Internet >
Email > Help >
Spam >
Application
Spam Filtering
As
a last resort, you can set up your own spam blocker
with your email application's built-in filter capability.
However, be forewarned that this approach requires set-up and regular
ongoing maintenance to remain
effective enough to catch most of the spam sent your way. At the same time,
it is an option under your control and provides a countermeasure if you
don't have other choices.
When reading spam email to obtain keywords to create application level filters,
remember to keep your Internet connection turned off or firewall locked so
that images in the email don't display and broadcast your address availability
back
to the spammers (fortunately some email applications like Thunderbird have
this protection built-in). The following guidelines describe how to set up
application-level spam filters:
- Mailbox. Create a special mailbox called "Junk-filter",
or something similar, into which you will direct the filtered mail instead
of deleting it. Then every once in awhile scan the junk mailbox to gauge
the success of your filters and make sure no legitimate email is being trapped.
You can also use this archive to help tune your filters as described under Selection below.
- Guards. Most email programs have the capability to create a set
of "guard filters" that greatly trap known addresses to reduce
the potential of filtering legitimate email by mistake. If you application
has the capability you should set these up first, and add a new guard every
time you add a new address to your address book.
At the top of the filter list, so they fire before all the others, create
a set of guard filters to recognize the email addresses of your friends,
family, and current mailing lists. The corresponding action should be called "skip
the rest" or equivalent. Any email from usual correspondents will then
be kicked out of the filter engine as soon as they are recognized and will
not be examined by the rest of the spam filters, thereby greatly reducing
false positives and the chance of legitimate email being filtered by mistake.
- Filters. Now you are ready to set up a set of filters to recognize
common spam keywords and then transfer the email into the Junk-filter mailbox.
First set up an initial set of filters based on the spam you have been getting
most recently, and constructed to trap the most common spam keywords and
phrases. Some examples are listed below:
- Subject contains "mortgage" and
Subject contains "loan"
- Subject contains "medication" and
Subject contains "free shipping"
- Body contains "remove me" and
Body contains "click here"
- Maintenance. After you set up your initial set of filters, monitor
the spam you still receive and add a couple of rules each time you check
your mail to continually increase the efficiency of your filter engine. Add
a few rules each time to catch the most common examples still making it through
the filter engine. Over time, the amount of spam that makes it through will
become less and less, and will be of increasingly unusual nature (ex: weird
subject lines) that they will be easily recognizable as spam by the human
eye and easily deleted.
- Selection. There are two basic goals when drafting a spam filter:
make the rule broad enough to be effective at catching spam, and make the
rule specific enough to avoid trapping legitimate email by mistake. The following
guidelines assist in creation of good spam filter rules:
- Tuning. You can occasionally go through your trash,
which consists largely of spam you had to delete manually,
sort the mailbox by subject, and look for common patterns and
keywords. You can then create a few new filters to catch similar
email, fine-tuning your engine to catch more of the spam that
have been escaping your filter engine.
- Efficiency. If you wonder if a rule is worth creating,
you can use the filter mailbox as a useful archive to test
the rule. Search the spam mailbox for the filter condition
you are considering. If none (or very few) of the spam you've
so far received match the condition, the rule is probably ineffective
and not worthwhile.
- Safety. Always use guard rules as described above
to minimize the chance of trapping legitimate email. However,
you still want to remain accessible to the world and new correspondents.
If you wonder if a rule is too broad and might catch legitimate
email by mistake, then you can search your existing mailboxes
for the filter condition. If one or more legitimate email you've
already received matches the condition, the rule is probably
too broad and needs to be made more spam specific by adding
keywords or conditions.
- Fields. With most email applications, filters can
target the sender, subject, message body, and other fields.
However, because most fields can be faked, the subject and
message body are the best for spam filters.
The subject has both efficiency and safety advantages. Filters that act
on the subject are more effective since the subject is pure text and
easy to match, whereas HTML content in the body are easier to disguise.
Rules that target the subject are also less likely to catch legitimate
email by mistake than those that target the body, because there is less
chance of a sender using a spam-like phrase in a few words of subject
than in many paragraphs of body.
|