I have sanitized my domain name with mydomain.com
I don't send mails directly from my mailserver but use a relay to send mails via hosted mail server
can anyone please help solve any potential issues in my setup and/or what may be wrong in SA setup. will share further details as required.
the spam mail as here under
MAIL 1
Code: Select all
From - Tue Jul 2 09:54:07 2024
X-Account-Key: account3
X-UIDL: 236910
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <sales.ahd1@mydomain.com>
Delivered-To: spambox@mydomain.com
X-Spam-Flag: YES
X-Spam-Level: ****************************************
X-Spam-Status: Yes, score=40.2 required=5.0 tests=BAYES_50,DKIM_INVALID,
DKIM_SIGNED,DMARC_REJECT,HTML_FONT_LOW_CONTRAST,HTML_FONT_SIZE_LARGE,
HTML_MESSAGE,INTERSERVER_DNSBL,INTERSERVER_RULE_SPAMMY_NETWORK,
KAM_DMARC_REJECT,KAM_DMARC_STATUS,KAM_MARKSPAM,MIME_HTML_ONLY,OK_LANGS,
PHISHTANK_0008602133_MATCH,PHISHTANK_0008602133_ONLINE,
PHISHTANK_0008602133_VALIDATED,RCVD_IN_AMI_BLACK,RCVD_IN_AMI_EXPLOIT,
RCVD_IN_HOSTKARMA_BL,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,
RELAYCOUNTRY_NL,SPF_FAIL,SPF_HELO_PASS,TO_EQ_FM_SPF_FAIL,TXREP,
T_FROMNAME_EQUALS_TO,URIBL_AMI_DBLACK shortcircuit=no autolearn=disabled
version=4.0.0
X-Spam-Attach-Count: 0
X-Spam-Attach-Exts:
X-Spam-ASN: AS19871 NETWORK-SOLUTIONS-HOSTING
X-Spam-Virus: No
X-Spam-PDF-Info: pdf=0, ver=_PDF2VERSION_, name=_PDF2NAME_
X-Spam-PDF-Details: creator=_PDF2CREATOR_, producer=_PDF2PRODUCER_
X-Spam-Report:
* 3.0 RCVD_IN_HOSTKARMA_BL RBL: Sender listed in HOSTKARMA-BLACK
* [162.241.4.33 listed in hostkarma.junkemailfilter.com]
* 5.2 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
* [162.241.4.33 listed in bl.mailspike.net]
* 4.0 INTERSERVER_DNSBL RBL: Listed in dns block list rbl.interserver.net
* [162.241.4.33 listed in rblspamassassin.interserver.net]
* 1.3 INTERSERVER_RULE_SPAMMY_NETWORK RBL: Listed as Spammy Network in
* rblspamassassin.interserver.net
* [162.241.4.33 listed in rblspamassassin.interserver.net]
* 3.0 URIBL_AMI_DBLACK Contains a spam URL listed in the Abusix Mail
* Intelligence domain blocklist
* [URI: metalsart.in]
* 3.0 RCVD_IN_AMI_BLACK RBL: Received via a relay in Abusix Mail
* Intelligence Black
* [162.241.4.33 listed in b31022cd5f15f49f681391b2d856fe05.combined.mail.abusix.zone]
* 3.0 RCVD_IN_AMI_EXPLOIT RBL: Received via a relay in Abusix Mail
* Intelligence Exploit
* [162.241.4.33 listed in b31022cd5f15f49f681391b2d856fe05.combined.mail.abusix.zone]
* 0.0 SPF_FAIL SPF: sender does not match SPF record (fail)
* [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=sales.ahd1%40mydomain.com;ip=162.241.4.33;r=MAILSRV.MML.COM]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
* Alignment
* 0.0 RCVD_IN_MSPIKE_BL Mailspike blocklisted
* 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
* 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
* [score: 0.5000]
* 0.5 RELAYCOUNTRY_NL Relayed through Netherlands at some point
* -0.1 OK_LANGS Score on Accepted Language
* 5.0 PHISHTANK_0008602133_MATCH URI: PHISHTANK - ID 8602133 (Other)
