RadioGeorge
asked on
Need Help Specifying Anti-Spam Addresses to Block Selected Emails
I'm using MailWasherPro and I'm having some problems designating terms to blacklist.
Today, I got spam email from these addresses:
contact@mp8v83rnlazygenuis .site
contact@zzvxx5bvlazygenuis .site
contact@8bys2vc6lazygenuis .site
contact@9hknyh3lazygenuis. site
contact@wl71cftjlazygenuis .site
I've tried designating *.********lazygenuis.com as a blacklisted address but that doesn't seem to trip the spam "on" for MailWasherPro. And I've had the same situation with other emails that have similar constructions. Some seem to work sometimes but not all the time.
I have a feeling I'm missing something really simple. And maybe it is--for an expert.
Comments? Questions? Solutions?
Today, I got spam email from these addresses:
contact@mp8v83rnlazygenuis
contact@zzvxx5bvlazygenuis
contact@8bys2vc6lazygenuis
contact@9hknyh3lazygenuis.
contact@wl71cftjlazygenuis
I've tried designating *.********lazygenuis.com as a blacklisted address but that doesn't seem to trip the spam "on" for MailWasherPro. And I've had the same situation with other emails that have similar constructions. Some seem to work sometimes but not all the time.
I have a feeling I'm missing something really simple. And maybe it is--for an expert.
Comments? Questions? Solutions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Andrew, I appreciate you email, but I'd like to get a specific example (or more) as to what the exact designation should be to use for one of those horrible emailers who keep using variations on a name. I have read the Mailwasher instructions and can't seem to find where I am not using the right setups as far as specifying an address to blacklist.
Specifically,
what should my blacklist designation be for
contact@q5dxi5ab server1on.info
Note the SPACE in the address between lab and server.
Do i want to use one asterisk, such as
contact@*server1on.info
or
contact@*********server1on .info
or contact@******** server1on.info
I'm sorry, but I just find his very confusing.
Thanks,
George
Specifically,
what should my blacklist designation be for
contact@q5dxi5ab server1on.info
Note the SPACE in the address between lab and server.
Do i want to use one asterisk, such as
contact@*server1on.info
or
contact@*********server1on
or contact@******** server1on.info
I'm sorry, but I just find his very confusing.
Thanks,
George
Hi George,
With regards to your example, I'll create and show you how to create the filter you're after step by step.
Note: The filter I'm going to show you below is specifically designed to only deal with any "server1on.info" domain messages that come in "and" that contains "contact@" - other messages that are not from "contact@" from the "server1on.info" domain will bypass the filter.
The instructions below may look a little long winded, but that's only because I'm trying to be thorough here. I assure you they're quite quick and easy to enter :)
Go to Settings > Spam Tools > Filters > and click on Add Filter...
On the filter window;
1. Select an appropriate Text and Background colour to your own liking
2. Give the filter a name. In my example, "Contact@ *anything* from Server1on.info Crap"
3. Type a description for the filter - this is optional
4. Filter type: should be set to "Spam"
5. Select "All" to apply the filter only to emails that match "ALL" of the rules stipulated
6. Click Add Rule, Change drop bars to "Entire Message" and "Contains" and "Plain text" as shown below
7. Type contact@ for the rule
8. Click Add Rule (Step 6.) again, and enter the next rule as server1on.info (No wildcards needed here)
9. Now click the "Actions" Tab
10. Drag the Spam Score slider all the way back to -200
11. Under Override Delete, Click the drop arrow and select "Always mark for delete"
12. Click the "Save" button to save your new filter
You're now done with that filter. The rest of this message just deals with explaining what the filter is doing, and how it's doing it.
What's the Filter doing?
The filter you've just created causes Mailwasher to do the following things when any email message comes in.
A) Checks to see if anywhere in the 'entire message' , there is any text that matches "contact@" - (this will exist in the "from" field of the entire message)
B) If the first check is true, it also checks if the 'entire message' contains any text that matches "server1on.info" - (again, Mailwasher will see "server1on.info" in the from field)
C) As "BOTH" rules have been satisfied, Mailwasher will automatically flag the message as Spam and mark it for deletion when you process mail. Note you still have the opportunity to override the filter before processing mail.
D) If only one of the rules is matched (for example, the message comes from a "differentname@" but is still from the "server1on.info" domain, Mailwasher ignores the message and doesn't apply the filter.
I hope that makes sense?
There are a number of ways you could set this filter and put even more (or fewer) restrictions on it.
For example, if you were to remove the first rule entirely and just leave the second rule "server1on.info", then "ANY" message from the server1on.info domain would satisfy the rule and would be automatically marked as SPAM and flagged for deletion by Mailwasher.
As mentioned earlier, the Filtering options in Mailwasher are extremely powerful and once you get the hang of using them, there isn't a scenario (that I've come across) that I couldn't deal with by simply creating (or modifying) an existing filter to deal with it. Also, again once you've got the hang of it, creating or modifying existing filters takes seconds, not minutes :)
Final Note
Purely for learning purposes, here's an example of my Garbage-1 filter that catches "any" message from the domains I've listed in the filters. My Garbage-1 filter contains 183 rules at time of writing, that have been added as needed over the years.
