ARCHIVED: What should I consider when making spam filters using the Shakespeare or Jewel filter utility?
Note: UITS is replacing the Shakespeare and Jewel systems with a new email environment called Cyrus mail. For information about the new system, see the Knowledge Base document What is Cyrus mail? On the new system, you can access your mail via IU Webmail or a desktop client, but not via Pine. For more information about your email options, see the Knowledge Base document ARCHIVED: If I used Pine on the Shakespeare or Jewel systems, what do I need to know about the recent email upgrade?
Note: For the basics of creating filters in the Shakespeare or Jewel systems at Indiana University, see the Knowledge Base document ARCHIVED: At IU, on the Shakespeare and Jewel systems, how do I set up server-side mail filters?
The key to making a good filter is to look at the pattern of
spam you are getting. Consider who these messages come
from, and look for repeating themes within them. Look at domains
ispam.com), usernames (e.g.,
viagraman@), and the names associated with the mail
"Home Loans"). When looking at domain
names, make sure that there is not a reasonable possibility that you
will get legitimate mail from that domain; for example, filtering
aol.com would not be wise if you have friends with email
accounts there. The same goes for the subject. Look for buzz phrases
that are typical of spam (e.g.,
Look Hot!). It is important to think about potential
legitimate words and phrases that you may receive that could be
filtered out accidentally if you make your subject filters too
The following are some special characters that can be used to make your filters more powerful and effective:
||Any character except a newline|
||Any sequence of zero or more
||Any sequence of one or more
||Either zero or one
||Any character which is not either a
||Either the sequence
||Zero or more times the sequence
||Matches a single period ( . ); use
To put these concepts into practice, some sample recipes are included below.
Note: In these examples, the destination folder is
Junk. Create this folder in your mail program
before using these filters. Alternately, instead of using a junk mail
folder, you can simply delete the spam by using the destination
If you do choose to use a junk mail folder, be aware that you should empty it frequently. If too much junk mail piles up in your account, it could put you over quota, which will prevent you from being able to receive any mail at all. For more information about quotas, see the Knowledge Base documents What is the default storage space for various UITS accounts, and how do I request an increase? and About your Cyrus mail storage space
- If you are getting spam from the same username, but different
domains (a typical practice for spammers), your filter might look like
@character after it is to ensure that someone named Vicky is not weeded out, only the spammer with the username
- If you are sure that the spammer uses only certain domains (e.g.,
spam-mail.com), then you might construct your filter to look like this: [spammail] FROM=.*spammail\.com|.*mailspam\.com|.*spam-mail\.com CONTINUE=no ACTION=file DESTINATION=Junk
- If you tend to get spam with the word
FREEin the subject line, you may want to filter using the following: [Get rid of the FREE email messages] SUBJECT=.*FREE CONTINUE=no ACTION=file DESTINATION=Junk
By watching your patterns of spam and using the special characters above, you can create a powerful filtering option to deal with most spam.
Last modified on November 01, 2008.