* 0.0 HTML_FONT_SIZE_LARGE BODY: HTML font size is large
* 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to
* background
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 1.1 KAM_MARKSPAM Email arrived marked as Spam
* 4.0 PHISHTANK_0008602133_VALIDATED PHISHTANK - Validated phishing url
* 5.0 PHISHTANK_0008602133_ONLINE PHISHTANK - Phishing URL still online
* 2.0 TO_EQ_FM_SPF_FAIL To == From and external SPF failed
* 2.5 KAM_DMARC_REJECT DKIM has Failed or SPF has failed on the message
* and the domain has a DMARC reject policy
* 0.1 DMARC_REJECT DMARC reject policy
* -3.5 TXREP TXREP: Score normalizing based on sender's reputation
* 0.0 T_FROMNAME_EQUALS_TO From:name matches To:
*
X-Spam-Score: 40.2
X-Spam-Languages: en ca pt
X-Spam-Checker-Version: SpamAssassin 4.0.0 on MAILSRV
X-Spam-Relay-Country: US NL
X-hMailServer-ExternalAccount: sales.ahd1@Ext
Delivered-To: sales.ahd1@mydomain.com
Received: from server36.hostwhitelabel.com by server36.hostwhitelabel.com with LMTP id
QM8vFg6ogmY5bwsA1JVF5w (envelope-from <sales.ahd1@mydomain.com>) for <sales.ahd1@mydomain.com>;
Mon, 01 Jul 2024 08:58:54 -0400
Envelope-to: sales.ahd1@mydomain.com
Delivery-date: Mon, 01 Jul 2024 08:58:54 -0400
Received: from server-598330.tabaarakhost.org ([162.241.4.33]:51806) by server36.hostwhitelabel.com
with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.2)
(envelope-from <sales.ahd1@mydomain.com>) id 1sOGcN-003Akb-2p for
sales.ahd1@mydomain.com; Mon, 01 Jul 2024 08:58:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=soyva.org; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:
Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive; bh=TxpDlLCSKrGS04zN57ax6pDECZO7MnGI8gOFOYLE3d4=;
b=SRwWEG5/NL03FJo8Mf9FNODwLk
7hr601Uw7cRaZehqgeO4K3E6ZBfevXbZJiHQ+SVzl4BqINxgmJMA11GPJCH82SLdnPMLzL1u14kNg
2yLaRuEvL4mA+DeV8tV6XVx5S7RqCqsquuuvOf2m9jt7wCD39EjT47ZbozYwqZPPAc8wyqOlH8BVF
7RMkhsqt7A9UB03GgCdwskTz9O2uTdxDe9TpV5Yn+f+5CWrmlUHkmRMO76sN46q/Y5GM/vLcoj5jS
S6VTUhF5A9/7iqaXPiqrnRzuyyrsLf35nRAvj4fZVC66o2TbEDF3tdgwTVOhIujGaspk7kkYaFPpL
k2w8QWlQ==;
Received: from [109.248.151.156] (port=53709 helo=ca-egypt.com) by server-598330.tabaarakhost.org
with esmtpa (Exim 4.96.2) (envelope-from <sales.ahd1@mydomain.com>)
id 1sOGcC-0007Bi-1b for sales.ahd1@mydomain.com; Mon, 01 Jul 2024 07:58:43
-0500
From: "sales.ahd1@mydomain.com" <sales.ahd1@mydomain.com>
To: sales.ahd1@mydomain.com
Date: 01 Jul 2024 15:58:41 +0300
Message-ID: <20240701155841.BBDAE24C5754BFE2@mydomain.com>
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any abuse
report
X-AntiAbuse: Primary Hostname - server-598330.tabaarakhost.org
X-AntiAbuse: Original Domain - mydomain.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - mydomain.com
X-Get-Message-Sender-Via: server-598330.tabaarakhost.org: authenticated_id: info@soyva.org
X-Authenticated-Sender: server-598330.tabaarakhost.org: info@soyva.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: [!!! SPAM !!!] [40.2] ***SPAM*** Request for Commercial offer - Special
Fitting - ADEL/J-80-PI-MRQ-1399-0003-2 ???????? ????- ??????? ??? ??????
?????
