MOON
Server: Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4
System: Linux vps.panamaemb.org.sg 3.10.0-1160.80.1.vz7.191.4 #1 SMP Thu Dec 15 20:31:06 MSK 2022 x86_64
User: panama (500)
PHP: 5.2.17
Disabled: NONE
$ pwd: /home/panama/mail/.internal@panamaemb_org_sg/new/
Upload Files
File: /home/panama/mail/.internal@panamaemb_org_sg/new/1470423416.H667107P479.vps.panamaemb.org.sg,S=2780
Return-path: <aaa@perdelka.ru>
Envelope-to: internal@panamaemb.org.sg
Delivery-date: Sat, 06 Aug 2016 02:56:56 +0800
Received: from 71-10-234-217.dhcp.oxfr.ma.charter.com ([71.10.234.217]:13196)
	by vps.panamaemb.org.sg with esmtp (Exim 4.87)
	(envelope-from <aaa@perdelka.ru>)
	id 1bVkIN-00006w-85
	for internal@panamaemb.org.sg; Sat, 06 Aug 2016 02:56:56 +0800
To: <internal@panamaemb.org.sg>
From: rvigzmqvp@1propainting.com
Message-ID: <c154ed45-4935-5958-61b8-bd0b0985fb5a@1or8faction.com>
Date: Fri, 5 Aug 2016 13:56:35 -0500
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: Yes, score=26.9
X-Spam-Score: 269
X-Spam-Bar: ++++++++++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "vps.panamaemb.org.sg",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 
 Content preview:  how are you doing? [...] 
 
 Content analysis details:   (26.9 points, 5.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  4.0 RCVD_IN_SORBS_DUL      RBL: SORBS: sent directly from dynamic IP address
                             [71.10.234.217 listed in dnsbl.sorbs.net]
  0.0 CK_HELO_DYNAMIC_SPLIT_IP Relay HELO'd using suspicious hostname
                             (Split IP)
  0.0 TVD_RCVD_IP            Message was received from an IP address
  1.0 HK_RANDOM_FROM         From username looks random
  4.4 RCVD_IN_XBL            RBL: Received via a relay in Spamhaus XBL
                             [71.10.234.217 listed in zen.spamhaus.org]
  3.3 RCVD_IN_PBL            RBL: Received via a relay in Spamhaus PBL
  0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
                             domains are different
  4.2 BAYES_80               BODY: Bayes spam probability is 80 to 95%
                             [score: 0.8485]
  2.6 RDNS_DYNAMIC           Delivered to internal network by host with
                             dynamic-looking rDNS
  3.6 HELO_DYNAMIC_IPADDR2   Relay HELO'd using suspicious hostname (IP addr
                             2)
  0.0 RCVD_IN_MSPIKE_BL      Mailspike blacklisted
  1.0 KAM_LAZY_DOMAIN_SECURITY Sending domain does not have any
                             anti-forgery methods
  2.8 HELO_DYNAMIC_HCC       Relay HELO'd using suspicious hostname (HCC)
  0.0 RCVD_IN_MSPIKE_ZBI     No description available.
X-Spam-Flag: YES
Subject:  ***SPAM***  hi! :)

how are you doing?
@ Telegram