On Sat, 13 Jun 2009, MySQL Student wrote:
Received: from [78.97.185.89] (unknown
[78.97.185.89])
Message-ID:
<krszdjkabfqdkcf.iodbkvqhqtyymyw83588989...@[78.97.185.89]>
Do they all have message ID's that include the IP?
Yeah, great, it looks like they all do. Would something like this work?
header MYMSGIP Message-ID =~ /78.97.185.89/
Don't miss those square brackets. I consider them a distinctive quality
(unless these were added by your mail client?)....
A suggeste drule would be:
header MSGIDIP Message-Id =~ /\...@\[[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\]/
Keep in mind this might also be the format generated by an
intermediary mail server (perhaps yours) when receiving a mail with
no message-id on it. I notice the part after the @ matches the helo.
- Charles