X-Spam-Prev-Subject: ***SPAM*** =?UTF-8?B?UmVxdWVzdCBmb3IgQ29tbWVyY2lhbCBvZmZlciAtIFNwZWNpYWwgRml0dGluZyAtIEFERUwvSi04MC1QSS1NUlEtMTM5OS0wMDAzLTIg2b7Yqtix2YjYtdmG2LnYqiDYudin2K/ZhC0g2b7bjNi02YbZh9in2K8g2YHZhtuMINiq2YLYp9i22KfbjCDYtNmF2KfYsdmH?=
X-hMailServer-Spam: YES
X-hMailServer-Reason-1: URIBL - Rejected by SURBL. - (Score: 1)
X-hMailServer-Reason-2: Blocked by SPF. - (Score: 4)
X-hMailServer-Reason-3: HMS Rejected by HostKarma - (Score: 3)
X-hMailServer-Reason-4: Rejected by DKIM. - (Score: 1)
X-hMailServer-Reason-5: Tagged as Spam by SpamAssassin - (Score: 40)
X-hMailServer-Reason-Score: 49
X-hMS-External: YES
x-hMS-Route: 2
X-hMS-Rulespam: YES
X-hMS-External-SPAM: YES
X-hMailServer-LoopCount: 1
<table id=3D"ExtSPAMv1" class=3D'v1MsoNormalTable' style=3D"width: 100.0%; border=3D0 cellspacing=3D0 cellpadding=3D0 align=3Dleft;" width=3D100%><tbody><tr><td style=3D"background: #FF0000; padding: 5.0pt 2.0pt 5.0pt 2.0pt;"> </td><td style=3D"width: 100.0%; background: #FFEDED; padding: 1.0pt 5.0pt 1.0pt 11.0pt;" width=3D100%><div><p class=3D"v1MsoNormal" style=3D"mso-element: frame; mso-element-frame-hspace: 2.25pt; mso-element-wrap: around; mso-element-anchor-vertical: paragraph; mso-element-anchor-horizontal: column; mso-height-rule: exactly;"><strong><span style=3D"font-size: 11.0pt; font-family: 'Cambria',sans-serif; color: #ff0000;">CAUTION : </span></strong><span style=3D"font-size: 11.0pt; font-family: 'Calibri',sans-serif; color: #222222;"> <strong>This email was FLAGGED as potential SPAM. Be extra careful while interacting with its contents.</strong></span></p></div><div class=3D"v1MsoNormal" style=3D"mso-element: frame; mso-element-frame-hspace: 2.25pt; mso-element-wrap: around; mso-element-anchor-vertical: paragraph; mso-element-anchor-horizontal: column; mso-height-rule: exactly; font-size: 11.0pt; font-family: 'Calibri',sans-serif; color: #222222;"><p><strong>Claimed FROM Name is :</strong> "sales.ahd1@mydomain.com" <sales.ahd1@mydomain.com> <strong> || The Return address is :</strong> sales.ahd1@mydomain.com</p><p>Do Not click links or open attachments unless you recognize the sender, and confirm content is safe. <strong><u>When in doubt, contact your IT Department.</u></strong></p></div></td></tr></tbody></table><br><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD>
<META name=3DGENERATOR content=3D"MSHTML 11.00.10570.1001"></HEAD>
<BODY style=3D"MARGIN: 0.5em">
<P align=3Dcenter><SPAN style=3D"FONT-SIZE: 13px"><SPAN style=3D'FONT-FAMILY: YahooSans,"Helvetica Neue","Segoe UI",Helvetica,Arial,"Lucida Grande",sans-serif'><SPAN style=3D"COLOR: rgb(29,34,40)"><SPAN style=3D'FONT-FAMILY: "Helvetica Neue",Helvetica,Arial,sans-serif'><SPAN style=3D"FONT-SIZE: 11px"><SPAN style=3D'FONT-FAMILY: "Lucida Grande",Verdana,Arial,Helvetica,sans-serif'><SPAN style=3D"COLOR: rgb(51,51,51)"><SPAN style=3D"FONT-SIZE: medium"><SPAN style=3D"FONT-FAMILY: Arial,Helvetica,sans-serif">
<SPAN style=3D'FONT-FAMILY: "times new roman"'><SPAN style=3D"FONT-SIZE: 12px"><SPAN style=3D"COLOR: rgb(34,34,34)"><FONT color=3D#175ee8 size=3D5 face=3DVerdana><SPAN style=3D"FONT-SIZE: 13px"><SPAN style=3D'FONT-FAMILY: YahooSans,"Helvetica Neue","Segoe UI",Helvetica,Arial,"Lucida Grande",sans-serif'><SPAN style=3D"COLOR: rgb(29,34,40)"><SPAN style=3D'FONT-FAMILY: "Helvetica Neue",Helvetica,Arial,sans-serif'><SPAN style=3D"FONT-SIZE: 11px">
