Spam detection software, running on the system "kualalumpur.lrde.epita.fr", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or block similar future email. If you have any questions, see the administrator of that system for details. Content preview: Norton SystemWorks 2003 Software Suite Professional Edition Five Feature-Packed Utilities URI:http://www.padla-soft.biz/?241509 Specials good thru 11/12/03. Please use discount code mail9221 to receive these prices. [...] Content analysis details: (28.2 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 NO_REAL_NAME From: does not include a real name 2.7 ADDR_NUMS_AT_BIGSITE Uses an address with lots of numbers, at a big ISP 1.0 FROM_ENDS_IN_NUMS From: ends in numbers 0.6 FROM_STARTS_WITH_NUMS From: starts with nums 2.7 FROM_WEBMAIL_END_NUMS6 From webmail service and address ends in numbers 4.1 FROM_NUM_AT_WEBMAIL From address is webmail, but starts with a number 0.1 HTML_70_80 BODY: Message is 70% to 80% HTML 5.4 BAYES_99 BODY: Bayesian spam probability is 99 to 100% [score: 1.0000] 0.1 HTML_FONTCOLOR_UNKNOWN BODY: HTML font color is unknown to us 0.3 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.1 HTML_MESSAGE BODY: HTML included in message 0.3 HTML_FONT_BIG BODY: HTML has a big font 0.2 HTML_TAG_BALANCE_A BODY: HTML has excess "a" close tags 0.1 BIZ_TLD URI: Contains a URL in the BIZ top-level domain 0.9 FORGED_YAHOO_RCVD 'From' yahoo.com does not match 'Received' headers 1.1 RCVD_IN_SORBS_HTTP RBL: SORBS: sender is open HTTP proxy server [68.252.97.107 listed in dnsbl.sorbs.net] 1.2 RCVD_IN_SORBS_MISC RBL: SORBS: sender is open proxy server [68.252.97.107 listed in dnsbl.sorbs.net] 0.1 RCVD_IN_SORBS RBL: SORBS: sender is listed in SORBS [68.252.97.107 listed in dnsbl.sorbs.net] 0.1 RCVD_IN_NJABL RBL: Received via a relay in dnsbl.njabl.org [68.252.97.107 listed in dnsbl.njabl.org] 0.7 RCVD_IN_DSBL RBL: Received via a relay in list.dsbl.org [<http://dsbl.org/listing?ip=68.252.97.107>] 0.5 RCVD_IN_NJABL_PROXY RBL: NJABL: sender is an open proxy [68.252.97.107 listed in dnsbl.njabl.org] 1.5 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <http://www.spamcop.net/bl.shtml?68.252.97.107>] 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook 0.7 FROM_ALL_NUMS From an address that is all numbers (non-phone) 1.0 FORGED_OUTLOOK_HTML Outlook can't send HTML message only The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor.