A Simple Spam Filtering Technique

Introduction

Spam (unsolicited bulk (usually commercial) email) is a huge problem to which there are no simple solutions.

However, there is a simple filtering technique that email end-users can deploy that greatly reduces the problem. This page describes this technique.

Implementing The Technique

Step 1: Create a spam folder/mailbox. In your email client (Eudora, Outlook or whatever), create a new folder/file/mailbox/whatever to which spam can be directed. To do this in Eudora on the Macintosh, go to Windows.Mailboxes and click on New Mailbox and name the mailbox Spam.

Step 2: Create a filter. In your email client, create a filter that will file any inbound email message into your newly created spam folder if its recipient fields do not  contain your email address. To do this in Eudora on the Macintosh, go to Window.Filters and hit New. For Header put Any Recipient then Does Not Contain and enter your email address. Then for Actions, put Transfer To and select your new spam folder.

Why The Technique Works

If you set this up correctly, then all arriving email that does not contain your email address in a recipient field (To, Cc) will be filed in the spam folder. As most (but not all) spam is mass-mailed and does not include the recipient's email address in a recipient field, this technique will filter most spam that you receive into the spam folder.

By filtering most spam into the spam folder, the filter eliminates most of the work of processing spam, because most of the work of processing spam is the work of separating the spam messages in your IN folder from the non-spam messages. Instead, all you need to do is cast your eye down the list of subject fields of the messages in the spam folder (each time email arrives) to ensure that no legitimate message has been filtered into the spam folder. Once you've done that, you should delete the spam messages so that you don't have to visually reprocess them again later. Alternatively, if you're worried about accidentally misclassifying spam, you could move the spam messages into a third folder called Processed Spam that you can later search if you later think you might have made a mistake.

This filter is of significant benefit because separating spam from non-spam mounts up as time goes by into a major time consumer. It is also an error-prone operation that increases the risk of accidentally deleting a legitimate message before it is even read.

Rescuing Legitimate Email From The Filter

The following kinds of legitimate messages will be filtered into the spam folder:

Mailing list messages: Postings to mailing lists arrive without your email address in a recipient field, so they will be filed in the spam folder. To prevent this from happening, add an additional filter for each mailing list to which you are subscribed.

Email that someone has BCCed you: If a person X sends an email to a person Y and BCCs (Blind Carbon Copy) you, then your email address will not appear in a recipient field and the message will wind up in the spam folder. To prevent this from happening add a filter for each person that you know who is in the habit of BCCing you.

For these and other reasons, it is important to configure your spam filter to merely file the suspected spam into a folder rather than actually deleting it. It is also important that you regularly review your spam folder.

Other Email-Client Filtering Techniques

The technique described above is the single most powerful technique for dealing with spam (apart from not getting on the spammers mailing lists in the first place). Deploying just this one technique will eliminate most of the work of dealing with spam.

To further improve your spam processing, you can create filters that filter out particular kinds of spam by keyword. This technique works well if you are receiving repeated messages from a single source. However, deployed aggressively, it tends to become a game of diminishing returns, as you end up with dozens and dozens of filters which clutter up your email filters list.

However, one thing that is worth doing is to create filters to filter into the spam folder any email from the following domains:

   aol.com
   earthlink.net
   excite.com
   geocities.com
   hotmail.com
   mail.com
   usa.net

These domains are frequently used as "From" addresses by spammers.

Spam Filtering Services

There are a number of spam-filtering services to which ISPs (not end users) can subscribe. My favorite is Postini, as I created their spam filter! If you are an ISP and you wish to reduce the amount of spam, please visit the Postini website and see what they have to offer.

Ross Williams (ross@ross.net)
26 January 2002