Scam TagCloud

Scam Email Headers

EEEEEstdClass Object ( [return-path:] => [envelope-to:] => scams@scamdex.com [delivery-date:] => Mon, 07 Jan 2013 01:34:32 -0800 [received:] => Array ( [0] => from web2.kuwhost.com ([209.133.9.236]:17624)by lester.newsblaze.com with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)(Exim 4.80)(envelope-from )id 1Ts96F-0004NI-Pifor scams@scamdex.com; Mon, 07 Jan 2013 01:34:32 -0800 [1] => from nobody by web2.kuwhost.com with local (Exim 4.80.1 (FreeBSD))(envelope-from )id 1Ts96F-0006oe-CXfor scams@scamdex.com; Mon, 07 Jan 2013 12:34:31 +0300 ) [to:] => scams@scamdex.com [subject:] => investment proposal [x-php-script:] => fialakaa.com/raoaa_banner/m.php for 41.132.5.17 [from:] => donald dosi [mime-version:] => 1.0 [content-type:] => text/html [message-id:] => [date:] => Mon, 07 Jan 2013 12:34:31 +0300 [x-antiabuse:] => Array ( [0] => This header was added to track abuse, please include it with any abuse report [1] => Primary Hostname - web2.kuwhost.com [2] => Original Domain - scamdex.com [3] => Originator/Caller UID/GID - [65534 1002] / [26 6] [4] => Sender Address Domain - web2.kuwhost.com ) [x-source:] => /usr/local/apache/bin/httpd [x-source-args:] => /usr/local/apache/bin/httpd -k start -DSSL [x-source-dir:] => fialakaa.com:/public_html/raoaa_banner [x-spam-status:] => No, score=3.9 [x-spam-score:] => 39 [x-spam-bar:] => +++ [x-ham-report:] => Spam detection software, running on the system "lester.newsblaze.com", hasidentified this incoming email as possible spam. The original messagehas been attached to this so you can view it (if it isn't spam) or labelsimilar future email. If you have any questions, seethe administrator of that system for details.Content preview: Dear sir/madam My Name is Donald Moore, Am Contacting you for an international investment project I want to establish in your country. I need you as foreign partner to cooperate together and achieve my business objective. Please feel free to communicate with me any time soon so we can discuss in details. Best Regards Mr. Donald. [...] Content analysis details: (3.9 points, 4.0 required) pts rule name description---- ---------------------- ---------------------------------------------------3.0 DEAR_SOMETHING BODY: Contains 'Dear (something)' 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (dornchyke[at]yahoo.com) 1.6 RCVD_IN_BRBL_LASTEXT RBL: RCVD_IN_BRBL_LASTEXT [209.133.9.236 listed in bb.barracudacentral.org]-0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.0 HTML_MESSAGE BODY: HTML included in message 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.6 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag 3.5 ADVANCE_FEE_3_NEW Appears to be advance fee fraud (Nigerian 419) [x-spam-flag:] => NO )

Community Action - SPAM/non-Scam Report

Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.

Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not be in our database.
Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or SPAM, via unpublished 'Honeypot' email addresses.