How to block SendGrid spam with sendmail?

Sendgrid and MailChimp are the two biggest sources of spam captured in my spam-folder. I'd like to block them before they get there.

Fortunately, in an effort to appear "legitimate" the spammers gracefully identify themselves. Sendgrid in particular inserts two special headers: X-SG-EID and X-SG-ID.

What's the best way to block on the sendmail level -- before it even hits procmail and/or IMAP-server?

I'm thinking of a header-database (such as /etc/mail/SPAM-HEADERS) and a LOCAL_CONFIG section with a header-rule like:

F{SpamHeaders} /etc/mail/SPAM-HEADERS
H*: $>CheckHdr
SCheckHdr
... ??? ...

Note, I don't care for the header's value -- as long as the header itself is present, I want to reject the message. Preferably -- with a header-specific condemnation. For example, if the SPAM-HEADERS database contains line

X-SG-ID        We love getting spam from SendGrid, just not today

I'd like sendmail to reply to any message with X-SG-ID among headers with 553 We love getting spam from SendGrid, just not today.


For the record, I share similar opinions that MailChimp and SendGrid themselves aren't necessarily bad (although they certainly could have bad customers that they don't know about).

Opinion aside, from a purely technical perspective, I think the easiest way to block them would be to update the /etc/mail/access table to block hosts belonging to the domain that the relay servers belong to. Because they are legitimate, their server hostnames will likely belong to a common domain that you could key off of.

For example, if you check the headers on mailchimp messages you'll see that the relay servers belong to rsgsv.net. As such, you could add an entry to /etc/mail/access like:

rsgsv.net       REJECT

For further details, check out the guide here.