Email Filter To Reject Mail If Sent To Multiple Recipients

I need to create an email filter to reject email if the message was sent to multiple recipients. So, if the message has 7 people within the To Field, it would be rejected. Ideally I'd like the filter to reject the incoming mail if the To Field contains more than 3 recipients.

Have been trying all kinds of things with no success. I would assume there's some sort of regex code for this, but can only find regex for email validation.

Need this to help eliminate spam. Any help is immensely appreciated!

Thanks.

 

Thank you so much for this! I've been getting 100+ spam emails per day that get around all the spam filters. Each poses to be an individual email sent to 6 or 7 people and the IP's are all clean. This edit will finally stop it. Thank you again for the information, much appreciated.

 

Update: I set the parameters as specified, saved and exim was restarted. I then sent an email to my primary account and included 5 other recipients. The mail was still received?

- Removed -

 

Was unaware of the image linking rules. Anyhow, here's a screenshot of the saved settings which are not stopping mail addressed to more than 3 recipients. Thanks!

 

I was sending the test mail from a Gmail account using their web client. I sent the test to my primary email address, the one which is receiving the spam in addition including 5 other test email accounts as recipients. These test accounts I have elsewhere (not on my server) such as Yahoo, AOL, Gmail, etc. I use for testing. I have since enabled Spamassassin with a setting of 10 for this particular domain, which seems to have stopped them, although not 100% sure yet as I get most through the night. Although I'd rather not have Spamassassin enabled due to possibly missing real questions and software unlock requests from customers.

 

Thanks, I'll look into that. The way it originally sounded to me was that the exim limitation rule would reject incoming mail sent to a defined number of recipients. That might be a good feature to look into implementing as spammers are getting around just about every defense method.