Subject: Mail delivery failed: returning message to sender (18)
Sender name: Mail Delivery System (147)
Sender email: [email protected] (1)
Received from ip: 202.52.146.17 (1)
Received from host name: mx7-dti.idweb.host (1)
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[email protected]
LMTP error after RCPT TO:<[email protected]>:
550 5.1.1 <[email protected]> User doesn't exist:
[email protected]
--1571128558-eximdsn-1159971150
Content-type: message/delivery-status
Reporting-MTA: dns; mergangsan.idweb.host
Action: failed
Final-Recipient: rfc822;[email protected]
Status: 5.0.0
--1571128558-eximdsn-1159971150
Content-type: message/rfc822
Return-path: <uqvclcp@[FILTERED]>
Received: from [112.84.60.183] (port=4627 helo=[FILTERED])
by mergangsan.idweb.host with esmtp (Exim 4.91)
(envelope-from <uqvclcp@[FILTERED]>)
id 1iKIJ8-009yum-6h
for [email protected]; Tue, 15 Oct 2019 15:35:57 +0700
Received: from vps17831 ([127.0.0.1]) by localhost via TCP with ESMTPA; Tue, 15 Oct 2019 16:34:43 +0800
MIME-Version: 1.0
From: May <[email protected]>
Sender: May <uqvclcp@[FILTERED]>
To: [email protected]
Reply-To: May <[email protected]>
Date: 15 Oct 2019 16:34:43 +0800
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-Spam-Status: Yes, score=23.2
X-Spam-Score: 232
X-Spam-Bar: +++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "mergangsan.idweb.host",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Hello friend, Are you looking for suitable stainless steel
product supplier for lower cost? We are a professional manufacturer specialized
in flanges,valves and pipe fittings with 10 years experience.
Content analysis details: (23.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
4.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[112.84.60.183 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
0.0 HK_RANDOM_ENVFROM Envelope sender username looks random
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (xinlie159857[at]126.com)
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit (xinlie159857[at]126.com)
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.8 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
different
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.7 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
X-Spam-Flag: YES
Subject: ***SPAM*** =?utf-8?B?UmU6IHN1aXRhYmxlIHN0YWlubGVzcyBzdGVlbCBzdXBwbGllciBmb3IgbG93ZXIgY29zdA==?=
PGh0bWw+PGJvZHk+PFA+SGVsbG8gZnJpZW5kLDwvUD4NCjxQPkFyZSB5b3UgbG9va2luZyBm
b3Igc3VpdGFibGUgc3RhaW5sZXNzIHN0ZWVsIHByb2R1Y3Qgc3VwcGxpZXIgZm9yIGxvd2Vy
IGNvc3Q/PEJSPldlIGFyZSBhIHByb2Zlc3Npb25hbCBtYW51ZmFjdHVyZXIgc3BlY2lhbGl6
ZWQgaW4gZmxhbmdlcyx2YWx2ZXMgYW5kIHBpcGUgZml0dGluZ3Mgd2l0aCAxMCB5ZWFycyBl
eHBlcmllbmNlLjwvUD4NCjxQPk1PUTpObyBNT1EsYWNjZXB0YWJsZSBhbnkgbnVtYmVyPEJS
PkZhc3QgZGVsaXZlcnk6IHNoaXBwaW5nIHdpdGhpbiA3IGRheXM8QlI+Q2VydGlmaWNhdGlv
bjpJU08gOTAwMSxDRTxCUj5CZXN0IHNlcnZpY2U6IG93biBwcm9mZXNzaW9uYWwgZGVzaWdu
ZXJzIHRvIG1lZXQgeW91ciBPRU0gbmVlZHMuPEJSPlF1YWxpdHk6YWNjZXB0YWJsZSB0aGly
ZCBwYXJ0eSBpbnNwZWN0aW9uPEJSPldlJm5ic3A7IGhhdmUgZXhwb3J0ZWQmbmJzcDsgdG8g
VVNBLCBFVVJPKFBvcnR1Z2FsLEdlcm1hbnksU3BhaW4sVUspLjwvUD4NCjxQPklmIHlvdSBu
ZWVkIHRvIHNlZSB0aGUgY2F0YWxvZyBhbmQgYWN0dWFsIHNhbXBsZSwgcGxlYXNlIGZlZWwg
ZnJlZSB0byB0ZWxsIG1lLjwvUD4NCjxQPkJlc3Qgd2lzaGVzLDxCUj5NYXk8L1A+DQo8UD5P
dmVyc2VhcyBNYXJrZXRpbmcgTWFuYWdlcjxCUj5XZW56aG91IENodWFuZyBMYW4gaW5kdXN0
cnkgYW5kIFRyYWRlIENvLiwgTHRkLjwvUD48L2JvZHk+PC9odG1sPg==
