Thread: Junk Email - Obvious SPAM being overlooked
View Single Post
  #2  
Old June 18th 06, 03:52 PM posted to microsoft.public.outlook
Vanguard
external usenet poster
  
Posts: 272
Default Junk Email - Obvious SPAM being overlooked
"Kevin Spencer" wrote in message
...
I am using Outlook 2003, and recently installed the update that
contains the latest Junk email filters. It certainly improved the Junk
email collection. I combine the use of this with adding SPAM email
addresses and domains to my Blocked Senders list whenever they arrive.
However, an obvious SPAM regularly makes it through, and I'm wondering
why Microsoft seems to have overlooked this for so long.

The obvious SPAM is an email message with *all* of the following
blank: From, To, CC, BCC, Subject, and Body. There is header data,
though. Here is an example of the headers from one of these (recipient
and innocent server names obfuscated):

Return-Path:
Received: from centrmimpi02.***.net ([##.##.###.###])
by centrmmtai02.***.net
(InterMail vM.6.01.06.01 201-2131-130-101-20060113) with
ESMTP
id
20060618121714.ZWXD10025.centrmmtai02.***.net@cen trmimpi02.***.net
for ; Sun, 18 Jun 2006 08:17:14 -0400
Received: from mail.******.com ([##.###.##.#])
by centrmimpi02.***.net with IMP
id n0CG1U00x06acko0000000
for ; Sun, 18 Jun 2006 08:12:18 -0400
Received: from SMTP32-FWD by takempis.com
(SMTP32) id A000008AC; Sun, 18 Jun 2006 07:12:35 -0500
Received: from esper.com [86.198.69.128] by mail.*****.com
(SMTPD32-7.07) id A3321A8200CA; Sun, 18 Jun 2006 07:12:34 -0500
Message-Id:
Date: Sun, 18 Jun 2006 07:12:37 -0500

I would suggest that such obvious SPAM be filtered!

I was also unable to create my own Rule for deleting such emails, as
the Rules that use those fields do not allow for blanks.


All those headers are optional according to RFC 2822. That is, the To,
Cc, Bcc (which should not be included), and Subject may appear a minimum
of zero times or a maximum of 1 time. There is also no requirement that
the body be non-blank.

Since there is nothing to sell, scam, phish, or otherwise announce in a
blank e-mail, it can only be spam if it was sent out in bulk. As a
single recipient of the e-mail, you haven't a clue if that mail was sent
out to multiple recipients regardless of what is shown in the headers
(which is merely *data* created by the sender and is NOT used in the
actual routing of the mail). There would be no way to discern that this
mail was spam when it could be, for example, a listserver sending out a
newsletter to which you subscribed but it misconfigured.

Yes, the rules DO allow for blank values. Think about it. You are
looking for an ABSENCE of characters. So why not define a rule that
says to delete all mails EXCEPT if they contain a, e, i, o, u in them?
Learn to use the exception clauses to define a negative rule. If the
so-called spam (which it isn't but rather a nuisance mailing, to you) is
coming from the same sending mail server, you could even define a rule
that looks for the sending mail server's IP name or IP address in the
message headers.

Ads