Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Remove filtered spam from mail servers in Apps
I recently began receiving a lot of "stock alert" spam. The mail always started with "(OTCBB:", so I added a new rule in to delete any email that contained that string in the subject line. Since I was 100% positive I would never receive a valid email with that string in the subject, the only rule option I enabled was "Delete the message". This seemed to work perfectly, as the spam stopped immediately, and I had been getting a few every week.

Over the weekend, I was logged in to the host machine working on some stuff, and ran the command line "mail" program when I saw a "You have new mail in ..." message appear. Not only did I see the new message in the UNIX mail program, but I was somewhat surprised to also find three "(OTCBB:" messages sitting there.

These had apparently been filtered from my downloaded mail, as I had never seen them in, but they were still on the server. Their status in the "mail" program indicated that they had been read, so had acted on them. But they had never actually been deleted from the server, just from my local machine.

As an experiment, I sent myself a few "spam" email with various filter settings. After a few tries, I found that the solution was to also enable Transfer to mailbox and set Deleted Messages as the destination folder. This did the trick - a test email sent with the filtered subject never appeared in (oddly enough, not even in Deleted Messages!), but was successfully removed from the server.

So if you have some high-volume spam filters in place and have only enabled the "Delete the message" option within rules, you might want to take a look at your mail server to see if all spam messages have been cleared. An easy way to do this without using the command line is to simply disable your spam rules and download your mail again -- anything that was sitting on the server will be downloaded to your inbox.
  • Currently 2.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)

Remove filtered spam from mail servers in | 7 comments | Create New Account
Click here to return to the 'Remove filtered spam from mail servers in' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Procmail > Outgoing?
Authored by: bluehz on Apr 22, '02 03:36:20PM

Any of you procmail experts know if it is possible to use procmail on outgoing mail. I would like to use it for encryption purposes utilizing GPG. I did some research this week and could only find info on using procmail for outgoing mail.

[ Reply to This | # ]
Procmail > Outgoing?
Authored by: el bid on Apr 22, '02 04:05:51PM

I believe it's not canonically correct to mess with an email once it's been passed on from the MUA (Mail User Agent), except possibly for some address munging in sendmail.

But it is possible. I did it for years on my NeXT machine. You need an MUA that sends via a local MTA (Mail Transport Agent) like sendmail, and you divert it instead to procmail, so you get MUA --> Procmail --> Sendmail.

I'm not sure that allows this. I think it contains its own MTA (never a very good idea)

el bid

[ Reply to This | # ]
Procmail > Outgoing?
Authored by: bluehz on Apr 22, '02 05:01:47PM

Thx for the info - actually I use Eudora for OS X which strangely enough formats its mailboxes in standard UNIX format - thats what got me to thinking about it. I will do some probing and see what I come up with.

[ Reply to This | # ]
Local Spam Filtering Doesn't Solve the Problem
Authored by: el bid on Apr 22, '02 03:58:14PM

Spam is a huge problem, and getting bigger. The culprits, IMHO (apart from the obvious ones) are ISPs who don't care enough to take steps to stop relaying all this stuff to you.

It's the ISPs who have the leverage. They have the tools and knowledge to figure out where this stuff is coming from (nearly always through known open relays already listed at or spamcop), and they have the overview that shows when the same email is being directed to thousands of their subscribers.

Standard rules say lodge your complaint with the sending domain. I recommend not doing this unless you feel equipped to distinguish open relays, forged source domains and genuinely responsible ISPs. I recommend forwarding all spam back, with headers expanded to allow full diagnostics, to _your own_ ISP with the question: Your logs will show you this is is just spam -- why are you relaying it to me?

OK, it's not _quite_ as simple as that. But just downloading spam and deleting it locally, whether manually or though an automated filter, doesn't make any any sort of dent in the rapidly escalating deluge.

el bid

[ Reply to This | # ]
Unix Spam Filtering
Authored by: Chas on Apr 22, '02 06:16:34PM

I wrote a document about using with Unix mailbox formats, derived from an anonymous tip from MacOS X Hints. It may shed some light on how to get and Unix mailboxes to work together better, it also shows how to set up Procmail for spam filtering.

If you like coding, you could easily write your own procmail scripts that send any keyword (like OTCBB:) to /dev/null, it will never get to your mailbox. I set up Procmail to reject all spam in languages I can't read, that alone killed half my spam burden. Procmail and SpamBouncer are especially useful for large mail sites, you can establish default filtration rules for all email accounts, but still allow local users to customize their own filters. Nice.

Filtering is effective but it is an administrative burden in many ways. Spam should be stopped at the source. Spam can still totally kill the usefullness of email even with filtering. I'm getting about 500 spams for each 1 legitimate email, it's flooding the net even if it doesn't get to my mailbox. What would you do if you turned on the TV and got 1 minute of real content for each 500 minutes of commercials?

[ Reply to This | # ]
Had the same problem and did it like you...
Authored by: tice on Apr 23, '02 08:25:46AM
.. but it´s not the right way. Why isn´t there an option under that kills this damned spam from the server without downloading the sh...? I think thats something to do for Apple!

Feedback to Apple Greetings Tice ; )

[ Reply to This | # ]
What if you don't want to delete all your mail
Authored by: ncharter on Apr 24, '02 04:00:33PM

Although the hint posted is a great idea it doesn't help if you want to keep some mail on the server.

For instance, I like to check my mail at work and at home. Some that I read at work I would like to get it from home.

In order to deleted the mail from the server, you have to set mail to delete every message once they have been downloaded from the server. Effectively the server will only have unread mail.

Another problem is that I like to keep really important mail on the server so that if I have a major problem with either mac and lose my saved messages, I can readily get them back from the server.

It looks like selective deletion of messages from the server is not possible. Seems all or nothing to me.


[ Reply to This | # ]