September 11, 2006
Eudora Spam Filters
Over the past couple of weeks I've started developing a new way of building spam filters for my Eudora email client. Dunno why I never realized it before, but until I ran across Cecil's spam filter articles I'd never looked closely enough to see that Eudora filters support REGEX statements.
Note: For the uninitiated REGEX stands for Regular Expresesions and is what are often used when creating RewriteRules for page redirects, creating friendly urls and other server-side stuff. It's not really that difficult to grasp, but is a bit different until you wrap your head around what the different syntax and characters do.
So anyway, back to the story. Cecils stuff is good, but is a bit dated. When I looked into the filters downloads he makes available it appears some of them have not been updated for years. So some of the filters are not necessarily all that good anymore, but the approach is a sound one.
The fun part is really that instead of having 200+ rules for individual spam mail's, I've so far been able to condense it down into around 20 REGEX rules that actually catch more spam ! I can and probably will condense it further since I've been creating some new rules on the fly rather than adding statements to similar existing rules.
At the end of the day this means my Eudora runs much, much more smoothly and is able to zip right through incoming email to decide what to do with it. Additionally, I've so far managed to keep false positives to almost nothing. Which is something of a feat since I get a lot of email from a lot of different places and people. It would be practically impossible for me to whitelist everybody since I don't know who to whitelist until they actually send me email.
As of my last test (last Thursday through earlier today) my new filters had processed a total of 2,773 emails. Of those, the filters correctly caught and Junk-ified all spam mail with only 4 sneaking through. There was one false positive that was also caught, but I know why it was caught. I have a filter that looks for an IMG SRC tag and no text. A gentleman looking for help had sent me an email with a screen capture as an IMG SRC and only a single line of text.
Which sort of brings me to the point of this already-too-long post.
I can see that Eudora saves all of the addresses you send mail to in a file called History.lst. It would be really, really effective if I could somehow set it up so that the data in this file would automatically be added to my Whitelist. After all, I'm not going to be sending mail out to spammers, so if I send mail to someone they should be allowed to automatically bypass my filters.
Does anybody out there know of a way to get this History.lst info into an address book in Eudora so that it's automatically backed up? I would hate to have to create some sort of application to do just this since it seems like such a simple task. One that I'm frankly surprised Eudora doesn't already allow.
If I can overcome this last hurdle it's my intention to release my filters along with instructions on what each does, how to edit them, how to add or subtract from the base rules, etc, etc. What I have right now would work really well for the average person who doesn't run a web site and/or get legitimate mail from a lot of strangers. But this final tweak would make it pretty much bullet proof for everybody.
Let me know if you've got any hints or tips on using History.lst or any other ideas. In the meantime I've posted over on the Eudora forums to see if any of the experts there know of a way to incorporate History.lst into a whitelist.