It appears that the Spamers have gotten much more sophisticated and we can no longer use just the DOMAIN name to block spam. Much of the spam now arrives with variations of domain names ie: "phoenix-1CL.edu" then changed to "phoenix-2OC.edu" on the next occurrence. These endless changes do not permit DOMAIN blocking. Is there a method to block using a portion of the DOMAIN name ie: phoenix-XXX.edu by using a wild card represented here with XXX ? Is there another technique?