Example 419 Email Fraud 1620
From ???@??? Tue Jun 16 13:33:48 2009
Return-path:
Envelope-to: Isp402@dsl.Isp2.com
Delivery-date: Tue, 16 Jun 2009 13:34:08 +0100
Received: from mk-filter-8.mail.uk.tiscali.com ([212.139.137.135])
by mk-delivery-1.b2b.uk.tiscali.com with esmtp (Exim 4.69)
(envelope-from )
id 1MGXrc-000D2v-3i
for Isp402@dsl.Isp2.com; Tue, 16 Jun 2009 13:34:08 +0100
Received-SPF: None identity=pra; client-ip=72.1.194.110;
receiver=mk-inboundfilter-1-a-1.b2b.uk.tiscali.com;
envelope-from="bill.gates@jmail.co.za";
x-sender="bill.gates@jmail.co.za";
x-conformance=sidf_compatible
Received-SPF: None identity=mailfrom; client-ip=72.1.194.110;
receiver=mk-inboundfilter-1-a-1.b2b.uk.tiscali.com;
envelope-from="bill.gates@jmail.co.za";
x-sender="bill.gates@jmail.co.za";
x-conformance=sidf_compatible
Received-SPF: None identity=helo; client-ip=72.1.194.110;
receiver=mk-inboundfilter-1-a-1.b2b.uk.tiscali.com;
envelope-from="bill.gates@jmail.co.za";
x-sender="postmaster@mailgate.Isp5.com";
x-conformance=sidf_compatible
X-Trace: 1070723676/mk-filter-8.mail.uk.tiscali.com/ListenerSBRS/$ACCEPTED/UNKNOWNLIST/72.1.194.110/0.0/bill.gates@jmail.co.za
X-SBRS: 0.0
Received: from mx3.Isp5.co.uk (HELO mailgate.Isp5.com) ([72.1.194.110])
by mk-inboundfilter-1-a-1.b2b.uk.tiscali.com with ESMTP; 16 Jun 2009 13:34:07 +0100
Received: from [212.43.206.29] (helo=smtp-out.freesurf.fr)
by mailgate.Isp5.com with esmtp (Exim 4.69 #1 (Debian))
id 1MGXrU-0006Hq-UQ
for ; Tue, 16 Jun 2009 08:34:04 -0400
Received: by smtp-out.freesurf.fr (Postfix, from userid 0)
id 9A0D157C084; Tue, 16 Jun 2009 15:31:56 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on messidor
X-Spam-Level: *
X-Spam-Status: No, score=1.5 tests=AWL,BAYES_00,DNS_FROM_RFC_ABUSE,
DNS_FROM_RFC_BOGUSMX,DNS_FROM_RFC_POST,UNDISC_RECIPS,UNPARSEABLE_RELAY
Received: from georges.freesurf.fr (georges.freesurf.fr [212.43.206.67])
by smtp-out.freesurf.fr (Postfix) with ESMTP id 3D4FA57C02C;
Tue, 16 Jun 2009 15:31:51 +0200 (CEST)
Received: by georges.freesurf.fr (Postfix, from userid 1000)
id 7DA6B7806E; Tue, 16 Jun 2009 14:33:52 +0200 (CEST)
Received: from localhost by georges.freesurf.fr
with SpamAssassin (version 3.1.7-deb3);
Tue, 16 Jun 2009 14:33:52 +0200
From: "Mr.Bill Gates"
To: undisclosed-recipients: ;
Subject: *****SPAM***** FROM MR.BILL GATES (get back to me)
Date: Tue, 16 Jun 2009 14:33:48 +0200 (CEST)
Message-Id: <90bdfa10eccf1d9be3e869c6a2106df3.squirrel@wmail.freesurf.fr>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----------=_4A379130.904E67C8"
X-Antivirus-Scanner-Outbound: Clean mail though you should still use an Antivirus
X-Spam-Score: 0.1
This is a multi-part message in MIME format.
------------=_4A379130.904E67C8
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Spam detection software, running on the system "georges.freesurf.fr", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: FROM MR.BILL GATES (get back to me) RE: AUTOMATED TELLE=
R
MACHINE (ATM) Many wrote for Scholarship, Sponsorship, Financial Aid,
Invitation (visa Purposes), Variety of other items and Services; in as
much as I would like to help I decline this request to request Microsof=
t
online e-mail winnings. [...]
Content analysis details: (3.4 points, 3.2 required)
pts rule name description
---- ---------------------- ---------------------------------------------=
-----
0.9 UNDISC_RECIPS Valid-looking To "undisclosed-recipients"
-1.4 ALL_TRUSTED Passed through trusted hosts only via SMTP
0.5 DNS_FROM_RFC_ABUSE RBL: Envelope sender in abuse.rfc-ignorant.or=
g
2.0 DNS_FROM_RFC_BOGUSMX RBL: Envelope sender in
bogusmx.rfc-ignorant.org
1.4 DNS_FROM_RFC_POST RBL: Envelope sender in
postmaster.rfc-ignorant.org
-0.0 AWL AWL: From: address is in the auto white-list
------------=_4A379130.904E67C8
Content-Type: message/rfc822; x-spam-type=original
Content-Description: original message before SpamAssassin
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Return-Path:
Received: from wmail.freesurf.fr (localhost [127.0.0.1])
by georges.freesurf.fr (Postfix) with ESMTP id AF92E78060;
Tue, 16 Jun 2009 14:33:48 +0200 (CEST)
Received: from 80.89.185.189
(SquirrelMail authenticated user obilor4wango)
by wmail.freesurf.fr with HTTP;
Tue, 16 Jun 2009 14:33:48 +0200 (CEST)
Message-ID: <90bdfa10eccf1d9be3e869c6a2106df3.squirrel@wmail.freesurf.fr>
Date: Tue, 16 Jun 2009 14:33:48 +0200 (CEST)
Subject: FROM MR.BILL GATES (get back to me)
From: "Mr.Bill Gates"
Reply-To: gates.1483@rediffmail.com
User-Agent: SquirrelMail/1.4.17
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
X-Priority: 3 (Normal)
Importance: Normal
To: undisclosed-recipients:;
Content-Transfer-Encoding: quoted-printable
FROM MR.BILL GATES (get back to me)
RE: AUTOMATED TELLER MACHINE (ATM)
Many wrote for Scholarship, Sponsorship, Financial Aid, Invitation (visa
Purposes), Variety of other items and Services; in as much as I would lik=
e
to help I decline this request to request Microsoft online e-mail
winnings.
Compare to this, I hereby to inform you that your e-mail account is among
the winners of this month (JUNE'09) monthly online winning e-mails and ha=
s
awarded you the sum of $950,000.00 only.
For security purpose, the money will be paid to you through AUTOMATED
TELLER MACHINE (ATM) to enable you withdraw the money through any ATM at
anywhere in the world.
Yours in Microsoft,
Bill W. H. Gates.
------------=_4A379130.904E67C8--