by buried under 419s
Tue Apr 14, 2015 1:56 pm
Return-path: <[email protected]>
Envelope-to:
Delivery-date: Tue, 14 Apr 2015 10:10:38 -0700
Received: from [216.172.107.182] (port=33211 helo=server1.sbgtrain.com)
by with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.80)
(envelope-from <[email protected]>)
id 1Yi4M9-000746-Ba
for \; Tue, 14 Apr 2015 10:10:38 -0700
Received: from [177.35.41.238] (port=19418 helo=User)
by server1.sbgtrain.com with esmtpa (Exim 4.85)
(envelope-from <[email protected]>)
id 1Yi4Iv-0001Ir-Iv; Tue, 14 Apr 2015 17:07:18 +0000
Reply-To: <[email protected]>
From: "U.s. Department of justice"<[email protected]>
Date: Tue, 14 Apr 2015 14:05:51 -0300
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server1.sbgtrain.com
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - senders.com
X-Get-Message-Sender-Via: server1.sbgtrain.com: authenticated_id: [email protected]
X-Spam-Status: Yes, score=15.5
X-Spam-Score: 155
X-Spam-Bar: +++++++++++++++
X-Spam-Report: Spam detection software, running on the system "", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: U.s. Department of justice 950 pennsylvania Avenue, Nw Washington,
DC 205330-0001 [...]
Content analysis details: (15.5 points, 7.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.9 NSL_RCVD_HELO_USER Received from HELO User
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[216.172.107.182 listed in bb.barracudacentral.org]
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5086]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.5 MISSING_MID Missing Message-Id: header
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
0.4 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors
0.0 FROM_MISSPACED From: missing whitespace
1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.3 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only
3.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool
1.5 COMPENSATION "Compensation"
X-Spam-Flag: YES
Subject: ***SPAM*** The justice department hereby email you regarding the scam activities on the internet
U.s. Department of justice
950 pennsylvania Avenue, Nw
Washington, DC 205330-0001
Department of justice
Attention:
The justice department hereby email you regarding the scam activities on the internet, we have a not right in front of us that you are having something to do with some internet spammers all in the name of the compensation funds and winning funds. this emails you get usually come from the spammers who claim to be the FBI, INTERPOL,EFCC,UNITED NATION, INTERNATIONAL MONETARY FUND and some other scam names that mostly comes from Africa countries like, GHANA,NIGERIA,BENIN REPUBLIC.
we got the not on our desk this morning from the inspector General of head internet security (Gen. Daniel Doherty) You are asked to stop all contact you have been in so far with any of those so called spammers or else your case file will be stamped as money laundry.
You are advised to get back to us with all that have been sent to you by those spammers to hasten our investigation on who is behind all this and who have been collecting your hard earned income...
Note: you are asked to get back as soon as possible...or we will have to inform the local police in your area. and your case will be worst if you don't cooperate with us to get those spammers red handed.
That is why we email you to know more details first because that is the easiest way to reach our good citizen's, so you are to provide all the necessary details and we shall inform you if truly there is any consignment for you at all, our duty is to protect our entire citizen's and keep them away from any harm or what so ever damage they are into.
You are advised to get back to us as soon as possible or your name will be listed among those to be prosecuting by the act of money laundry.
You are warned.
God Bless America.
Best regard,
General Mascott Bradley.
Envelope-to:
Delivery-date: Tue, 14 Apr 2015 10:10:38 -0700
Received: from [216.172.107.182] (port=33211 helo=server1.sbgtrain.com)
by with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.80)
(envelope-from <[email protected]>)
id 1Yi4M9-000746-Ba
for \; Tue, 14 Apr 2015 10:10:38 -0700
Received: from [177.35.41.238] (port=19418 helo=User)
by server1.sbgtrain.com with esmtpa (Exim 4.85)
(envelope-from <[email protected]>)
id 1Yi4Iv-0001Ir-Iv; Tue, 14 Apr 2015 17:07:18 +0000
Reply-To: <[email protected]>
From: "U.s. Department of justice"<[email protected]>
Date: Tue, 14 Apr 2015 14:05:51 -0300
MIME-Version: 1.0
Content-Type: text/html;
charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server1.sbgtrain.com
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - senders.com
X-Get-Message-Sender-Via: server1.sbgtrain.com: authenticated_id: [email protected]
X-Spam-Status: Yes, score=15.5
X-Spam-Score: 155
X-Spam-Bar: +++++++++++++++
X-Spam-Report: Spam detection software, running on the system "", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: U.s. Department of justice 950 pennsylvania Avenue, Nw Washington,
DC 205330-0001 [...]
Content analysis details: (15.5 points, 7.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
0.9 NSL_RCVD_HELO_USER Received from HELO User
1.4 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT
[216.172.107.182 listed in bb.barracudacentral.org]
1.0 MISSING_HEADERS Missing To: header
0.0 HTML_MESSAGE BODY: HTML included in message
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5086]
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.1 FORGED_OUTLOOK_TAGS Outlook can't send HTML in this format
0.5 MISSING_MID Missing Message-Id: header
1.6 REPLYTO_WITHOUT_TO_CC REPLYTO_WITHOUT_TO_CC
0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 FSL_NEW_HELO_USER Spam's using Helo and User
0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
0.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only
0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
0.4 TO_NO_BRKTS_FROM_MSSP Multiple formatting errors
0.0 FROM_MISSPACED From: missing whitespace
1.9 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
0.3 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only
3.5 TO_NO_BRKTS_MSFT To: misformatted and supposed Microsoft tool
1.5 COMPENSATION "Compensation"
X-Spam-Flag: YES
Subject: ***SPAM*** The justice department hereby email you regarding the scam activities on the internet
U.s. Department of justice
950 pennsylvania Avenue, Nw
Washington, DC 205330-0001
Department of justice
Attention:
The justice department hereby email you regarding the scam activities on the internet, we have a not right in front of us that you are having something to do with some internet spammers all in the name of the compensation funds and winning funds. this emails you get usually come from the spammers who claim to be the FBI, INTERPOL,EFCC,UNITED NATION, INTERNATIONAL MONETARY FUND and some other scam names that mostly comes from Africa countries like, GHANA,NIGERIA,BENIN REPUBLIC.
we got the not on our desk this morning from the inspector General of head internet security (Gen. Daniel Doherty) You are asked to stop all contact you have been in so far with any of those so called spammers or else your case file will be stamped as money laundry.
You are advised to get back to us with all that have been sent to you by those spammers to hasten our investigation on who is behind all this and who have been collecting your hard earned income...
Note: you are asked to get back as soon as possible...or we will have to inform the local police in your area. and your case will be worst if you don't cooperate with us to get those spammers red handed.
That is why we email you to know more details first because that is the easiest way to reach our good citizen's, so you are to provide all the necessary details and we shall inform you if truly there is any consignment for you at all, our duty is to protect our entire citizen's and keep them away from any harm or what so ever damage they are into.
You are advised to get back to us as soon as possible or your name will be listed among those to be prosecuting by the act of money laundry.
You are warned.
God Bless America.
Best regard,
General Mascott Bradley.
Questions about scams? fraudatiocruor @ gmail.com to contact remove spaces