Spam filter does not work

[Guest]

I have Outlook 2003 installed, and the spam filter is set to exclusive and
the rules have been updated to the last file microsoft provides, but still
spam gets to my Inbox.
Is there any fix for this?

Augusto Montes

 

[Jeff Stephenson [MSFT]]

I have Outlook 2003 installed, and the spam filter is set to exclusive and
the rules have been updated to the last file microsoft provides, but still
spam gets to my Inbox.
Is there any fix for this?

Augusto Montes

Nope. You can get periodic updates to the rules the spam filter uses at
http://office.microsoft.com, but the reality is that spammers are always
one step ahead, and change their approach soon after a new set of rules is
released.

 

[_Vanguard_]

I have Outlook 2003 installed, and the spam filter is set to exclusive
and
the rules have been updated to the last file microsoft provides, but
still
spam gets to my Inbox.
Is there any fix for this?

Presumably exclusive mode means you receive e-mails (i.e., they stay in
your Inbox rather than getting deleted or moved) only from those senders
that are listed in your address book(s) (i.e., contacts). Well, that
only means that the spammer has to use an e-mail address that is in your
address book to get it past the exclusive filtering. Might be about
time to review your contacts to see if any of those are spam-friendly.
Might be time to start looking at the headers of the spam e-mails to see
if they indeed originate from the e-mail account they claim to
originate. I can say that I'm you when sending e-mails but the headers
will say different.

 

[George Hester]

The spam killer of all spam killers is this rule:

If the e-mail is HTML and contains (http:// Or <img src=) then do something with it. This will catch 98% of all spam. What you do with it is what makes this good or bad.

 

[_Vanguard_]

The spam killer of all spam killers is this rule:

If the e-mail is HTML and contains (http:// Or <img src=) then do
something with >it. This will catch 98% of all spam. What you do with
it is what makes this >good or bad.

It'll also "catch" all your friends' e-mails that use HTML formatting
(since that is the likely default mode) who, for example, send you a
link to that game mission pack you have been waiting for. However, it
is rare that someone sends me a linked image in an e-mail rather than
embedding it by Insert or pasting or as an attachment. So maybe
changing the "http://" OR "<img src=" condition to an AND would work
much better.

 

[Gazzzzzzza]

I am also getting more and more spam

I have tried to create a simple rule in outlook to remove anything that
comes in with the word viagra in the body or header but they still arrive
any ideas what I may be doing wrong

is it case sensitive would I have to block Viagra VIAGRA viagra

Thanks in advance

 

[Brian Tillman]

I have Outlook 2003 installed, and the spam filter is set to
exclusive and the rules have been updated to the last file microsoft
provides, but still spam gets to my Inbox.
Is there any fix for this?

No spam filter is 100% accurate all the time.

 

[Brian Tillman]

The spam killer of all spam killers is this rule:

If the e-mail is HTML and contains (http:// Or <img src=) then do
something with it. This will catch 98% of all spam. What you do
with it is what makes this good or bad.

The problem is that Outloko's rules don't search HTML messages well at all,
especially with how obfuscated SPAMmers make them.

 

[Brian Tillman]

is it case sensitive would I have to block Viagra VIAGRA viagra

The strings in rules are not case-sensitive. But "v1agra" and "viagra" and
"vîagra" and "viagrá" and "vi-a-gra"are not the same thing.

 

[_Vanguard_]

The strings in rules are not case-sensitive. But "v1agra" and
"viagra" and "vîagra" and "viagrá" and "vi-a-gra"are not the same
thing.

Nor will "via<i></i>gra" in an HTML formatted e-mail get detected. In
forums, I sometimes have to insert a null set of tags (they produce no
effect) to get around some stupid spell checker. I'll enter the word
"embarassment" and their ignorant swear word checker that doesn't know
how to parse words will make it "embar***ment". That's no so bad in
this case but in some cases it obliterates some or all of the word. So
if the forum support HTML then I simply insert an HTML tag pair to slice
up the word at the bad spot. Spammers use it to hide words from word
parsers because I haven't found one that handles HTML in Outlook
[Express], other e-mail clients, or anti-spam software.

