I'm dealing with viral emails that are from different email addresses and networks but are using the same "display name".
I'm looking to see if there's a way to block mail by the senders "display name" not email address
The mail server is running Sendmail under Linux
I know I can setup procmail rules, but for those to work the message needs to be accepted for delivery, however the end goal is to block the message before it's accepted.
ClamAV does detect the messages and when it does they're blocked however when a new version of the infected file is used it takes a couple of days before an updated signature detects it.
Client PC's are protected with AV which is detecting and blocking however stopping them entirely would be nice.
Our community of experts have been thoroughly vetted for their expertise and industry experience.
The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.