by Faizan Docherty
Fri Jan 16, 2015 4:30 am
ipTRACKERonline.com wrote:Header Analysis Quick Report
Originating IP: 217.12.9.10
Originating ISP: Yahoo! Europe
City: n/a
Country of Origin: United Kingdom
* For a complete report on this email header goto ipTRACKERonline
Delivered-To: <snipped>
Received: by 10.70.51.10 with SMTP id g10csp1976930pdo;
Thu, 15 Jan 2015 00:38:08 -0800 (PST)
X-Received: by 10.70.125.232 with SMTP id mt8mr12466125pdb.80.1421311088772;
Thu, 15 Jan 2015 00:38:08 -0800 (PST)
Return-Path: <[email protected]>
Received: from relay.mailchannels.net (ar-005-i179.relay.mailchannels.net. [162.253.144.64])
by mx.google.com with ESMTP id ri11si1125756pbb.33.2015.01.15.00.38.07
for <snipped>;
Thu, 15 Jan 2015 00:38:08 -0800 (PST)
Received-SPF: none (google.com: [email protected] does not designate permitted sender hosts) client-ip=162.253.144.64;
Authentication-Results: mx.google.com;
spf=none (google.com: [email protected] does not designate permitted sender hosts) [email protected];
dkim=fail [email protected];
dmarc=fail (p=NONE dis=NONE) header.from=yahoo.fr
X-Sender-Id: _forwarded-from|212.82.96.111
Received: from r8-chicago.webserversystems.com (ip-10-33-12-218.us-west-2.compute.internal [10.33.12.218])
by relay.mailchannels.net (Postfix) with ESMTPA id 055F660B01
for <snipped>; Thu, 15 Jan 2015 08:38:04 +0000 (UTC)
X-Sender-Id: _forwarded-from|212.82.96.111
Received: from r8-chicago.webserversystems.com (r8-chicago.webserversystems.com [10.245.17.46])
(using TLSv1 with cipher DHE-RSA-AES256-SHA)
by 0.0.0.0:2500 (trex/5.4.2);
Thu, 15 Jan 2015 08:38:05 GMT
X-MC-Relay: Junk
X-MailChannels-SenderId: _forwarded-from|212.82.96.111
X-MailChannels-Auth-Id: wwwh
X-MC-Loop-Signature: 1421311085352:809304640
X-MC-Ingress-Time: 1421311085352
Received: from nm5-vm4.bullet.mail.ir2.yahoo.com ([212.82.96.111]:41247)
by r8-chicago.webserversystems.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.82)
(envelope-from <[email protected]>)
id 1YBfw8-0002mD-6z
for <snipped>; Thu, 15 Jan 2015 02:37:53 -0600
DKIM-Signature: <snipped>
Received: from [212.82.98.57] by nm5.bullet.mail.ir2.yahoo.com with NNFMP; 15 Jan 2015 08:37:50 -0000
Received: from [212.82.98.108] by tm10.bullet.mail.ir2.yahoo.com with NNFMP; 15 Jan 2015 08:37:50 -0000
Received: from [127.0.0.1] by omp1045.mail.ir2.yahoo.com with NNFMP; 15 Jan 2015 08:37:50 -0000
X-Yahoo-Newman-Property: ymail-3
X-Yahoo-Newman-Id: [email protected]
X-YMail-OSG: <snipped>
Received: by 217.12.9.10; Thu, 15 Jan 2015 08:37:50 +0000
Date: Thu, 15 Jan 2015 08:37:49 +0000 (UTC)
From: GISELE PAULO <[email protected]>
Reply-To: GISELE PAULO <[email protected]>
Message-ID: <1273423229.1440505.1421311069890.JavaMail.yahoo@jws11141.mail.ir2.yahoo.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_Part_1440504_1121912496.1421311069887"
X-Spam-Status: Yes, score=8.0
X-Spam-Score: 80
X-Spam-Bar: ++++++++
X-Spam-Report: Spam detection software, running on the system "r8-chicago.webserversystems.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Je me nomme Gisele de nationalité Française je tais représentante
de O.N.U.(Organisation des Nations Unis) en Afrique. Mais actuellement je
suis sous observation médicale dans un grand hôpital en Europe. raison
de ma santé car je suis gravement malade, je souffre de cancer. Je souhaite
prendre par vous pour faire don d'une mallette qui contienne d'une somme
de 1500.000 € dans les soucis d'aider des personnes en besoin. C'est a dire
aidé les enfants orphelins les handicapés. Malheureusement mon mari et
moi n’avons pas eu la chance d'avoir d'enfants.Après 30 années de vie
commune, mon époux a perdu la vie dans une accident de circulation . Cela
fera bientôt Dix ans que je me bats contre cette maladie et la médecine
ne peut plus rien suite aux résultats des examens médicaux. J'avais bloqué
ce montant si important dans l'une des BANQUES Capital en Afrique pour un
projet de construction. Je serai grée à vous donner cet argent gratuitement
comme un don, si tu accepte de recevoir ce don alors donne moi ton avis.
[...]
Content analysis details: (8.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(aigdirection62[at]yahoo.fr)
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[212.82.96.111 listed in list.dnswl.org]
1.5 SUBJ_ALL_CAPS Subject is all capitals
0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
digit (aigdirection62[at]yahoo.fr)
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
2.8 MALFORMED_FREEMAIL Bad headers on message from free email service
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
X-Spam-Flag: YES
Subject: ***SPAM*** BONJOUR MON ENFANT
X-AuthUser:
Je me nomme Gisele de nationalité Française je tais représentante de O.N.U.(Organisation des Nations Unis) en Afrique. Mais actuellement je suis sous observation médicale dans un grand hôpital en Europe. raison de ma santé car je suis gravement malade, je souffre de cancer. Je souhaite prendre par vous pour faire don d'une mallette qui contienne d'une somme de 1500.000 € dans les soucis d'aider des personnes en besoin. C'est a dire aidé les enfants orphelins les handicapés. Malheureusement mon mari et moi n’avons pas eu la chance d'avoir d'enfants.Après 30 années de vie commune, mon époux a perdu la vie dans une accident de circulation . Cela fera bientôt Dix ans que je me bats contre cette maladie et la médecine ne peut plus rien suite aux résultats des examens médicaux. J'avais bloqué ce montant si important dans l'une des BANQUES Capital en Afrique pour un projet de construction. Je serai grée à vous donner cet argent gratuitement comme un don, si tu accepte de recevoir ce don alors donne moi ton avis.
Google translation:
My name is Gisele French nationality I am silent representative of UN (United Nations) in Africa. But now I am under medical observation in a large hospital in Europe. because of my health because I am seriously ill, I suffer from cancer. I want to take with you to donate a briefcase that contains a sum of € 1500.000 in cares to help people in need. That is to say helped orphans with disabilities. Unfortunately my husband and I have not had the chance to have enfants.Après 30 years of living together, my husband was killed in a traffic accident. It will soon be ten years I fight against this disease and medicine can do nothing, the results of medical examinations. I blocked that amount so important in one of the Capital BANKS in Africa for a construction project. I will be rigged to give you money for free as a gift, if you agree to receive this gift then give me your opinion.
Please DO NOT tell a scammer that he has been posted here!
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
If you wish you can email me at
faizandocherty @ scamwarners [dot] com
How do I find email headers???
How to analyze an email header.
