Hi Folks,
I'm starting to get a large volume of spam that "appears" to be legit on the surface. By this I mean that the emails are FROM individual email addresses and the subject lines are about normal looking things that a business would see.
In looking at the MWP exposed parts of the messages (as well as the source) ALL of the spam messages have one thing in common.
The FROM and TO email addresses are the same and they are typically unique GMAIL addresses.
The DELIVERED TO address is my incoming address.
As some background here, I have 20 or so domains that have their mail forwarded to a unique address on one of my other domains that is never publicly used (so it stays off the spam list radar). This enables me to use MWP to check a single account instead of setting up multiple accounts against multiple servers. I have used it for years and it works quite well and is easy to maintain.
I need to be able to filter this new flood of spam, but my REGEX skills are not up to the task.
The MWP support staff came up with this REGEX code (from ChatGPT)
Rule 1 - FROM = (.+?@[a-zA-Z0-9.-]+)\s*
Rule 2 - TO = \1\x20
That actually works (sort of) in that it does tag messages where the FROM and TO addresses are the same.
Unfortunately it also tags ALL other messages.
It was suggested that I post my problem here and see if some REGEX guru could point me in the right directon.
Thanks in advance for your help and suggestions!
Charles