Any product trying to eradicate or detect "bad" words should be
processing itself against both the HTML code (which is all text) and
also against the rendered version. But then, as Brian mentions, using
v-ia-gra, v1agra, and other forms bypasses the word list filters, so
obviously you need a better approach to eradicating spam. If the OP
wants to know what are good anti-spam products, best would be to ask in
the alt.spam group.

 

[George Hester]

It should. Unfortunately it doesn't always work. It's a good example of how lame the rules astually are. But remember it is what you do with the positive that determines what e-mail is removed and what isn't. It's pretty simple adding a string to all safe mail such as your SS# you expect from your "friend" or other such lesser known string in with mail you want to accept. In that case if the mail contains these (by the way it doesn't have to be HTML) tests you can filter out the bad from the wanted.

And actually this is the only test for spam that has any chance of scalibility.

 

[George Hester]

You can say that again Brian. Just goes to show you how asinine rules actually are in Microsoft Outlook. Oh by the way since Microsoft Outlook converts plain text to H?TML (this is why you can receive a plain text message often where links are active - it's an Exchange rendition) the problem even occurs there. Not just HTML e-mail.

 

[George Hester]

No no you cannot do this. You need to look at the source of a e-mail which contains Viagra. There are
a number of ways to break your rules:

1) i is really 1

2) a is really /\

3) Viagra is really V<notag b="88i">i<font size="1" color="white">h</font>a<another>g</kkkk>r<dumbdydum>a

You can never use a rule to catch Viagra. It's a fruitless endeavor.

 

[Guest]

I've already checked the message's headers, and none of them have any
reminiscence of an address known to me; I can't understand how is it possible
that a message gets through the exclusive filter. I even reinstalled outlook,
and I can't find a way to create rules, as i had in I-hate-spam plug-in.
Outlook also should have a way to get back at the spammer, as there is a new
program that works similarly to the SETI background program, overflowing the
website of the spammer (I can't recall the name, but it's sill beta).

A. Montes

 

[George Hester]

How are you going to get back at the spammer? Please explain. If you think you are going to get that info
from the headers of the e-mail good luck. The source there may know nothing about it and likely don't care
anyway. Spam them and you may find your ISP after your butt.

There is only one way to beat the spammer and that is never use the e-mail address for any purpose that has
anything to do with a commercial enterprise. They will all everyone of them sell or give your e-mail address out. They all do it say they don't but do. And then if you hook up with AOL or users that like to send mult-recipient e-mails you'll lock right into the spammers.

Spammers don't have horns and a forked tongue. Hopefully someday they'll have a police record and there
will be a movement to ban them from the Internet like we ban convicted Peadophiles from associating with
children, but that day has yet to come.

 

[_Vanguard_]

I've already checked the message's headers, and none of them have any
reminiscence of an address known to me; I can't understand how is it
possible
that a message gets through the exclusive filter. I even reinstalled
outlook,
and I can't find a way to create rules, as i had in I-hate-spam
plug-in.
Outlook also should have a way to get back at the spammer, as there is
a new
program that works similarly to the SETI background program,
overflowing the
website of the spammer (I can't recall the name, but it's sill beta).

A. Montes

Do you have other rules? Maybe one of them is bypassing your exclusive
filter, or has a stop clause that prevents using the exclusive filter (I
don't have OL2003 so I don't know if the exclusive filter is employed by
a rule or a hardcoded option within the program). OL2003 has its
Bayesian filter, so maybe it is not detecting the message as spam but
has priority over the exclusive filter (which would be stupid but maybe
that is how it is setup).

"Getting back" makes you the vigilante that is a bane to normal society.
Extremists are never good for the moderate and normal society.
Microsoft won't be getting involved in vigilantism.