We have a situation ourselves.
A number of our suppliers belong to a group. The group offers them a mailing system, via mailgun.
The problem is the mailgun emails pass the filter headers we use to reject junk cleanly.
Of course the smart arses know this don't they..... grrrrrr.
Where it falls down is you can't filter with the headers that actually give the game away so it passes this lot:
dispatching EHLO do159-142.mailgun.net
(ehlo) helo: pass
(mail) resolvable_fromhost: pass, designmediaservice.com has MX at mx2.smak4www.com
sender_permitted_from: pass, designmediaservice.com: Sender is authorized
envelope-from="bounce+c3f563.7fcf54-user=ourdomain.co.uk@designmediaservice.com";
But here are the headers that tell us what we want to know - we want to block ones from printinggood:
Sender: no-reply=printinggood.co.uk@designmediaservice.com
Return-Path: no-reply@printinggood.co.uk
To: user@ourdomain.co.uk
From: PrintingGood <no-reply@printinggood.co.uk>
Reply-To: PrintingGood <help@printinggood.co.uk>
One answer may be another plugin.
I was having a look at this
https://github.com/smtpd/qpsmtpd/blob/master/plugins/badmailfromto=head1 DESCRIPTION
Much like the similar badmailfrom, this plugin references both the
FROM: and TO: lines, and if they both are present in the badmailfromto
config file (a whitespace-delimited list of FROM/TO pairs), then the message is
blocked as if the recipient (TO) didn't exist. This is specifically designed
to not give the impression that the sender is blocked (good for cases of
harassment).
I'll give it a test.