Note that in my example above, that the main difference between "your" filter we just created, and "my" filter, is that I've set mine to "Apply filter to match Any of the following rules:" as circled above. This tells mailwasher that I want "ANY" message that comes from all the listed domains to be considered as SPAM, automatically flagged for deletion and not to notify me of new mail arriving if the new mail is only spam.
I review these (takes me all of 2 or 3 seconds) when I choose to deal with my email before hitting Process Mail and just bringing in "Good" emails into Outlook. Ergo, my email client rarely if ever has any messages imported into it that I haven't specifically allowed.
I hope you found this helpful George.
If you have any other questions or are still unsure about how to create your own filters, please don't hesitate or feel embarrassed about asking for additional help.
Regards, Andrew
I'm sorry, but I just find his very confusingI too found the Filtering options confusing many years ago when I first started using Mailwasher. The confusion results from the power of the filtering function so don't feel bad or alone about that. Please feel free to ask for any additional clarifications you may need. Remember, the only silly question is the one that is never asked :)
With regards to your example, I'll create and show you how to create the filter you're after step by step.
Note: The filter I'm going to show you below is specifically designed to only deal with any "server1on.info" domain messages that come in "and" that contains "contact@" - other messages that are not from "contact@" from the "server1on.info" domain will bypass the filter.
The instructions below may look a little long winded, but that's only because I'm trying to be thorough here. I assure you they're quite quick and easy to enter :)
Go to Settings > Spam Tools > Filters > and click on Add Filter...
On the filter window;
1. Select an appropriate Text and Background colour to your own liking
2. Give the filter a name. In my example, "Contact@ *anything* from Server1on.info Crap"
3. Type a description for the filter - this is optional
4. Filter type: should be set to "Spam"
5. Select "All" to apply the filter only to emails that match "ALL" of the rules stipulated
6. Click Add Rule, Change drop bars to "Entire Message" and "Contains" and "Plain text" as shown below
7. Type contact@ for the rule
8. Click Add Rule (Step 6.) again, and enter the next rule as server1on.info (No wildcards needed here)
9. Now click the "Actions" Tab
10. Drag the Spam Score slider all the way back to -200
11. Under Override Delete, Click the drop arrow and select "Always mark for delete"
12. Click the "Save" button to save your new filter
You're now done with that filter. The rest of this message just deals with explaining what the filter is doing, and how it's doing it.
What's the Filter doing?
The filter you've just created causes Mailwasher to do the following things when any email message comes in.
A) Checks to see if anywhere in the 'entire message' , there is any text that matches "contact@" - (this will exist in the "from" field of the entire message)
B) If the first check is true, it also checks if the 'entire message' contains any text that matches "server1on.info" - (again, Mailwasher will see "server1on.info" in the from field)
C) As "BOTH" rules have been satisfied, Mailwasher will automatically flag the message as Spam and mark it for deletion when you process mail. Note you still have the opportunity to override the filter before processing mail.
D) If only one of the rules is matched (for example, the message comes from a "differentname@" but is still from the "server1on.info" domain, Mailwasher ignores the message and doesn't apply the filter.
I hope that makes sense?
There are a number of ways you could set this filter and put even more (or fewer) restrictions on it.
For example, if you were to remove the first rule entirely and just leave the second rule "server1on.info", then "ANY" message from the server1on.info domain would satisfy the rule and would be automatically marked as SPAM and flagged for deletion by Mailwasher.
As mentioned earlier, the Filtering options in Mailwasher are extremely powerful and once you get the hang of using them, there isn't a scenario (that I've come across) that I couldn't deal with by simply creating (or modifying) an existing filter to deal with it. Also, again once you've got the hang of it, creating or modifying existing filters takes seconds, not minutes :)
Final Note
Purely for learning purposes, here's an example of my Garbage-1 filter that catches "any" message from the domains I've listed in the filters. My Garbage-1 filter contains 183 rules at time of writing, that have been added as needed over the years.
Note that in my example above, that the main difference between "your" filter we just created, and "my" filter, is that I've set mine to "Apply filter to match Any of the following rules:" as circled above. This tells mailwasher that I want "ANY" message that comes from all the listed domains to be considered as SPAM, automatically flagged for deletion and not to notify me of new mail arriving if the new mail is only spam.
I review these (takes me all of 2 or 3 seconds) when I choose to deal with my email before hitting Process Mail and just bringing in "Good" emails into Outlook. Ergo, my email client rarely if ever has any messages imported into it that I haven't specifically allowed.
I hope you found this helpful George.
If you have any other questions or are still unsure about how to create your own filters, please don't hesitate or feel embarrassed about asking for additional help.
Regards, Andrew
ASKER
Andrew,
THANK YOU for your excellent and detailed help! I've been juggling a lot of stuff but made time to print out your instructions and implement them this morning and they worked just fine.
