Procmail help


#1

Hi

I’m having no luck filtering a particular IP address from sending me viruses and spam. The IP never changes or at least it hasn’t for the last few months, and the mail email addresses are spoofed by the worm that’s on this particular person’s machine.

I’ve tried the main options of .procmailrc as they’re published in the knowledgebase, and also tried getting help from DH support, but to no avail.

Basically I need to filter out anything coming from an IP or Host which only appears in the “RECEIEVED:” part of the email header, like the examples below:

Received: from kjtfrnl.com (g30061.upc-g.chello.nl [80.57.30.61]) by loot.dreamhost.com (Postfix) with SMTP id 2C32F2FD84 for

Received: from lvsndhih.com (g30061.upc-g.chello.nl [80.57.30.61]) by sack.dreamhost.com (Postfix) with SMTP id A7B8013DA92 for

Received: from etaai.com (g30061.upc-g.chello.nl [80.57.30.61]) by sack.dreamhost.com (Postfix) with SMTP id 82FE113D9BA for


Basically anything from 80.57.30.61 and or chello.nl
my current .procmailrc looks like:

DEFAULT=$HOME/Maildir/
MAILDIR=$HOME/Maildir
PMDIR=$HOME/.procmail
SHELL=/bin/sh
#LOGFILE=${PMDIR}/procmail.log

Send this jerk straight to the bit-bucket

:0


Any help would be most appreciated.
Many thanks
Boback.