Free Spam Filter

[John R]

Wanted : A recommendation for a free spam filter for Outlook Express

 

[Bruce Chambers]

Wanted : A recommendation for a free spam filter for Outlook Express

While it's not possible to completely eliminate spam (unsolicited
commercial email), there are some precautions and steps you can take to
minimize it's impact:

1) Never, ever post your real email address to publicly accessible
forums or newsgroups, such as this one. For years now, spammers have
been using software utilities to scan such places to harvest email
addresses. It's a simple matter to disguise your posted email address
so that these software "bots" can't obtain anything useful. For
example, insert some obviously bogus characters or words into your reply
address, for example: "(e-mail address removed)."

2) Never, ever reply to any spam you receive, even to "unsubscribe" or
"remove" yourself from the spammers' address lists; you'll only compound
the problem. If spammers had any intention of honoring the your desire
not to receive spam, they wouldn't have become spammers in the first
place. When you reply to a spammer, all you're doing is confirming that
he/she has a valid, marketable email address.

3) Be especially leery of any offers from websites for free software,
services, information, etc, that require your email address, or that
require your email address so you can "login" to access the offered
service and/or information. Many such sites are supplementing their
income by collecting addresses to sell to the spammers. For instance,
subscribing to CNN.COM's Breaking News Service will garner you a lot of
additional spam. (Of course, not all such sites have under-handed
motives; it's a judgment call. If the offer seems "too good to be
true," it's most likely a scam.)

4) DO forward any and all spam, with complete headers, to the
originating ISP with a complaint. Not all ISPs will make an effort to
shut down the spammers, but many will. One tool that makes forwarding
such complaints fairly simple is SpamCop (http://spamcop.net).

4) Another useful tool is MailWasher (http://www.mailwasher.net). This
utility allows you to preview your email before downloading it from the
server. Spammers can even be blacklisted, so that any future emails
from them will be automatically deleted from the server.

5) Within Outlook Express, add any spammers to your Blocked Senders
list, so the their messages are automatically deleted from the server
without being downloaded to your PC.



--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell

 

[Poprivet]

Wanted : A recommendation for a free spam filter for Outlook Express

Mail assasin or Mail Washer. Both use blocklists of your choosing. Careful
with MailWasher; it's the better program but has a "bounce" feature that can
get you reported for spamming. Just don't use the bounce feature.

Pop`

 

[Roger]

Wanted : A recommendation for a free spam filter for Outlook Express

One solution is to set up two e-mail addresses. I have two Yahoo e-mail
accounts. One is "real" and the other I use for ALL internet offers or
downloads that require your e-mail address. Otherwise, one address
gets all the spam. My "real" e-mail address NEVER gets spam and it's
easy to mark all messages as spam in the spam account. Instead of YOU
doing the work, let your e-mail server do it.

 

[Malvern]

John,

What Bruce advises is my bible. In addition, I do the following, among
other things...
1.) set up message rules for where the subject line contains specific words
you always see. Spammers are continually changing their names and addresses
blocked sender list is rendered useless.
2.) have the courtesy to remove the e-mail addresses form others' messages
in forwards and replies in e-mail I send out as the "robots" scan for these.
The "@" is the trip switch for them. Yes it's a bit time consuming but the
door is somewhat locked at my end.

Recently my ISP started to filter out what it regards as spam. I get daily
messages now to go look at the holdings and download legitimate items form
my Mass Mailers.

Even a few unwanted items slip through their system.

Malv.

 

[Ken Blake, MVP]

John,

What Bruce advises is my bible. In addition, I do the following,
among other things...
1.) set up message rules for where the subject line contains specific
words you always see. Spammers are continually changing their names
and addresses blocked sender list is rendered useless.

I would be very wary of simply doing that. Filtering on a particular word or
words is likely to get you all sorts of false positives. I'd rather live
with an occasional piece of Spam than run that risk. Real spam-filtering
software is much more intelligent when it comes to how it decides what is
spam.

2.) have the courtesy to remove the e-mail addresses form others'
messages in forwards and replies in e-mail I send out as the "robots"
scan for these. The "@" is the trip switch for them. Yes it's a bit
time consuming but the door is somewhat locked at my end.

Sorry, but I don't understand that at all. How does a robot even get to see
your E-mail forwards or replies? Don't mix up E-mail forwards and replies
with newsgroup replies (where this *is* an issue).

