Abuse Message [AbuseID:736347:1E]: AbuseFBL: Fastmail Abuse Report

This is a Fastmail Abuse Report for an email message received from domain gagauzyeri.md, IP 78.46.109.73, on Tue, 11 Aug 2020 13:08:12 +0000.
 
 
 Reported-Domain: gagauzyeri.md
 Source-Ip: 78.46.109.73
 Source: Fastmail
 Abuse-Type: complaint
 Feedback-Type: abuse
 User-Agent: ReturnPathFBL/2.0
 Version: 1
 Original-Mail-From: webmaster@gagauzyeri.md
 Subscription-Link: https://fbl.returnpath.net/manage/subscriptions/394804
 Arrival-Date: Tue, 11 Aug 2020 13:08:12 +0000
 Original-Rcpt-To: 87c78a23b34d8d8c9844279075fd17c6@fastmail.co.uk
 
 
 Received: from forward3-smtp.messagingengine.com (forward3-smtp.messagingengine.com [66.111.4.237])
         by haraka-ss-mx-5 (Haraka/2.8.21) with ESMTPS id 22D8BF1B-B8C1-40C9-8412-14CDDE7232D4.1
         envelope-from <noreply@fastmail.com>
         (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 verify=FAIL);
         Thu, 13 Aug 2020 05:47:20 +0000
 Received: from mailredirect.nyi.internal (imap35.nyi.internal [10.202.2.85])
         by mailforward.nyi.internal (Postfix) with ESMTP id 101C319415C3;
         Thu, 13 Aug 2020 01:47:20 -0400 (EDT)
 Received: by mailredirect.nyi.internal (Postfix, from userid 99)
         id E9F3214C00D7; Thu, 13 Aug 2020 01:47:19 -0400 (EDT)
 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
          by sloti35d1t08 (Cyrus 3.3.0-143-g3d58b38-fm-20200806.002-g3d58b387) with LMTPA;
          Tue, 11 Aug 2020 09:08:15 -0400
 X-Cyrus-Session-Id: sloti35d1t08-1597151295-2302797-2-2605512240531470394
 X-Backscatter: NotFound1
 X-Backscatter-Hosts:
 Received: from mx1 ([10.202.2.200])
   by compute1.internal (LMTPProxy); Tue, 11 Aug 2020 09:08:15 -0400
 Received: from mx1.messagingengine.com (localhost [127.0.0.1])
         by mailmx.nyi.internal (Postfix) with ESMTP id 11B82380083
         for <87c78a23b34d8d8c9844279075fd17c6@fastmail.co.uk>; Tue, 11 Aug 2020 09:08:15 -0400 (EDT)
 Received: from mx1.messagingengine.com (localhost [127.0.0.1])
     by mx1.messagingengine.com (Authentication Milter) with ESMTP
     id DE5D3898F4D;
     Tue, 11 Aug 2020 09:08:15 -0400
 ARC-Seal: i=1; a=rsa-sha256; cv=none; d=messagingengine.com; s=fm3; t=
     1597151295; b=dIPhWSQ7mYm4MT3dGZQBOiKcsizeXzEyhMtC2Q546wtgcD3Dwc
     IyCddmfIys3w+SxaRXEv+TxeU+sVqftuU8E2KcBk/7SgiqflO4yTlV9nmMmgGUpv
     iDdKYeb+Di/PotGt2R/9vGs8zf+p75vLU8zDhGcz1nHp6cHa2/S4stf/eQBlpsXZ
     qG6crwVs02huLJ5bIRjRBMUQsr1CfkOWcBicz6G7BspuRSbq7l9rvFM49MSwUaTd
     5KwnMgVjyqIeKPJioh6zfjOQfCAw60awXeCYyIrhJyWnMO11mHmI84r9yk3hlu1i
     BA567rQIP/xBSorBigykmCDBCF4gOJrexLVg==
 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=
     messagingengine.com; h=to:subject:from:mime-version:content-type
     :message-id:date; s=fm3; t=1597151295; bh=zWhl4+XzgVtBH5hbVzvfRl
     FREk/8f9bWJmDJ82G+6Oo=; b=ZF2Aiw+Epm/VTo3gKo21PF88TZPyT4FQxPle7u
     VT8REYAmv66vu0+Qx6E6wbhNge1RWHxIVFGWxDhA/8PXthf3xO5pl0OdXncqvews
