by Faizan Docherty
Mon Sep 01, 2014 3:17 pm
ipTRACKERonline.com wrote:Header Analysis Quick Report
Originating IP: 65.55.90.170
Originating ISP: Microsoft Hosting
City: Redmond
Country of Origin: United States
* For a complete report on this email header goto ipTRACKERonline
Delivered-To: <snipped>
Received: by 10.70.74.40 with SMTP id q8csp22970pdv;
Sun, 31 Aug 2014 03:29:46 -0700 (PDT)
X-Received: by 10.66.124.136 with SMTP id mi8mr30297906pab.89.1409480985871;
Sun, 31 Aug 2014 03:29:45 -0700 (PDT)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (nov-007-i626.relay.mailchannels.net. [46.232.183.180])
by mx.google.com with ESMTP id pg8si8044934pbb.73.2014.08.31.03.29.43
for <snipped>;
Sun, 31 Aug 2014 03:29:45 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning [email protected] does not designate 46.232.183.180 as permitted sender) client-ip=46.232.183.180;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning [email protected] does not designate 46.232.183.180 as permitted sender) [email protected]
X-Sender-Id: _forwarded-from|65.55.90.136
Received: from r8-chicago.webserversystems.com (ip-10-213-14-133.us-west-2.compute.internal [10.213.14.133])
by relay.mailchannels.net (Postfix) with ESMTPA id 485711201E2
for <snipped>; Sun, 31 Aug 2014 10:29:36 +0000 (UTC)
X-Sender-Id: _forwarded-from|65.55.90.136
Received: from r8-chicago.webserversystems.com ([UNAVAILABLE]. [10.252.32.37])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.2.12);
Sun, 31 Aug 2014 10:29:42 GMT
X-MC-Relay: Forwarding
X-MailChannels-SenderId: _forwarded-from|65.55.90.136
X-MailChannels-Auth-Id: wwwh
X-MC-Ingress-Time: 1409480981626
Received: from snt004-omc3s31.hotmail.com ([65.55.90.170]:60212)
by r8-chicago.webserversystems.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1XO2O3-0009Nz-97
for <snipped>; Sun, 31 Aug 2014 05:29:32 -0500
Received: from SNT153-W79 ([65.55.90.136]) by SNT004-OMC3S31.hotmail.com with Microsoft SMTPSVC(7.5.7601.22724);
Sun, 31 Aug 2014 03:29:30 -0700
X-TMN: [PKYmHWSXeHxtJmKjcdm5gp8ToYSniXXS]
X-Originating-Email: [[email protected]]
Message-ID: <[email protected]>
Content-Type: multipart/alternative;
boundary="_68df77f4-6076-4433-bc85-438fc5aa0470_"
Reply-To: <[email protected]>
From: TEDJANI FATIHA <[email protected]>
Date: Sun, 31 Aug 2014 12:29:30 +0200
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 31 Aug 2014 10:29:30.0793 (UTC) FILETIME=[730FE190:01CFC506]
X-Spam-Status: Yes, score=8.3
X-Spam-Score: 83
X-Spam-Bar: ++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Good evening, I know that my message will be of a great surprise
when t-il will reach you. Thus, I quite apologize to you. I am a MISS Fatiha
TEDJANI and I write you sincerely with the aim of obtaining your cooperation
and your confidence which can allow me to make an urgent business with you.
For reasons of discretion and security. I would want somebody sincere and
discreet, to conclude this business with me. To pass on to transmit you all
the information I would want to know your opinion. I stay awaiting your message.
That God blesses you and protects you, I wait for your news. MISS FATIHA
TEDJANI [...]
Content analysis details: (8.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.6 URG_BIZ BODY: Contains urgent matter
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(fatihatedjani[at]hotmail.com)
1.5 SUBJ_ALL_CAPS Subject is all capitals
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
1.0 MISSING_HEADERS Missing To: header
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[65.55.90.170 listed in list.dnswl.org]
0.0 HTML_MESSAGE BODY: HTML included in message
2.6 MALFORMED_FREEMAIL Bad headers on message from free email service
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
X-Spam-Flag: YES
Subject: ***SPAM*** MISS FATIHA TEDJANI
X-MC-Forward: <snipped>
X-AuthUser:
Good evening,
I know that my message will be of a great surprise when t-il will reach you. Thus, I quite apologize to you. I am a MISS
Fatiha TEDJANI and I write you sincerely with the aim of obtaining your cooperation and your confidence which can allow me to make an urgent business with you. For reasons of discretion and security. I would want somebody sincere and discreet, to conclude this business with me. To pass on to transmit you all the information I would want to know your opinion. I stay awaiting your message. That God blesses you and protects you, I wait for your news.
MISS FATIHA TEDJANI
Please DO NOT tell a scammer that he has been posted here!
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
