Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Add an HTML filter to catch more spam in Mail.app Apps
I don't know if this is so glaringly obvious to some that it merits being called a "tip," but I found it quite useful.

Like many, I've been quite frustrated by spam. Jaguar's addition of "Junk" filters has been helpful, but it's still not 100% effective. It recently occurred to me that most, if not all, of the the spam I receive comes in HTML format. I set forth with the goal of creating a Mail rule that would filter any HTML encoded mail that wasn't from a known sender (someone in my Address Book).

My first attempts weren't very fruitful until I got help from a moderator from the "As the Apple Turns" forums I simply know as "braxton." He suggested the following:
  1. In Mail, go to Preferences and create a new rule
  2. Where it says "From," select the menu and go down to "Edit Header List...".
  3. Add a header called "Content-Type" (without the quotes).
  4. Close back out of the "Edit Header" dialog. Select "Content-Type" from the menu.
  5. Enter "text/html" in text field for your newly created header, "Content-Type."
  6. Add whatever actions you want the rule to take (mine flags the email, plays a sound and moves it to the Trash).
The key is in adding a new "header" - using this technique has allowed me to reject HTML email quite successfully. I've also created a duplicate rule that looks for "Content-Type" containing "multipart" - this helps catch email that doesn't quite follow HTML guidelines but still contains images or HTML formatting.

Also, I might add, I've recently learned that just by simply viewing some HTML spam mail, you may be inadvertently telling spammers that your email address is valid, therefore encouraging them to send more your way. A couple ways to reduce the likelihood of this happening is to turn off HTML rendering in Mail's preferences, and/or closing the preview pane by double-clicking on it. Ultimately you don't want to view spam mail, unless you want them to continue sending it to you.

Hope this helps someone else!
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (2 votes cast)
 
[8,187 views]  

Add an HTML filter to catch more spam in Mail.app | 10 comments | Create New Account
Click here to return to the 'Add an HTML filter to catch more spam in Mail.app' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Opening HTML email = verification to spammers
Authored by: pram on Jan 30, '03 11:36:45AM
Also, I might add, I've recently learned that just by simply viewing some HTML spam mail, you may be inadvertently telling spammers that your email address is valid, therefore encouraging them to send more your way.

This is exactly correct. The most powerful mechanism for a spammer to constantly keep tabs on the validity of his "list" is by simply cross-referencing his "referrer log" to his email list. When the recipient HTML email is opened, your mail client is basically sending requests (<a href=...etc>) to the spammer's server just as one would if simply accessing any page from a browser.

The difference is (and this is powerful) that in this scenario, you are not just sending a referrer entry stating that "Recipient A" has received your spam, but more explicitly that Recipient A, whose email address is recipienta@user.com, has indeed received the spam, and verified the email address as valid.

Bottom line for me is that I NEVER open HTML email, and thus have to keep my "preview pane" off at all times, otherwise, jsut clicking on a message tagged as SPAM in order to delete it triggers the requests.

[Editor's note: I cleaned up the HTML reference in this comment ... no content was changed other than that.]

[ Reply to This | # ]
Opening HTML email = verification to spammers
Authored by: Brock Lee on Jan 30, '03 05:47:31PM

This is not entirely correct.


An HTML encoded email has the actual HTML (tags and text) in the message, and therefore does not require that the email application go across the Internet to grab content the basic content. It is not the equivalent of an HTML "a" tag.


There is an important exception to this, however. If an HTML encoded message contains an image (or other type of embedded object), then the email application may or may not retrieve that image across the Internet depending on how it's configured. That retrieval could be encoded to verify an email address to a spammer.


To make sure Apple's Mail application does not retrieve images (or other types of embedded objects), do the following from within Mail:



  1. menu: File; item Preferences...

  2. tab: Viewing

  3. uncheck: "Display images and embedded objects in HTML messages"


I believe that that alone will make viewing HTML messages from within Apple's Mail application safe. If anyone knows otherwise, I would like a technical explanation.


[For the record, I hate HTML encoded email and complain to non-spammers who send such email to me.]



[ Reply to This | # ]
Opening HTML email = verification to spammers
Authored by: mrb on Jan 31, '03 09:50:48AM

I believe that Entourage has a way to stop HTML verifying your e-mail address to a spammer. In Mail preferences you can turn off "Allow network access when displaying complex HTML." That way you can safely read HTML formatted mail.



[ Reply to This | # ]
Opening HTML email = verification to spammers
Authored by: pram on Feb 05, '03 10:01:18PM

Hmmm...I am sorry, but I believe that you are still sending a validating query to a server whether you have disabled network access or not. maybe I am wrong, but if your mail cleint has to resolve image tags by calling to the server, validation is happening. Of course, if you disable display of images, and the HTML file is NOT calling to a server, then I beleive you are safe.

Can anyone verify my ignorance?



[ Reply to This | # ]
Thanks!
Authored by: seb2 on Jan 30, '03 12:37:50PM

I had always wanted a way to filter out HTML-mails because of the reasons mentioned by pram. Never thought about simply adding a custom header.

Thanks!



[ Reply to This | # ]
Multipart exception isn't needed
Authored by: pbx on Jan 30, '03 01:02:08PM

Because proper multipart mail doesn't have the "text/html" content type, you don't need to create an additional rule for that.

This suggested rule will kill all HTML mail that doesn't have a plaintext counterpart, but leave proper multipart mail alone.

It's good to use this technique in combination with a whitelist, because certain webmail clients (*cough*Hotmail) will send mail with a text/html content-type.



[ Reply to This | # ]
Erm
Authored by: Helios on Jan 30, '03 07:24:44PM

Cant you just click off rendering of html, then even if you open the e-mail, mail wont open any of the images... just a thought.



[ Reply to This | # ]
Windows virus emails
Authored by: paulio on Jan 30, '03 09:40:51PM

I get a kind of Windows virus email that tends to get through the junk mail filter, because the message doesn't have much text in it. These emails have a Windows .exe of .pif file attachment with a deceptive name and file type.

The Content-Type of all these files is audio/x-wav. So I added audio/x-wav to my junk list. We'll see what that does.



[ Reply to This | # ]
Windows virus emails
Authored by: paulio on Jan 30, '03 09:47:33PM

also content-types of application/octet-stream



[ Reply to This | # ]
HTML Comment Filter
Authored by: qfwfq on Sep 14, '03 11:51:54PM

This is useful and I'd like to go a step further in one direction...

I'd like to somehow filter based on a the presence of a string in the content excluding HTML comments. So, for example, a filter that looks for the string "University Diploma" would match the raw source U<!--Ko-->ni<!--sZ-->ver<!--2e-->sit<!--Hf-->y D<!--Qn-->ip<!--gR-->loma.

Anyone got any hints as to how I might acheive that?

PS. If I could also somehow automatically jam all circuits to the phone number mentioned in such emails would be cool too;)



[ Reply to This | # ]