[TriLUG] does anyone have .sieve rules for Amessyroom?

[Alan Porter via TriLUG]

I did not notice these initially because the dates of the messages were 
so old.


I am having a hard time tracking down where these messages are 
originating from.  It looks like it's from someone who is relaying 
through an authenticated account on pilot.

Since this seems to be a recurring problem, and since I can't track 
down who this person is or how they are related to TriLUG, I added 
several blocking rules at different levels:

  - I added his sender domain to our postfix filters
  - I added his email address to the mailman "reject_these_nonmembers" 
option
  - I added his sender IP to our shorewall IP filter


Meanwhile, this is a sieve rule that I think should work, if one 
happens to get through.


require ["fileinto", "envelope", "reject", "imap4flags"];

# 2025-08-23 - Amessyroom
# Received: from vmi1943160.contaboserver.net (toolazy.synchro.net
if header :contains ["Received"] "toolazy.synchro.net" {
     fileinto "Junk";
     addflag "$label2";   # 1=red, 2=orange, 3=green, 4=blue, 5=violet
     addflag "\\seen";
     stop;
}


Let's see if these are effective.

Alan





On 2025-08-23 10:25, Joseph Mack NA3T via TriLUG wrote:
> I can't get .sieve to exclude him.
>
> Thanks Joe
>
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> Don't upgrade a working machine - it won't work any
> better - it could work worse; it may not work at all.
> Homepage http://www.austintek.com/ It's GNU/Linux!