Rob McEwen skrev den 2023-02-21 20:37:
https://pastebin.com/v80qMF99
Content preview: Invoice from Apple. com (0005) xxx...@example.com,
here are
your invoice details Hello, xxx...@example.com Here's your invoice
Content analysis details: (1.2 points, 5.0 required)
pts rule name description
---- ----------------------
--------------------------------------------------
-0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
[173.0.84.227 listed in wl.mailspike.net]
1.8 DKIM_ADSP_DISCARD No valid author signature, domain signs all
mail
and suggests discarding the rest
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not
necessarily valid
0.1 DKIM_INVALID DKIM or DK signature exists, but is not
valid
-2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at
https://www.dnswl.org/,
medium trust
[173.0.84.227 listed in list.dnswl.org]
-2.0 RCVD_IN_HOSTKARMA_W RBL: Sender listed in HOSTKARMA-WHITE
[173.0.84.227 listed in
hostkarma.junkemailfilter.com]
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.4 KAM_REALLYHUGEIMGSRC RAW: Spam with image tags with ridiculously
huge
http urls
0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76
chars
0.0 LONG_IMG_URI Image URI with very long path component -
web bug?
1.0 MSGID_NOFQDN2 Message-ID without a fully-qualified domain
name
0.5 LONGLINE Line length exceeds 998 character limit, RFC
5322
1.2 FROM_PAYPAL_SPOOF From PayPal domain but matches SPOOFED
0.2 KAM_HUGEIMGSRC Message contains many image tags with huge
http urls
0.1 DMARC_REJECT DMARC reject policy
0.0 LOTS_OF_MONEY Huge... sums of money
0.0 T_REMOTE_IMAGE Message contains an external image
dont know more, but dnswl ? ;)
DMARC_REJECT && FROM_PAYPAL_SPOOF why accept it ?
