rixx/27.5

## 27.5
Spam detection software, running on the system "cirdan",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
root@localhost for details.

Content preview:  Hello Dear, Compliments of the season,I am Mrs.Phensiri Pitikornkul,the
   wife of the former assistant Governor Bank of Thailand under Thaksin Shinawatra,
   the tycoon and founder of a political movement who was ousted in military
   coup and Impeached, that led to the overthrow of the Thai Rak Thai Party.
   My husband is serving a long time jail sentence due to huge monies his colleagues
   in government embezzled during his time in office. [...]

Content analysis details:   (27.5 points, 6.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.0 NSL_RCVD_FROM_USER     Received from User
 0.0 FSL_CTYPE_WIN1251      Content-Type only seen in 419 spam
 2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                            [203.194.131.115 listed in psbl.surriel.com]
 1.6 RCVD_IN_BRBL_LASTEXT   RBL: No description available.
                           [203.194.131.115 listed in bb.barracudacentral.org]
 0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
                            (phensiri.thaihome1[at]gmail.com)
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail provider
                            (phensiri.pitikornkul[at]aol.com)
 2.5 US_DOLLARS_3           BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
 2.5 MILLION_USD            BODY: Talks about millions of dollars
 1.5 HK_NAME_FM_MR_MRS      No description available.
 0.5 FSL_NEW_HELO_USER      Spam's using Helo and User
 0.0 LOTS_OF_MONEY          Huge... sums of money
 1.3 RDNS_NONE              Delivered to internal network by a host with no rDNS
 0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
 0.0 FROM_MISSP_XPRIO       Misspaced FROM + X-Priority
 0.0 FROM_MISSP_TO_UNDISC   From misspaced, To undisclosed
 0.0 FROM_MISSP_MSFT        From misspaced + supposed Microsoft tool
 3.4 MSOE_MID_WRONG_CASE    No description available.
 0.0 FROM_MISSP_USER        From misspaced, from "User"
 0.0 MONEY_FROM_MISSP       Lots of money and misspaced From
 1.0 FREEMAIL_REPLYTO       Reply-To/From or Reply-To/body contain different
                            freemails
 0.0 FROM_MISSPACED         From: missing whitespace
 0.0 FROM_MISSP_REPLYTO     From misspaced, has Reply-To
 0.0 T_FROM_MISSP_DKIM      From misspaced, DKIM dependable
 2.8 FORGED_MUA_OUTLOOK     Forged mail pretending to be from MS Outlook
 1.0 XPRIO                  Has X-Priority header
 0.0 FROM_MISSP_FREEMAIL    From misspaced + freemail provider
 2.9 MONEY_FRAUD_8          Lots of money and very many fraud phrases
 3.6 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money


X-Greylist: delayed 47887 seconds by postgrey-1.35 at cirdan; Thu, 09 Jul 2015 18:19:42 CEST
Received: from www.jumbotak.com (unknown [203.194.131.115])
    by mail.cutebit.de (Postfix) with ESMTP id 675A6280908
    for <rixx@cutebit.de>; Thu,  9 Jul 2015 18:19:42 +0200 (CEST)
Received: from User (unknown [36.37.130.179])
    by www.jumbotak.com (Postfix) with ESMTP id 91D772E9AF;
    Thu,  9 Jul 2015 10:24:36 +0800 (HKT)
Reply-To: <phensiri.thaihome1@gmail.com>
From: "Mrs.Phensiri Pitikornkul"<phensiri.pitikornkul@aol.com>
Subject: From Mrs.Phensiri Pitikornkul, CAN WE WORK TOGETHER IN THIS PROJECT.
Date: Thu, 9 Jul 2015 09:12:09 +0700
MIME-Version: 1.0
Content-Type: text/plain;
    charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Message-Id: <20150709022436.91D772E9AF@##str_replacement_2##>
To: undisclosed-recipients:;

Hello Dear,

Compliments of the season,I am Mrs.Phensiri Pitikornkul,the wife of the former assistant Governor Bank of Thailand under Thaksin Shinawatra, the tycoon and founder of a political movement who was ousted in military coup and Impeached, that led to the overthrow of the Thai Rak Thai Party. My husband is serving a long time jail sentence due to huge monies his colleagues in government embezzled during his time in office.

Thai Government has sealed our property and also want to freeze my hard earn money which i have labored for so many years because of my husband predicament. I am under heavy surveillance by Thai Government presently.

The reason why I'm contacting you is to help me move and secure my money from the dollar account of the Financial firm where I have deposited all the monies to a foreign account in your country to avoid Thai government finding it because they are about to investigate my bank account which they have no information about yet, I'm an innocent woman that have never hurt anybody. The total sum of amount in US dollars is $14,750,000.00 (Fourteen Million,Seven Hundred and Fifty Thousand United State Dollars). Please kindly render me your assistance and let me know what commission you will be interested in for your kindly service,this is very important to me and the rest of my family.

It is my wish to give my beautiful daughter a good and sound education and also to secure her future.I don't want Thai government to ruin our lives because of my husband's political predicament that has taken him to a very long jail sentence. My lawyer is working tirelessly to make sure we stay under the rader as the Thai government is really closing in on my money and the rest of my assets.