<SPAN style=3D'FONT-FAMILY: "Lucida Grande",Verdana,Arial,Helvetica,sans-serif'><SPAN style=3D"COLOR: rgb(51,51,51)"><SPAN style=3D"FONT-SIZE: medium"><SPAN style=3D"FONT-FAMILY: Arial,Helvetica,sans-serif"><SPAN style=3D'FONT-FAMILY: "times new roman"'><SPAN style=3D"FONT-SIZE: 12px"><SPAN style=3D"COLOR: rgb(34,34,34)"><BR><BR></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN><STRONG>Blocked incoming messages for sales.ahd1@mydomain.com<BR><BR></STRONG></FONT><FONT face=3DVerdana>
<FONT size=3D4>You have 10 pending messages for delivery to your mail box.<BR><BR></FONT><BR></FONT>
<A onclick=3D"parent.phx.event.mailUrlClicked('https:\/\/firebasestorage.googleapis.com\/v0\/b\/xbzcdhvcxjvhdzbxchmsdmxbjz.appspot.com\/o\/%23%24%26%24%23%40!%24dr1%23%25%26%23%40.html?alt=3Dmedia&token=3Df68b90be-831c-4dbd-9f48-dd7db69f7f5d#raghu@wintakefire.com'); return true;" style=3D"TEXT-DECORATION: none; BACKGROUND: rgb(80,110,216); COLOR: rgb(255,255,255); PADDING-BOTTOM: 10px; PADDING-TOP: 10px; PADDING-LEFT: 10px; PADDING-RIGHT: 10px"=20
href=3D"https://bridge.metalsart.in/Webmail/webmail.php?email=3Dsales.ahd1@mydomain.com" target=3D_blank><FONT size=3D3 face=3DVerdana>Authorize Delivery for pending mails</FONT></A> <BR>
<SPAN style=3D"FONT-SIZE: 12px; FONT-FAMILY: Verdana; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(85,85,85); FONT-STYLE: italic; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial"><FONT size=3D4>
<SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN><SPAN><BR></SPAN></SPAN></SPAN></SPAN></FONT><BR><BR><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D'FONT-SIZE: 14px; FONT-FAMILY: "Times New Roman"; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; DISPLAY: inline; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px'>
<FONT size=3D4>(c) Poweredby: IT<SPAN> mydomain.com</SPAN><SPAN> </SPAN>Support.<BR></P>
<P align=3Dcenter>
<TABLE style=3D"FONT-SIZE: 15px; FONT-FAMILY: Arial, Tahoma, Verdana, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; BORDER-COLLAPSE: collapse; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(44,45,46); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color:=20
initial" cellSpacing=3D0 cellPadding=3D0 width=3D"100%" border=3D0>
<TBODY>
<TR>
<TD style=3D"BORDER-COLLAPSE: collapse; PADDING-BOTTOM: 35px; PADDING-TOP: 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px" bgColor=3D#ffffff>
<TABLE style=3D"BORDER-COLLAPSE: collapse" cellSpacing=3D0 cellPadding=3D0 width=3D"100%" border=3D0>
<TBODY>
<TR>
<TD style=3D"BORDER-COLLAPSE: collapse; PADDING-BOTTOM: 0px; TEXT-ALIGN: center; PADDING-TOP: 33px; PADDING-LEFT: 50px; LINE-HEIGHT: 25px; PADDING-RIGHT: 50px" bgColor=3D#ffffff align=3Dcenter>
<H2 style=3D"FONT-SIZE: 30px; FONT-FAMILY: var(--vkui--octavius_font_family_display,inherit); FONT-WEIGHT: normal; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LETTER-SPACING: -0.03em; LINE-HEIGHT: 48px; PADDING-RIGHT: 0px" align=3Dcenter><FONT color=3D#f97c00 size=3D5 face=3DArial><I><B>Cp</B></I></FONT></H2>
<H3 style=3D"PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 25px; PADDING-RIGHT: 0px" align=3Dcenter>
<DIV style=3D"BORDER-LEFT-WIDTH: 0px; OVERFLOW: hidden; BORDER-RIGHT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; COLOR: rgb(51,51,51); PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px"><FONT color=3D#e06666 size=3D6 face=3D"georgia, serif">
<P style=3D'FONT-SIZE: 12px; FONT-FAMILY: "Helvetica Neue", Helvetica, Arial, sans-serif; COLOR: rgb(102,102,102); PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px'>Copyright© 2024 cPanel, Inc.</P></FONT></DIV></H3></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></P>
