Outlook rule for removing Spam
I am getting from time to time emails that have this kind of text in the From field: ViagraAuthorized-Store aecihogyh1599@btcentralplu
The header looks like this:
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
linvps13.isomedia.com
X-Spam-Level: ***********
X-Spam-Status: Yes, score=11.7 required=5.0 tests=CMAE_1,HTML_MESSAGE,
MIME_HTML_ONLY,MISSING_DAT
X-Spam-Report:
* 0.0 MISSING_MID Missing Message-Id: header
* 0.0 MISSING_DATE Missing Date: header
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 10 CMAE_1 Cloudmark CMAE detected spam
Received: (qmail 3615 invoked by uid 110); 11 Jun 2010 13:53:50 -0700
Delivered-To: 30-support@....com
Received: (qmail 3611 invoked from network); 11 Jun 2010 13:53:50 -0700
Received: from linhost03.isomedia.com (HELO btcentralplus.com) (207.115.64.106)
by linhost03.isomedia.com with SMTP; 11 Jun 2010 13:53:49 -0700
Received: from btcentralplus.com (host86-129-187-251.range8
by linvps13.isomedia.com (8.12.10/8.12.10) with ESMTP id j6OPGs0646279
for <support@....com>; Fri, 11 Jun 2010 13:53:50 -0700
From: ViagraAuthorized-Store <aecihogyh1599@btcentralpl
To: support@....com
Subject: Dear support! Discount marathon continues! 80% off. the in believers not
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
I’d like to set up a rule that would delete any email that has ‘viagra’ in the From field or in the header in general.
For some reason this is not working.
I have Outlook 2010, but it was the same situation with Outlook 2007.
The header looks like this:
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
linvps13.isomedia.com
X-Spam-Level: ***********
X-Spam-Status: Yes, score=11.7 required=5.0 tests=CMAE_1,HTML_MESSAGE,
MIME_HTML_ONLY,MISSING_DAT
X-Spam-Report:
* 0.0 MISSING_MID Missing Message-Id: header
* 0.0 MISSING_DATE Missing Date: header
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 1.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
* 10 CMAE_1 Cloudmark CMAE detected spam
Received: (qmail 3615 invoked by uid 110); 11 Jun 2010 13:53:50 -0700
Delivered-To: 30-support@....com
Received: (qmail 3611 invoked from network); 11 Jun 2010 13:53:50 -0700
Received: from linhost03.isomedia.com (HELO btcentralplus.com) (207.115.64.106)
by linhost03.isomedia.com with SMTP; 11 Jun 2010 13:53:49 -0700
Received: from btcentralplus.com (host86-129-187-251.range8
by linvps13.isomedia.com (8.12.10/8.12.10) with ESMTP id j6OPGs0646279
for <support@....com>; Fri, 11 Jun 2010 13:53:50 -0700
From: ViagraAuthorized-Store <aecihogyh1599@btcentralpl
To: support@....com
Subject: Dear support! Discount marathon continues! 80% off. the in believers not
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
I’d like to set up a rule that would delete any email that has ‘viagra’ in the From field or in the header in general.
For some reason this is not working.
I have Outlook 2010, but it was the same situation with Outlook 2007.
Step 2, below, and then you don't need any exceptions do you, if so fill them in, like maybe from your boss or best friend, spouse etc.. just in case they forward you something you may want... otherwise click finish and yer done.
rule.step2.jpg
rule.step2.jpg
ASKER
It won't catch it...For some reason it does not look in the 'friendly name' before the email address:
From field: ViagraAuthorized-Store aecihogyh1599@btcentralplu
Maybe because the spammers succeded somehow to hide info from the header? (see email properties above with * 0.0 MISSING_MID Missing Message-Id: header)
From field: ViagraAuthorized-Store aecihogyh1599@btcentralplu
Maybe because the spammers succeded somehow to hide info from the header? (see email properties above with * 0.0 MISSING_MID Missing Message-Id: header)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also did you look closely at the rule, I did use Outlook 2010 .. it matches any 'word' in the senders address.. not sure if that's in your version of outlook or not.. but it should catch it.. the best way of course is to have your exchange server do it as I described in comment above.