--1571128558-eximdsn-1159971150--
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[email protected]
LMTP error after RCPT TO:<[email protected]>:
550 5.1.1 <[email protected]> User doesn't exist:
[email protected]
--1571128558-eximdsn-1159971150
Content-type: message/delivery-status
Reporting-MTA: dns; mergangsan.idweb.host
Action: failed
Final-Recipient: rfc822;[email protected]
Status: 5.0.0
--1571128558-eximdsn-1159971150
Content-type: message/rfc822
Return-path: <uqvclcp@[FILTERED]>
Received: from [112.84.60.183] (port=4627 helo=[FILTERED])
by mergangsan.idweb.host with esmtp (Exim 4.91)
(envelope-from <uqvclcp@[FILTERED]>)
id 1iKIJ8-009yum-6h
for [email protected]; Tue, 15 Oct 2019 15:35:57 +0700
Received: from vps17831 ([127.0.0.1]) by localhost via TCP with ESMTPA; Tue, 15 Oct 2019 16:34:43 +0800
MIME-Version: 1.0
From: May <[email protected]>
Sender: May <uqvclcp@[FILTERED]>
To: [email protected]
Reply-To: May <[email protected]>
Date: 15 Oct 2019 16:34:43 +0800
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-Spam-Status: Yes, score=23.2
X-Spam-Score: 232
X-Spam-Bar: +++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "mergangsan.idweb.host",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Hello friend, Are you looking for suitable stainless steel
product supplier for lower cost? We are a professional manufacturer specialized
in flanges,valves and pipe fittings with 10 years experience.
Content analysis details: (23.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
4.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[112.84.60.183 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
0.0 HK_RANDOM_ENVFROM Envelope sender username looks random
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (xinlie159857[at]126.com)
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit (xinlie159857[at]126.com)
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.8 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
different
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.7 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
X-Spam-Flag: YES
Subject: ***SPAM*** =?utf-8?B?UmU6IHN1aXRhYmxlIHN0YWlubGVzcyBzdGVlbCBzdXBwbGllciBmb3IgbG93ZXIgY29zdA==?=
PGh0bWw+PGJvZHk+PFA+SGVsbG8gZnJpZW5kLDwvUD4NCjxQPkFyZSB5b3UgbG9va2luZyBm
b3Igc3VpdGFibGUgc3RhaW5sZXNzIHN0ZWVsIHByb2R1Y3Qgc3VwcGxpZXIgZm9yIGxvd2Vy
IGNvc3Q/PEJSPldlIGFyZSBhIHByb2Zlc3Npb25hbCBtYW51ZmFjdHVyZXIgc3BlY2lhbGl6
ZWQgaW4gZmxhbmdlcyx2YWx2ZXMgYW5kIHBpcGUgZml0dGluZ3Mgd2l0aCAxMCB5ZWFycyBl
eHBlcmllbmNlLjwvUD4NCjxQPk1PUTpObyBNT1EsYWNjZXB0YWJsZSBhbnkgbnVtYmVyPEJS
PkZhc3QgZGVsaXZlcnk6IHNoaXBwaW5nIHdpdGhpbiA3IGRheXM8QlI+Q2VydGlmaWNhdGlv
bjpJU08gOTAwMSxDRTxCUj5CZXN0IHNlcnZpY2U6IG93biBwcm9mZXNzaW9uYWwgZGVzaWdu
ZXJzIHRvIG1lZXQgeW91ciBPRU0gbmVlZHMuPEJSPlF1YWxpdHk6YWNjZXB0YWJsZSB0aGly
ZCBwYXJ0eSBpbnNwZWN0aW9uPEJSPldlJm5ic3A7IGhhdmUgZXhwb3J0ZWQmbmJzcDsgdG8g
VVNBLCBFVVJPKFBvcnR1Z2FsLEdlcm1hbnksU3BhaW4sVUspLjwvUD4NCjxQPklmIHlvdSBu
ZWVkIHRvIHNlZSB0aGUgY2F0YWxvZyBhbmQgYWN0dWFsIHNhbXBsZSwgcGxlYXNlIGZlZWwg
ZnJlZSB0byB0ZWxsIG1lLjwvUD4NCjxQPkJlc3Qgd2lzaGVzLDxCUj5NYXk8L1A+DQo8UD5P
dmVyc2VhcyBNYXJrZXRpbmcgTWFuYWdlcjxCUj5XZW56aG91IENodWFuZyBMYW4gaW5kdXN0
cnkgYW5kIFRyYWRlIENvLiwgTHRkLjwvUD48L2JvZHk+PC9odG1sPg==
--1571128558-eximdsn-1159971150--
Return-Path: <>
X-Original-To: uqvclcp@[FILTERED]
Delivered-To: [FILTERED]
Received: from mx7-dti.idweb.host (unknown [202.52.146.17])
