Eliminate 85%+ Of All Email Spam in Forté Agent


I’ve been using an outstandingly good email/news reader program called Forté Agent for over 10 years now. I still consider this program to be one of the absolute best email/newsreader combos out there and it has single-handedly helped protect me from greater than 98% of all email-bound virus, trojan and worm threats for that entire time.

How can I possibly arrive at a figure like this? According to the software security industry, greater than 98% of all such threats are written to exploit the weaknesses in Microsoft’s software, principally Outlook, Outlook Express etc. Forté Agent is an extremely solid, well written, non-Microsoft application which, until recent versions, forbade the display of html formatted email messages and never puts you in the accidental position of auto-opening/launching any attachments you may receive which is by far the most dangerous thing that Microsoft email readers have been guilty of.

However, there is a threat to our sanity and privacy out there that surpasses viruses and the like by a factor of a 1,000,000:1

SPAM!

I doubt if there is a single individual out there with more than 1 month email experience under their belt that _hasn’t_ had to deal with unwanted email promising anything from enlarging the size of your genitals to winning a million bucks and everything inbetween. It has become increasingly difficult to fight off this deluge of garbage that finds its way in to our virtual mailboxes and I want to offer here a small selection of custom email filters that you can implement in Forté Agent which will radically reduce the amount of spam your inbox receives.

Forté Agent uses a priority system for actioning its filters based upon a simple numeric order from 1000 to 1. The higher the number applied to the filter rule, the earlier it will be executed by Agent. For example, a filter created with a priority of 800 will be executed before a rule with a priority of 600.

Step 1. Create two new email folders in the folder view (we’ll use these later). For sake of argument we will call them:

i) +Super Spam+

ii) +Known Large Spam Domains+

Step 2. Open your Email Filters view. In older versions of Agent it will be under the ‘Window’ menu dropdown. On newer versions of Agent, it will be under the ‘Tools’ dropdown.

Step 3. Creating email filters – Click the icon for creating a new email filter (in later versions select New Kill Filter), you will be presented with the standard email filter profile editor applet. This will be the same no matter whether you are creating a ‘Kill Filter’ (a filter that kills/deletes the email) or a ‘Watch Filter’ (a filter that keeps an email and/or marks it as read and/or moves it to a specified folder of your choosing).

Step 4. Create our first rule. – This rule will be to target email spam for immediate deletion, specifically spam that ‘appears’ to come from known spam domains such as .biz and .info Are there legitimate emails from domains such as these? Yes, but we can create specific rules for those only when we know an address to be legitimate and then apply a higher priority to it.

In the Filter Expression window, enter in this exactly: Any-Sender: {@?.+\.biz}

In the Kill Action section below, select the Delete radio button

In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

Step 5. Duplicating the above rule – Select the rule you just created in the filter list window then click on the icon called ‘New Copy of Filter’ and you will now open a clone of the filter you just created. This saves a lot of time. We are now going to edit the domain in the Filter Expression window to change the ‘.biz’ in the existing expression to ‘.info’ so that it now looks like this Any-Sender: {@?.+\.info}. Save this new email filter by clicking OK once again and you now have two email filters, one for .biz and one for .info

Now repeat the process twice more for .name and .tv – You will now have 4 new email filters that will reduce a considerable amount of spam from spammers who utilize these domains for fake commercial spam (.biz, .tv and .info) as well as spam from fake individuals (.name)

Step 6. We are now going to use the same basic filter to create four new filters that help remove system mailer related emails both fake and legitimate. Only do this if you really have no idea what a mailer subsystem or daemon is and have no desire to learn. Basically, some domains will return certain system message emails back to sender when something goes awry. Although these can contain valuable data for system administrators and tech-heads, they are pointless for the rest of us. Sadly spammers also utilize mailer system terms to try and get through spam filters.

We are still going to keep all the other settings, including the priority of 900. We are only changing the Filter Expression field once again. Create your 4 new filters with each of the following:

Any-Sender: @mailer*
Any-Sender: @daemon*
Any-Sender: MAILER-DAEMON*
Any-Sender: Mail Delivery Subsystem*

Step 7. Now we are going to use the same expression used in step 4. but this time to filter out spam that originates from those countries that generate the most. However, this time we are going to create ‘Watch Filters’ instead of Kill Filters. In other words, we are going to retrieve these emails, mark them as read and put them in a pre-existing folder, specifically the +Super Spam+ folder we created in Step 1.

