email protected]
Received: from smtp.server.rumah.com ([175.41.146.210]:19729)
by r8-chicago.webserversystems.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1WCOk0-0001Nj-6X
for <snipped>; Sun, 09 Feb 2014 01:23:50 -0600
Received: from web5.guruestate.com (ec2-46-51-217-225.ap-southeast-1.compute.amazonaws.com [46.51.217.225])
by smtp.server.rumah.com (8.14.7/8.14.7) with ESMTP id s197NiPA017016
for <snipped>; Sun, 9 Feb 2014 15:23:45 +0800
DKIM-Signature: <snipped>
Received: from http://www.propertyguru.com.sg (localhost [127.0.0.1])
by web5.guruestate.com (8.14.4/8.14.4/Debian-2ubuntu2) with ESMTP id s197Ni4t1128828
for <snipped>; Sun, 9 Feb 2014 15:23:44 +0800
Date: Sun, 9 Feb 2014 15:23:44 +0800
To: <snipped>
From: "PropertyGuru.com.sg" <[email protected]>
Reply-to: [email protected]
Subject: Mrs Patricia Knewl wants you to see this property
Message-ID: <[email protected]>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_802455c13de3ffb0d0b1cc3f11fad7cd"
X-Spam-Flag: YES
X-Spam-Status: Yes, score=6.7 required=5.0 tests=BAYES_99,BILLION_DOLLARS,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,LOTS_OF_MONEY,RDNS_DYNAMIC,
SPF_SOFTFAIL,UPPERCASE_50_75 autolearn=no version=3.3.2
X-Spam-Report:
* 3.5 BAYES_99 BODY: Bayes spam probability is 99 to 100%
* [score: 1.0000]
* 0.7 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
* 1.6 BILLION_DOLLARS BODY: Talks about lots of money
* 0.0 HTML_MESSAGE BODY: HTML included in message
* -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
* domain
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
* 1.0 RDNS_DYNAMIC Delivered to internal network by host with
* dynamic-looking rDNS
* 0.0 LOTS_OF_MONEY Huge... sums of money
* 0.0 UPPERCASE_50_75 message body is 50-75% uppercase
X-Spam-Level: ******
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
smtp.server.rumah.com
X-Spam-Status: No, score=0.1
X-Spam-Score: 1
X-Spam-Bar: /
X-Ham-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: Listing Referral to PropertyGuru.com.sg PropertyGuru.com.sg
Message: CALVARY GREETINGS,<br /> <br /> I AM MRS PATRICIA KNEWL A BORN AGAIN
CHRISTAIN AND A WIDOW,AND I WANT TO DO DONATION OF $5MILLION DOLLARS TO HELP
ORPHANS AND WIDOWS,AND CHARITY FOUNDATION IN YOUR HOME COUNTRY AND I ASSUMED
THAT YOU CAN HELP AND GET THIS FUND AND USE IT TO MY WISHES TO THE NEEDS
OF YOUR COUNTRY,AND I SERIOULY ILLED (CANCER TUMUR OPERATION IN SPAIN PLEASE
ALWAYS PUTTING ME IN YOUR PRAYERS DAILY,BECAUSE I DO NOT KNOW WHERE IT WILL
END ME.<br /> <br /> REPLY BACK TO ME IMMEDAITELY AT THIS E-MAIL ADDRESS
([email protected]) FOR MORE DETAILS OF THE FUND.<br /> THANKS YOU,<br
/> MRS PATRICIA KNEWL [...]

Content analysis details: (0.1 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 UPPERCASE_50_75 message body is 50-75% uppercase
0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Flag: NO
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - r8-chicago.webserversystems.com
X-AntiAbuse: Original Domain - <snipped>
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - propertyguru.com.sg
X-Get-Message-Sender-Via: r8-chicago.webserversystems.com: none
X-Source:
X-Source-Args:
X-Source-Dir:

Mrs Patricia Knewl wants you to see this property from PropertyGuru.com.sg

Click on the blue property title below to view more details

- Orchard Scotts Residences

0

Message from your friend:
CALVARY GREETINGS,

I AM MRS PATRICIA KNEWL A BORN AGAIN CHRISTAIN AND A WIDOW,AND I WANT TO DO DONATION OF $5MILLION DOLLARS TO HELP ORPHANS AND WIDOWS,AND CHARITY FOUNDATION IN YOUR HOME COUNTRY AND I ASSUMED THAT YOU CAN HELP AND GET THIS FUND AND USE IT TO MY WISHES TO THE NEEDS OF YOUR COUNTRY,AND I SERIOULY ILLED (CANCER TUMUR OPERATION IN SPAIN PLEASE ALWAYS PUTTING ME IN YOUR PRAYERS DAILY,BECAUSE I DO NOT KNOW WHERE IT WILL END ME.

REPLY BACK TO ME IMMEDAITELY AT THIS E-MAIL ADDRESS ([email protected]) FOR MORE DETAILS OF THE FUND.
THANKS YOU,
MRS PATRICIA KNEWL

Best regards,

PropertyGuru
Singapore's Leading Property Site


Copyright © 2014 - PropertyGuru Pte. Ltd. - Privacy Policy Unsubscribe to Email Service