Avatar of hdhondt
hdhondtFlag for Australia

asked on 

How to stop weird spam messages

Lately I have been getting unusual spam, several times per week, and would like to know if there is any way of avoiding it.

The messages are always directly addressed to my own email address, they are always from a different sender, with different subject, different body text and a different link. I once tried clicking the link (on a public computer, not my own!) but the A/V prevented it, because it saw a threat.

While every message is different, they all have the same general format. I have attached two examples.
User generated imageUser generated image
Because every message is so different, I have not been able to filter them, neither on my ISP, nor in my email program (Operamail). I do not use any of the popular webmails like Gmail; instead my email is with TPG.com.au

Does anybody have any ideas that can filter this type of spam?
Email Clients* malware

Avatar of undefined
Last Comment
hdhondt
Avatar of David Favor
David Favor
Flag of United States of America image

You might try https://SpamHero.com as a cheap + effective spam filtering service.

$60 USD/year.

Works extremely well.
Avatar of Antzs
Antzs
Flag of Malaysia image

Does your current email server hosting TPG.com.au have a Spam filtering in place?  If this is managed by the ISP, you may want to get to configure something on their end to block such spam emails.
Avatar of John
John
Flag of Canada image

Another alternative is to get a Mail.com account and pay the modest annual fee for forwarding. They have a top notch spam filter. I use mail.com myself.

Or get your mail host to implement and set up Spam Assassin. That works well also.
ASKER CERTIFIED SOLUTION
Avatar of Dr. Klahn
Dr. Klahn

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Olgierd Ungehojer
Olgierd Ungehojer

Can you post one header of the message and source of the body ? Try to install ESET Smart Security on local machine and check how it would work  for you.
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

@Antzs yes, TPG have a spam filter, which is enabled. Apart from the built-in filters, I can specify addresses or domains (useless in this case) and I can specify filters using field values - again of no use for these emails.

However, you have prompted me to contact TPG and see if they can suggest something. I should have thought of that before, but I have done so now.

@Olgierd Here's a sample:

Return-path  <gmajnetm@n12.netmark.pl>
Received
from deliver ([unix socket]) by spool-host13.tpgi.com.au (Cyrus v2.4.13) with LMTPA; Tue, 14 Nov 2017 14:14:00 +1100
from n12.netmark.pl (n12.netmark.pl [188.40.131.151]) by mx2.tpgi.com.au (envelope-from gmajnetm@n12.netmark.pl) (8.14.3/8.14.3) with ESMTP id vAE3Dr5H015853 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <xxxxxxx@tpg.com.au>; Tue, 14 Nov 2017 14:13:58 +1100
from gmajnetm by n12.netmark.pl with local (Exim 4.87) (envelope-from <gmajnetm@n12.netmark.pl>) id 1eERfc-00010Y-1u for xxxxxxx@tpg.com.au; Tue, 14 Nov 2017 04:13:52 +0100

X-tpg-junk-checked  Yes
X-tpg-junk-status  score=4.2 tests=DCC_CHECK,HTML_MESSAGE,RCVD_IN_BRBL_LASTEXT,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,R_URI_1,SARE_ADLTSUB2
X-tpg-junk-level  ****
X-tpg-antivirus  Passed
X-tpg-dnsbl  Whitelisted
X-tpg-abuse  host=n12.netmark.pl; ip=188.40.131.151; date=Tue, 14 Nov 2017 14:13:58 +1100
To  xxxxxxxx@tpg.com.au
Subject  I have a tender lips and tight ass
X-php-script  ajantis.pl/ for 127.0.0.1
Date  Tue, 14 Nov 2017 04:13:52 +0100
From  "David H." <david.h@ajantis.pl>
Message-id  <17a0c77743289f5ac913c9c2a8ffc4fb@ajantis.pl>
X-mailer  PHPMailer 5.2.23 (https://github.com/PHPMailer/PHPMailer)
Mime-version  1.0
Content-type  multipart/alternative; boundary="b1_17a0c77743289f5ac913c9c2a8ffc4fb"
Content-transfer-encoding  8bit
X-antiabuse
This header was added to track abuse, please include it with any abuse report
Primary Hostname - n12.netmark.pl
Original Domain - tpg.com.au
Originator/Caller UID/GID - [520 516] / [47 12]
Sender Address Domain - n12.netmark.pl

X-get-message-sender-via  n12.netmark.pl: authenticated_id: gmajnetm/from_h
X-authenticated-sender  n12.netmark.pl: david.h@ajantis.pl
X-tpg-junk-result  determined as NOT junk email, not even with a high detection setting

Open in new window

Your server marked message with X-tpg-junk-status  score=4.2 what is good. Try to contact with your email hosting provider to change levels of spam. I may servers I can do this per mail addresses and postamster may be able to do this also for you. You may have levels like up 5 points - no spam, from 5-10 soft spam ( message with subject changed) and above 10 pints  - spam message discard. If postmaster would change first level to 4 - no spam you would receive message marked as a spam in subject and you can easy created filter in outlook. you can implement some similar solution on local machine with some software but I would recommended ask server admin first.
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

I have contacted TPG and will post their response when I receive it.
SOLUTION
Avatar of Steve Alder
Steve Alder

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

As there are not too many of these messages, I'm loath to start paying for a spam filter.

I have contacted my ISP and they are looking into it. However, there was a slight problem when I forwarded all headers and message of a couple of them: their spam filter bounced it back to me because of inappropriate language :-)

So I have resent it, with all offending words removed, and I'm waiting to hear back from them.
Avatar of John
John
Flag of Canada image

Ask them what they have in place. Do they have Spam Assassin?
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

I don't know which anti-spam utility TPG use. However, my query has now been elevated to the postmaster. One lives in hope.
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

Hopes dashed. TPG made some changes to my spam filter, which did not stop these messages, but stopped many legitimate emails. I have reversed all of them, and have not had any of the offending messages since. I suspect it's only a matter of time though until I'll get some more.

It does look as if I would have to spend money to get rid of them permanently, but as I've said before, that seems to be a waste of money. I do not get these messages that often, and they're only mildly offensive. If they come back, I'll just live with them.

I'll keep this open for another week or so.
Avatar of hdhondt
hdhondt
Flag of Australia image

ASKER

This is weird. It's now been a week since the last spam message. As fas as I can tell, all spam filter settings are the same as before. Yet, no more messages have come through, nor are they in spam. I can only assume that whichever idiot sent them has decided its not worth the hassle as I'm not responding.

I have given points to the comments that are most likely to be the solution to my vanished problem.
Email Clients
Email Clients

An email client, email reader or more formally mail user agent (MUA) is a computer program in the category of groupware environments used to access and manage a user's email. A web application that provides message management, composition, and reception functions may internally act as an email client; as a whole, it is commonly referred to as webmail. Likewise, email client may be referred to a piece of computer hardware or software whose primary or most visible role is to work as an email client. Email clients can also have other systems, like calendars, notes and contact managers.

20K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo