What SMG rule would you use to block this type of spam

here is it:

Return-path: <directorpayment02@gmail.com>
Received: from mail-oo1-f46.google.com (me [IP])
by me with ESMTP; Tue, 23 Aug 2022 08:44:56 -0400
Received: FROM mail-oo1-f46.google.com (209.85.161.46) BY me WITH ESMTP
FOR [ me ];
Tue, 23 Aug 2022 08:44:56 -0400
Received: by mail-oo1-f46.google.com with SMTP id u5-20020a4a5705000000b0044b34c2c89cso379783ooa.9
for [ me ]; Tue, 23 Aug 2022 05:44:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20210112;
h=to:subject:message-id:date:from:mime-version:from:to:cc;
bh=0riDJu16N9ueGTlU7ZS+Yp8bkKO9Ax6TBaQudfP948s=;
b=ELq7dh4VuV4adhWFReC/RW3v/Vko5cMVMqOfPFO73RoF3D+nObs7AvsyyPkuAVNClt
jWjcOSWNf1+4403nFsRkKT12jfh5p64tPPuDub5jaT+s3uafeb0ZIY0bS+uyAXg8dnZy
vEOC1ISNzfO+nNg/uieKVyB/iLYezOyQkae4Kdy85izqRKyL1Jvkl6+CbATuzEQZRfdb
HZxRE+TCpmpGb32IousVRUTyARkXM46ERLiz+Ws57487F0ciUqKUg6Ry23JcpwiSVUVN
xEBhdW6z+thx/szkpSgHdCxpN8Q4C63BYGNJMrx4Z4p2eQI0j6aX3v4Osy3tOpAS3tj7
v6MQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=to:subject:message-id:date:from:mime-version:x-gm-message-state
:from:to:cc;
bh=0riDJu16N9ueGTlU7ZS+Yp8bkKO9Ax6TBaQudfP948s=;
b=c12udirefhCbKOCv5zMju2/sJdueoVXMy+zCrBBuyK4D1vLnEJM0KUzwUJfMkT8Ra1
H40zOWzHFrlOtW+gUNqxceZ+aHd69pSX3NKcoWW9pr4gkfqhGIR70V/+y+gCMrwVnDi9
JiqjiwQza1y0nivUs4apyoBNlEjxXtIY1A5D92ygYbMPskVc4qoqbNEThQYvnDTpHHBQ
SNAtYSPKpWoEPhHO89c7pO/jN4/BrYELq+mf8c0zw39aKQvsAAoptT5pwwv9cpWgaeQl
PqigP6gwhjzJ8cUARkD4lp716p/EuFc/en0eNk6t96gODagGFWrv2TnUIfneJygxLpwA
B1GA==
X-Gm-Message-State: ACgBeo0/4YK/GD7Ydv4Jb/G9UHwzpdLPyqf+9CbVE9g/Mjq4LZrn9TSs
PR6J/3QznyFVTiFQ9lgMUZOZwTLdV/onUn0+CJI=
X-Google-Smtp-Source: AA6agR5PAiaoyUoHiHzwA79d/lknte2Rv3zgyNTWktNDWvg9xHy5gcDNuOzPiH22IsjxBSXkiOU9B5wYNCp4oxbz92E=
X-Received: by 2002:a4a:d657:0:b0:448:95ee:e0b4 with SMTP id
y23-20020a4ad657000000b0044895eee0b4mr7877439oos.59.1661258694548; Tue, 23
Aug 2022 05:44:54 -0700 (PDT)
MIME-Version: 1.0
From: "Mrs. Sarah Hendrick" <directorpayment02@gmail.com>
Date: Tue, 23 Aug 2022 13:44:24 -0700
Message-ID: <CAKWOfmUZr0OY9e_tDR5O29Zzan8qd+5R7gqHzWozYGHfYY6qmg@mail.gmail.com>
Subject: [EXTERNAL] Reply ASAP
To: undisclosed-recipients:;
Content-Type: multipart/alternative; boundary="0000000000005e61ce05e6e7eea0"
Bcc: [ me ]


--0000000000005e61ce05e6e7eea0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: base6

Tags:

Parents Reply Children
  • Email content... Clearly unsolicited / SPAM. No links:



    Hello Sir/Madam,

    I am Sarah Hendrick, an Investment financing Adviser/Broker working for top investment financing companies in the gulf region. I help clients and individuals and organisations seeking investment funding for their viable investments or projects anywhere in the world.

    We are currently interested in funding viable businesses, investments or projects in the following areas of interest, after a successful one-on-one investment presentation with the investors team of fund managers and lawyer:

    * Starting up a Franchise
    * Business Acquisition & Expansion
    * Medical / Healthcare procurement & Supplies
    * Capital / Infrastructural Project
    * Oil, Gas & Renewable Energy
    * Commercial Real Estate Purchase & Development
    * Hospitality & Leisure
    * Government / NGO Contract Execution
    * International Trade Financing

    Get in touch if you have a viable project that requires funding.

    Regards,
    Sarah.
  • The subject says, "What SMG rule would you use to block this type of spam". DMARK/DKIM/SPF will only help if the FROM address is forged. It won't help if the spam actually originates from Gmail.Wink

    __________
    Kevin Boyle, 
    Knowledge Partner

    Calgary, Alberta, Canada

  • You can't prevent all spam.

    If you filter out all malware, spam links, backlisted IP addresses, DMARK/DKIM/SPF violations, etc., that will get rid if a lot. The anti spam filter should get rid of most known spam but there will always be new ones that BitDefender does not yet know about.

    You could quarantine email containing specific keywords if certain types if spam are bothersome.

    __________
    Kevin Boyle, 
    Knowledge Partner

    Calgary, Alberta, Canada