Received: from [149.255.111.222] (HELO phone4profit.com)
by inbound.appriver.com (CommuniGate Pro SMTP 5.4.4)
with ESMTP id 115404443 for removed@oops.com; Wed, 30 Jul 2014
13:18:17 -0400
From: derek@phone4profit.com
To: removed@oops.com
Subject: --Critical problem with your account
Date: 30 Jul 2014 14:18:15 -0700
Message-ID: <20140730141814.2386798D6FAB9571@phone4profit.com>
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
X-Note-AR-ScanTimeLocal: 7/30/2014 1:18:18 PM
X-Policy: removed@oops.com
X-Primary: removed@oops.com
X-Note: This Email was scanned by AppRiver SecureTide
X-Virus-Scan: V-
X-Note-SnifferID: 57
X-GBUdb-Analysis: 0, 149.255.111.222, Ugly c=0 p=0 Source New
X-Signature-Violations:
57-6526004-694-718-m
57-6526004-1038-1062-m
57-6526004-0-1177-f
X-Note: StopOnFail for SIGNATURE
X-Warn: REVDNS No Reverse DNS record for 149.255.111.222
X-Warn: ARGDBL Failed URIBINARY Code: ZXp3YXkxMi5iaXo=
X-Warn: HELOBOGUS HELO command domain phone4profit.com is an NXdomain.
X-Warn: SIGNATURE Failed Signature
X-Warn: WEIGHT10
X-Warn: WEIGHT15
X-Warn: WEIGHT20
X-Warn: WEIGHT30
X-Note: Spam Tests Failed: REVDNS, ARGDBL, HELOBOGUS, SIGNATURE, WEIGHT10, WEIGHT15, WEIGHT20, WEIGHT30
X-Country-Path: UNITED KINGDOM->
X-Note-Sending-IP: 149.255.111.222
X-Note-Reverse-DNS:
X-Note-Return-Path: derek@phone4profit.com
X-Note: User Rule Hits:
X-Note: Global Rule Hits: G335 G336 G337 G338 G340 G345 G373 G385 G413 G435
G438 G445 G446 G447 G448 G487
X-Note: Encrypt Rule Hits:
X-Note: Mail Class: GETRICH

We have proactively blocked port 25 on the remaining servers. 

Also Read

Attack on Mod Security
The IP address (DE/Germany/) was found attacking mod_security on sun.rightdns.com 10 times in the...
Kansas City SYN Flood
Your IP is sending SYNFloods Date first seen          Duration Proto           IP Addr...
IDS Alert
our IDS found suspicious activity from 178.162.197.1, please investigate! The packets form a...
IP address(es) were blacklisted from the PlayStation Network
To whom it may concern, Pursuant to Sony Network Entertainment International LLC ("SNEI")...
brute force attempt
> Your IP address [162.253.128.212] has been blocked for attacking sshd > on our network....