Stopping Spam

  • Thread starter Thread starter Daniel Louwrens
  • Start date Start date
D

Daniel Louwrens

I have just installed Outlook 2002 and want to
configure it to stop Spam.
Can anyone please put me on the right track
of where to start or how to do it.

thanks

Daniel
 
"Lanwench [MVP - Exchange]"
The easiest way, in my book, is to get third party antispam software
such as that found at www.cloudmark.com or www.giantcompany.com

The builtin junkmail features have never worked all that well for me,
but your mileage may vary.

Cloudmark's SpamNet used to be free but that's when it was a beta
version. Now that it is released and gone commercial, you get 30 days
to trial it and then you have to pay for it. The GiantCompany product
is also a trial that after 15 days you have to pay for.

I use SpamPal. It's free. Instead of relying on bad word or bad phrase
lists or spammer tricks used in headers or e-mail addresses, it relies
on *where* the e-mail originated. Lots of spam comes from known
sources. SpamPal uses the lists of these known sources and will mark
e-mails from them as suspect; SpamPal marks the suspect e-mail and you
use a rule in Outlook to move it, permanently delete it, color it, or
whatever is your fancy. You can get plug-ins (also free) to add
Bayesian filtering which uses statistics to weight the words within an
e-mail to determine if it is spam instead of just noticing that one or
more of them are there. A RegEx plug-in lets you define criteria to
search for that goes beyond what the rules in Outlook allow. An
HTML-Modify plug-in will remove all the HTML nasties that spammers try
to use, like web bugs to force you to download graphics in the
HTML-formatted e-mail which then gets your IP address because TCP/IP
requires it so the spammer's server knows where to send their images, or
like getting rid of scripts within HTML-formatted e-mails, and more.
For free, you can get SpamPal and lots of plug-ins that give you a very
potent weapon against spam.

There are other products, like MailWasher, that let you preview your
e-mails before downloading them, and also assists in marking the suspect
e-mails that might be spam. Just do NOT use its Bounce feature (that
only identifies your e-mail account is valid and monitored to a
spammer). You can then delete them while they are still on your ISP's
mail server without having to waste the time and bandwidth to download
them and then delete them. I suppose the feature to mark suspect
e-mails as spam would help some users, but I can usually discern 90%+ of
the spam just by their Subject line. So I just use POP Peeper (which
also works with some webmail providers) to alert me to pending new
e-mails and let me delete them without downloading them. I can even
download them into POP Peeper to read the message without it ever
getting into my e-mail client.

You might want to check with your ISP and look into your e-mail account
settings (if they provide a webmail interface) to see if they have
anti-spam filtering available. If so, enable that option so you don't
even have to waste time analyzing those detected spam e-mails since the
ISP will have already detected them.

You can even go more extreme and buy challenge-response products, like
Choicemail, Vanquish, and CruelMail, that require the sender to respond
to a challenge sent to an e-mail they sent you. Spammers won't respond
likely because they never receive the challenge e-mail. The problem
with the challenge-response scheme is that is will generate a spam
whiplash against innocents that were never involved in the spam.
Spammers do not use their real e-mail address. They use bogus e-mail
addresses, or they may use someone else's valid e-mail address. All the
challenges sent in response to the spammer's e-mail get sent to this
valid-but-not-spammer's e-mail address and some innocent gets deluged
with thousands of challenge e-mails for an e-mail they never sent. In
fact, the spammer could retaliate against these challenge-response
schemes by setting up listservers, and when the challenge came back to
that e-mail address to the listserver then the listserver would spew out
a copy of the challenge to a whole bunch of valid e-mails for innocents.
I've contacted Choicemail, Vanquish, and CruelMail and all have
recognized their products are a stop-gap solution and could be easily
abused. To me, these are solutions still in the the early portion of
the development curve.

You can still define some general rules to help catch any spam that the
filters or software might miss, such as:

- Apply this rule after the message arrives
sender is in <contacts> Address Book
stop processing more rules
= If they are known to you (i.e., in your Contacts) then you probably
want their e-mails.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if my name is in the To or Cc box
= If it wasn't addressed to me then I probably don't want it. This will
miss e-mails in which you are specified in the BCC field, which are
often for newsletters (so I just define a rule farther up in the list
that catches the newsletters and keeps them; i.e., I have "whitelist"
rules near the top of the rules list).

