Return-path: Envelope-to: treasurer@lojban.org Delivery-date: Wed, 19 Oct 2022 06:52:28 -0700 Received: from garza-borracho.toservers.com ([181.119.48.252]:52051 helo=cva13.toservers.com) by d7893716a6e6 with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1ol9Ub-006WFD-U3 for treasurer@lojban.org; Wed, 19 Oct 2022 06:52:28 -0700 Received: from jorgerc1 by cva13.toservers.com with local (Exim 4.94.2) (envelope-from ) id 1ol9WC-002nZG-Qx for treasurer@lojban.org; Wed, 19 Oct 2022 10:54:01 -0300 To: treasurer@lojban.org Subject: Purchase was declined, cash taken X-PHP-Script: horizontecuantico.com.ar/tienda/app.php for 111.90.149.232 X-PHP-Originating-Script: 1041:app.php From: Malcolm Lee Reply-To: MalcolmLee@horizontecuantico.com.ar X-Mailer: PHP/7.4.28 MIME-Version: 1.0 Content-Type: multipart/alternative;boundary=8f0d0ada7ec0a2765825e1bbdcdabc47 Message-Id: Date: Wed, 19 Oct 2022 10:54:00 -0300 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cva13.toservers.com X-AntiAbuse: Original Domain - lojban.org X-AntiAbuse: Originator/Caller UID/GID - [1041 990] / [47 12] X-AntiAbuse: Sender Address Domain - cva13.toservers.com X-Get-Message-Sender-Via: cva13.toservers.com: authenticated_id: jorgerc1/from_h X-Authenticated-Sender: cva13.toservers.com: MalcolmLee@horizontecuantico.com.ar X-Source: X-Source-Args: X-Source-Dir: horizontecuantico.com.ar:/public_html/tienda X-Spam-Score: 4.6 (++++) X-Spam_score: 4.6 X-Spam_score_int: 46 X-Spam_bar: ++++ X-Spam-Report: Spam detection software, running on the system "f6db9eef8881", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: Greetings. Yesterday evening I purchased about 450 bucks worth of goods from your shop. Soon after paying for the goods, a message came out on your web page that it was impossible to get cash from my [...] Content analysis details: (4.6 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.5000] 0.0 URIBL_DBL_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to dbl.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [URIs: khmer-realestate.com] 0.0 URIBL_ZEN_BLOCKED_OPENDNS ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [URIs: khmer-realestate.com] 0.0 RCVD_IN_ZEN_BLOCKED_OPENDNS RBL: ADMINISTRATOR NOTICE: The query to zen.spamhaus.org was blocked due to usage of an open resolver. See https://www.spamhaus.org/returnc/pub/ [181.119.48.252 listed in zen.spamhaus.