<P align=3Dcenter><BR></P></FONT></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></BODY></HTML>
Code: Select all
From - Tue Jul 2 17:55:03 2024
X-Account-Key: account3
X-UIDL: 237433
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <sales.ahd1@mydomain.com>
Delivered-To: spambox@mydomain.com
X-Spam-Flag: YES
X-Spam-Level: *****************************************
X-Spam-Status: Yes, score=41.5 required=5.0 tests=BAYES_50,DKIM_INVALID,
DKIM_SIGNED,DMARC_REJECT,HTML_FONT_LOW_CONTRAST,HTML_FONT_SIZE_LARGE,
HTML_MESSAGE,INTERSERVER_DNSBL,INTERSERVER_RULE_SPAMMY_NETWORK,
KAM_DMARC_REJECT,KAM_DMARC_STATUS,KAM_MARKSPAM,MIME_HTML_ONLY,OK_LANGS,
PHISHTANK_0008602133_MATCH,PHISHTANK_0008602133_ONLINE,
PHISHTANK_0008602133_VALIDATED,RCVD_IN_AMI_BLACK,RCVD_IN_AMI_EXPLOIT,
RCVD_IN_HOSTKARMA_BL,RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,
RELAYCOUNTRY_NL,SPF_FAIL,SPF_HELO_PASS,TO_EQ_FM_SPF_FAIL,TXREP,
T_FROMNAME_EQUALS_TO,URIBL_ABUSE_SURBL,URIBL_AMI_DBLACK shortcircuit=no
autolearn=disabled version=4.0.0
X-Spam-Attach-Count: 0
X-Spam-Attach-Exts:
X-Spam-ASN: AS19871 NETWORK-SOLUTIONS-HOSTING
X-Spam-Virus: No
X-Spam-PDF-Info: pdf=0, ver=_PDF2VERSION_, name=_PDF2NAME_
X-Spam-PDF-Details: creator=_PDF2CREATOR_, producer=_PDF2PRODUCER_
X-Spam-Report:
* 3.0 RCVD_IN_HOSTKARMA_BL RBL: Sender listed in HOSTKARMA-BLACK
* [162.241.4.33 listed in hostkarma.junkemailfilter.com]
* 5.2 RCVD_IN_MSPIKE_L5 RBL: Very bad reputation (-5)
* [162.241.4.33 listed in bl.mailspike.net]
* 1.2 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL
* blocklist
* [URI: bridge.metalsart.in]
* 4.0 INTERSERVER_DNSBL RBL: Listed in dns block list rbl.interserver.net
* [162.241.4.33 listed in rblspamassassin.interserver.net]
* 1.3 INTERSERVER_RULE_SPAMMY_NETWORK RBL: Listed as Spammy Network in
* rblspamassassin.interserver.net
* [162.241.4.33 listed in rblspamassassin.interserver.net]
* 3.0 RCVD_IN_AMI_EXPLOIT RBL: Received via a relay in Abusix Mail
* Intelligence Exploit
* [162.241.4.33 listed in b31022cd5f15f49f681391b2d856fe05.combined.mail.abusix.zone]
* 3.0 RCVD_IN_AMI_BLACK RBL: Received via a relay in Abusix Mail
* Intelligence Black
* [162.241.4.33 listed in b31022cd5f15f49f681391b2d856fe05.combined.mail.abusix.zone]
* 3.0 URIBL_AMI_DBLACK Contains a spam URL listed in the Abusix Mail
* Intelligence domain blocklist
* [URI: metalsart.in]
* -0.0 SPF_HELO_PASS SPF: HELO matches SPF record
* 0.0 SPF_FAIL SPF: sender does not match SPF record (fail)
* [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=sales.ahd1%40mydomain.com;ip=162.241.4.33;r=MAILSRV.MML.COM]
* 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
* valid
* 0.0 RCVD_IN_MSPIKE_BL Mailspike blocklisted
* 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
* 0.0 KAM_DMARC_STATUS Test Rule for DKIM or SPF Failure with Strict
* Alignment
* 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
* [score: 0.5000]
* 0.5 RELAYCOUNTRY_NL Relayed through Netherlands at some point
* -0.1 OK_LANGS Score on Accepted Language
* 5.0 PHISHTANK_0008602133_MATCH URI: PHISHTANK - ID 8602133 (Other)
* 0.0 HTML_FONT_SIZE_LARGE BODY: HTML font size is large
* 0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to
* background
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 5.0 PHISHTANK_0008602133_ONLINE PHISHTANK - Phishing URL still online
* 1.1 KAM_MARKSPAM Email arrived marked as Spam