- Apply this rule after the message arrives
with <email1> or <email2> or ... in the sender's address
move to <junk/spam> folder
= Spammers often are required to put something in the From header to
ensure their spam gets through to you, so they may put your e-mail
address in the From field (i.e., they want to pretend that you sent
yourself the e-mail). I don't talk to myself via e-mail.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if the message header contains "Message-ID:" or "Message-Id:"
= Spammers like to hide. Spam-friendly ISPs will let their spammer
buddies hide. That means they will not or would like not to identify
themselves. This means that the Message-ID field is missing in their
spam e-mails. Legit non-spamming users almost always have a Message-ID
header although it is optional. Newsletters or broadcast messages often
do not but then I catch the ones that I want in my whitelist rules
executed earlier.

Other users probably have their favorite rules on how to catch spam.
Between SpamPal, its Bayesian, RegEx, and HTML-Modify plugins - all
free - and a few rules in Outlook, along with enabling the e-mail
screener in my ISP e-mail account, I end up with very few spams getting
through. The effort to squeeze out that last few rare spam that get
through far outweighs the effort to just hit the delete key and move on
with your life.
 
You're right, Cloudmark isn't free anymore - but it is very simple to use
and seems to work well. I've never tried SpamPal - sounds pretty good, too,
but I tend to like the content filtering & keyword stuff as well. To each
his/her own! ;-)
"Lanwench [MVP - Exchange]"
The easiest way, in my book, is to get third party antispam software
such as that found at www.cloudmark.com or www.giantcompany.com

The builtin junkmail features have never worked all that well for me,
but your mileage may vary.

Cloudmark's SpamNet used to be free but that's when it was a beta
version. Now that it is released and gone commercial, you get 30 days
to trial it and then you have to pay for it. The GiantCompany product
is also a trial that after 15 days you have to pay for.

I use SpamPal. It's free. Instead of relying on bad word or bad
phrase lists or spammer tricks used in headers or e-mail addresses,
it relies on *where* the e-mail originated. Lots of spam comes from
known sources. SpamPal uses the lists of these known sources and
will mark e-mails from them as suspect; SpamPal marks the suspect
e-mail and you use a rule in Outlook to move it, permanently delete
it, color it, or whatever is your fancy. You can get plug-ins (also
free) to add Bayesian filtering which uses statistics to weight the
words within an e-mail to determine if it is spam instead of just
noticing that one or more of them are there. A RegEx plug-in lets
you define criteria to search for that goes beyond what the rules in
Outlook allow. An HTML-Modify plug-in will remove all the HTML
nasties that spammers try to use, like web bugs to force you to
download graphics in the HTML-formatted e-mail which then gets your
IP address because TCP/IP requires it so the spammer's server knows
where to send their images, or like getting rid of scripts within
HTML-formatted e-mails, and more. For free, you can get SpamPal and
lots of plug-ins that give you a very potent weapon against spam.

There are other products, like MailWasher, that let you preview your
e-mails before downloading them, and also assists in marking the
suspect e-mails that might be spam. Just do NOT use its Bounce
feature (that only identifies your e-mail account is valid and
monitored to a spammer). You can then delete them while they are
still on your ISP's mail server without having to waste the time and
bandwidth to download them and then delete them. I suppose the
feature to mark suspect e-mails as spam would help some users, but I
can usually discern 90%+ of the spam just by their Subject line. So
I just use POP Peeper (which also works with some webmail providers)
to alert me to pending new e-mails and let me delete them without
downloading them. I can even download them into POP Peeper to read
the message without it ever getting into my e-mail client.

You might want to check with your ISP and look into your e-mail
account settings (if they provide a webmail interface) to see if they
have anti-spam filtering available. If so, enable that option so you
don't even have to waste time analyzing those detected spam e-mails
since the ISP will have already detected them.

You can even go more extreme and buy challenge-response products, like
Choicemail, Vanquish, and CruelMail, that require the sender to
respond to a challenge sent to an e-mail they sent you. Spammers
won't respond likely because they never receive the challenge e-mail.
The problem with the challenge-response scheme is that is will
generate a spam whiplash against innocents that were never involved
in the spam. Spammers do not use their real e-mail address. They use
bogus e-mail addresses, or they may use someone else's valid e-mail
address. All the challenges sent in response to the spammer's e-mail
get sent to this valid-but-not-spammer's e-mail address and some
innocent gets deluged with thousands of challenge e-mails for an
e-mail they never sent. In fact, the spammer could retaliate against
these challenge-response schemes by setting up listservers, and when
the challenge came back to that e-mail address to the listserver then
the listserver would spew out a copy of the challenge to a whole
bunch of valid e-mails for innocents. I've contacted Choicemail,
Vanquish, and CruelMail and all have recognized their products are a
stop-gap solution and could be easily abused. To me, these are
solutions still in the the early portion of the development curve.

