Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jorge_Abraham
Explorer

The IPs have not "bad reputation" but, There are some previous action from them?

Return-Path: <ines@crediserv.com>
X-Original-To: jorgea@localhost
Delivered-To: jorgea@localhost
Received: from localhost (dateclinux [127.0.0.1])
by datec.com.ar (datec.com.ar) with ESMTP id D51942B56E
for <jorgea@localhost>; Mon, 12 Nov 2018 09:08:28 -0300 (ART)
Delivered-To: jorgea@datec.com.ar
Received: from mail.datec.com.ar [190.61.250.150]
by localhost with POP3 (fetchmail-6.2.5)
for jorgea@localhost (single-drop); Mon, 12 Nov 2018 09:08:28 -0300 (ART)
Received: from ci3.toservers.com
by ci3.toservers.com with LMTP id SP0XGytr6VtrEh0AgCVJKw
for <jorgea@datec.com.ar>; Mon, 12 Nov 2018 08:59:39 -0300
Envelope-to: jorgea@datec.com.ar
Delivery-date: Mon, 12 Nov 2018 08:59:39 -0300
Received: from r61.hkwp.com ([58.64.139.61]:60752 helo=hkwp.hosting38.com)
by ci3.toservers.com with esmtp (Exim 4.91)
(envelope-from <ines@crediserv.com>)
id 1gMAsQ-0084Sq-C9
for jorgea@datec.com.ar; Mon, 12 Nov 2018 08:59:39 -0300
Received: by hkwp.hosting38.com (Postfix, from userid 48)
id AB37F4FD803B; Mon, 12 Nov 2018 19:58:34 +0800 (HKT)
Received: from 14.33.27.22 ([14.33.27.22]) by 58.64.139.54 (Horde
Framework) with HTTP; Mon, 12 Nov 2018 19:58:32 +0800
Message-ID: <20181112195832.755221qfjwltgtms@58.64.139.54>
Date: Mon, 12 Nov 2018 19:58:32 +0800
From: Angel Alvarez <ines@crediserv.com>
Reply-to: unccpmoln@yahoo.co.jp
To: undisclosed-recipients:;
Subject: Buenas noticias, transferencia de US$ 2,950,000 a su cuenta
MIME-Version: 1.0
Content-Type: text/plain;
charset=ISO-8859-1;
DelSp="Yes";
format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.3.7)
X-Spam-Status: No, score=2.2
X-Spam-Score: 22
X-Spam-Bar: ++
X-Ham-Report: Spam detection software, running on the system "ci3.toservers.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.

Content preview: -- Ref: SFUD/UP4950/76UK Buenos días, Queremos felicitarle
e informarle que después de una revisión exhaustiva de todos los fondos no
reclamados, fondos de lotería, fondos de herencia y contratos, etc

Content analysis details: (2.2 points, 8.0 required)

pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[58.64.139.61 listed in list.dnswl.org]
0.0 T_SPF_HELO_TEMPERROR SPF: test of HELO record failed (temperror)
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
0.0 LOTS_OF_MONEY Huge... sums of money
2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
freemails
X-Spam-Flag: NO

4 Replies
G_W_Albrecht
Legend
Legend

I see no question here...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Jorge_Abraham
Explorer

There are bad antecedents, regarding the "IP in bright blue? 
58.64.139.61, 58.64.139.54 and 14.33.27.22

0 Kudos
G_W_Albrecht
Legend
Legend

I still have no answer...

CCSE CCTE CCSM SMB Specialist
PhoneBoy
Admin
Admin

This is probably a better question as a TAC ticket

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events