Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear user of ogf.org! I am a spyware software developer. Your
account has been hacked by me couple months ago. The hacking was carried
out using a hardware vulnerability through which you went online (Cisco router,
vulnerability CVE-2023-20026).
Content analysis details: (8.4 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 CK_HELO_GENERIC Relay used name indicative of a Dynamic Pool or
Generic rPTR
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
1.6 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
1.4 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
0.8 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps
2.0 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP
addr 1)
0.0 BITCOIN_XPRIO Bitcoin + priority
0.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX
1.0 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
0.0 HDR_ORDER_FTSDMCXX_DIRECT Header order similar to spam
(FTSDMCXX/boundary variant) + direct-to-MX
2.5 DOS_OE_TO_MX Delivered direct to MX with OE headers
0.0 XPRIO Has X-Priority header
Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear user of ogf.org! I am a spyware software developer. Your
account has been hacked by me couple months ago. The hacking was carried
out using a hardware vulnerability through which you went online (Cisco router,
vulnerability CVE-2023-20026).
Content analysis details: (6.3 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 CK_HELO_GENERIC Relay used name indicative of a Dynamic Pool or
Generic rPTR
0.0 TVD_RCVD_IP Message was received from an IP address
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
1.6 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
1.4 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.8 FSL_BULK_SIG Bulk signature with no Unsubscribe
1.0 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
0.0 HELO_MISC_IP Looking for more Dynamic IP Relays
2.6 MALWARE_NORDNS Malware bragging + no rDNS
Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear user of ogf.org! I am a spyware software developer. Your
account has been hacked by me couple months ago. The hacking was carried
out using a hardware vulnerability through which you went online (Cisco router,
vulnerability CVE-2023-20026).
Content analysis details: (9.1 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
1.6 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
1.4 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.8 FSL_BULK_SIG Bulk signature with no Unsubscribe
0.0 MIMEOLE_DIRECT_TO_MX MIMEOLE + direct-to-MX
1.0 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
2.8 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers
0.0 HELO_MISC_IP Looking for more Dynamic IP Relays
2.6 MALWARE_NORDNS Malware bragging + no rDNS
Spam detection software, running on the system "mail.pglaf.org",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Dear user of ogf.org! I am a spyware software developer. Your
account has been hacked by me couple months ago. The hacking was carried
out using a hardware vulnerability through which you went online (Cisco router,
vulnerability CVE-2023-20026).
Content analysis details: (5.1 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
0.0 TVD_RCVD_IP Message was received from an IP address
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
1.4 PYZOR_CHECK Listed in Pyzor
(https://pyzor.readthedocs.io/en/latest/)
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
3.6 HELO_DYNAMIC_IPADDR2 Relay HELO'd using suspicious hostname (IP
addr 2)
0.0 PDS_RDNS_DYNAMIC_FP RDNS_DYNAMIC with FP steps
1.0 TO_EQ_FM_DIRECT_MX To == From and direct-to-MX