You can still define some general rules to help catch any spam that
the filters or software might miss, such as:

- Apply this rule after the message arrives
sender is in <contacts> Address Book
stop processing more rules
= If they are known to you (i.e., in your Contacts) then you probably
want their e-mails.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if my name is in the To or Cc box
= If it wasn't addressed to me then I probably don't want it. This
will miss e-mails in which you are specified in the BCC field, which
are often for newsletters (so I just define a rule farther up in the
list that catches the newsletters and keeps them; i.e., I have
"whitelist" rules near the top of the rules list).

- Apply this rule after the message arrives
with <email1> or <email2> or ... in the sender's address
move to <junk/spam> folder
= Spammers often are required to put something in the From header to
ensure their spam gets through to you, so they may put your e-mail
address in the From field (i.e., they want to pretend that you sent
yourself the e-mail). I don't talk to myself via e-mail.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if the message header contains "Message-ID:" or
"Message-Id:" = Spammers like to hide. Spam-friendly ISPs will let
their spammer buddies hide. That means they will not or would like
not to identify themselves. This means that the Message-ID field is
missing in their spam e-mails. Legit non-spamming users almost
always have a Message-ID header although it is optional. Newsletters
or broadcast messages often do not but then I catch the ones that I
want in my whitelist rules executed earlier.

Other users probably have their favorite rules on how to catch spam.
Between SpamPal, its Bayesian, RegEx, and HTML-Modify plugins - all
free - and a few rules in Outlook, along with enabling the e-mail
screener in my ISP e-mail account, I end up with very few spams
getting through. The effort to squeeze out that last few rare spam
that get through far outweighs the effort to just hit the delete key
and move on with your life.
 
MktTrader said:
How do you get the pointer to reference "Contacts" and not
individual entries in Outlook 2000?

The <contacts> "pointer" in the rule, when you click on it, will only
list whatever contacts-type folders you have designated to include in
Outlook's Address Book. This "pointer" does not show individuals listed
in the selected contacts-type folder.

Everyone starts out with one contacts-type folder, called Contacts, but
you can add more, especially if you want to group your contacts, like
those at work, those for customers, and those for friends and family
(rather than use categories). To include a contacts-type folder in
Outlook's Address Book (so you see the contacts contained therein when
you open the Address Book or to see that contacts-type folder listed for
this pointer in a rule), you must right-click on each contacts-type
folder, select Properties, open the Outlook Address Book tab, and check
the option to include this folder in the Outlook Address Book.

Microsoft does not permit defining a rule in which you can list multiple
contacts-type folders. If you have N contacts-type folders and all of
them have been designated to be included in Outlook's Address Book, you
must define N copies of the above rule to cover all N contacts-type
folders. Because only the folder name is shown when you make a
selection amongst them, it behooves you to use unique names for each
contacts-type folder, even if something like "Contacts" (the default
one), "Contacts - Customers", and "Contacts - Personal". Then you know
which contacts-type folder you are selecting for the "pointer" in a
rule, or in the drop-down listbox in Outlook's Address Book.
 
MktTrader said:
I appreciate your detailed reply and I think I understand
what you said, but my Outlook 2000 will not allow me to
select my Contacts folder (under Address Book). Selecting
it just takes me back to the wizard and the spot still
says "people or distribution list".

I only use the default Contacts folder and it is part of
the Address Book.

If I'm right, having Contacts in the rule will pick up all
changes in the contacts folder going forward. Is this
correct?

You picked the wrong condition. The condition that I mentioned does NOT
have a "people or distribution list" pointer. Do NOT use:

from <people or distribution list>

Instead use the condition:

sender is in <specified> Address Book
 
Vanguard said:
"Lanwench [MVP - Exchange]"
The easiest way, in my book, is to get third party antispam software
such as that found at www.cloudmark.com or www.giantcompany.com

The builtin junkmail features have never worked all that well for me,
but your mileage may vary.

Cloudmark's SpamNet used to be free but that's when it was a beta
version. Now that it is released and gone commercial, you get 30 days
to trial it and then you have to pay for it. The GiantCompany product
is also a trial that after 15 days you have to pay for.