I do have one other question that arises from your explanation. I'm noticing that certain words keep coming up in the "From" field, such as Dermabellix, a cosmetic I'll never use. Using your procedure, how can I specify an email I get with a particular word as mail to be automatically flagged as neatly as the way you spelled out for the one you used in your example? (I could probably figure this out myself but I want to make SURE, and you are the expert!)
George
THANK YOU for your excellent and detailed help! I've been juggling a lot of stuff but made time to print out your instructions and implement them this morning and they worked just fine.
I do have one other question that arises from your explanation. I'm noticing that certain words keep coming up in the "From" field, such as Dermabellix, a cosmetic I'll never use. Using your procedure, how can I specify an email I get with a particular word as mail to be automatically flagged as neatly as the way you spelled out for the one you used in your example? (I could probably figure this out myself but I want to make SURE, and you are the expert!)
George
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Andrew,
THANK YOU so much for your excellent and detailed help! Your solutions have really helped me to eliminate wasted time and effort. "Wonderful" would not be too strong a term to describe your help.
If you want to publish your work online, as I believe you mused about, I will offer you a free page on a website I own that is designed to be a handy go-to site for information, although I imagine you just might have a website of your own.
And as I do with many experts here on EE, I invite you to visit and enjoy the fee-free music of www.radiogeorge.com, featuring oldies and smooth jazz.
Thanks again!
THANK YOU so much for your excellent and detailed help! Your solutions have really helped me to eliminate wasted time and effort. "Wonderful" would not be too strong a term to describe your help.
If you want to publish your work online, as I believe you mused about, I will offer you a free page on a website I own that is designed to be a handy go-to site for information, although I imagine you just might have a website of your own.
And as I do with many experts here on EE, I invite you to visit and enjoy the fee-free music of www.radiogeorge.com, featuring oldies and smooth jazz.
Thanks again!
You're very welcome George and thank you for your exceptionally kind remarks. I'm pleased I was able to help you out :)
Regards, Andrew
Regards, Andrew
George,
Just occurred to me that there is one other piece of information I think you'll find very useful when creating and modifying your filters.
Often, domains are faked in the From field, so it's not a very reliable way of filtering - if you were to create a filter similar to my Garbage-1 filter (or simply exclude entire domains by adding them to the General Garbage filter you've now created), here's a really quick and easy way of how to identify the "Real" domain garbage is coming from.
When on your View Messages pane in Mailwasher, double-click any email to see if the domain has been spoofed (faked), or if the spammer just didn't care because he found a poorly secured SMTP server to spam from.
In my case, I don't want to trust any email coming from a poorly secured SMTP server, so I like to exclude both possibilities. Here's where to find the "real" domain to filter, if the domain name has been spoofed in the From: field. This is also a great way to catch Phishing emails. I don't have a spoofed example to show you at the moment, however this is an easy way to identify them from within Mailwasher.
Just press your ESC key to exit the above screen.
Now in the above case, the domain hasn't been spoofed, but when it has, the two marked fields will differ.
Filter No. 2
Why?
Because No. 1 will often change because it's fake, but No. 2 will mostly remain the same because the SMTP server owner may not "give a rats" about his server being used to spam with, so the rule will still catch emails from the same spammers spoofing different domains, yet using the same unsecure SMTP server they've found. It will also catch other spammers efforts when they also discover and start to use the badly secured SMTP server.
Hope that makes sense and that you find it helpful. Just thought this would be some good additional information for you.
Best...
Andrew
Just occurred to me that there is one other piece of information I think you'll find very useful when creating and modifying your filters.
Often, domains are faked in the From field, so it's not a very reliable way of filtering - if you were to create a filter similar to my Garbage-1 filter (or simply exclude entire domains by adding them to the General Garbage filter you've now created), here's a really quick and easy way of how to identify the "Real" domain garbage is coming from.
When on your View Messages pane in Mailwasher, double-click any email to see if the domain has been spoofed (faked), or if the spammer just didn't care because he found a poorly secured SMTP server to spam from.
In my case, I don't want to trust any email coming from a poorly secured SMTP server, so I like to exclude both possibilities. Here's where to find the "real" domain to filter, if the domain name has been spoofed in the From: field. This is also a great way to catch Phishing emails. I don't have a spoofed example to show you at the moment, however this is an easy way to identify them from within Mailwasher.
Just press your ESC key to exit the above screen.
Now in the above case, the domain hasn't been spoofed, but when it has, the two marked fields will differ.
Filter No. 2
Why?
Because No. 1 will often change because it's fake, but No. 2 will mostly remain the same because the SMTP server owner may not "give a rats" about his server being used to spam with, so the rule will still catch emails from the same spammers spoofing different domains, yet using the same unsecure SMTP server they've found. It will also catch other spammers efforts when they also discover and start to use the badly secured SMTP server.
Hope that makes sense and that you find it helpful. Just thought this would be some good additional information for you.
Best...
Andrew
ASKER
An HONEST typo. Honest!