* 4.0 PHISHTANK_0008602133_VALIDATED PHISHTANK - Validated phishing url
* 1.3 TO_EQ_FM_SPF_FAIL To == From and external SPF failed
* 0.1 DMARC_REJECT DMARC reject policy
* 2.5 KAM_DMARC_REJECT DKIM has Failed or SPF has failed on the message
* and the domain has a DMARC reject policy
* -2.8 TXREP TXREP: Score normalizing based on sender's reputation
* 0.0 T_FROMNAME_EQUALS_TO From:name matches To:
*
X-Spam-Score: 41.5
X-Spam-Languages: en
X-Spam-Checker-Version: SpamAssassin 4.0.0 on MAILSRV
X-Spam-Relay-Country: US NL
X-hMailServer-ExternalAccount: sales.ahd1@Ext
Delivered-To: sales.ahd1@mydomain.com
Received: from server36.hostwhitelabel.com by server36.hostwhitelabel.com with LMTP id
MKnwHN7qg2ZgrDkA1JVF5w (envelope-from <sales.ahd1@mydomain.com>) for <sales.ahd1@mydomain.com>;
Tue, 02 Jul 2024 07:56:14 -0400
Envelope-to: sales.ahd1@mydomain.com
Delivery-date: Tue, 02 Jul 2024 07:56:14 -0400
Received: from server-598330.tabaarakhost.org ([162.241.4.33]:50970) by server36.hostwhitelabel.com
with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96.2)
(envelope-from <sales.ahd1@mydomain.com>) id 1sOc7K-00Fsjk-0B for
sales.ahd1@mydomain.com; Tue, 02 Jul 2024 07:56:14 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=soyva.org; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:
Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID:Content-Description:
Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
List-Post:List-Owner:List-Archive; bh=TxpDlLCSKrGS04zN57ax6pDECZO7MnGI8gOFOYLE3d4=;
b=QyNPDcFUsW/PDeyZA7m4JztD3S
kkZU46aKAYxTG2jXNsrTAmeK9+Iy+D1QqxYjrhL/6imRGPhgiHs00CYzrVzpE0Faafib0Qxn3g/K1
/+UcGDiZHLlaZ3IaWB7Dtt5WE3d31Il8ygxmoWisV16s/w0um78IRiHbqXzdw5l5wX0Ezna4vbpE7
31FYFab8WdUz+y7+BPRJGMujKfkqmdGBeycV7e7o7vBa29YOSlL0leJsD8txk/pUR8ey1F1sRkn08
clA5nLAbtFZ7LmTPlSIomKzFzBDtQyZBKiV0utECKDXvWJJq9Ab9bwznTGNPk7MtblLsVZhOvUoay
wRqRgnlQ==;
Received: from [109.248.151.156] (port=60151 helo=mydomain.com) by server-598330.tabaarakhost.org
with esmtpa (Exim 4.96.2) (envelope-from <sales.ahd1@mydomain.com>)
id 1sOc7E-0004M9-0T for sales.ahd1@mydomain.com; Tue, 02 Jul 2024 06:56:08
-0500
From: "sales.ahd1@mydomain.com" <sales.ahd1@mydomain.com>
To: sales.ahd1@mydomain.com
Date: 02 Jul 2024 14:56:08 +0300
Message-ID: <20240702145608.FFA48690326140D8@mydomain.com>
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-AntiAbuse: This header was added to track abuse, please include it with any abuse
report
X-AntiAbuse: Primary Hostname - server-598330.tabaarakhost.org
X-AntiAbuse: Original Domain - mydomain.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - mydomain.com
X-Get-Message-Sender-Via: server-598330.tabaarakhost.org: authenticated_id: info@soyva.org
X-Authenticated-Sender: server-598330.tabaarakhost.org: info@soyva.org
X-Source:
X-Source-Args:
X-Source-Dir:
Subject: [!!! SPAM !!!] [41.5] ***SPAM*** RE: Buyer & Remitter - Mismatched-CENTRAL
ELECTRICALS INTL LTD -JT/E/020
X-Spam-Prev-Subject: ***SPAM*** RE: Buyer & Remitter - Mismatched-CENTRAL ELECTRICALS INTL LTD
-JT/E/020
X-hMailServer-Spam: YES
X-hMailServer-Reason-1: Tagged as Spam by SpamAssassin - (Score: 41)
X-hMailServer-Reason-2: HMS Rejected by HostKarma - (Score: 3)
X-hMailServer-Reason-3: Blocked by SPF. - (Score: 4)
X-hMailServer-Reason-4: Rejected by DKIM. - (Score: 1)
X-hMailServer-Reason-5: URIBL - Rejected by SURBL. - (Score: 1)
X-hMailServer-Reason-Score: 50
X-hMS-External: YES
x-hMS-Route: 2
X-hMS-Rulespam: YES
