Content Filtering (Regex)

Author Message
Jason.Bere

  • Total Posts : 25
  • Joined: 5/28/2012
  • Status: offline
Content Filtering (Regex) Thursday, August 09, 2018 1:10 PM (permalink)
Despite this forum appearing to be abandoned/useless, I'm going to try asking another question here before escalating.
 
I'm trying to use Advanced Content Filtering to delete mails coming from outside our company that appear to have our email address. Sounds simple right?
 
Yes, I'm also doing this through the SPF module, but I want different behaviors for "typical" SPF failures due to badly configured mail policies and things that are absolutely guaranteed malicious junk - spoofing our own senders.
 
I've got a Regex that successfully identifies the From: header and our email domain.
(?i)^from:.*@ourdomain\.tld>$
 
The problem is that despite this being checked "Check Inbound Emails" only in MailEssentials settings, it's constantly firing on all the email we send. Repeated for emphasis: I've set the rule to operate Inbound only, and it's triggering on sent emails.
 
Is there a resolution for this?
 
Alternately is there a way I can write a regex to check multiple lines? If I can check the IP address as well as the From, or the Received: from for the machine name, I could easily distinguish between legitimate senders and the spoofed crap.
 
#1
    Online Bookmarks Sharing: Share/Bookmark

    Jump to:

    Current active users

    There are 0 members and 2 guests.

    Icon Legend and Permission

    • New Messages
    • No New Messages
    • Hot Topic w/ New Messages
    • Hot Topic w/o New Messages
    • Locked w/ New Messages
    • Locked w/o New Messages
    • Read Message
    • Post New Thread
    • Reply to message
    • Post New Poll
    • Submit Vote
    • Post reward post
    • Delete my own posts
    • Delete my own threads
    • Rate post

    2000-2018 ASPPlayground.NET Forum Version 3.9