We have a parent company that uses a completely different domain name.
We are on the same network (and therefore trusted_networks).
Some of the users in sub company have email addresses in the parwent
company and these are forwarded to email acocunts in the sub company.
When spam is sent the parent company email address they ahve a rule of
not scanning for spam, it is then forwarded onto the sub companys
gateway and scanned - but since its from a trusted network none of the
network tests fire and we end up with heaps of spam being forwarded.
The from address one these spam is always an external one.
I have no control over the mail routing affairs. I have to deal with the
mail that arrives at the sub company.
How do i write a rule that says;
if mail is recieved from parent company email gateway/s AND the from
address is not from the parent company domain THEN give XX score.
Appreciate any help/tips/suggestions
Many thanks
Pete