If my mail is against your moral ethics,please try and understand my present predicament with the purest of your heart as a woman with a daughter and families to fend for and should you be interested in assisting me on this project,please kindly contact me and I will furnish you with full details of my funds.Please also note that I am contacting you independently and this is absolutely confidential.Sometimes in life we are faced with challenges and regardless one must move forward. I also want to re-assure you that this money is legally mine and not for politicians or illegal sources, I can assure you that with utmost honesty.

I look forward to your kindest consideration, I will appreciate your timely response.

Yours Sincerely.
Mrs.Phensiri Pitikornkul

## 38.4
Spam detection software, running on the system "cirdan",
has identified this incoming email as possible spam.  The original
message has been attached to this so you can view it or label
similar future email.  If you have any questions, see
root@localhost for details.

Content preview:  Hello, I am Dr. John Chan Jp, a director with Hang Seng Bank
   Limited here in Hong-Kong and I have a good and profitable business proposal
   for you. One of our client who unfortunately is now deceased had a fixed
  deposit of the sum of US$20,500,000 with our bank and he died intestate{without
   a will} and all of our efforts to trace any of his living relative has proved
   abortive as he was childless and he died with his wife. [...]

Content analysis details:   (38.4 points, 6.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 3.3 NSL_RCVD_HELO_USER     Received from HELO User
 0.0 FSL_CTYPE_WIN1251      Content-Type only seen in 419 spam
 2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                            [200.245.16.11 listed in psbl.surriel.com]
 1.3 RCVD_IN_RP_RNBL        RBL: Relay in RNBL,
                            https://senderscore.org/blacklistlookup/
                            [200.245.16.11 listed in bl.score.senderscore.com]
 1.6 RCVD_IN_BRBL_LASTEXT   RBL: No description available.
                            [200.245.16.11 listed in bb.barracudacentral.org]
 1.6 SUBJ_ALL_CAPS          Subject is all capitals
 1.2 MISSING_HEADERS        Missing To: header
 2.5 US_DOLLARS_3           BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
 2.6 HK_SCAM_N13            BODY: No description available.
 1.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.6 FORGED_OUTLOOK_TAGS    Outlook can't send HTML in this format
 0.5 FSL_NEW_HELO_USER      Spam's using Helo and User
 0.0 LOTS_OF_MONEY          Huge... sums of money
 1.3 RDNS_NONE              Delivered to internal network by a host with no rDNS
 0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
 0.0 FORGED_OUTLOOK_HTML    Outlook can't send HTML message only
 0.0 FROM_MISSP_XPRIO       Misspaced FROM + X-Priority
 0.1 MISSING_MID            Missing Message-Id: header
 1.9 REPLYTO_WITHOUT_TO_CC  No description available.
 0.0 FROM_MISSP_MSFT        From misspaced + supposed Microsoft tool
 2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
 0.0 MONEY_FROM_MISSP       Lots of money and misspaced From
 0.0 FROM_MISSPACED         From: missing whitespace
 0.0 FROM_MISSP_REPLYTO     From misspaced, has Reply-To
 0.0 T_FROM_MISSP_DKIM      From misspaced, DKIM dependable
 0.7 TO_NO_BRKTS_FROM_MSSP  Multiple formatting errors
 0.0 TO_NO_BRKTS_NORDNS_HTML To: misformatted and no rDNS and HTML only
 0.0 T_MONEY_PERCENT        X% of a lot of money for you
 2.8 FORGED_MUA_OUTLOOK     Forged mail pretending to be from MS Outlook
 1.0 XPRIO                  Has X-Priority header
 2.5 TO_NO_BRKTS_MSFT       To: misformatted and supposed Microsoft tool
 2.9 MONEY_FRAUD_8          Lots of money and very many fraud phrases
 3.6 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.
	Spam detection software, running on the system "cirdan",
	has identified this incoming email as possible spam. The original
	message has been attached to this so you can view it or label
	similar future email. If you have any questions, see
	root@localhost for details.

	Content preview: Hello Dear, Compliments of the season,I am Mrs.Phensiri Pitikornkul,the
	wife of the former assistant Governor Bank of Thailand under Thaksin Shinawatra,
	the tycoon and founder of a political movement who was ousted in military
	coup and Impeached, that led to the overthrow of the Thai Rak Thai Party.
	My husband is serving a long time jail sentence due to huge monies his colleagues
	in government embezzled during his time in office. [...]