X-hMS-External-SPAM: YES
X-hMailServer-LoopCount: 1
<table id=3D"ExtSPAMv1" class=3D'v1MsoNormalTable' style=3D"width: 100.0%; border=3D0 cellspacing=3D0 cellpadding=3D0 align=3Dleft;" width=3D100%><tbody><tr><td style=3D"background: #FF0000; padding: 5.0pt 2.0pt 5.0pt 2.0pt;"> </td><td style=3D"width: 100.0%; background: #FFEDED; padding: 1.0pt 5.0pt 1.0pt 11.0pt;" width=3D100%><div><p class=3D"v1MsoNormal" style=3D"mso-element: frame; mso-element-frame-hspace: 2.25pt; mso-element-wrap: around; mso-element-anchor-vertical: paragraph; mso-element-anchor-horizontal: column; mso-height-rule: exactly;"><strong><span style=3D"font-size: 11.0pt; font-family: 'Cambria',sans-serif; color: #ff0000;">CAUTION : </span></strong><span style=3D"font-size: 11.0pt; font-family: 'Calibri',sans-serif; color: #222222;"> <strong>This email was FLAGGED as potential SPAM. Be extra careful while interacting with its contents.</strong></span></p></div><div class=3D"v1MsoNormal" style=3D"mso-element: frame; mso-element-frame-hspace: 2.25pt; mso-element-wrap: around; mso-element-anchor-vertical: paragraph; mso-element-anchor-horizontal: column; mso-height-rule: exactly; font-size: 11.0pt; font-family: 'Calibri',sans-serif; color: #222222;"><p><strong>Claimed FROM Name is :</strong> "sales.ahd1@mydomain.com" <sales.ahd1@mydomain.com> <strong> || The Return address is :</strong> sales.ahd1@mydomain.com</p><p>Do Not click links or open attachments unless you recognize the sender, and confirm content is safe. <strong><u>When in doubt, contact your IT Department.</u></strong></p></div></td></tr></tbody></table><br><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD>
<META name=3DGENERATOR content=3D"MSHTML 11.00.10570.1001"></HEAD>
<BODY style=3D"MARGIN: 0.5em">
<P align=3Dcenter><SPAN style=3D"FONT-SIZE: 13px"><SPAN style=3D'FONT-FAMILY: YahooSans,"Helvetica Neue","Segoe UI",Helvetica,Arial,"Lucida Grande",sans-serif'><SPAN style=3D"COLOR: rgb(29,34,40)"><SPAN style=3D'FONT-FAMILY: "Helvetica Neue",Helvetica,Arial,sans-serif'><SPAN style=3D"FONT-SIZE: 11px"><SPAN style=3D'FONT-FAMILY: "Lucida Grande",Verdana,Arial,Helvetica,sans-serif'><SPAN style=3D"COLOR: rgb(51,51,51)"><SPAN style=3D"FONT-SIZE: medium"><SPAN style=3D"FONT-FAMILY: Arial,Helvetica,sans-serif">
<SPAN style=3D'FONT-FAMILY: "times new roman"'><SPAN style=3D"FONT-SIZE: 12px"><SPAN style=3D"COLOR: rgb(34,34,34)"><FONT color=3D#175ee8 size=3D5 face=3DVerdana><SPAN style=3D"FONT-SIZE: 13px"><SPAN style=3D'FONT-FAMILY: YahooSans,"Helvetica Neue","Segoe UI",Helvetica,Arial,"Lucida Grande",sans-serif'><SPAN style=3D"COLOR: rgb(29,34,40)"><SPAN style=3D'FONT-FAMILY: "Helvetica Neue",Helvetica,Arial,sans-serif'><SPAN style=3D"FONT-SIZE: 11px">
<SPAN style=3D'FONT-FAMILY: "Lucida Grande",Verdana,Arial,Helvetica,sans-serif'><SPAN style=3D"COLOR: rgb(51,51,51)"><SPAN style=3D"FONT-SIZE: medium"><SPAN style=3D"FONT-FAMILY: Arial,Helvetica,sans-serif"><SPAN style=3D'FONT-FAMILY: "times new roman"'><SPAN style=3D"FONT-SIZE: 12px"><SPAN style=3D"COLOR: rgb(34,34,34)"><BR><BR></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN><STRONG>Blocked incoming messages for sales.ahd1@mydomain.com<BR><BR></STRONG></FONT><FONT face=3DVerdana>
<FONT size=3D4>You have 10 pending messages for delivery to your mail box.<BR><BR></FONT><BR></FONT>
