I've found that a good bit of spam comes addressed to someone else at my
domain, but without my own e-mail address, like this (substituting "My
Name" and "myisp.com" for the real ones):
-----
From: Rodriguez, [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
-----
More often, it's addressed to a group of addresses at my domain, with my
address included in the group. Like this:
-----
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
My Name, [EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-----
I made the following filter to catch those emails:
-----
Name: My ISP but not my e-mail address
1. Test: To contains "myisp.com"
If True: Go to next line
If False: Don't apply actions
2. Test: To does not contain "[EMAIL PROTECTED]
If True: Apply actions
If False: Don't apply actions
Checked: Stop mail actions if criteria are met
-----
My "action" initially was to file the filtered messages into a separate
folder where I could
examine the results. Over a 20-day period it has so far trapped 36 spam
messages, without a single false positive.
Now that I'm satisfied with its performace, I figured I'd share it here.
I'll now be changing the action to run the "Shred messages" (mentioned
here previously) script, so they'll be zapped without further ado.
Hope this is useful to some of you.
Oh, the very first mail action is to allow all senders in my address
book; make sure this new mail action comes after that.
___________________________________________________________________________
To unsubscribe send a mail message with a SUBJECT line of "unsubscribe" to
<[EMAIL PROTECTED]> or <[EMAIL PROTECTED]>
