Is it possible to combine header/body checks in such a way:
If /^(From|Return-Path):.*\b(user@testdomain\.org)\b/
! /^Message-ID:.*@(testdomain\.org)/
Reject ...
Essentially, I want to only reject a message if the From/Return-Path
matches a specific email address AND the Message-ID doesn't match the
same domain.
I've read the backscatter howto. But in our case, we are receiving
backscatter spam NDRs, where the recipient is a real recipient and the
email server appears to not be forged. All I know is that the email
server was not OUR email server.
I can't reject on just the email address, because that would block
legitimate NDRs that should come back to the original sender. And I
obviously cannot block all Message-IDs that don't match our domain, as
that would block almost all incoming mail. So, I believe I need to
combine the two, if possible.
Thanks,
Bryan