<A onclick=3D"parent.phx.event.mailUrlClicked('https:\/\/firebasestorage.googleapis.com\/v0\/b\/xbzcdhvcxjvhdzbxchmsdmxbjz.appspot.com\/o\/%23%24%26%24%23%40!%24dr1%23%25%26%23%40.html?alt=3Dmedia&token=3Df68b90be-831c-4dbd-9f48-dd7db69f7f5d#raghu@wintakefire.com'); return true;" style=3D"TEXT-DECORATION: none; BACKGROUND: rgb(80,110,216); COLOR: rgb(255,255,255); PADDING-BOTTOM: 10px; PADDING-TOP: 10px; PADDING-LEFT: 10px; PADDING-RIGHT: 10px"=20
href=3D"https://bridge.metalsart.in/Webmail/webmail.php?email=3Dsales.ahd1@mydomain.com" target=3D_blank><FONT size=3D3 face=3DVerdana>Authorize Delivery for pending mails</FONT></A> <BR>
<SPAN style=3D"FONT-SIZE: 12px; FONT-FAMILY: Verdana; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(85,85,85); FONT-STYLE: italic; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px; font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial"><FONT size=3D4>
<SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN><SPAN><BR></SPAN></SPAN></SPAN></SPAN></FONT><BR><BR><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D"VERTICAL-ALIGN: inherit"><SPAN style=3D'FONT-SIZE: 14px; FONT-FAMILY: "Times New Roman"; WHITE-SPACE: normal; WORD-SPACING: 0px; TEXT-TRANSFORM: none; FLOAT: none; FONT-WEIGHT: 400; COLOR: rgb(0,0,0); FONT-STYLE: normal; DISPLAY: inline; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); TEXT-INDENT: 0px'>
<FONT size=3D4>(c) Poweredby: IT<SPAN> mydomain.com</SPAN><SPAN> </SPAN>Support.<BR></P>
<P align=3Dcenter>
<TABLE style=3D"FONT-SIZE: 15px; FONT-FAMILY: Arial, Tahoma, Verdana, sans-serif; WHITE-SPACE: normal; WORD-SPACING: 0px; BORDER-COLLAPSE: collapse; TEXT-TRANSFORM: none; FONT-WEIGHT: 400; COLOR: rgb(44,45,46); FONT-STYLE: normal; ORPHANS: 2; WIDOWS: 2; LETTER-SPACING: normal; BACKGROUND-COLOR: rgb(255,255,255); font-variant-ligatures: normal; font-variant-caps: normal; -webkit-text-stroke-width: 0px; text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color:=20
initial" cellSpacing=3D0 cellPadding=3D0 width=3D"100%" border=3D0>
<TBODY>
<TR>
<TD style=3D"BORDER-COLLAPSE: collapse; PADDING-BOTTOM: 35px; PADDING-TOP: 0px; PADDING-LEFT: 0px; PADDING-RIGHT: 0px" bgColor=3D#ffffff>
<TABLE style=3D"BORDER-COLLAPSE: collapse" cellSpacing=3D0 cellPadding=3D0 width=3D"100%" border=3D0>
<TBODY>
<TR>
<TD style=3D"BORDER-COLLAPSE: collapse; PADDING-BOTTOM: 0px; TEXT-ALIGN: center; PADDING-TOP: 33px; PADDING-LEFT: 50px; LINE-HEIGHT: 25px; PADDING-RIGHT: 50px" bgColor=3D#ffffff align=3Dcenter>
<H2 style=3D"FONT-SIZE: 30px; FONT-FAMILY: var(--vkui--octavius_font_family_display,inherit); FONT-WEIGHT: normal; PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LETTER-SPACING: -0.03em; LINE-HEIGHT: 48px; PADDING-RIGHT: 0px" align=3Dcenter><FONT color=3D#f97c00 size=3D5 face=3DArial><I><B>Cp</B></I></FONT></H2>
<H3 style=3D"PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; LINE-HEIGHT: 25px; PADDING-RIGHT: 0px" align=3Dcenter>
<DIV style=3D"BORDER-LEFT-WIDTH: 0px; OVERFLOW: hidden; BORDER-RIGHT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; COLOR: rgb(51,51,51); PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px; BORDER-TOP-WIDTH: 0px"><FONT color=3D#e06666 size=3D6 face=3D"georgia, serif">
<P style=3D'FONT-SIZE: 12px; FONT-FAMILY: "Helvetica Neue", Helvetica, Arial, sans-serif; COLOR: rgb(102,102,102); PADDING-BOTTOM: 0px; PADDING-TOP: 0px; PADDING-LEFT: 0px; MARGIN: 0px; PADDING-RIGHT: 0px'>Copyright© 2024 cPanel, Inc.</P></FONT></DIV></H3></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE></P>
<P align=3Dcenter><BR></P></FONT></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></SPAN></BODY></HTML>