Hi, not exactly what you ask for, but:
I think it is absolutely safe to block "From: Smart Invest" and "Subject: become rich" with PCRE rules in header checks. Greets, Ludi -----Ursprüngliche Nachricht----- Von: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> Im Auftrag von Fourhundred Thecat Gesendet: Freitag, 15. April 2022 08:49 An: Postfix users <postfix-users@postfix.org> Betreff: spam emails with "to:" line missing Hello, I am receiving spam emails, where the "to:" line is entirely missing in the email header. The header has "X-Original-To:" and "Delivered-To:", but no "to:" line. I have pasted the header here: https://ctxt.io/2/AABg30FRFQ How could I block such emails? Can I use header-check for this? Are there any legitimate cases where "to:" might be missing?