Follow the steps to create a new filter and this time do the following:

In the Filter Expression window, enter in this exactly: Any-Sender: {@?.+\.rr}

In the Kill Action section below, select the Mark Read radio button

In the Route to Folder dropdown box select the +Super Spam+ folder

In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

You are now going to repeat this process 5 more times using the Create Filter Copy as described earlier and you are going to replace the .rr at the end of the Filter Expression with the following (one per filter instance obviously):

.ro
.pl
.gr
.be
.nl

Respectively these letters represent Russia, Romania, Poland, Greece, Belgium and the Netherlands. As you can see from this simple repeatable process, you can add more as necessary, or remove as necessary. If you reside in the United States or the United Kingdom, these six countries account for a large percentage of some of the more dangerous spam, particularly those that include dangerous attachments and/or code exploits.

Step 8. This step is a repeat of Step 7. except we are now targetting known U.S. domains that generate huge amounts of email traffic, and hence huge amounts of spam. Tens of thousands of legitimate email addresses exist for each of these domains but you should add each one individually when you know the individual and their address is legit, let this set of filters handle everything else.

Follow the steps to create a new filter and this time do the following:

In the Filter Expression window, enter in this exactly: Any-Sender: @aol.com

In the Kill Action section below, select the Mark Read radio button

In the Route to Folder dropdown box select the +Super Spam+ folder
In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

You are now going to repeat this process 5 more times using the Create Filter Copy as described earlier and you are going to replace the .rr at the end of the Filter Expression with the following (one per filter instance obviously):

@msn.com
@yahoo
@hotmail
@att.net
@earthlink.net
@biz.net
@verizon.net

You my wish to add more such as @comcast.net or @wowway etc., depending upon your circumstances. However the rule of thumb is that it is better to block ALL and let through what you want to let through individually rather than trying to create hundreds or thousands of individual filters/rules for every person you know.

Step 9. Ok the last three filters we are going to cover are the most powerful. These ‘power filters’ will catch the majority of the most irritating spam you are likely receive, namely garbage (junk) mail, advertisements and fake subscriber mailings.

The first of these is a ‘subject’ based filter that targets email containing non alphabetical characters in the subject line. This is particularly common in junk mail:

Follow the steps to create a new filter and this time do the following:

In the Filter Expression window, enter in this exactly: subject: {^[^a-z”]}

In the Kill Action section below, select the Mark Read radio button

In the Route to Folder dropdown box select the +Super Spam+ folder
In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

Step 10. The second power filter is to target common ad terms and fake subscriber terms used in spam:

Follow the steps to create a new filter and this time do the following:

In the Filter Expression window, enter in this exactly: subject: ($ | $$ | $$$* | free* | percent* | $money* | money* | win* | sex* | porn* | xxx* | university | degree | venture* | invest* | opportunity* | offers* | deal* | e-centive* | loan* | casino* | erection* | libido* | formula* | debt* | accounting* | mortgage* | weight* | Hot-Fare* | Selected* | FREE -* | credit* | gift* | ($) | approved* | insurance* | address* | automat* | unverif* | verific* | verify* | require* | postmast* | unsolic* | respons* | returned* | notificatio*)

In the Kill Action section below, select the Mark Read radio button

In the Route to Folder dropdown box select the +Super Spam+ folder
In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

Step 11. This last power filter is a big one. It targets the most undesirable types of spam, namely the sexual orientated spam. In addition, I have included dupe terms from the previous filter but what makes this filter different is that it targets spam that utilizes these terms in the sender field, not the subject field. Due to the nature of this type of spam, it deserves only to be ‘killed’ so we use a kill filter only:

Follow the steps to create a new filter and this time do the following:

In the Filter Expression window, enter in this exactly: Any-sender: ($ | $$ | $$$* | free* | percent* | $money* | money* | win* | sex* | porn* | xxx* | university | degree | venture* | invest* | opportunity* | offers* | deal* | e-centive* | loan* | casino* | erection* | libido* | formula* | debt* | accounting* | mortgage* | weight* | Hot-Fare* | Selected* | FREE -* | credit* | gift* | ($) | approved* | insurance* | address* | automat* | unverif* | verific* | verify* | spam* | antisp* | nospa* | postmaster* | warning* | request* | confirm* | christmas* | shopping*)

In the Kill Action section below, select the Delete radio button

In the Options section, enter 900 in to the Priority box

Select the ‘Do not leave on server’ checkbox.

OK you’re done with your first rule. Click OK.

That is it folks! There are many other types of filters you can create as well as all the individual filters you will want to create with a higher priority (say 950) for your Mom, your Aunt Molly, Uncle Bob and your CPA. However, I have spent the last 6 years fine tuning these filters and they catch more than 85% of all spam that hits my mailbox. Good luck and enjoy.

Advertisements

One Response to Eliminate 85%+ Of All Email Spam in Forté Agent

  1. Julie Kazabi says:

    Hi, I thought I would say you have a great looking site and rich content. I bookmarked your site and have it in my reader now…looking forward to more content in the future.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: