Our risk department keeps sending us phishing emails from different email addresses but with some of the same header data. Is there a way to filter on the IP addresses in the header and stick in a SmartMailbox? :-) Thanks!
MacBook Pro (2020 and later)
AFAIK, Smart Mailboxes are not customizable to the degree necessary, unfortunately.
Probably easier to set up a rule filter for a header and then mark the message in some way (flag color?) or filed into a specific mail folder, if there are consistent traces in the SMTP headers of the fake phishing messages:
Use rules to manage emails you receive in Mail on Mac - Apple Support
That rule can then give you a criterium that a Smart Mailbox can detect, if you still want to use a Smart Mailbox.
But I'd suspect a dumb mailbox and a rule will work well enough for your needs. If the local phishing framework in use is sufficiently consistent. (The alternative is to keep marking those messages as spam, and let the spam filters figure out what is consistent about the local phishing messages.)
Extending the support for a Smart Mailbox to select, customize, and access arbitrary SMTP message headers is something you might want to suggest to Apple:
I'm guessing that what is supported in the Smart Mailbox settings are all already available as fields or keys in the existing mail database. Random SMTP extension headers probably aren't (presently) processed and available for Smart Mailboxes. But I can see uses for arbitrary SMTP headers.
AFAIK, Smart Mailboxes are not customizable to the degree necessary, unfortunately.
Probably easier to set up a rule filter for a header and then mark the message in some way (flag color?) or filed into a specific mail folder, if there are consistent traces in the SMTP headers of the fake phishing messages:
Use rules to manage emails you receive in Mail on Mac - Apple Support
That rule can then give you a criterium that a Smart Mailbox can detect, if you still want to use a Smart Mailbox.
But I'd suspect a dumb mailbox and a rule will work well enough for your needs. If the local phishing framework in use is sufficiently consistent. (The alternative is to keep marking those messages as spam, and let the spam filters figure out what is consistent about the local phishing messages.)
Extending the support for a Smart Mailbox to select, customize, and access arbitrary SMTP message headers is something you might want to suggest to Apple:
I'm guessing that what is supported in the Smart Mailbox settings are all already available as fields or keys in the existing mail database. Random SMTP extension headers probably aren't (presently) processed and available for Smart Mailboxes. But I can see uses for arbitrary SMTP headers.
Is it possible to create a SmartMailbox filter to screen for information in email headers?
