Hi,We have seen a few phishing messages go through filtering that are disguised to look like bounces.
Envelope sender is "<>" and the messages have multiple recipients and From: and To: headers missing. I tried to catch them with spamassassin plugin only to find out that envelope sender/recipient is not available in spamassassin.
Amavis code seems to be too much perl for me .. Any ideas? BR, Mika
