I'm getting pummelled my spammers who are sending emails that don't really score for some reason:
X-Spam-Score: 5
X-Spam-Bar: /
X-Spam-Report: Spam detection software, running on the system "brian2022.newbyhost.com",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: ety ykjebe vehlej ety ykjebe vehlej
Content analysis details: (0.5 points, 4.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.5 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust
[40.92.21.79 listed in list.dnswl.org]
Part of the problem I think is the content is too small:
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<style type=3D"text/css" style=3D"display:none;"> P {margin-top:0;margin-bo=
ttom:0;} </style>
</head>
<body dir=3D"ltr">
<div style=3D"font-family: Calibri, Arial, Helvetica, sans-serif; font-size=
: 12pt; color: rgb(0, 0, 0);">
ety ykjebe vehlej </div>
</body>
</html>
(it then has an attachment, which I guess would have a link to their site - but I've dared open it!)
One of things I'm hoping I can filter on, is when they are (for example) 5 or more people in the To: column. I've tried looking online to see if an existing rule exists for this, but have come up empty.
Is this even possible?
