友人からの報告です。
初歩的な偽装迷惑メールです。
ドメイン偽装、中継、ドメイン不明

宛先
undisclosed-recipients:;
差出人
From: “Robert Michael”
返信先

件名
[Spam-Dfl]Re:..I am waiting for your quick reply
内容
This is not spam message. I personally sent it to you. I have a multi million project that I would like to execute with you. This is going to favour two of us. Kindly confirm your willingness to partner with me so that I can furnish you with full details of the project. Robert.

———————————————-

添付ファイル なし

———————————————-
ソース
From – Mon May 8 08:
X-Account-Key:
X-UIDL:
X-Mozilla-Status:
X-Mozilla-Status2:
X-Mozilla-Keys:
Return-Path:
X-Original-To:
Delivered-To:
Received: from antispam.n3.ru (mx5.medi-a.ru [80.85.245.149])
by (Postfix) with ESMTP id
for <>; Thu, 4 May 2017 T)
Received: from [127.0.0.1] (helo=antispam)
by antispam.n3.ru with esmtp (Exim 4.87)
(envelope-from )
id 1d6DR6-0005Z7-2Y; Thu, 04 May 2017 1
Received: from [77.246.102.132] (helo=User)
by antispam.n3.ru with smtp (Exim 4.87)
(envelope-from )
id 1d6DQg-00045r-Vq; Thu, 04 May 2017
Reply-To:
From: “Robert Michael”
Date: Thu, 4 May 2017
MIME-Version: 1.0
Content-Type: text/plain;
charset=”Windows-1251″
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-KLMS-Rule-ID: 1
X-KLMS-Message-Action: skipped, AntiSpam
X-KLMS-AntiSpam-Lua-Profiles:
X-KLMS-AntiSpam-Version: 5.7.0.14
X-KLMS-AntiSpam-Envelope-From: rbertm68@lgim.com
X-KLMS-AntiSpam-Rate: 100
X-KLMS-AntiSpam-Status: spam
X-KLMS-AntiSpam-Method: headers plus
X-KLMS-AntiSpam-Info: LuaCore: {Headers: reply_not_match_from}, {TO: header missing}, {Advanced Mass Sender X-Mailer}, {Headers: Reply-to without To}, {Tracking_reply_free_from_not_free}, {Tracking_reply_free_dight_from_not_free}, {Tracking_ms_mailer_not_ms_msgid}, {Cyrillic encoding with latin symbols in text only}, {msgid_missed_1b}
X-KLMS-AntiSpam-Interceptor-Info: scan successful
X-KLMS-AntiPhishing: Clean, 201
X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.705, not scanned, license restriction
Subject: [Spam-Dfl]Re:..I am waiting for your quick reply
Message-Id: <>
To: undisclosed-recipients:;
X-EsetId:

This is not spam message. I personally sent it to you. I have a multi million project that I would like to execute with you. This is going to favour two of us. Kindly confirm your willingness to partner with me so that I can furnish you with full details of the project. Robert.

–以下略
————————
from antispam.n3.ru (mx5.medi-a.ru [80.85.245.149])
IPv4 address:

80.85.245.149
IPv4 expanded:

080.085.245.149
IPv4 decimal:

1347810709
Internet service provider:
CJSC Media Alliance
Organization:
CJSC Media Alliance
Country name:
Russian Federation
Country ISO alpha-2 code:
RU
State:
Moscow
City:
Moscow
DMA code:
577
Timezone:
Europe/Moscow
Longitude:
37.6184
Latitude:
55.7485
WHOIS last updated:
WHOIS data frequency request limit is reached. Try again later.
Update WHOIS data:

Enter to update WHOIS:
Reverse DNS host:
medi-a.ru
Reverse DNS pointer:
mx5.medi-a.ru
Reverse DNS in-addr.arpa:
149.245.85.80.in-addr.arpa domain name pointer mx5.medi-a.ru.
Reverse DNS last updated:
0 seconds ago on May 8, 2017, 12:33 am GMT Time
Reverse DNS next check:
in 5 months, 29 days on May 8, 2017, 12:33 am GMT Time
Update DNS Records:

Enter to update DNS:
Bot/spider
No
————————
from [77.246.102.132]
IPv4 address:

77.246.102.132
IPv4 expanded:

077.246.102.132
IPv4 decimal:

1307993732
Internet service provider:
CJSC Media Alliance
Organization:
CJSC Media Alliance
Country name:
Russian Federation
Country ISO alpha-2 code:
RU
State:
Moscow
City:
Moscow
DMA code:
577
Timezone:
Europe/Moscow
Longitude:
37.6184
Latitude:
55.7485
WHOIS last updated:
WHOIS data frequency request limit is reached. Try again later.
Update WHOIS data:

Enter to update WHOIS:
Reverse DNS host:
comvision.ru
Reverse DNS pointer:
cust2-p2p-net.comvision.ru
Reverse DNS in-addr.arpa:
132.102.246.77.in-addr.arpa domain name pointer cust2-p2p-net.comvision.ru.
Reverse DNS last updated:
0 seconds ago on May 8, 2017, 12:35 am GMT Time
Reverse DNS next check:
in 5 months, 29 days on May 8, 2017, 12:35 am GMT Time
Update DNS Records:

Enter to update DNS:
Bot/spider
No
————————
lgim.com
不明ドメイン

————————
rbertml68@gmail.com
www.blocklist.de 04 Apr 2017
black list