Hello guys, I would like to know how can I create a SA rule to search for a certain domain inside a .txt attachment. Im getting spam emails with no text on the body and .txt attachment only, the .txt attachment contains the spam email and I would like to tag it as spam if the attachment contains a certain domain on it.
Is this possible? If it isnt do you have any suggestions for mitigating this type of spam? Thanks in advance!
