How to block most spam with a few of my MailWasher Pro filters
July 30, 2012
Almost everybody who sends and receives email has to deal with spam, scams and security threats that are delivered by spammers and their botnetted computers, every day. Manually sorting through email subjects to detect and delete spam is time consuming and not always effective at first glance. It is more efficient to let my spam filters do the work for you.
Many people choose to use their web browsers to "do" email, which leaves them at the mercy of their email provider to filter out spam. Countless others prefer to use a real, desktop email client to compose, send and receive email, using the POP3 or IMAP email protocols. If you are in the second group and are using a real email client, like Windows Live Mail, adding MailWasher Pro and my custom MailWasher spam filters can reduce the amount of spam, scams and malware threats getting through to a few percentage points.
I currently have published almost 150 spam filters for MailWasher Pro users to download freely and apply to their copy of the program. These spam filters cover both the old version 6.x (last version is 6.5.4) and the new XML versions starting with v 2010. Only the new version is under development now. MailWasher Pro is currently at version 2012 - 1.20.1
Although I have created and published about 150 filters, in reality, only a few are needed nowadays to block most of the current crop of junk email. I shall list these filters below, along with the types of spam that they are able to detect and delete. Note, that in the new version of MailWasher Pro, automatic deletion occurs when a certain spam rating number has been reached, or, if you decide to set one or more filters to automatically delete messages matched by those filters. Some of my filters are set to what I call "Judge Dredd, Murder - Death - Kill" settings; meaning they auto-delete anything matching their conditions. The MailWasher spam filters can include both plain text and regular expressions matches and are very powerful.
The following are my best performing spam filters, during most of 2012 (up to today, July 31).
- Russian Domain Link: This matches at least 80% of all pharmaceutical, male enhancement and counterfeit watches spam emails!
- Known Spam Subjects #4: This detects about 5% of my spam, including most current "work at home processing email" scams.
- Known Spam Domains: This filter contains rules that detect the presence of domain names typically used in spam runs, both in the headers and in the body text. I update it when necessary, which happened just yesterday.
- African Sender: This is but one of seven filters that detect Nigerian 419 scams, as well as many other criminal acts carried out from botted computers in AfriNIC territories, which includes all of Nigerian.
- Diploma Spam [Subject or Body): These detect the fake diploma scams that are always making the rounds.
- Fake Query String In Link: These messages spoof well known organizations and financial institutions, as well as Facebook, but have huge "query strings" appended to flat files ending in .htm. The query strings are meaningless, meant to fool spam filters. All lead to the BlackHole Exploit Kit.
- From India: Sadly, India has the dishonor of being ranked as the #1 spam sending Country in the inhabited World. They have more botnetted computers spewing spam than even South Korea, who held the #1 spammer position in 2011.
- Work At Home #1 and #2: These filters detect money mule - money laundering scams targeting unemployed people seeking work at home jobs that do not exist in the legitimate sphere. People who participate in these schemes are subject to arrest and imprisonment for acting as accomplices in money laundering operations run out of the former Soviet Union. These crimes are usually tied to purveyors of the ZeuS banking Trojan, who are based in the former Soviet Union.
- URL Shortener Link: Many links are sent through what are called URL Shortener websites. Many of those shortened URLs are used by spammers trying to get past spam filters by using such short links. My filter detect all shortened links and dfoes not auto-delete them. Instead, it uses a gray background to bring the fact that shortened links are present to your attention. You decide if they are spammy or legit.
- .BR or .CN Domain Link: Unless you routinely exchange email with persons in Brazil and China, 100% of the emails matching this filter are sending spam.
These 10 filters, along with 6 more Nigerian 419 scam, 3 Diploma, 4 Work At Home-Money Mule scam, and several "courier spam" filters can eliminate almost 99% of today's incoming email spam, scams and malware threats before you download them into your email client. All you need is a licensed copy of MailWasher Pro, with my custom filters installed as per the instructions on my MailWasher Filters page. You can also block a few more spam messages by applying my published MailWasher Pro Blacklist, which deletes email from regular sources of spam and scams. However, since the blacklist contains country extensions that only send spam to me, you may need to edit out any rules that would delete messages that you deem legitimate, from such locations.
If anybody reading this would like to have my assistance developing a set of spam filters best suited to their situation, please contact me via my Webmaster contact form. My rates are competitive and reasonable and are payable through PayPal.