outlook express > Message > Block Sender

Adding to JamesR's comments, I have all messages that have one of the following words in the message body go directly to the deleted items box via Outlook Express.

"remove" "subscribe" "unsubscribe" "nude" "porn"

Most SPAM has one of these words in the message. However, do look through them before you delete them. Might be something important in there, but most of the time NOT.

(edited by: MarkHutch at 12:59 am (utc) on April 11, 2002)

i've recently started adding spammers to a few spam lists - sometimes 3 or 4 times, depending how bad the spam attack was. hopefully they will enjoy the junk email as much as they enjoyed sending me junk.

following someone elses suggestion in WmW, i've started phoning the spammers to ask about their wonderful products. they don't appreciate phone calls at 2am.

>>my immediate reaction was to fire off an abusive mail to the editor<<

About a month ago I wrote a really stiff email to the editor of PC Magazine, after my efforts to get off one of their lists actually resulted in more email. Haven't received any email from them since.

With most spam, though, particularly with porn, I hesitate to use the "remove" option, figuring this would only confirm my existence.

There are utilities that will let you view POP3 email headers on the server, before downloading, so you can save time with some of the bigger attachments if you can guess they're spam.

>including 5MB PPT presentations and assorted attachments

Besides being a nuisance, that's the real problem for those on dial-up since a large attachment can criple their mail for minutes at a time.

My offices are now aggressively double-filtering, once at the server using a program available for a free trial run at spameater.net. At that level, we're programmatically scanning for the very obvious spam and auto-delete it there without ever having to download it. (I have no affiliation whatsoever with spameater)

Then it is filtered again at the desktop where it is sorted into Trash and Junk -the difference being that while anything in Junk is highly suspect, it isn't auto-deleted upon closing the email program (eudora 3.0.6).

Since the negative filtering rules are aggressive, I spent a good deal of time working on the rules for emails that should pass automatically to the inbox -even if they happen to use a "certain death" word. Of course, these positive rules need to be first in the sequence.

We're living much easier, FreeBee.

I am having quite some success with MailWasher, I think it was either Toolman or Bill who suggested it first. A great program that enables you to check your mail at the server, process it by bouncing and deleting unwanted messages, and then automatically run your mail program to retrieve what you have left.

Because you are bouncing unwanted emails this sends the message to the spammer that your address doesn't exist and so the theory is they will take you off their list.

Mailwasher does all sorts of other usefull things as well, and comes FREE! I've only been using it for a week but I have already seen a reduction in spam numbers.

Onya
Woz

Obligatory Disclaimer: no affiliation.

<added>

One of the most effective filtering techniques has been to scan the From address for country codes -here is a list of all of them I could find. Season to taste:

.ac - .ad - .ae - .af - .ag - .ai - .al - .am - .an - .ao - .aq - .ar - .as - .at - .au - .aw - .az - .ba - .bb - .bd - .be - .bf - .bg - .bh - .bi - .bj - .bm - .bn - .bo - .br - .bs - .bt - .bv - .bw - .by - .bz - .ca - .cc - .cf - .cg - .ch - .ci - .ck - .cl - .cm - .cn - .co - .cr - .cu - .cv - .cx - .cy - .cz - .de - .dj - .dk - .dm - .do - .dz - .ec - .ee - .eg - .eh - .er - .es - .et - .fi - .fj - .fk - .fm - .fo - .fr - .fx - .ga - .gd - .ge - .gf - .gg - .gh - .gi - .gl - .gm - .gn - .gp - .gq - .gr - .gs - .gt - .gu - .gw - .gy - .hk - .hm - .hn - .hr - .ht - .hu - .id - .ie - .il - .im - .in - .io - .iq - .ir - .is - .it - .je - .jm - .jo - .jp - .ke - .kg - .kh - .ki - .km - .kn - .kp - .kr - .kw - .ky - .kz - .la - .lb - .lc - .li - .lk - .lr - .ls - .lt - .lu - .lv - .ly - .ma - .mc - .md - .mg - .mh - .mk - .ml - .mm - .mn - .mo - .mp - .mq - .mr - .ms - .mt - .mu - .mv - .mw - .mx - .my - .mz - .na - .nc - .ne - .nf - .ng - .ni - .nl - .no - .np - .nr - .nu - .nz - .om - .pa - .pe - .pf - .pg - .ph - .pk - .pl - .pm - .pn - .pr - .pt - .pw - .py - .qa - .re - .ro - .ru - .rw - .sa - .sb - .sc - .sd - .se - .sg - .sh - .si - .sj - .sk - .sl - .sm - .sn - .so - .sr - .st - .sv - .sy - .sz - .tc - .td - .tf - .tg - .th - .tj - .tk - .tm - .tn - .to - .tp - .tr - .tt - .tv - .tw - .tz - .ua - .ug - .uk - .um - .us - .uy - .uz - .va - .vc - .ve - .vg - .vi - .vn - .vu - .wf - .ws - .ye - .yt - .yu - .za - .zm - .zr - .zw

I just download and am trying "Mailwasher". So far it looks pretty good.

