I've been sitting here for a few hours analyzing the spam that comes in for one of my clients. At least 10 or 15 of those lovely Viagra and porn and gambling emails come in every single day, without fail. After three hours of looking, I finally discovered something that a number of them had in common.

To understand what they all have in common, consider the following email screenshot:

Attached Thumbnails

 

On the surface, it appears that you can cue off of many of the words and phrases in the email, such as "Free cash grant", "Never Repay", and other such uncommonly-used phrases.

Doing this will block a few of the emails (mostly the plain text ones). However, it will not block most of the HTML-formatted emails. An examination of the message source code reveals something rather interesting, which I have circled a few times in pinkish circles to make them stand out.

Attached Thumbnails

 

As you can see, the beginning of the HTML comment tag, <!, is used rather frequently and ubiquitously throughout the document. The purpose of this tag, in the spam context, is to "split up" a potentially blockable word or phrase into a string that reads perfectly normally on the surface, but is really a string of nonsensical gibberish underneath.

Upon inspection of every non-spammy HTML-based email that was sent to my clients, I have found that not one of them has had this tag in it. Nor should these emails, as they would likely have been previewed and developed using a web browser (or multiples) first, and then further tested via different email clients. Based on this, I made the conclusion that it is safe to block the offending <! tag. This is the purpose and motive of this tutorial.

Disclaimer/cautionary note: if you do receive non-spammy HTML email with comment tags in it, this tutorial is not going to work in your particular situation and I assume no responsiblity if you employ this tutorial method and end up losing important email.

Okay, back to business. The following steps have been prepared using IMail, so modify them accordingly to suit your particular email server software.

Step 1: Log into your IMail administrator account (this is the account from which the admin assigns other email accounts and forwards) and select "Domain Processing Rules". This will allow you to select the processing rules for all email addresses within a domain (e.g. a@domain.com, b@domain.com, c@domain.com).

Attached Thumbnails

 

Go down to the bottom of your domain processing rules list and select "Add" to add your new rule.

Attached Thumbnails

 

You should now see a screen that allows you to enter in your rule to be added. Select "Body" from the "Field" listbox, "Contains" from the radio box, and type in <! (- the Code part). When you're finished and your screen looks like my screen capture, click "Add Condition".

Attached Thumbnails

 

Scroll down to the bottom of the "Add Condition" screen and you will see something that looks like the attached screen capture. To complete your work, simply select "Delete" from the Destination listbox.

Note: as an alternative, you could create a new user/email in the admin section called "possiblespam@domain.com" or something like that and have all the offending emails you receive to it. To do so, simply leave the listbox alone (by default, "Move the message to this mailbox"

Mind you, this would only be necessary if you think you get HTML email that is non-spammy and contains comment tags, and at least 99% of the time, this is not going to be the case.

When you're done, click "Finish" and your rule will be added. This won't get rid of all of your spam email, but it should get rid of at least 50% of it. Applying this with the common words and phrases that one can associate with spam (e.g. "Viagra", "*****", "Free Porn", "Big Casino Payouts") should keep the spam you actually receive to a minimum.

Attached Thumbnails

 

Nice tutorial, very handy, when I have more time I will deffinatly look further into it despite the fact that I am not recieving to much spam on important e-mail address's, its just my daniboy125 [at] hotmail.com that gets thousands and thousand a day.

I have to go on and delete my junk box everynight, otherwise my account size is over limit.

I hate spam!!!!!!


Nice work, good turorial.
Daniel.

Thankya. Anything to stem the increase in cranial trauma that occurs when one bangs one's head off of one's desk after reading "Enlarge your manhood today!" for the 500th time.

I remember going on holiday once and returning home to find my inbox full up of emails of that sort, about 2000 in about 2 weeks if I recall.

Great Tutorial BTW.

Are you running imail on a win2k box?

how do you like imail?

My host does that. I don't host my own box. But it is a Win2K box.

Overall, I don't mind it from a strictly admin point of view (adding/deleting/modifying user accounts). I feel that by default, it leaves something to be desired as far as general user-friendliness and aesthetics are concerned. It's not a big issue for me, though, since 99% of my clients and their employees use a POP3 program to check their email anyway. A few use the IMail setup on occasion (myself included if I'm on the road), and I know there's a way to "skin it". I just haven't bothered to do so yet due to time restrictions.

Great idea...what about those of us who aren't doing are emails in an admin setting (more like...using Microsoft Outlook). Any suggestions/step-by-steps for that program?

I know there's a way to do it in Outlook using the Rules Wizard. Mind you, I haven't played with Outlook in years so I couldn't tell you exactly how it's done. Basically, you want the same concept though: you want to make sure that any messages with "<!" in the body are deleted from the server.

Thank you! I'll look into it and post a tutorial on it once I figure it out.

Sweet. Tutorial sequels. It's like Star Wars...only...for...web design...yeah.