I recently started getting hammered by spam and nearly all of the spam emails have one thing in common. The return-path header contains the email address that the spam is being sent to.
Below is a sample header: ... Return-Path: amazon-voucher-myname=mydomain....@indiarti.com ... The green text above is the email address that the spam is being sent to (i.e., <mailto:myn...@mydomain.com> myn...@mydomain.com). Is there a way to write a custom SpamAssassin rule that will mark any message as spam if the return-path contains the 'To' address, regardless of what it may be, and the equal sign (i.e., user=domain.tld)? Thanks, Jeff
