MozillaZine

Blocking spam set to your own domain

Discussion of features in Mozilla Thunderbird
SledFang

User avatar
 
Posts: 35
Joined: April 13th, 2007, 6:18 am
Location: England

Post Posted November 12th, 2016, 2:15 pm

I've noticed that I get a lot of spam with the to field set to my email's own domain (a domain I own). My hosting has a Cpanel account and all the email authentication features are switched on including DKIM and SPF.

So what I don't get is, why doesn't Thunderbird detect that this email is not authorized by my domain? If someone just creates an email that doesn't exist and sets the to: field to read spamysalesemail@mydomain.com then surely this should be blocked? Wouldn't Thunderbird just realize that this is not a genuine email address and reject it? I would have thought it would just query my server for that domain and realize it was fake?

How would I set this feature up?

I've also installed an Addon called Thundersec but it doesn't seem to have helped at all. All it does is marks the email as possible spam and I still have to clean it all up myself!
Last edited by SledFang on November 13th, 2016, 7:48 am, edited 1 time in total.

tanstaafl
Moderator

User avatar
 
Posts: 43366
Joined: July 30th, 2003, 5:06 pm

Post Posted November 12th, 2016, 3:31 pm

I'm not aware of a email client that has those features. If the Thunderbird developers added those features I'd expect them to implement it as part of the junk mail controls. It hasn't been touched for many years. I don't know why its been neglected. However, when it was written it was very unusual for users to own their own domain.

You could write a message filter that tests whether "From" "Contains" "mydomain.com" and "From" "isn't in my address book" "personal address book" , with action "Set Junk Status to" "Junk" . Check "match all of the following" to make it AND the two rules. You could probably also implement that type of filtering using webmail. Most support configuring some sort of filtering that is automatically run when the mail server receives a new message, so it doesn't matter whether you are using webmail or a email client to get your mail.

My main email provider runs SpamAssassin on the server, and lets me configure a custom Sieve (a mail filtering language) script. That is even more powerful. I've modified the Sieve script to test for many types of spoofing. IMHO its much better to deal with spam server side than in the email client, if you can. I suggest you see if your provider offers similar functionality. SpamAssasin is pretty popular and many email providers support some easy way to tweak a few of its settings by ordinary users, such as how aggressive it should be.

I hadn't heard of Thundersec add-on before. It appears to mark a message as junk if it fails any of the security checks. Perhaps you need to experiment with adding some other DNS black lists.

http://kb.mozillazine.org/Junk_Mail_Controls

SledFang

User avatar
 
Posts: 35
Joined: April 13th, 2007, 6:18 am
Location: England

Post Posted November 13th, 2016, 7:52 am

I have got SpamAssassin. All it seemed to have was the required score fields which didn't seem to do much. I do use the Account Level filtering to add domains which I'm getting spam for.

I thought that the email authentication would work better for email addresses that don't exist on the server. I'll look into the "isn't in my address book" feature. Thanks for the information.

Return to Thunderbird Features


Who is online

Users browsing this forum: No registered users and 1 guest