Mail rule for putting specific Junk messages into Trash not enough

Susan,

Spammers understand that users can write mail rules to intercept the junk, so they will continuously vary their sending email address, domain name, and Subject line contents. This is a moving target to evade Mail rules. They may, however, only use one originating mail server as a forwarding conduit. Mail headers have a field named Return-Path which is the address of this mail server. The address that appears for a Return-Path is a long serialized string, that eventually embeds a domain name.

Here's what I do, and it allows me to usually write one rule that intercepts several SPAM campaigns originating through a common Return-Path mail server.

1. Select a candidate SPAM message in the list of Mail messages, and then go to and edit your Mail rule for this purpose.
2. When you click on the From button in a Mail rule, there is a long menu of options, but none for Return-Path. At the bottom of that menu is Edit header list… select that. Using the + button, add the header field Return-Path using exactly that case.
3. Now, add a new rule + and instead of From, click on that and choose Return-Path.
4. The middle category you use contains, and the right-field should auto-populate with the full Return-Path mail server string that is contained between angle (<>) brackets.
   1. Let's say this makebelieve string is <SR50-blah-th=mailer-annoyer@spamcentral.com-yourname-youremailaccount>
   2. Using the arrow keys and backspace, you edit this to just @spamcentral.com.
   3. Anything that now originates from that Return-Path server is now caught and your Mail action section would deal with that SPAM. This will handle multiple SPAM campaigns from that Return-Path server.
5. This is not entirely utopian because the spammers may use multiple Return-Path servers or drop the current, and start on an entirely new one with a different domain name. This is far less common though.

Susan Winsor wrote:

This is the first time in decades I've had this problem.

The term "SPAM" comes from a comedy sketch by Monty Python. A couple goes for breakfast at an English restaurant and everything on the menu has SPAM in it. They repeat the word SPAM about a thousand times. So imagine someone looking through their email identifying all the junk mail and calling it SPAM and you begin to get the idea.

SPAM is an enormous Internet problem. Did you know that most email is actually SPAM and that the amount of bandwidth wasted on it costs many millions of dollars a year? You certainly have been very lucky to not have encountered SPAM that can bypass junk mail filters. Even with multiple layers of state-of-the-art SPAM filters, including the latest Machine Learning and Artificial Intelligence driven systems, many Spammers have found ways to get their SPAM delivered. Despite laws requiring "unsubscribe" links, it is rare for the unsubscribe request to actually be respected or they just shuffle your email address into a new distribution of other junk or sell it, etc.

The smartest minds on the Internet have been unable to solve this problem due to the fundamental ancient architecture of email standards. At this point, everyone uses email on many differing operating systems and applications. Even if new standards were adopted it would take 20-30 years to get everything switched over without breaking email entirely.

Be very careful as of late, with the Ukrainian / Russian war ongoing. I've witnessed a massive up-tick in phishing emails that all seem to have a few things in common. They all reference major companies and at first glance look like a normal advertisement. The links point to various UK based websites that have apparently been hacked. There is a "newsfinlandweaponsukraine" text within the links and or hidden in the email. One method to avoid SPAM filters is to include enough words to make it appear possibly legitimate and SPAM filters do their best to avoid flagging real email as junk.

You will never completely eliminate SPAM. Once an email becomes heavily targeted by Spammers the only recourse is to get a new email address and never ever use it to login to anything nor submit on any online web form. Only give it out to those you wish to communicate. However, at times your friends, family and acquaintances will get hacked and their contact lists stolen and then the hackers try to fool you when they send email from people you know.

However, now you have to be extra diligent and pay close attention to those emails because the number of phishing attacks have gone up considerably. Always be alert and highly suspicious of email.

I really like the two-finger-swipe-left gesture to delete email. It makes it easy to delete junk.