     BOi9luKKQ2s/esZOmmlex24avnG/MjjA4wrmZsvifFcD2fb9s1AAZ8L9ZOyH43Wy
     BiCWXhRmtIxrPEBBmB+Rp2IaNagR/ya5tN9ho8u9Ddik/GLa294zdlhXPw/UktXN
     bSX1dUG4UEkHpMv+Q6ywt19IIfri1sjNG1jND0a4+vnzz0r0Np4OZDvRtgFQqsfw
     LhT3dT63fovVqaODJacCN5w9v/VooylbfqaAzkr4By8cbOhw==
 ARC-Authentication-Results: i=1; mx1.messagingengine.com; arc=none (no signatures found);
     bimi=skipped (DMARC none);
     dkim=none (no signatures found);
     dmarc=none policy.published-domain-policy=none
     policy.applied-disposition=none policy.evaluated-disposition=none
     (p=none,d=none,d.eval=none) policy.policy-from=p
     header.from=gagauzyeri.md;
     iprev=pass smtp.remote-ip=78.46.109.73 (21.fsn1.hetzner.abcd.network);
     spf=softfail smtp.mailfrom=webmaster@gagauzyeri.md
     smtp.helo=21.fsn1.hetzner.abcd.network;
     x-aligned-from=pass (Address match);
     x-ptr=pass smtp.helo=21.fsn1.hetzner.abcd.network
     policy.ptr=21.fsn1.hetzner.abcd.network;
     x-return-mx=pass header.domain=gagauzyeri.md policy.is_org=yes
     (MX Records found: mx.yandex.net);
     x-return-mx=pass smtp.domain=gagauzyeri.md policy.is_org=yes
     (MX Records found: mx.yandex.net);
     x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES128-GCM-SHA256
     smtp.bits=128/128;
     x-vs=phishing score=300 state=101
 Authentication-Results: mx1.messagingengine.com;
     arc=none (no signatures found);
     bimi=skipped (DMARC none);
     dkim=none (no signatures found);
     dmarc=none policy.published-domain-policy=none
       policy.applied-disposition=none policy.evaluated-disposition=none
       (p=none,d=none,d.eval=none) policy.policy-from=p
       header.from=gagauzyeri.md;
     iprev=pass smtp.remote-ip=78.46.109.73 (21.fsn1.hetzner.abcd.network);
     spf=softfail smtp.mailfrom=webmaster@gagauzyeri.md
       smtp.helo=21.fsn1.hetzner.abcd.network;
     x-aligned-from=pass (Address match);
     x-ptr=pass smtp.helo=21.fsn1.hetzner.abcd.network
       policy.ptr=21.fsn1.hetzner.abcd.network;
     x-return-mx=pass header.domain=gagauzyeri.md policy.is_org=yes
       (MX Records found: mx.yandex.net);
     x-return-mx=pass smtp.domain=gagauzyeri.md policy.is_org=yes
       (MX Records found: mx.yandex.net);
     x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES128-GCM-SHA256
       smtp.bits=128/128;
     x-vs=phishing score=300 state=101
 X-ME-VSCause: gggruggvucftvghtrhhoucdtuddrgeduiedrledtgdeivdcutefuodetggdotefrodftvf
     curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr
     tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecuogfrhhhishhhihhnghdqte
     hlihgrshculdeftddtmdenucfjughrpefvuffhgggtsehmtddtredttdejnecuhfhrohhm
     pefrrgihrfgrkfcuoeifvggsmhgrshhtvghrsehgrghgrghuiiihvghrihdrmhguqeenuc
     ggtffrrghtthgvrhhnpeetfeeufffhjeeuuefhhffhudeikeetvdfghfdviedvlefgiedt
     keefgfdtgeeikeenucffohhmrghinheprhhitghhrghruggtrghlihgsrghnrdgtohhmne