by [FILTERED]-inbox (Postfix) with ESMTP id ABFED5BB04
for <uqvclcp@[FILTERED]>; Wed, 16 Oct 2019 00:44:19 +0200 (CEST)
X-Spam-Status: No
X-jogjacamp-MailScanner-EFA-Watermark: 1571733361.12788@BXaQcw5Z2akJP0TCYpFMMg
X-jogjacamp-MailScanner-EFA-From:
X-jogjacamp-MailScanner-EFA: Found to be clean
X-jogjacamp-MailScanner-EFA-ID: 219FE460C7.A5A55
X-jogjacamp-MailScanner-EFA-Information: Please contact [email protected] for more information
Received: from mergangsan.idweb.host (mergangsan.idweb.host [222.165.255.195])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mx7-dti.idweb.host (Postfix) with ESMTPS id 219FE460C7
for <uqvclcp@[FILTERED]>; Tue, 15 Oct 2019 15:36:00 +0700 (WIB)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx7-dti.idweb.host 219FE460C7
Authentication-Results: mx7-dti.idweb.host; dmarc=none (p=none dis=none) header.from=mergangsan.idweb.host
Authentication-Results: mx7-dti.idweb.host; spf=none smtp.helo=mergangsan.idweb.host
DKIM-Filter: OpenDKIM Filter v2.11.0 mx7-dti.idweb.host 219FE460C7
Received: from mailnull by mergangsan.idweb.host with local (Exim 4.91)
id 1iKIJC-009z8n-Qs
for uqvclcp@[FILTERED]; Tue, 15 Oct 2019 15:35:58 +0700
X-Failed-Recipients: [email protected]
Auto-Submitted: auto-replied
From: Mail Delivery System <[email protected]>
To: uqvclcp@[FILTERED]
Content-Type: multipart/report; report-type=delivery-status; boundary=1571128558-eximdsn-1159971150
MIME-Version: 1.0
Subject: Mail delivery failed: returning message to sender
Message-Id: <[email protected]>
Date: Tue, 15 Oct 2019 15:35:58 +0700
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - mergangsan.idweb.host
X-AntiAbuse: Original Domain - [FILTERED]
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain -
X-Get-Message-Sender-Via: mergangsan.idweb.host: sender_ident via received_protocol == local: mailnull/primary_hostname/system user
X-Authenticated-Sender: mergangsan.idweb.host: mailnull
--1571128558-eximdsn-1159971150
Content-type: text/plain; charset=us-ascii
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[email protected]
LMTP error after RCPT TO:<[email protected]>:
550 5.1.1 <[email protected]> User doesn't exist:
[email protected]
--1571128558-eximdsn-1159971150
Content-type: message/delivery-status
Reporting-MTA: dns; mergangsan.idweb.host
Action: failed
Final-Recipient: rfc822;[email protected]
Status: 5.0.0
--1571128558-eximdsn-1159971150
Content-type: message/rfc822
Return-path: <uqvclcp@[FILTERED]>
Received: from [112.84.60.183] (port=4627 helo=[FILTERED])
by mergangsan.idweb.host with esmtp (Exim 4.91)
(envelope-from <uqvclcp@[FILTERED]>)
id 1iKIJ8-009yum-6h
for [email protected]; Tue, 15 Oct 2019 15:35:57 +0700
Received: from vps17831 ([127.0.0.1]) by localhost via TCP with ESMTPA; Tue, 15 Oct 2019 16:34:43 +0800
MIME-Version: 1.0
From: May <[email protected]>
Sender: May <uqvclcp@[FILTERED]>
To: [email protected]
Reply-To: May <[email protected]>
Date: 15 Oct 2019 16:34:43 +0800
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-Spam-Status: Yes, score=23.2
X-Spam-Score: 232
X-Spam-Bar: +++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "mergangsan.idweb.host",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Hello friend, Are you looking for suitable stainless steel
product supplier for lower cost? We are a professional manufacturer specialized
in flanges,valves and pipe fittings with 10 years experience.
