Need Help Specifying Anti-Spam Addresses to Block Selected Emails

I'm using MailWasherPro and I'm having some problems designating terms to blacklist.

Today, I got spam email from these addresses:

contact@mp8v83rnlazygenuis.site

contact@zzvxx5bvlazygenuis.site

contact@8bys2vc6lazygenuis.site

contact@9hknyh3lazygenuis.site

contact@wl71cftjlazygenuis.site

I've tried designating *.********lazygenuis.com as a blacklisted address but that doesn't seem to trip the spam "on" for MailWasherPro. And I've had the same situation with other emails that have similar constructions. Some seem to work sometimes but not all the time.

I have a feeling I'm missing something really simple. And maybe it is--for an expert.

Comments? Questions? Solutions?
RadioGeorgeOwner/ProgrammerAsked:
Who is Participating?
 
Andrew LeniartSenior EditorCommented:
Hi George,

Mailwasher Pro user for many, many years here, so I should be able to help you figure this out.

I've found that creating an appropriate "Filter" is the best way to handle this type of thing.

In Mailwasher, click SettingsSpam ToolsFiltersAdd Filter

Explore the abundance of rules available to you there. If you need help configuring, describe exactly what you want to filter and what changes in the offending emails that slips past your blacklist and I'll help you create a custom one. Over the years, my own filter list has grown to over 250 entries and "nothing" gets past them these days. Mailwasher is a brilliant tool :)

I hope that's helpful.

Regards, Andrew
0
 
RadioGeorgeOwner/ProgrammerAuthor Commented:
oops---".com" should be ".site"

An HONEST typo. Honest!
0
 
RadioGeorgeOwner/ProgrammerAuthor Commented:
Andrew, I appreciate you email, but I'd like to get a specific example (or more) as to what the exact designation should be to use for one of those horrible emailers who keep using variations on a name. I have read the Mailwasher instructions and can't seem to find where I am not using the right setups as far as specifying an address to blacklist.

Specifically,

what should my blacklist designation be for

contact@q5dxi5ab server1on.info

Note the SPACE in the address between lab and server.

Do i want to use one asterisk, such as

contact@*server1on.info

or

contact@*********server1on.info

or contact@******** server1on.info

I'm sorry, but I just find his very confusing.

Thanks,

George
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
Andrew LeniartSenior EditorCommented:
Hi George,
I'm sorry, but I just find his very confusing
I too found the Filtering options confusing many years ago when I first started using Mailwasher. The confusion results from the power of the filtering function so don't feel bad or alone about that. Please feel free to ask for any additional clarifications you may need. Remember, the only silly question is the one that is never asked :)

With regards to your example, I'll create and show you how to create the filter you're after step by step.

Note: The filter I'm going to show you below is specifically designed to only deal with any "server1on.info" domain messages that come in "and" that contains "contact@" - other messages that are not from "contact@" from the "server1on.info" domain will bypass the filter.

The instructions below may look a little long winded, but that's only because I'm trying to be thorough here. I assure you they're quite quick and easy to enter :)

Go to SettingsSpam ToolsFilters > and click on Add Filter...

MW1
On the filter window;

1. Select an appropriate Text and Background colour to your own liking
2. Give the filter a name. In my example, "Contact@ *anything* from Server1on.info Crap"
3. Type a description for the filter - this is optional
4. Filter type: should be set to "Spam"
5. Select "All" to apply the filter only to emails that match "ALL" of the rules stipulated
6. Click Add Rule, Change drop bars to "Entire Message" and "Contains" and "Plain text" as shown below
7. Type contact@ for the rule
8. Click Add Rule (Step 6.) again, and enter the next rule as server1on.info (No wildcards needed here)
9. Now click the "Actions" Tab

MW2

10. Drag the Spam Score slider all the way back to -200
11. Under Override Delete, Click the drop arrow and select "Always mark for delete"
12. Click the "Save" button to save your new filter

MW3
You're now done with that filter. The rest of this message just deals with explaining what the filter is doing, and how it's doing it.

