I'm having no luck filtering a particular IP address from sending me viruses and spam. The IP never changes or at least it hasn't for the last few months, and the mail email addresses are spoofed by the worm that’s on this particular person’s machine.
I've tried the main options of .procmailrc as they're published in the knowledgebase, and also tried getting help from DH support, but to no avail.
Basically I need to filter out anything coming from an IP or Host which only appears in the "RECEIEVED:" part of the email header, like the examples below:
Received: from kjtfrnl.com (g30061.upc-g.chello.nl [220.127.116.11]) by loot.dreamhost.com (Postfix) with SMTP id 2C32F2FD84 for
Received: from lvsndhih.com (g30061.upc-g.chello.nl [18.104.22.168]) by sack.dreamhost.com (Postfix) with SMTP id A7B8013DA92 for
Received: from etaai.com (g30061.upc-g.chello.nl [22.214.171.124]) by sack.dreamhost.com (Postfix) with SMTP id 82FE113D9BA for
Basically anything from 126.96.36.199 and or chello.nl
my current .procmailrc looks like:
Send this jerk straight to the bit-bucket
Any help would be most appreciated.