Content analysis details: (23.2 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.0 BAYES_999 BODY: Bayes spam probability is 99.9 to 100%
[score: 1.0000]
5.0 BAYES_99 BODY: Bayes spam probability is 99 to 100%
[score: 1.0000]
4.4 RCVD_IN_XBL RBL: Received via a relay in Spamhaus XBL
[112.84.60.183 listed in zen.spamhaus.org]
3.3 RCVD_IN_PBL RBL: Received via a relay in Spamhaus PBL
3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS
0.0 HK_RANDOM_ENVFROM Envelope sender username looks random
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
provider (xinlie159857[at]126.com)
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in
digit (xinlie159857[at]126.com)
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.0 HTML_MESSAGE BODY: HTML included in message
1.8 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
EnvelopeFrom freemail headers are
different
1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
anti-forgery methods
2.0 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.7 SPOOFED_FREEMAIL_NO_RDNS From SPOOFED_FREEMAIL and no rDNS
X-Spam-Flag: YES
Subject: ***SPAM*** =?utf-8?B?UmU6IHN1aXRhYmxlIHN0YWlubGVzcyBzdGVlbCBzdXBwbGllciBmb3IgbG93ZXIgY29zdA==?=
PGh0bWw+PGJvZHk+PFA+SGVsbG8gZnJpZW5kLDwvUD4NCjxQPkFyZSB5b3UgbG9va2luZyBm
b3Igc3VpdGFibGUgc3RhaW5sZXNzIHN0ZWVsIHByb2R1Y3Qgc3VwcGxpZXIgZm9yIGxvd2Vy
IGNvc3Q/PEJSPldlIGFyZSBhIHByb2Zlc3Npb25hbCBtYW51ZmFjdHVyZXIgc3BlY2lhbGl6
ZWQgaW4gZmxhbmdlcyx2YWx2ZXMgYW5kIHBpcGUgZml0dGluZ3Mgd2l0aCAxMCB5ZWFycyBl
eHBlcmllbmNlLjwvUD4NCjxQPk1PUTpObyBNT1EsYWNjZXB0YWJsZSBhbnkgbnVtYmVyPEJS
PkZhc3QgZGVsaXZlcnk6IHNoaXBwaW5nIHdpdGhpbiA3IGRheXM8QlI+Q2VydGlmaWNhdGlv
bjpJU08gOTAwMSxDRTxCUj5CZXN0IHNlcnZpY2U6IG93biBwcm9mZXNzaW9uYWwgZGVzaWdu
ZXJzIHRvIG1lZXQgeW91ciBPRU0gbmVlZHMuPEJSPlF1YWxpdHk6YWNjZXB0YWJsZSB0aGly
ZCBwYXJ0eSBpbnNwZWN0aW9uPEJSPldlJm5ic3A7IGhhdmUgZXhwb3J0ZWQmbmJzcDsgdG8g
VVNBLCBFVVJPKFBvcnR1Z2FsLEdlcm1hbnksU3BhaW4sVUspLjwvUD4NCjxQPklmIHlvdSBu
ZWVkIHRvIHNlZSB0aGUgY2F0YWxvZyBhbmQgYWN0dWFsIHNhbXBsZSwgcGxlYXNlIGZlZWwg
ZnJlZSB0byB0ZWxsIG1lLjwvUD4NCjxQPkJlc3Qgd2lzaGVzLDxCUj5NYXk8L1A+DQo8UD5P
dmVyc2VhcyBNYXJrZXRpbmcgTWFuYWdlcjxCUj5XZW56aG91IENodWFuZyBMYW4gaW5kdXN0
cnkgYW5kIFRyYWRlIENvLiwgTHRkLjwvUD48L2JvZHk+PC9odG1sPg==
--1571128558-eximdsn-1159971150--