Oh there was an error in that rule to, it should be 2 rules, one for in the senders address, and then another one with the subject or body.. since it might not be in both, it would need to be to seperate rules I didn't notice it used 'AND' and not 'OR'
ASKER
The outlook rule still din't work, but I've set up the Exchange rules and I'll watch it for a couple of days.
Maybe because the spam is comming on a POP3 email address and not the main Echange address.
Maybe because the spam is comming on a POP3 email address and not the main Echange address.
The rules generally only work for the primary account which is usually Exchange. If you want outlook to process rules for POP3 I think you have to put the POP3 account in first when setting up your profile making it the primary.
Hi, mihaisz.
I use the script below to take care of this. It moves messages that contain any of the kill words/phrases to the junk items folder. It works well. If you want to give it a try, then follow these instructions to add it to Outlook.
1. Start Outlook
2. Click Tools > Macro > Visual Basic Editor
3. If not already expanded, expand Microsoft Office Outlook Objects and click on ThisOutlookSession
4. Copy the code from the Code Snippet box and paste it into the right-hand pane of Outlook's VB Editor window
5. Edit the code as needed. I included comment lines wherever something needs to or can change
6. Click the diskette icon on the toolbar to save the changes
7. Close the VB Editor
8. Click Tools > Trust Center
9. Click Macro Security
10. Set Macro Security to "Warnings for all macros"
11. Click OK
12. Close Outlook
13. Start Outlook. Outlook will display a dialog-box warning that ThisOutlookSession contains macros and asking if you want to allow them to run. Say yes.
I use the script below to take care of this. It moves messages that contain any of the kill words/phrases to the junk items folder. It works well. If you want to give it a try, then follow these instructions to add it to Outlook.
1. Start Outlook
2. Click Tools > Macro > Visual Basic Editor
3. If not already expanded, expand Microsoft Office Outlook Objects and click on ThisOutlookSession
4. Copy the code from the Code Snippet box and paste it into the right-hand pane of Outlook's VB Editor window
5. Edit the code as needed. I included comment lines wherever something needs to or can change
6. Click the diskette icon on the toolbar to save the changes
7. Close the VB Editor
8. Click Tools > Trust Center
9. Click Macro Security
10. Set Macro Security to "Warnings for all macros"
11. Click OK
12. Close Outlook
13. Start Outlook. Outlook will display a dialog-box warning that ThisOutlookSession contains macros and asking if you want to allow them to run. Say yes.
Dim WithEvents olkInbox As Outlook.Items
Private Sub Application_Quit()
Set olkInbox = Nothing
End Sub
Private Sub Application_Startup()
Set olkInbox = Session.GetDefaultFolder(olFolderInbox).Items
End Sub
Private Sub olkInbox_ItemAdd(ByVal Item As Object)
'Edit the next line as desired. You can add as many words/phrases as you want.'
Const KILL_WORDS = "cialis,viagra,replica watch,shipped privately And discreetly"
Dim olkMsg As Outlook.MailItem, arrWords As Variant, varWord As Variant
If Item.Class = olMail Then
Set olkMsg = Item
arrWords = Split(KILL_WORDS, ",")
For Each varWord In arrWords
If InStr(1, olkMsg.Subject, varWord) Or InStr(1, olkMsg.SenderName, varWord) Or InStr(1, olkMsg.SentOnBehalfOfName, varWord) Then
olkMsg.Move Session.GetDefaultFolder(olFolderJunk)
Exit For
End If
Next
End If
Set olkMsg = Nothing
End Sub
ASKER
I just got an email from "Really CheapViagra online <rysol5545@comcast.net>", so it looks like I didn't set it right..I attached a picture from my VB editior.
The Oulook is connected to an Exchange server, but the spam is coming from another POP3 mail that I have added to my Outlook.
Should the script work on all emails that come to my inbox?
2010-06-14-102236.jpg
The Oulook is connected to an Exchange server, but the spam is coming from another POP3 mail that I have added to my Outlook.
Should the script work on all emails that come to my inbox?
2010-06-14-102236.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
rule.step1.jpg