MW4
What's the Filter doing?

The filter you've just created causes Mailwasher to do the following things when any email message comes in.

A) Checks to see if anywhere in the 'entire message' , there is any text that matches "contact@" - (this will exist in the "from" field of the entire message)

B) If the first check is true, it also checks if the 'entire message' contains any text that matches "server1on.info" - (again, Mailwasher will see "server1on.info" in the from field)

C) As "BOTH" rules have been satisfied, Mailwasher will automatically flag the message as Spam and mark it for deletion when you process mail. Note you still have the opportunity to override the filter before processing mail.

D) If only one of the rules is matched (for example, the message comes from a "differentname@" but is still from the "server1on.info" domain, Mailwasher ignores the message and doesn't apply the filter.

I hope that makes sense?

There are a number of ways you could set this filter and put even more (or fewer) restrictions on it.  

For example, if you were to remove the first rule entirely and just leave the second rule "server1on.info", then "ANY" message from the server1on.info domain would satisfy the rule and would be automatically marked as SPAM and flagged for deletion by Mailwasher.

As mentioned earlier, the Filtering options in Mailwasher are extremely powerful and once you get the hang of using them, there isn't a scenario (that I've come across) that I couldn't deal with by simply creating (or modifying) an existing filter to deal with it. Also, again once you've got the hang of it, creating or modifying existing filters takes seconds, not minutes :)

Final Note

Purely for learning purposes, here's an example of my Garbage-1 filter that catches "any" message from the domains I've listed in the filters. My Garbage-1 filter contains 183 rules at time of writing, that have been added as needed over the years.

MW5

Note that in my example above, that the main difference between "your" filter we just created, and "my" filter, is that I've set mine to "Apply filter to match Any of the following rules:" as circled above. This tells mailwasher that I want "ANY" message that comes from all the listed domains to be considered as SPAM, automatically flagged for deletion and not to notify me of new mail arriving if the new mail is only spam.

I review these (takes me all of 2 or 3 seconds) when I choose to deal with my email before hitting Process Mail and just bringing in "Good" emails into Outlook. Ergo, my email client rarely if ever has any messages imported into it that I haven't specifically allowed.

I hope you found this helpful George.

If you have any other questions or are still unsure about how to create your own filters, please don't hesitate or feel embarrassed about asking for additional help.

Regards, Andrew
0
 
RadioGeorgeOwner/ProgrammerAuthor Commented:
Andrew,

THANK YOU for your excellent and detailed help! I've been juggling a lot of stuff but made time to print out your instructions and implement them this morning and they worked just fine.

I do have one other question that arises from your explanation. I'm noticing that certain words keep coming up in the "From" field, such as Dermabellix, a cosmetic I'll never use. Using your procedure, how can I specify an email I get with a particular word as mail to be automatically flagged as neatly as the way you spelled out for the one you used in your example? (I could probably figure this out myself but I want to make SURE, and you are the expert!)

George
0
 
Andrew LeniartSenior EditorCommented:
Hi George,

I'm noticing that certain words keep coming up in the "From" field, such as Dermabellix, a cosmetic I'll never use. Using your procedure, how can I specify an email I get with a particular word as mail to be automatically flagged as neatly as the way you spelled out for the one you used in your example?

Excellent question, and one that Mailwasher deals with for me daily, very effectively. There's more than one way we could go about filtering out this type of annoyance, so what I'll share with you here is "my" preferred way dealing with what I refer to as "Garbage" emails.

Remember the Garbage-1 filter I showed you above? That's just one of 3 'general' filters I've configured into Mailwasher. I also have a Garbage-2 and Garbage-3 filter. My Garbage-3 filter is designed to deal with exactly what you're describing.

Again, this is a general filter that you'll note we're not needing to use specific email fields, such as 'From', 'Subject', 'To', 'Reply-to' (etc.) that are available to us to create very specific rules that won't interfere with genuine mail. That's where the "power" of Mailwasher's filters steps in and requires a bit more thought when creating filters. Your stated requirement, however, is very simple.

