Hi,
Those spammer are getting cocky
At the beginning of my rule set I have
:0:
* ^From:.*tivoli
$DEFAULT
so that anything that is sent from my company
is immediately accepted before being parsed by the
strict rule set.
Unfortunately,
a few spammer are now faking the from address so that
it appears to come from within my domain,
i.e.
From: Dear(_dot_)Friend(_at_)tivoli(_dot_)com
Can anyone suggest a way whereby I can check
each "tivoli" to see whether *any* "received"
contains a non-tivoli domain and reject email
accordingly.
Any help is welcome.
Chris.