Ward
(Ward)
February 29, 2024, 4:07pm
1
I’ve recently been receiving several fake company emails a day from verbose email accounts like FwHrFXNswMSaLUjVgKobXmpeVmA.izoFp7oprzpWlhRfZfSoiN@xpw0zr9.onmicrosoft.com . The domain “onmicrosoft.com ” is the one common factor in all of these email accounts.
I’ve been applying “Train as Spam” to these emails, but they keep appearing in my Inbox. Is there a way I can get SpamSieve to recognize all emails from the “onmicrosoft.com ” domain as spam? If not, I’ll set up an Inbox Rule to send them straight to the Trash.
Yes, you could go to SpamSieve’s Blocklist window and make a rule like:
From (address) Ends With .onmicrosoft.com
1 Like
ikenassi
(Ike Nassi)
March 1, 2024, 4:24pm
3
Also, since I know Ward is a KM user, on a non-drone machine, use this:
This will create a blocklist rule for the whole address rather than the domain.
PhilT
(Phil)
March 5, 2024, 10:21pm
5
Interesting article related to this.
https://www.reddit.com/r/msp/comments/16n8p0j/spam_increase_from_onmicrosoftcom_addresses/
So a regex alternative to blocking all of onmicrosoft.com :
@.*\d\.onmicrosoft\.com
Would block anytext@anytext[0-9].onmicrosoft.com where spammers (for now) are using a digit preceding .onmicrosoft.com
2 Likes