 

[Stan Brown]

Fri, 16 Mar 2007 09:12:22 -0600 from Bruce Chambers

It's a simple matter to disguise your posted email address
so that these software "bots" can't obtain anything useful. For
example, insert some obviously bogus characters or words into your reply
address, for example: "(e-mail address removed)."

In the several years that people have been doing that, I think we can
safely assume that spammers have figured out how to remove common
elements like NOSPAM from posted addresses.

 

[Stan Brown]

Fri, 16 Mar 2007 09:12:22 -0600 from Bruce Chambers

DO forward any and all spam, with complete headers, to the
originating ISP with a complaint. Not all ISPs will make an effort to
shut down the spammers, but many will. One tool that makes forwarding
such complaints fairly simple is SpamCop (http://spamcop.net).

Agreed, but for the benefit of the OP please note that Bruce said the
*originating* ISP. That is virtually never the domain in the From
address or the X-Complaints-To address, so you should not complain to
either of those.

If you don't know how to extract the correct domain, either delete
the spam or use a third-party reporter. I second Bruce's
recommendation of Spamcop.

 

[Stan Brown]

Fri, 16 Mar 2007 09:12:22 -0600 from Bruce Chambers

Within Outlook Express, add any spammers to your Blocked Senders
list, so the their messages are automatically deleted from the server
without being downloaded to your PC.

Does this do any good? Do spammers reuse the fake addresses they put
in From?

I can see that this recommendation could actually do harm. When
spammers forge a real address (one that doesn't belong to them but to
some legitimate person), and you block it, you will no longer be able
to receive email from that address. For instance, the Tech Support
mailboxes at my job frequently receive bounce messages indicating
that our legitimate email addresses have been forged as From
addresses by spammers. Folks who follow the advice to block would
then no longer be able to receive answers to any queries they send in
email.

 

[Vanguard]

Wanted : A recommendation for a free spam filter for Outlook Express

SpamPal
(http://www.spampal.org)

Yeah, somewhat an inappropriate name since it is not a pal to spam but
rather its enemy. Been around for awhile. It's free as so are its
various plug-ins (the HTML-Modify plug-in is old, probably won't be
updated, so if you use it then disable some of its protection;
otherwise, you'll get false alerts. I eventually quit using the
HTML-Modify plug-in because both Outlook and Outlook Express eventually
got updated so I didn't need that plug-in anymore. Uses DNS blacklists
for known spam sources, like Mailwasher does but Mailwasher attempts to
rake in money with its commercial version and doesn't donate to the DNS
blacklists that it uses (i.e., they profit from the work of others
without remuneration). SpamPal is an altruistic effort by anti-spammers
that don't attempt to rake in money on the spam problem. You can donate
if you want but it's not required for the product to work, and they
don't sell a "pro" version hoping to lure you into buying it. SpamPal
also doesn't restrict the number of accounts that it can handle (because
it is a proxy, not an end app) trying to lure you to buy their
commercialware to support more accounts.

SpamPal doesn't do anything with spam. It tags spam. It is up to you
to decide what to do with the tagged mails using rules in your e-mail
client. Unlike Outlook 2003+ and its junk filter (and is only a
Bayesian filter which SpamPal includes as a plug-in), SpamPal runs as a
proxy so it is usable with any POP3/IMAP4 e-mail client. It won't work
for HTTP servers, like Hotmail. It doesn't support SSL connects to the
mail server (which, for example, is required by Gmail) but you can use
sTunnel for that (although I've seen no spam make it into my Gmail inbox
but there are definite problems with Gmail's *emulation* of POP3 and why
I don't use it as my primary account).

If you want to summarily [permanently] delete all spam, you might want
to use the UserLogfile plug-in to keep a plain-text version of all
tagged mails so you can recover from a false positive to go read a text
version of that mail. It doesn't have an option to auto-expire old
items so I wrote a batch file (the plug-in author's site should have an
old copy) that is a scheduled event to purge plain-text saved copies
that are over N days old (the default is N = 7 but a I used a
command-line parameter with N = 30 since text files don't occupy much
disk space).

