On Tue, 25 Aug 2020, John Capo wrote:
Create a file like this from the ids in
https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt
/^bounces\+2191708-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid
account
/^bounces\+4227563-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid
account
/^bounces\+13780591-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid
account
/^bounces\+10163588-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid
account
/^bounces\+10180020-[0-9a-f]{4}-/ REJECT Phish from compromised Sendgrid
account
...
I just wrote something similar to generate a rule, in case for some reason
you don't want to use a plugin. Let me know if there's any interest in it.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Today: the 1941st anniversary of the destruction of Pompeii