Phones and inbox are blowing up this morning about this one:
The URL is one for a hosting company, and GWAVA doesn't SURBL check the
whole URL, only the top and second levels.
Since it passes that, there isn't anything else super "spammy" about it
to filter on.

So, heads up. :-\

> Dear Customer,
> This e-mail was send by <domain> to notify you that we have
> temporanly prevented access to your account.
> We have reasons to beleive that your account may have been accessed
> by someone else. Please run this file and Follow instructions:
> <URL to bad stuff>
> (C) <domain>