I use SpamPal. It's free. Instead of relying on bad word or bad phrase
lists or spammer tricks used in headers or e-mail addresses, it relies
on *where* the e-mail originated. Lots of spam comes from known
sources. SpamPal uses the lists of these known sources and will mark
e-mails from them as suspect; SpamPal marks the suspect e-mail and you
use a rule in Outlook to move it, permanently delete it, color it, or
whatever is your fancy. You can get plug-ins (also free) to add
Bayesian filtering which uses statistics to weight the words within an
e-mail to determine if it is spam instead of just noticing that one or
more of them are there. A RegEx plug-in lets you define criteria to
search for that goes beyond what the rules in Outlook allow. An
HTML-Modify plug-in will remove all the HTML nasties that spammers try
to use, like web bugs to force you to download graphics in the
HTML-formatted e-mail which then gets your IP address because TCP/IP
requires it so the spammer's server knows where to send their images, or
like getting rid of scripts within HTML-formatted e-mails, and more.
For free, you can get SpamPal and lots of plug-ins that give you a very
potent weapon against spam.

There are other products, like MailWasher, that let you preview your
e-mails before downloading them, and also assists in marking the suspect
e-mails that might be spam. Just do NOT use its Bounce feature (that
only identifies your e-mail account is valid and monitored to a
spammer). You can then delete them while they are still on your ISP's
mail server without having to waste the time and bandwidth to download
them and then delete them. I suppose the feature to mark suspect
e-mails as spam would help some users, but I can usually discern 90%+ of
the spam just by their Subject line. So I just use POP Peeper (which
also works with some webmail providers) to alert me to pending new
e-mails and let me delete them without downloading them. I can even
download them into POP Peeper to read the message without it ever
getting into my e-mail client.

You might want to check with your ISP and look into your e-mail account
settings (if they provide a webmail interface) to see if they have
anti-spam filtering available. If so, enable that option so you don't
even have to waste time analyzing those detected spam e-mails since the
ISP will have already detected them.

You can even go more extreme and buy challenge-response products, like
Choicemail, Vanquish, and CruelMail, that require the sender to respond
to a challenge sent to an e-mail they sent you. Spammers won't respond
likely because they never receive the challenge e-mail. The problem
with the challenge-response scheme is that is will generate a spam
whiplash against innocents that were never involved in the spam.
Spammers do not use their real e-mail address. They use bogus e-mail
addresses, or they may use someone else's valid e-mail address. All the
challenges sent in response to the spammer's e-mail get sent to this
valid-but-not-spammer's e-mail address and some innocent gets deluged
with thousands of challenge e-mails for an e-mail they never sent. In
fact, the spammer could retaliate against these challenge-response
schemes by setting up listservers, and when the challenge came back to
that e-mail address to the listserver then the listserver would spew out
a copy of the challenge to a whole bunch of valid e-mails for innocents.
I've contacted Choicemail, Vanquish, and CruelMail and all have
recognized their products are a stop-gap solution and could be easily
abused. To me, these are solutions still in the the early portion of
the development curve.

You can still define some general rules to help catch any spam that the
filters or software might miss, such as:

- Apply this rule after the message arrives
sender is in <contacts> Address Book
stop processing more rules
= If they are known to you (i.e., in your Contacts) then you probably
want their e-mails.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if my name is in the To or Cc box
= If it wasn't addressed to me then I probably don't want it. This will
miss e-mails in which you are specified in the BCC field, which are
often for newsletters (so I just define a rule farther up in the list
that catches the newsletters and keeps them; i.e., I have "whitelist"
rules near the top of the rules list).

- Apply this rule after the message arrives
with <email1> or <email2> or ... in the sender's address
move to <junk/spam> folder
= Spammers often are required to put something in the From header to
ensure their spam gets through to you, so they may put your e-mail
address in the From field (i.e., they want to pretend that you sent
yourself the e-mail). I don't talk to myself via e-mail.

- Apply this rule after the message arrives
move it to <junk/spam> folder
except if the message header contains "Message-ID:" or "Message-Id:"
= Spammers like to hide. Spam-friendly ISPs will let their spammer
buddies hide. That means they will not or would like not to identify
themselves. This means that the Message-ID field is missing in their
spam e-mails. Legit non-spamming users almost always have a Message-ID
header although it is optional. Newsletters or broadcast messages often
do not but then I catch the ones that I want in my whitelist rules
executed earlier.

Other users probably have their favorite rules on how to catch spam.
Between SpamPal, its Bayesian, RegEx, and HTML-Modify plugins - all
free - and a few rules in Outlook, along with enabling the e-mail
screener in my ISP e-mail account, I end up with very few spams getting
through. The effort to squeeze out that last few rare spam that get
through far outweighs the effort to just hit the delete key and move on
with your life.
Excellent and precise advice,

thank you very much

Daniel
 
Back
Top