I need help writing a global email rule to filter spam.

I would like to add a statement to my global email filter that drops emails that contains the recipient"s email information in the format used by a group of spammers that are a real nuisance. They use a new IP address for every message via relays all over the world and always use a unique from address in the format listed below. I see a great deal of spam that has a similar format being sent to hundreds of users in my system. Here is an example of how these spams are formatted: To: glennfire@example.com From: sign-up-now-for-free-installation-glennfire=example.com@domain.com As you can see, the spammer has rewritten the from address to include the address of the intended recipient. The spam emails always have this format, with the intended recipient"s email address included in the from address. The from address is always rewritten by incorporating the recipient"s address like this: user@domain.com is rewritten as something-user=domain.com@something I need a statement that I can add to my global email filter that will detect this format and discard the email. Can anyone help with this? Thanks in advance for any assistance.