SPAM: Content Filtering - .INFO

Discussion in 'Email' started by Alan, Mar 28, 2010.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. Alan

    Alan

    Greetings –

    All SPAM has a pattern. Though many are too sophisticated to trap with great accuracy, we can snag quite a few with elementary filtering.

    In the last few weeks I have been struggling with one specific phrase/domain extension above and beyond all other challenges, and that is SPAM that arrives (spoofed or not, I don’t care) from “whatever-fake-domain.INFO”.

    I have tried several methods and tricks – ones that are sure-fire solutions for blocking emails with .RU, .CN and .HK, and a host of other strange phrases. However .INFO just seems to slip right on through my myriad of traps and snares :confused:

    I have also gone round and round with TechSup over this and I can’t seem to get a good enough answer to block these annoying bytes of trash.

    There has to be a solution. Personally I would like to understand how the filtering is getting applied. Perhaps with my copious years experience as a developer I could provide assistance to the authors of the SmarterMail application and write a patch.

    Then again, maybe I am just not applying the right kind of filter; I’m open to that :)

    Therefore please allow me to iterate some rules that I have developed (ordered by priority). Hopefully someone on the forum and resolve this riddle.
    • Rule Name 1: .info delete
      Contains Specific Words/Phrases in Body Text/Anywhere; OR & Allow-Wildcard selected; phrase “*.info*”; DELETE Message.
    • Rule Name 2: CN HK RU
      Contains Specific Words/Phrases Anywhere; OR & Allow-Wildcard selected; phrase “*.cn*, *.hk*, *.ru*,*.info*”; DELETE Message.
    • Rule Name 3: Block IPs
      (this rule lists a number of IPs known to send spam chiefly from RU and CN cities; works great!) ;)
    • Rule Name 4: Jerk Spammers :mad:
      Contains Specific Words/Phrases Anywhere; OR & Allow-Wildcard selected; phrase (a list of annoying domains and words, such as Viagra, comfyfirst.com, spreadhuge.com…); DELETE Message.
    • Rule Name 5: Blocked Addr Domains
      From Address - Specific Domains; AND & Allow-Wildcard selected; phrase (a list of annoying domains, such as contentparadise.com, mydoctorfeelgood.com, and also *.cn*, *.hk*, *.ru*,*.info*…); DELETE Message.
    • Rule Name 6: koi8-r (deletes emails using Cyrillic alphabet) :cool:
      Contains Specific Words/Phrases in Email Header; AND & Allow-Wildcard selected; phrase “*koi8-r*”; DELETE Message.
    • Rule Name 7: Scammers
      Contains Specific Words/Phrases in Body Text; OR & Allow-Wildcard selected; phrase “*vividstream.*, */centraldealbasket.com*, */aartscrafts.com/*, …”; DELETE Message.
    Except for this .INFO problem these rules do work quite well to greatly reduce the flood of SPAM that is actually delivered to the desktop.

    Is anyone else having this issue? Do you have some cool rules that really RULE? Please share!

    Thanks, moi
     
    Alan, Mar 28, 2010
    #1
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page