Hmmmm, another download I need too:) I have had about 40% success with filtering. I agree on the point to check the Trash before dumping. I've found quite a few important emails in there! With getting 600 - 800 emails daily, I had to use one email client set to reject messages over 7k in size to scan for important quick messages without getting locked into the ridiculous spam porn HTML messages. When time was not critical, the other email is launched to get all other emails.

I'm looking forward to this washer thing. Email is a chore - particularly since we've had some email address the same since 1996.

> download and am trying "Mailwasher"

Same here, I like it better than the program I was evaluating.

I'm trying it too. Seem to be working ok. The bounce feature won't work on real spam because there is nowhere to bounce the message to, but I like the delete off the server feature.

Like this little washer very much. At least the "illusion" of getting to bounce the stuff back is somewhat satisfying (even though an illusion). If you really could bounce spam back to senders....it would make me positively giddy.

>The bounce feature won't work on real spam because there is nowhere to bounce the message to, but I like the delete off the server feature.
>If you really could bounce spam back to senders....it would make me positively giddy.

Oh well, some work, some don't. Better than none. And the delete off server is great regardless, expecially for those 5mB attatchments.

Gets my thumbs up.

Onya
Woz

I like it too...

I absolutely agree Woz.

some is better than none

I find that the time factor for fending off certain entities will be greatly reduced and some of the margin of error for filtering will also be reduced by using this neat little friend. I wish I had the time to come up with this :)

I cloak my email addresses.

You won't find many places around where you post your query, sleep on a problem and then awake to find over a dozen constructive suggestions - kudos to WebmasterWorld!

Thanks all. We had a general spam problem last year [webmasterworld.com] which was mostly solved by blocking all yahoo.com senders unless they arrived through a form. Most definitely the single most valuable step which now trashes around 200 incoming mails a day as they hit the server. Each event sends out a customised 551 error message so that any real prospects caught by the filter are provided with an alternative means of contact. In addition we've added some of the earlier suggestions to our war on spam - looks like Mailwasher needs a check out.

As for my immediate problem I'm giving the editor the benefit of the doubt assuming that one of his minions (read morons!) did the mailing without permission - he'll receive a short reply and note that they've been blocked for good.

if it is a "reputable" company then I go hell for leather with the abuse complaints to all and sundry...whilst spam remains the preserve of the "outlaw" it may be possible to keep services like Usenet running...when spam becomes standard business practise then the Internet will become too expensive to run without a big hike in ISP prices...the big companies will be tying up the vast majority of the bandwidth advertising to the rest of us, and we'll have to pay for it

we can't afford it to become standard business practise

>become standard business practise

A quick way to bring a legitimate business to its senses would be to report their errant/ignorant spam to a blacklist. After they spent a few man-days trying to get themselves off the lists they'd at least pause before launching another email marketing campaign.

>Mailwasher

I've been fine-tuning mailwasher for a few hours now. One of the big advantages I've seen is the ability to set up filters using regular expressions, which should reduce the processing time while increasing effectivesness -particularly when filtering the email body. Instead of writing 4 separate filters - you can pack them into one line:

The Body > contains reg expr > casino¦gamble¦gambling¦Vegas¦

Nice!

Also, you can customize the message and font color of the filter status, this lets you know which filter kicked it... not knowing which filter is a problem while you're customizing.

We used to suffer terribly with spam and still do suffer from crazy people that have no idea what a big file does to some people's mailboxes. These big files are often genuine mail messages sent by those that have not been trained to use their e-mail capability.

As postmaster for my colleagues, I've always got the problem and I try not to pass it on down the line.

A key component is making sure that the the program reads the headers before even downloading the message - that system helps beat the virus' too.

BTW - Mailwasher - cool tool! (I have no affiliation with them)

> mailwasher

I'm very impressed. Probably the first time I'll actually use "tell a friend" too!

Maybe I'm missing something here, but it looks like I have to manually process the mail received, before the spam is filtered out. Is there a way to get this to happen automaticly??

Yes, I'll have to say again this is a hoot. The filter process rcjordan pointed out with regular expressions does automate some of the "processing".

I stayed up half the night waiting for the 3am onslaught of spam - talk about cheap thrills. :) Even though the hard-core spammers won't get the bouncebacks, it is just somehow wildly entertaining to blacklist them.

My email in-box hasn't been so clean in years.

>My email in-box hasn't been so clean in years.

Ditto. I'm finding that I'm reading quite a few valid emails on the server and then deleting them rather than pulling them down to the desktop. Very handy, saves a lot of nuisance handling.

>missing something

Not, I don't think so. You can auto-delete, but that's only available for addresses that you've blacklisted.

I've sent feedback already. Wishlist/questions:

I'm running 1.32.9 beta

Is there an "if rule match, then go to next email" routine at the end of the user rule set-up? If not, that would save some processing time.

Is there a limit on the variables if setting up a filter using regular expressions? For example, in the following rule, how many country codes could be set up in a single line?

