| Tool Box: Building a Bozo filter
by Jon Huntress, Contributing Editor
Rob Van Slyke, who runs our marketing department, gets hundreds of email messages each day, but a lot of them are just spam. Like most of us, Rob hates spam with a passion. So, he devised a filtering method that eliminates about 95 percent of the daily spam onslaught. He calls it his "Bozo" filter.
According to Rob, there are two kinds of spam filters: Those that reside on your mail server and those on your desktop. Some companies use filters at the server level, so recipients never see the spams at all. But if the rest of us want that luxury, we have to be as ingenious as the spammers and make use of the tools we have on our desktops.
Spam at first sight
With practice, you can learn to recognize spam instantly-before you open it. Here's what Rob looks for and how he sets up the Bozo filter. First, he looks at every new spam that comes in and tries to find its unique attribute, which might be a certain phrase, phone number, or URL. Poor grammar and misspellings in the "unsubscribe" or "This is not spam" area of the email are also tip-offs. If the subject line starts adv:, adv :, ad:, ad :, or (adv), the message is probably an unsolicited advertisement.
Rob also searches for phrases that he says are dead giveaways. Examples: "Since your email address was listed on a related Web site…" and "Claim your prizes.…" If you see something like Friend @ public.com in the "to" field, you can be pretty sure it's not a message from your old college roommate.
Rob deletes everything that says "senate.gov." Spammers, he says, like to quote the Senate bill that sanctions their activities. Other references to the bill include "Section 301, Paragraph (a)(2)(C) of S. 1618" and "Bill 1618 Title III." Although Rob admits he's running the risk of losing direct mail from his senators, happily that hasn't been a problem so far.
Another filtering target is anything that says "Click here to be removed." Rob also filters subjects such as "bulk e-mail"; "bulk e mail"; "MLM"; "multilevel"; "I just found your address by searching through"; "adult"; "adults only"; "If you are under 21"; "This is a one-time mailing"; and "This is not a spam." If there are lots of dollar signs, slashes, or the phrase "million dollars," out it goes.
One of the tricks spammers use to keep their key lines from being deleted is to leave a space between each letter of a word. So when Rob filters all the stock spam phrases, he types them with spaces and without. Devious, huh?
Rob warns would-be filterers to be careful, though. All email that looks like spam may not be. That's why he inserts the Bozo filter about midway down his filter list - so that the earlier filters look for the regular, legitimate emails he gets and files it in the proper folder before the spam filter acts on it.
Maintaining the Bozo filter is a never-ending job, because spammers, unlike most other bottom feeders, are always devising new strategies to get their messages read, in the hope that somewhere, somehow, someone will actually buy from them.
When your spam-count starts to rise in your inbox, it's time to revise the Bozo filter. Rob updates his quarterly and completely renovates the filter once a year. The classic spam phrases will never die, so he saves the ones he knows are most common.
Worth the time?
Is the time spent reading spam and setting up filters worth it, compared to how much time it takes simply to hit the delete button? Maybe. Rob gets hundreds of email messages each day, many from people he doesn't know. He figures his Bozo filter eliminates about 20 spams out of every 100 messages-a significant time savings.
With 75 to 100 folders in his email program, Rob says he filters about half of the email that comes in each day. "The only thing that isn't filtered is client email-and I could probably filter that, but I'd rather keep it in my inbox," he says.
Don't toss the trash
Email is vital to Rob's working life, and there's always the possibility of discarding an important message that may look like spam. So Rob always checks his email trash at the end of each day-just in case. He recalls one unfortunate occasion, when he forgot to check the trash ... and emptied an important message from an advertiser. He says he won't make that mistake twice.
Other things can also go wrong. Once, Rob noticed that replies from another client were constantly being dumped in the trash. Clearly, the spam filter was finding something spam-like in the header, but to Rob everything looked fine. The original message from Rob seemed fine too-but attached was a copy of Rob's rate sheet. He was shocked to find there was a phrase in his own rate sheet-the source the filter was looking for. In effect, Rob had been filtering himself to the trash!
Next time, I'll discuss tips on setting up your filters. We'll review and walk you through the most popular email program filtering systems. Oh, and one other thing: I sent this story to Rob for his comments-but he said he hadn't received it yet. Then he checked his trash and there it was!
Back to top