Message filter syntax can be difficult to work with, in the above example there appears to missing brackets and missing if.
Adding a message filter to an ESA also highlights syntax errors along with line numbers.
Working through those it would look something like this
Message_filter: if ((header("from") == "@example\\.com") AND (header("Authentication-Results") == "dmarc\\=pass"))
{
if (remote-ip == '16.13.28.6') OR (remote-ip == '94.6.5.19') OR (remote-ip == '98.129.16.1') OR (remote-ip == '11.78.1.3')
{
log-entry("$filtername");
}
}
You could also always create content filters to validate message filter syntax.
Regards,
Libin