[enabled],Country,"SPAM: Country Code",255,AND,Delete,Subject,containsRE,.ac¦.ad¦.ae¦.af¦.ag¦.ai¦.....

In the above rule, what does the "255" signify?

It would be nice to be able to set up "Auto-Process" once I'm satisfied that I have the filters tuned just right.

A "null" action is needed when setting up filter rules. I'd like to be able to flag an attachment in status, but take no real action.

spam, spam, spam, spam, spam...

Back in the olden days I tried this program called Spam Hater that would 'determine' who had spammed you from the e-mail header info and then prepare a nasty reply e-mail that would supposedly reach the original sender...although it probably never worked, it got me hooked on spam soft.

I gave up on the software for a while and worked on writing my own filters and rules...that worked for quite a while, but this year the spammers just found too may ways into my inbox. I had lots of fun with SpamCop for a while, but it was just too time consuming.

SpamWeasel was the next software I tried. It is a great program and works quite well 'out of the box'. It is very customizable in the rule department as well...but once I tried this MailWasher I was hooked. It's just so easy to use...and even though I know that the bounced mail will probably end up in never-never land, it just feels good...I find myself looking forward to processing my spam now.

hey rc if you filter out .jp you won't get any of those free sushi offers I've been sending you ;)

>it just feels good...I find myself looking forward to processing my spam now.
>
Ain't it the truth! It was great to kick on the main screen this morning and watch MW go through its routine. I love to watch a good program strut its stuff, and this is a "Software Hall O' Fame" candidate, imo.

I'd like to be able to write some simple if/then routines in order to develop more complex rules and minimize "rule bloat" but even without that, this is one mighty fine piece of code.

>hey rc if you filter out .jp you won't get any of those free sushi offers I've been sending you

Hey, just save all the coupons. When you get a big stack, I'll drop by and we'll burn through them in a night or two. Speaking of free sushi, one of the local restaurants has started putting out some of those rice/seaweed rolls on the seafood buffet on the weekends. This being a small Southern town, I pretty much have it to myself. I could stand some squid and salmon, but I'm not complaining -at least it gives me a temporary "sushi fix" and stops the shakes.
<lest we sidetrack this thread>
Anyone wishing to say "YUCCCHH! Squid." or "MMMMmmm! Sushi" -We'll meet down in FOO.

I generally use spam punisher to detect the server they are sending the email through them contact the vendor and get them to ban the client from sending emails (about a 75% success rate thus far).

Easiest way to get out of the message is to tell your boss your alergic to spam and go down the pub instead of opening the emails ;).

I gather that many in the forum do not have full control of their servers, but for those who do, the technques I've used have been very successful for me: in spite of having dozens of email addresses, include several that have been active for years, I average just 2 - 3 spams per week. In most cases, my customers are doing about as well.

1. I never publish un-encoded email addresses on my webpages. They are either unlinked GIF's or Javascript links. Apparently, few email spiders parse Javascript. The no-script text includes the addresses in the "address at mydomain dot com" format.

2. I block all the spy bots/nosey bots/copy right bots and email spiders I can find. Where possible, these are blocked at the firewall, not in Apache Some surprising bots are out there -- InfoUSA (associated with DoubleClick) tries to spider my sites within days of domain registration.

3. My RFC addresses, except for "postmaster" are in the form RFCaddress.nospam@my.domain.com. It's funny to see the spammer "demunge" these to RFCaddress@mydomain.com, which just triggers a no-user error bounce, with a message including the correct address.

4. I use, and have taught my customers with personal domains to use, per-company email addresses. For example, Amazon thinks my email address is amazon@my.personal.domain.com. I actually look forward to the spam I get on these email addresses. There's nothing like getting a staunch denial that they sell email address, and being able to say, "Let me forward you the email headers". In most cases, my impression has been that the customer service supervisors actually believe the lies their marketing departments have told them. Either way, the amount of groveling and butt-kissing that goes on, once you've proved that they sold your address is rather entertaining. If you do this, and want to make them REALLY grovel, just mention the name of some prominent computer columnist, and suggest that you're thinking about send them a copy of the headers!

5. At the firewall level, I block most of China, Korea, Japan, Argentina, Columbia and Costa Rica, plus most of Deutsche Telekom, Chello, and Wanadoo, plus some of Russia, Poland, and Israel. This one step alone reduces my spam by 80% and my hacker scans by 70%. Obviously, not everyone can do this, but almost all servers can block some problem areas without losing valuable traffic.

6. In Sendmail, I use the SpamCop DNSbl, which seems to catch about 80% of the remaining spam that makes it as far as talking to Sendmail. Those of you who faithfully send SpamCop all your spam are doing all the work; I'm reaping the benefits. (Thanks!)

I wonder how many legitimate emails will be tossed out with all these screening techniques?

Here's a couple of different opinions on the issue, written from the point of view of businesses with legitimate opt-in newsletters.

Paul Myers:
[talkbiz.com...]

Fred Langa:
[informationweek.com...]

Bottom line: It's one thing if we set up our own filters, quite another if our mail provider does it "for" us.