First National bank PLC <[email protected]>

Header Analysis Quick Report
Originating IP: 203.14.188.254
Originating ISP: China Telecom (americas) Corporation
City: Central District
Country of Origin: Hong Kong
* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.50.233 with SMTP id f9csp27872pdo;
Fri, 14 Nov 2014 05:23:58 -0800 (PST)
X-Received: by 10.70.41.137 with SMTP id f9mr9833404pdl.83.1415971438172;
Fri, 14 Nov 2014 05:23:58 -0800 (PST)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (nov-007-i631.relay.mailchannels.net. [46.232.183.185])
by mx.google.com with ESMTP id tf10si28378675pab.175.2014.11.14.05.23.55
for <snipped>;
Fri, 14 Nov 2014 05:23:58 -0800 (PST)
Received-SPF: fail (google.com: domain of [email protected] does not designate 46.232.183.185 as permitted sender) client-ip=46.232.183.185;
Authentication-Results: mx.google.com;
spf=hardfail (google.com: domain of [email protected] does not designate 46.232.183.185 as permitted sender) [email protected];
dkim=fail [email protected]
X-Sender-Id: _forwarded-from|154.120.107.184
Received: from r8-chicago.webserversystems.com (ip-10-33-12-218.us-west-2.compute.internal [10.33.12.218])
by relay.mailchannels.net (Postfix) with ESMTPA id 9750FADAF8
for <snipped>; Fri, 14 Nov 2014 13:23:51 +0000 (UTC)
X-Sender-Id: _forwarded-from|154.120.107.184
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.224.1.53])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.3.3);
Fri, 14 Nov 2014 13:23:52 GMT
X-MC-Relay: Forwarding
X-MailChannels-SenderId: _forwarded-from|154.120.107.184
X-MailChannels-Auth-Id: wwwh
X-MC-Loop-Signature: 1415971432156:1525641615
X-MC-Ingress-Time: 1415971432155
Received: from m13-45.163.com ([220.181.13.45]:43370)
by r8-chicago.webserversystems.com with esmtp (Exim 4.82)
(envelope-from <[email protected]>)
id 1XpGTb-0008iI-Iy
for <snipped>; Fri, 14 Nov 2014 06:59:49 -0600
DKIM-Signature: <snipped>
Received: from kelvinrobert55555$163.com ( [154.120.107.184, 54.215.2.217,
203.14.188.254] ) by ajax-webmail-wmsvr45 (Coremail) ; Fri, 14 Nov 2014
20:57:15 +0800 (CST)
X-Originating-IP: [154.120.107.184, 54.215.2.217, 203.14.188.254]
Date: Fri, 14 Nov 2014 20:57:15 +0800 (CST)
From: kelvinrobert55555 <[email protected]>
X-Priority: 3
X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build
20140915(28949.6690) Copyright (c) 2002-2014 http://www.mailtech.cn 163com
X-CM-CTRLDATA: FkbnXWZvb3Rlcl9odG09MjAxNDU6ODE=
Content-Type: multipart/alternative;
boundary="----=_Part_512625_198603166.1415969835956"
MIME-Version: 1.0
Message-ID: <[email protected]>
X-CM-TRANSID:LcGowADX3UUs_GVUHm4zAA--.17288W
X-CM-SenderInfo: xnho4xxquruv1uwvkkivv6il2tof0z/1tbiLw5EDlEAPiqtQwABsB
X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU==
X-Spam-Status: Yes, score=7.9
X-Spam-Score: 79
X-Spam-Bar: +++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: First National bank** Head of Private Banking Dept., 13386
Hwy 90 Boute,LA 70039-0508 USA. ** Ordering Customer: CENTRAL BANK - NG**
004 SWIFT TRN 92BK BANK PRIOTY (300 CRF) Ordering Beneficiary ATTN: HON.
BENEFICIARY. [...]

Content analysis details: (7.9 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
2.8 DEAR_BENEFICIARY BODY: Dear Beneficiary:
1.5 SUBJ_ALL_CAPS Subject is all capitals
-0.0 SPF_PASS SPF: sender matches SPF record
-0.6 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
0.0 XFER_LOTSA_MONEY Transfer a lot of money
1.1 MONEY_FRAUD_8 Lots of money and very many fraud phrases
2.1 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money
X-Spam-Flag: YES
Subject: ***SPAM*** FUND TRANSFER CONFIRMATION O.K FURTHER CREDIT ACCEPTED.
X-AuthUser:

First National bank**
Head of Private Banking Dept.,
13386 Hwy 90
Boute,LA 70039-0508 USA.
** Ordering Customer:
CENTRAL BANK - NG**
004 SWIFT TRN 92BK
BANK PRIOTY (300 CRF)
Ordering Beneficiary

ATTN: HON. BENEFICIARY.

FUND TRANSFER CONFIRMATION O.K FURTHER CREDIT ACCEPTED.

We have received your payment approval from our ordering Customer
Service in the Central Bank of Nigeria for the further credit to your
bank account with the total sum of usd$10.8 million dollars from the
deck of the Governor (C B N) - Godwin Emefiele.

With all due respect, our bank has obliged to credit your account with
instruction. Quoting reference to First National bank transfer
regulation and in line with British Financial and Allied Conduct, your
account will be effected as soon as you reconcile our 1% Cost of
Transfer or you may advise us to deduct the total value and transfer
the balance to your account.

Should you be willing to accept deduction, our bank is therefore
urging you to contact the authorized C B N Paying Officer Mr,Godwin
Ezeh of the International Remittance Dept.
E-mail:([email protected]) Please ask him to issue you the
Original Hard Copy of the Authority to Deduct Bill of Exchange to
enable us deduct the 1% cost of transfer. Be advised also that we only
acknowledge the receipt of the ORIGINAL HARD COPY OF THE BILL OF
EXCHANGE FORM, which must be duly filed and signed by the beneficiary
before we can effect deduction. The Amount you we use to sign is $750
Dollar Only. But if you can come here to sign and go with your fund,
batter. If not send the fees To Mr,Godwin Ezeh.

Please be warned, as our bank does not trust any Nigerian Official
except Mr,Godwin Ezeh.whom we can give attention to in any of this
instruction. Prior to our banking regulation, final credit shall be
made to your account upon your instruction. Congratulations!

Yours faithfully,
Mr. Kelvin Robert (Secretary)
First National bank Plc