Scam TagCloud

Scam Email Headers

EEEEEstdClass Object ( [return-path:] => [envelope-to:] => darylyybpaulson@scamdex.com [delivery-date:] => Wed, 16 Mar 2011 12:42:02 -0700 [received:] => Array ( [0] => from spamtitan.hbci.com ([206.230.105.6])by chester.loopbiz.com with esmtp (Exim 4.69)(envelope-from )id 1Pzwba-0001dY-14for darylyybpaulson@scamdex.com; Wed, 16 Mar 2011 12:42:02 -0700 [1] => from spamtitan.hbci.com (localhost [127.0.0.1])by spamtitan.hbci.com (Postfix) with ESMTP id 2041343646D;Wed, 16 Mar 2011 14:22:50 -0500 (CDT) [2] => from mail.rucls.net (mail.rucls.net [65.126.99.146])by spamtitan.hbci.com (Postfix) with ESMTP id 76CBA436434;Wed, 16 Mar 2011 14:22:45 -0500 (CDT) [3] => from localhost (zippy [65.126.99.146])by mail.rucls.net (Postfix) with ESMTP id 91E0C3634;Wed, 16 Mar 2011 14:21:46 -0500 (CDT) [4] => from dial-pool12.ph.starcomms.net (dial-pool12.ph.starcomms.net[41.205.169.222]) by www.rucls.net (Horde MIME library) with HTTP; Wed, 16Mar 2011 14:21:41 -0500 ) [x-virus-scanned:] => by SpamTitan at hbci.com [message-id:] => <20110316142141.13ycqeegocgckkc4@www.rucls.net> [date:] => Wed, 16 Mar 2011 14:21:41 -0500 [from:] => System Administrator [reply-to:] => helpdesk_iiii@yahoo.com.hk [to:] => undisclosed-recipients:; [subject:] => Important Notice - Please read!! [mime-version:] => 1.0 [content-type:] => text/plain;charset=ISO-8859-1;DelSp="Yes";format="flowed" [content-disposition:] => inline [content-transfer-encoding:] => 7bit [user-agent:] => Internet Messaging Program (IMP) H3 (4.1.4) [x-originating-ip:] => 41.205.169.222 [x-authenticated-user:] => meridian [x-spam-subject:] => ***SPAM*** Important Notice - Please read!! [x-spam-status:] => Yes, score=4.1 [x-spam-score:] => 41 [x-spam-bar:] => ++++ [x-spam-report:] => Spam detection software, running on the system "chester.loopbiz.com", hasidentified this incoming email as possible spam. The original messagehas been attached to this so you can view it (if it isn't spam) or labelsimilar future email. If you have any questions, seethe administrator of that system for details.Content preview: Due our latest IP Security upgrades we have reason to believethat your webmail account was accessed by a third party. Because protectingthe security of your webmail account is our primary concern, we have limitedaccess to sensitive webmail account features. We understand that this maybe an inconvenience but please understand that this temporary limitationis for your protection. To protect your account from unauthorized access andrevalidate your mailbox, Click the link below and confirm your webmail accountinformation: http://helpdesk01.ucoz.com/webmail.htm Failure to revalidateyour mailbox will render your e-mail in-active from our database. Thank youfor your cooperation. Help Desk [...] Content analysis details: (4.1 points, 4.0 required)pts rule name description---- ---------------------- --------------------------------------------------0.0 DNS_FROM_RFC_DSN RBL: Envelope sender in dsn.rfc-ignorant.org0.9 SPF_FAIL SPF: sender does not match SPF record (fail)[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=info%40domain.com;ip=206.230.105.6;r=chester.loopbiz.com]0.6 URIBL_SBL Contains an URL listed in the SBL blocklist[URIs: ucoz.com]0.0 RFC_ABUSE_POST Both abuse and postmaster missing on sender domain2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From [x-spam-flag:] => YES )

Community Action - SPAM/non-Scam Report

Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.

Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not be in our database.
Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or SPAM, via unpublished 'Honeypot' email addresses.