For your scenario, I'd suggest you create another filter and call it something like "General Garbage" - it will work on the same principle as my Garbage-1 filter example, except this time, we're going to specify any "words" for Mailwasher to search messages for, rather than domains.

Follow the steps I've already shown you to create another filter until you end up with a filter that looks like this;

General Garbage E-mails Filter
The "Actions" tab settings will be identical to the first filter you created.

The above filter took me all of 5-10 seconds to setup and configure. Note the biggest difference here to your other filter - We're telling mailwasher that if an email matches "Any" of the rules (rather than All) included here, to flag them as spam and deleting it when Process Mail is clicked. Again, you can over-ride the filter before you process your mail.

This General Garbage filter will no doubt grow over time and give you even more ideas. That's a good thing, because when the penny drops for you as to just how powerful this function is, then Spam will no longer be as big of an annoyance as it used to be.

Don't forget to Thumbs Down or Thumbs Up other emails if you have Learning turned on in Mailwasher too. It learns from your decisions and after a while, makes decisions based on what "you" consider to be spam, but I digress.

I'll consider writing a Tutorial to share on Experts Exchange in the near future for other new to Mailwasher users as well. It's probably obvious I'm quite fond of this software, and that's because it has almost completely eliminated spam annoyances for me. Now I just add a rule here and there to catch new crap and get on with my day.

Finally, don't be afraid of experimenting with the Filtering options. It's one of the best ways to learn their power. You can always over-ride a filtered email if you get it wrong before you Process Mail, and then adjust your filter(s) again until you get it right. Once the penny drops for you, I think I can pretty much assure you that this is a feature you'll love!

Have fun :)

Regards, Andrew
0
 
RadioGeorgeOwner/ProgrammerAuthor Commented:
Andrew,

THANK YOU so much for your excellent and detailed help! Your solutions have really helped me to eliminate wasted time and effort. "Wonderful" would not be too strong a term to describe your help.

If you want to publish your work online, as I believe you mused about, I will offer you a free page on a website I own that is designed to be a handy go-to site for information, although I imagine you just might have a website of your own.

And as I do with many experts here on EE, I invite you to visit and enjoy the fee-free music of www.radiogeorge.com, featuring oldies and smooth jazz.

Thanks again!
0
 
Andrew LeniartSenior EditorCommented:
You're very welcome George and thank you for your exceptionally kind remarks. I'm pleased I was able to help you out :)

Regards, Andrew
0
 
Andrew LeniartSenior EditorCommented:
George,

Just occurred to me that there is one other piece of information I think you'll find very useful when creating and modifying your filters.

Often, domains are faked in the From field, so it's not a very reliable way of filtering - if you were to create a filter similar to my Garbage-1 filter (or simply exclude entire domains by adding them to the General Garbage filter you've now created), here's a really quick and easy way of how to identify the "Real" domain garbage is coming from.

When on your View Messages pane in Mailwasher, double-click any email to see if the domain has been spoofed (faked), or if the spammer just didn't care because he found a poorly secured SMTP server to spam from.

Check for Real Domain
In my case, I don't want to trust any email coming from a poorly secured SMTP server, so I like to exclude both possibilities. Here's where to find the "real" domain to filter, if the domain name has been spoofed in the From: field. This is also a great way to catch Phishing emails. I don't have a spoofed example to show you at the moment, however this is an easy way to identify them from within Mailwasher.

The REAL source of the Spam

Just press your ESC key to exit the above screen.

Now in the above case, the domain hasn't been spoofed, but when it has, the two marked fields will differ.

Filter No. 2

Why?

Because No. 1 will often change because it's fake, but No. 2 will mostly remain the same because the SMTP server owner may not "give a rats" about his server being used to spam with, so the rule will still catch emails from the same spammers spoofing different domains, yet using the same unsecure SMTP server they've found. It will also catch other spammers efforts when they also discover and start to use the badly secured SMTP server.

Hope that makes sense and that you find it helpful. Just thought this would be some good additional information for you.

Best...

Andrew
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.