Although I've implemented many new recipes to better thrash spam,
I'm still having difficulty with the indented "for" <addresshere>
or "for" (addresshere) lines to axe out certain junk.
Here are the first three lines of an incoming spam due to someone
forging my 'fastmail.com' domain name and apparently ending up on
someone's hit list. E-mail to any of my domain names gets directed
by my ISP to my main inbox. When the "To:" and "From:" are bogus
random items (i.e., in this example the name 'fastmail.com' is NOT
in the "To:" line), I need to attack the situation with a /dev/null
recipe for the 3rd line below:
Received: from ea-unix-1.ea.co.za ([196.28.200.67])
by garlic.com (8.8.6.Beta3/4.03) with SMTP id FAA72768
for <gmb(_dot_)computing(_at_)fastmail(_dot_)com>; Wed, 20 May 1998
05:56:38 -0700
<gmb(_dot_)computing(_at_)fastmail(_dot_)com> is NOT a legitimate user at
fastmaiil.com
Sometimes this might show as: (gmb(_dot_)computing(_at_)fastmail(_dot_)com)
What I do NOT want to axe out would be any 'legit' e-mail name at
the fastmail.com domain. Someone once told me that it was dangerous
to use the "for" line in recipes, so would appreciate any advice on
this matter...and if this would be a legal recipe in 3.11 pre7, and
if there is something special needed to handle the "indention".
:0 hc
* !^FROM_DAEMON
* !^X-Loop: me(_at_)mydomain\(_dot_)com
* !^for\<legitaddress(_at_)fastmail\(_dot_)com\>
* !^for\(legitaddress(_at_)fastmail\(_dot_)com\)
* ^for\<(_dot_)*(_at_)fastmail\(_dot_)com\>
* ^for\((_dot_)*(_at_)fastmail\(_dot_)com\)
/dev/null
Thanks you VERY much for any guidance in this matter.
Eric