Mr Dorry Benson <[email protected]>

Header Analysis Quick Report
Originating IP: 212.82.98.115
Originating ISP: Yahoo! Europe
City: n/a
Country of Origin: United Kingdom
* For a complete report on this email header goto ipTRACKERonline

Delivered-To: <snipped>
Received: by 10.70.51.10 with SMTP id g10csp1675229pdo;
Wed, 14 Jan 2015 01:42:37 -0800 (PST)
X-Received: by 10.70.89.174 with SMTP id bp14mr4298463pdb.136.1421228557583;
Wed, 14 Jan 2015 01:42:37 -0800 (PST)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (ar-005-i179.relay.mailchannels.net. [162.253.144.64])
by mx.google.com with ESMTP id uq4si30000306pbc.165.2015.01.14.01.42.26
for <snipped>;
Wed, 14 Jan 2015 01:42:37 -0800 (PST)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=162.253.144.64;
Authentication-Results: mx.google.com;
spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected];
dkim=fail [email protected]
X-Sender-Id: _forwarded-from|212.82.97.65
Received: from r8-chicago.webserversystems.com (ip-10-213-14-133.us-west-2.compute.internal [10.213.14.133])
by relay.mailchannels.net (Postfix) with ESMTPA id 0424A1D033C
for <snipped>; Wed, 14 Jan 2015 09:42:06 +0000 (UTC)
X-Sender-Id: _forwarded-from|212.82.97.65
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.245.17.46])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.4.2);
Wed, 14 Jan 2015 09:42:24 GMT
X-MC-Relay: Junk
X-MailChannels-SenderId: _forwarded-from|212.82.97.65
X-MailChannels-Auth-Id: wwwh
X-MC-Loop-Signature: 1421228534547:3003333282
X-MC-Ingress-Time: 1421228534547
Received: from nm28-vm5.bullet.mail.ir2.yahoo.com ([212.82.97.65]:46476)
by r8-chicago.webserversystems.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1YBKSi-0001Ww-Oe
for <snipped>; Wed, 14 Jan 2015 03:42:06 -0600
DKIM-Signature: <snipped>
Received: from [212.82.98.61] by nm28.bullet.mail.ir2.yahoo.com with NNFMP; 14 Jan 2015 09:42:01 -0000
Received: from [212.82.98.72] by tm14.bullet.mail.ir2.yahoo.com with NNFMP; 14 Jan 2015 09:42:01 -0000
Received: from [127.0.0.1] by omp1009.mail.ir2.yahoo.com with NNFMP; 14 Jan 2015 09:42:01 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
X-YMail-OSG: <snipped>
Received: by 212.82.98.115; Wed, 14 Jan 2015 09:41:59 +0000
Date: Wed, 14 Jan 2015 09:41:58 +0000 (UTC)
From: Dorry Benson <[email protected]>
Reply-To: Dorry Benson <[email protected]>
Message-ID: <1315710493.880982.1421228518892.JavaMail.yahoo@jws11104.mail.ir2.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_880981_1356860760.1421228518890"
X-Spam-Status: Yes, score=8.7
X-Spam-Score: 87
X-Spam-Bar: ++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: How are you and the family? My contacting you again is based
on neglecting my previous email of investment establishment in your country.
Be aware that I am in a desire of any investments establishment that will
guaranty a safe and secured profitable returns in terms of Energy Renewals,
Transportation, Agriculture, Aviation, Oil and Gas, Real Estates, Hotel Resorts,
Casinos etc., [...]

Content analysis details: (8.7 points, 5.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(dorrybenson53[at]hotmail.com)
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[212.82.97.65 listed in list.dnswl.org]
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
(dorry benson <dorrybenson53[at]hotmail.com>
)
0.9 FORGED_HOTMAIL_RCVD2 hotmail.com 'From' address, but no 'Received:'
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (boa_bankofafrica52[at]yahoo.fr)
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
2.0 DCC_CHECK Detected as bulk mail by DCC (dcc-servers.net)
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
2.8 MALFORMED_FREEMAIL Bad headers on message from free email service
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
X-Spam-Flag: YES
Subject: ***SPAM*** GREETINGS
X-AuthUser:

How are you and the family?

My contacting you again is based on neglecting my previous email of investment establishment in your country.

Be aware that I am in a desire of any investments establishment that will guaranty a safe and secured profitable returns in terms of Energy Renewals, Transportation, Agriculture, Aviation, Oil and Gas, Real Estates, Hotel Resorts, Casinos etc.,

or any other business or investment interest of your choice that you believe will be encouraging enough for us to established in your home town and I am very ready to cooperate and partner with you.

Please contact me immediately you receive this message to enable me give you more details about the investment establishment plans and how much is the total amount that I am intending to invest in your country.

Say me well to the family as I wait to read from you soon.

Regards.
Mr Dorry Benson