Avvanta's Advanced Spam Protection is extremely effective, but can be made even more effective with a few Custom Email Filters.
Before implementing any of the suggestions you find here, be sure you've added every important sender address to your CCC Address Book. Any address added to your address book is automatically "whitelisted" and mail from those addresses will not be filtered. For this same reason do not add your own email addresses to your address book. A great deal of spam arrives on the server with the From address set to be the same as your address as an attempt to slip past the mail filters. If your own address is listed in your own address book you will get a lot of spam that would otherwise have been blocked.
The Address Book whitelist feature can not protect your email from your own filters. The Address Book protects your correspondence from our system-level spam scoring but by design your own Custom rules override our system rules. (Under the theory that you might know better than us what you do and do not want to accept in your Inbox) For this reason be cautious when crafting new email filters and alway remember: Your rules have priority over any of our rules.
If you do not know the exact address of a sender you want to protect but you know their domain name you can still protect that email. For example if you get a lot of email from Ebay you might want to craft a Custom Filter to save that mail. In the Tools menu of the CCC, click on Email Filters then click on New Filter.
The above filter would save anything from Ebay.com into your inbox. Unfortunately this might save a few pieces of spam as well, but better that then possibly losing a really important piece of email.
When deciding what to do with matching mail the temptation is to discard it. For new filters we strongly urge you to save the messages into your Trash folder to begin with. A custom filter can sometimes have unforeseen consequences - and if your filters habitually Discard email there is no way to recover the incorrectly matched email. For your new filters save matching spam to your Trash folder for a few weeks (or longer) to make certain that your filters are behaving properly.
Filters are processed first to last, and the first filter to match wins. No other filters will be processed. This means that all filters designed to protect incoming email should be listed first, and filters which Trash or destroy incoming email should be the very last on your filter list.
You can reorder your filters as you see fit by either using the arrows to the right of each filter, or by manually entering the desired order number in the box to the left of the filter. Note: You do not have to renumber all of them, change the order number for the filter you want to move and the CCC will Do The Right Thing when you save your changes.
Now for the reason you're probably reading this page: Blocking spam. Avvanta spends a great deal of time and resources fine tuning our spam filters and Spam Assassin rules and here's how you can take advantage of this.
When we identify a new spammer technique or a new spammer pattern we create custom rules for our filters to match that new technique or pattern. Of necessity the scores we apply to the filters we create have to be on the conservative side. What we might consider to be slam-dunk spam sign, someone may actually consider legitimate email.
You as the sole arbiter of what is and is not junk mail are under no such constraints and can take shameless advantage of the fact that you're only filtering your own email and need not worry about thousands of other mailboxes.
View the full email headers of any message that makes it to your inbox that you consider to be spam. How to do so will differ depending upon the email program you use. (For example, in the CCC while reading an email click on Show Headers) If unsure how to view the full headers in your particular email program either Google search "xxx full headers" where xxx is the name of your program or email us with the name of the program and we can tell you how to view the headers.
Once you have the headers the one you want is X-Spam-Status which should look something like this:
X-Spam-Status: No, score=3.3 required=4.0
tests=AV_ft_win125x,AV_st_long15,
AV_st_win125x,HTML_FONT_BIG,
HTML_MESSAGE,RCVD_IN_SORBS_DUL
autolearn=disabled version=3.1.8
Pay particular attention to the Tests. These are the identifying tags for any rule this email matched. Any custom Avvanta rule will be prefaced by AV_, so they are easy to identify.
While none of these by themselves are enough to nail this email as spam, if you know what these tests are looking for you can use them to your advantage.
The current list of rules one might safely use as "Slam-Dunk Spammer" sign are:
AV_PUMP_N_DUMP Received header pump-n-dump spam signature
AV_st_replicas Subject contains common spammer product pitch
AV_BOGUS_RECEIVED Bogus local Received header
AV_multi_surblx2 Contains a URL listed in (2) or more DUL or SURBL lists
AV_multi_surblx4 Contains a URL listed in (4) or more SURBL lists
AV_ft_Iso8859 Sender references ISO standard in From
AV_ft_USAscii From specifies US-ascii
AV_st_iso8859 Subject specifies ISO standard
AV_st_win125x Subject specifies windows character set
AV_ft_win125x From specifies windows character set
AV_st_koi8r Subject specifies koi8-r character set
AV_ft_koi8r From specifies koi8-r character set
AV_st_ubheal Common spam subject line
AV_st_monthoff Common spam subject line
AV_st_genital Subject contains reference to genitalia
AV_st_genitalX Subject contains munged reference to genitalia
If you only receive email in English there is never any need to accept email written in a non-English character set. If this is the case, you can craft custom rules such as the following:
if any header contains AV_st_win125x then save to Trash
if any header contains AV_ft_win125x then save to Trash
Only windows-1252 is Western English, but since there is never any need to actually encode an email Subject or From address unless it's something other than English (same for the iso8859 rule) these rules will never match a legitimate, English language email. The koi8-r rule is similar. It will only ever be encoded into a Subject or From address if the email is being written in Russian.
Naturally if you do customarily receive non-English email, you can use these rules to save those messages to your Inbox instead of your Trash folder although this is not recommended. The language encoding tests by themselves will never tag an email as spam - so if you normally receive non-English email do not worry that these tests match your mail.
The above list is not in any way to be considered "final". Not only are there hundreds of Spam Assassin tests you can check for but we are constantly adding new tests and rules. Remember to view the headers of email that makes it to your Inbox to see what rules the email matched.
You can find the full list of Spam Assassin tests, and what those tests indicate, on the Spam Assassin web site. Be careful when using the Spam Assassin tests in rules of your own making, as not all rules are "slam-dunk" spammer signs. If you have questions about a test please let us know and we can advise you of the risks or potential effectiveness of your custom filter rule.
The Communications Control Center (CCC) enables you to read your email from any standard internet connection, setup autoresponders, control your email filters, and much, much more. It can be accessed from avvantamail.com.
