I face a situation where I receive lots of mails which are formatted like this
From: <user1@mydomain.tld>,
<user2@mydomain.tld>,
.....
<usern@mydomain.tld>
To: <user1@mydomain.tld>,
<user2@mydomain.tld>,
.....
<usern@mydomain.tld>
where userN are a mix of real users or just fraction of them
mails are sent mainly directly to the server probably from a bootnet infested computers but probably 20% are relayed by legit servers
I am not able to find a solution to this
can someone point me in the right direction?