Special Spam Handling Needed

There is a spammer that uses the domain download, as in cosmetics@bikein.download, newthings@vykin.download, etc. Note that this domain is not “download.com” but simply the word download.

The only thing stable in the many received from addresses used by this spammer is the word “download”. 

I have been unable to create a rule that can effectively catch these spam messages. I would like a rule that simply looks for the word “download” in the received from address, or in the headers. Otherwise I am only able to copy the many full addresses being used as in @@bikein.download@vykin.download, etc. This is a never ending arms race as the spammer just changes the words before the download domain.

The eM Client header rule requires a value and another value, “yes”, “true”, “false” etc. How would I use the header rule template to properly catch the “download” domain being used?

It would be handy to have a wild card (*) capability, such as " *.download" accepted by a rule so I could stop this spammer’s daily onslought.

Bumping this for review.

IsoQuantic,

this won’t happen anytime soon if ever ^^