	Content analysis details: (27.5 points, 6.0 required)

	pts rule name description
	---- ---------------------- --------------------------------------------------
	0.0 NSL_RCVD_FROM_USER Received from User
	0.0 FSL_CTYPE_WIN1251 Content-Type only seen in 419 spam
	2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
	[203.194.131.115 listed in psbl.surriel.com]
	1.6 RCVD_IN_BRBL_LASTEXT RBL: No description available.
	[203.194.131.115 listed in bb.barracudacentral.org]
	0.2 FREEMAIL_REPLYTO_END_DIGIT Reply-To freemail username ends in digit
	(phensiri.thaihome1[at]gmail.com)
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(phensiri.pitikornkul[at]aol.com)
	2.5 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
	2.5 MILLION_USD BODY: Talks about millions of dollars
	1.5 HK_NAME_FM_MR_MRS No description available.
	0.5 FSL_NEW_HELO_USER Spam's using Helo and User
	0.0 LOTS_OF_MONEY Huge... sums of money
	1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
	0.0 AXB_XMAILER_MIMEOLE_OL_024C2 Yet another X header trait
	0.0 FROM_MISSP_XPRIO Misspaced FROM + X-Priority
	0.0 FROM_MISSP_TO_UNDISC From misspaced, To undisclosed
	0.0 FROM_MISSP_MSFT From misspaced + supposed Microsoft tool
	3.4 MSOE_MID_WRONG_CASE No description available.
	0.0 FROM_MISSP_USER From misspaced, from "User"
	0.0 MONEY_FROM_MISSP Lots of money and misspaced From
	1.0 FREEMAIL_REPLYTO Reply-To/From or Reply-To/body contain different
	freemails
	0.0 FROM_MISSPACED From: missing whitespace
	0.0 FROM_MISSP_REPLYTO From misspaced, has Reply-To
	0.0 T_FROM_MISSP_DKIM From misspaced, DKIM dependable
	2.8 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
	1.0 XPRIO Has X-Priority header
	0.0 FROM_MISSP_FREEMAIL From misspaced + freemail provider
	2.9 MONEY_FRAUD_8 Lots of money and very many fraud phrases
	3.6 ADVANCE_FEE_5_NEW_MONEY Advance Fee fraud and lots of money


	X-Greylist: delayed 47887 seconds by postgrey-1.35 at cirdan; Thu, 09 Jul 2015 18:19:42 CEST
	Received: from www.jumbotak.com (unknown [203.194.131.115])
	by mail.cutebit.de (Postfix) with ESMTP id 675A6280908
	for <rixx@cutebit.de>; Thu, 9 Jul 2015 18:19:42 +0200 (CEST)
	Received: from User (unknown [36.37.130.179])
	by www.jumbotak.com (Postfix) with ESMTP id 91D772E9AF;
	Thu, 9 Jul 2015 10:24:36 +0800 (HKT)
	Reply-To: <phensiri.thaihome1@gmail.com>
	From: "Mrs.Phensiri Pitikornkul"<phensiri.pitikornkul@aol.com>
	Subject: From Mrs.Phensiri Pitikornkul, CAN WE WORK TOGETHER IN THIS PROJECT.
	Date: Thu, 9 Jul 2015 09:12:09 +0700
	MIME-Version: 1.0
	Content-Type: text/plain;
	charset="Windows-1251"
	Content-Transfer-Encoding: 7bit
	X-Priority: 3
	X-MSMail-Priority: Normal
	X-Mailer: Microsoft Outlook Express 6.00.2600.0000
	X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
	Message-Id: <20150709022436.91D772E9AF@##str_replacement_2##>
	To: undisclosed-recipients:;

	Hello Dear,

	Compliments of the season,I am Mrs.Phensiri Pitikornkul,the wife of the former assistant Governor Bank of Thailand under Thaksin Shinawatra, the tycoon and founder of a political movement who was ousted in military coup and Impeached, that led to the overthrow of the Thai Rak Thai Party. My husband is serving a long time jail sentence due to huge monies his colleagues in government embezzled during his time in office.

	Thai Government has sealed our property and also want to freeze my hard earn money which i have labored for so many years because of my husband predicament. I am under heavy surveillance by Thai Government presently.

	The reason why I'm contacting you is to help me move and secure my money from the dollar account of the Financial firm where I have deposited all the monies to a foreign account in your country to avoid Thai government finding it because they are about to investigate my bank account which they have no information about yet, I'm an innocent woman that have never hurt anybody. The total sum of amount in US dollars is $14,750,000.00 (Fourteen Million,Seven Hundred and Fifty Thousand United State Dollars). Please kindly render me your assistance and let me know what commission you will be interested in for your kindly service,this is very important to me and the rest of my family.

	It is my wish to give my beautiful daughter a good and sound education and also to secure her future.I don't want Thai government to ruin our lives because of my husband's political predicament that has taken him to a very long jail sentence. My lawyer is working tirelessly to make sure we stay under the rader as the Thai government is really closing in on my money and the rest of my assets.

	If my mail is against your moral ethics,please try and understand my present predicament with the purest of your heart as a woman with a daughter and families to fend for and should you be interested in assisting me on this project,please kindly contact me and I will furnish you with full details of my funds.Please also note that I am contacting you independently and this is absolutely confidential.Sometimes in life we are faced with challenges and regardless one must move forward. I also want to re-assure you that this money is legally mine and not for politicians or illegal sources, I can assure you that with utmost honesty.

	I look forward to your kindest consideration, I will appreciate your timely response.

	Yours Sincerely.
	Mrs.Phensiri Pitikornkul