SpamPal has a RegEx plug-in that lets you use regular expressions to
identify spam on ANY header in an e-mail, not just those that the rules
in your e-mail client happen to support. Outlook Express' rules suck
(i.e., they are wimpy). Thunderbird's are even worse than Outlook
Express. Outlook has better rules but you might not have or use that
program, but it still may not be sufficient for your need. Although
RegEx gives you the ability to search everywhere in any header and based
on more sophisticated pattern searches, I haven't need of it because the
DNS blacklists, Bayesian plug-in, and other features or plug-ins capture
all the spam, anyway (there were some GIF content only e-mails that they
cannot read so you could, for example, use the RegEx plug-in to detect
with a MIME part of type gif was used in the body of the mail).

You have a wide range of DNS blacklists that you can use with SpamPal.
Some are NOT appropriate for spam filtering but rather rank domains
regarding their spaminess, like SPEWS and SORBS (both of which are too
slow to remove defunct entries). Those will cause far too many false
positives (i.e., good mails that get tagged as spam). Stick with
SpamHaus, CBL, NJABL, and blitzed.org. I also add SpamCop although it
is rated as aggressive yet I've never had a false positive using them.
SpamCop has their user reporting web page so you can report spam but
don't expect a spit in the ocean to do much to effect reduction in spam.
It is more important to get their blacklist updated (provided you use it
for filtering). SpamCop has their own e-mail service but it costs money
and SpamPal (using their blacklist) is free.

If you don't get e-mails from other countries, one blacklist (selectable
by country) lets you tag any e-mails coming from, say, China or Nigeria.
United States is included, too, so if you're in Germany then maybe you
don't get or want e-mails from the USA. It depends on where you live
and from what other countries you don't want to get e-mails. Not all
countries are listed. Just those that are the biggest spam sources.

While Outlook lets you define a whitelist rule by selecting a
contact-type folder (but doesn't let you include multipe contacts
folders so you need a whitelist rule for each one), Outlook Express has
no such whitelist rule so you end up having to define a rule and specify
each sender's e-mail address. SpamPal has its own user-defined
blacklist and whitelist feature so you could enter them there and they
would apply regardless of which e-mail client you use (but you still
need a rule back in the e-mail client to decide what to do with them,
but that rule is far simpler).

SpamPal has an active forum that is visited by the program authors and
frequented by other users. If you need help setting up or using
SpamPal, go there.

 

[Malvern]

Please see my inserts in text below...

I would be very wary of simply doing that. Filtering on a particular word or words is
likely to get you all sorts of false positives. I'd rather live with an occasional
piece of Spam than run that risk. Real spam-filtering software is much more
intelligent when it comes to how it decides what is spam.

I should have been more specific about my "subject words". Like the s-x
related ones with 20-30 messages a day . Rarely if ever get missed
messages which use "them" as my legitimate senders don't.

Sorry, but I don't understand that at all. How does a robot even get to see your
E-mail forwards or replies? Don't mix up E-mail forwards and replies with newsgroup
replies (where this *is* an issue).

The above were what I was both told at a computer club and read on a NG. It
was a speaker at the club who said that e-mail replies and forwards with
full addresses in the message bodies were vulnerable. Have no idea of the
"how", don't claim to be an "expert", so I play safe. I will admit that
this all could be either mis-information, or dis-information.

Malv

 

[Ken Blake, MVP]

I should have been more specific about my "subject words". Like the
s-x related ones with 20-30 messages a day . Rarely if ever get
missed messages which use "them" as my legitimate senders don't.

I'll certainly grant that s-x related words are rare in the subject lines of
legitimate E-mail messages. Nevertheless, I, at least, have occasionally
gotten such legitimate messages, and they weren't at all pornographic or
solicitations, despite the word being used in the subject. For that reason,
as I said, I would personally never want to do a simple filter like that,
and I recommend that most people don't either. There are software tools that
can do the filtering for you in a much more intelligent way than just
finding a s-x related word. In fact they usually even filter on messages
with the s-x related word deliberately misspelled, but still kept
recognizable, if the message meets other criteria.

The above were what I was both told at a computer club and read on a
NG. It was a speaker at the club who said that e-mail replies and
forwards with full addresses in the message bodies were vulnerable.
Have no idea of the "how", don't claim to be an "expert", so I play
safe. I will admit that this all could be either mis-information, or
dis-information.

I'm afraid that it's simply misinformation. Those robots have no access to
E-mail messages (unlike newsgroup messages). Unfortunately you can't believe
everything you read on a newsgroup, or hear from a speaker at a computer
club.