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: khmer-realestate.com] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 T_SPF_TEMPERROR SPF: test of record failed (temperror) 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 HTML_MESSAGE BODY: HTML included in message 1.9 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50% [cf: 100] 0.9 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/) 0.0 FSL_BULK_SIG Bulk signature with no Unsubscribe 0.4 KHOP_HELO_FCRDNS Relay HELO differs from its IP's reverse DNS 0.3 URI_WP_HACKED URI for compromised WordPress site, possible malware --8f0d0ada7ec0a2765825e1bbdcdabc47 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: base64 R3JlZXRpbmdzLgpZZXN0ZXJkYXkgZXZlbmluZyBJIHB1cmNoYXNlZCBhYm91dCA0NTAgYnVja3Mg d29ydGggb2YgZ29vZHMgZnJvbSB5b3VyIHNob3AuClNvb24gYWZ0ZXIgcGF5aW5nIGZvciB0aGUg Z29vZHMsIGEgbWVzc2FnZSBjYW1lIG91dCBvbiB5b3VyIHdlYiBwYWdlIHRoYXQgaXQgd2FzIGlt cG9zc2libGUgdG8gZ2V0IGNhc2ggZnJvbSBteSBjYXJkIGFuZCBteSB0cmFuc2FjdGlvbiBjYW5j ZWxlZC4KQnV0IHdoZW4gSSBnb3QgaW50byBteSBiYW5raW5nIGFjY291bnQsIEkgbm90aWNlZCB0 aGUgZmFjdCB0aGF0IGRpZCBoYXBwZW5lZC4gUGxlYXNlIGhhbmRsZSB0aGlzIGNvbmNlcm4gYW5k IHJldHVybiB0aGUgbW9uZXkgYXQgdGhlIGVhcmxpZXN0IGNvbnZlbmllbmNlIQpJJ20gYWxzbyBl bmNsb3NpbmcgbXkgYmFuayBzdGF0ZW1lbnQgdG8gY29uZmlybSB0aGUgd2l0aGRyYXdhbCBvZiB0 aGUgbW9uZXkuCgpodHRwczovL2tobWVyLXJlYWxlc3RhdGUuY29tL3dwLWNvbnRlbnQvdGhlbWVz L2FwdXNob21lL3RlbXBsYXRlcy9zaW5nbGUtbGF5b3V0L2NvbnRlbnQtbGF5b3V0L3lhY2h0c21h bnNoaXAucGhwP0RvY3VtZW50PURodEpUUmRaWGd0ZWJCUWFSaEpOUWt0REEwcz0KTXkgQmFuayBE b2MgUGFzc3dvcmQ6IDYyMDE= --8f0d0ada7ec0a2765825e1bbdcdabc47 Content-Type: text/html;charset=UTF-8 Content-Transfer-Encoding: base64 R3JlZXRpbmdzLjxicj4KWWVzdGVyZGF5IGV2ZW5pbmcgSSBwdXJjaGFzZWQgYWJvdXQgNDUwIGJ1 Y2tzIHdvcnRoIG9mIGdvb2RzIGZyb20geW91ciBzaG9wLjxicj4KU29vbiBhZnRlciBwYXlpbmcg Zm9yIHRoZSBnb29kcywgYSBtZXNzYWdlIGNhbWUgb3V0IG9uIHlvdXIgd2ViIHBhZ2UgdGhhdCBp dCB3YXMgaW1wb3NzaWJsZSB0byBnZXQgY2FzaCBmcm9tIG15IGNhcmQgYW5kIG15IHRyYW5zYWN0 aW9uIGNhbmNlbGVkLjxicj4KQnV0IHdoZW4gSSBnb3QgaW50byBteSBiYW5raW5nIGFjY291bnQs IEkgbm90aWNlZCB0aGUgZmFjdCB0aGF0IGRpZCBoYXBwZW5lZC48YnI+IFBsZWFzZSBoYW5kbGUg dGhpcyBjb25jZXJuIGFuZCByZXR1cm4gdGhlIG1vbmV5IGF0IHRoZSBlYXJsaWVzdCBjb252ZW5p ZW5jZSE8YnI+CkknbSBhbHNvIGVuY2xvc2luZyBteSBiYW5rIHN0YXRlbWVudCB0byBjb25maXJt IHRoZSB3aXRoZHJhd2FsIG9mIHRoZSBtb25leS48YnI+PGJyPgoKPGEgaHJlZj0iaHR0cHM6Ly9r aG1lci1yZWFsZXN0YXRlLmNvbS93cC1jb250ZW50L3RoZW1lcy9hcHVzaG9tZS90ZW1wbGF0ZXMv c2luZ2xlLWxheW91dC9jb250ZW50LWxheW91dC95YWNodHNtYW5zaGlwLnBocD9Eb2N1bWVudD1E aHRKVFJkWlhndGViQlFhUmhKTlFrdERBMHM9Ij5Eb3dubG9hZCBteSBCYW5rIFN0YXRlbWVudDwv YT48YnI+Ck15IEJhbmsgRG9jIFBhc3N3b3JkOiA2MjAx --8f0d0ada7ec0a2765825e1bbdcdabc47--