     cukfhppeejkedrgeeirddutdelrdejfeenucfrhhhishhhihhnghetlhhirghspefrrgih
     rfgrkfenucfrhhhishhhihhnghetlhhphhgrtehlihgrshepphgrhihprghinecuvehluh
     hsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepjeekrdegiedruddtledrjeef
     pdhhvghlohepvddurdhfshhnuddrhhgvthiinhgvrhdrrggstggurdhnvghtfihorhhkpd
     hmrghilhhfrhhomhepoeifvggsmhgrshhtvghrsehgrghgrghuiiihvghrihdrmhguqecu
     uffkkgfgpeeiiedtle
 X-ME-VSScore: 300
 X-ME-VSCategory: phishing
 Received-SPF: softfail
     (gagauzyeri.md … _spf.yandex.ru: Sender is not authorized by default to use ‘webmaster@gagauzyeri.md‘ in ‘mfrom’ identity, however domain is not currently prepared for false failures (mechanism ‘~all’ matched))
     receiver=mx1.messagingengine.com;
     identity=mailfrom;
     envelope-from=»webmaster@gagauzyeri.md«;
     helo=21.fsn1.hetzner.abcd.network;
     client-ip=78.46.109.73
 Received: from 21.fsn1.hetzner.abcd.network (21.fsn1.hetzner.abcd.network [78.46.109.73])
         (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
         (No client certificate requested)
         by mx1.messagingengine.com (Postfix) with ESMTPS
         for <87c78a23b34d8d8c9844279075fd17c6@fastmail.co.uk>; Tue, 11 Aug 2020 09:08:13 -0400 (EDT)
 Received: from sklad2068 by 21.fsn1.hetzner.abcd.network with local (Exim 4.94)
         (envelope-from <webmaster@gagauzyeri.md>)
         id 1k5U0i-0007ns-2L
         for 87c78a23b34d8d8c9844279075fd17c6@fastmail.co.uk; Tue, 11 Aug 2020 16:08:12 +0300
 To: 87c78a23b34d8d8c9844279075fd17c6@fastmail.co.uk
 Subject: Attention: Your account status change
 X-PHP-Originating-Script: 526:alexus.php
 From: PayPaI <webmaster@gagauzyeri.md>
 MIME-Version: 1.0;
 Content-type: multipart/mixed; boundary=»—3avEdlPsk6″
 Message-Id: <E1k5U0i-0007ns-2L@21.fsn1.hetzner.abcd.network>
 Date: Tue, 11 Aug 2020 16:08:12 +0300
 Original-Authentication-Results: mx1.messagingengine.com;
     arc=none (no signatures found);
     bimi=skipped (DMARC none);
     dkim=none (no signatures found);
     dmarc=none policy.published-domain-policy=none
       policy.applied-disposition=none policy.evaluated-disposition=none
       (p=none,d=none,d.eval=none) policy.policy-from=p
       header.from=gagauzyeri.md;
     iprev=pass smtp.remote-ip=78.46.109.73 (21.fsn1.hetzner.abcd.network);
     spf=softfail smtp.mailfrom=webmaster@gagauzyeri.md
       smtp.helo=21.fsn1.hetzner.abcd.network;
     x-aligned-from=pass (Address match);
     x-ptr=pass smtp.helo=21.fsn1.hetzner.abcd.network
       policy.ptr=21.fsn1.hetzner.abcd.network;
     x-return-mx=pass header.domain=gagauzyeri.md policy.is_org=yes
       (MX Records found: mx.yandex.net);
     x-return-mx=pass smtp.domain=gagauzyeri.md policy.is_org=yes
       (MX Records found: mx.yandex.net);
     x-tls=pass smtp.version=TLSv1.2 smtp.cipher=ECDHE-RSA-AES128-GCM-SHA256
       smtp.bits=128/128;
     x-vs=phishing score=300 state=101

Добавить комментарий

Ваш адрес email не будет опубликован.