I don’t get much spam these days: 2-3 pieces hit my local spam box a week, with almost nothing in my inbox.
The crux of this strategy is never, ever, giving any online entity the same email address. Thus:
- Amazon -> amazon@example.com
- eBay -> ebay@example.com
- Cat Fancy Forums -> catfancyforums@example.com
(I’d hate to be the guy trying to use example.com for anything related to email…)
Since *@example.com gets delivered to my mailbox by default, this is a painless strategy.
Once in a while, one of these addresses will get compromised. (As a side note, based on my analysis it’s now my opinion that almost anything that eventually gets handled by Constant Contact gets compromised but that’s a different issue entirely.) So a bunch of stuff starts showing up in my Apple Mail junk mailbox. Again, not much but I’d rather not see it on my phone.
So, here’s the trick: Almost everything in that junk mailbox is a result of an email address getting compromised or spammers doing dictionary attacks against the domain (happens all the time). So, it’d be nice to quickly get a list of all of those “compromised” addresses.
Enter sed:
[myhostname:~] myuser% sed -n -e "s/Envelope-to: \(.*\)/\1: :fail: No such person at this address/p" ~/Library/Mail/[% Mailbox name%]/Junk.mbox/Messages/*.emlx | sed s/,//g | sort -k 1,1 -u
(Change [%Mailbox name%] to reflect the actual path to your email account (explore ~/Library/Mail).
You’ll get something like:
[myhostname:~] myuser% sed -n -e "s/Envelope-to: \(.*\)/\1: :fail: No such person at this address/p" ~/Library/Mail/[% Mailbox name%]/Junk.mbox/Messages/*.emlx | sed s/,//g | sort -k 1,1 -u 1578indianadmz@example.com: :fail: No such person at this address aa-nt@example.com: :fail: No such person at this address asw@example.com: :fail: No such person at this address c51367bf.9040306@example.com: :fail: No such person at this address ccpe-harvard@example.com: :fail: No such person at this address changents@example.com: :fail: No such person at this address comcastoffers@example.com: :fail: No such person at this address cvscaremark@example.com: :fail: No such person at this address ef6efd36.4050106@example.com: :fail: No such person at this address fasttrackschedule@example.com: :fail: No such person at this address gazelle@example.com: :fail: No such person at this address hostgatoraffiliate@example.com: :fail: No such person at this address itoemeasmp4dist@example.com: :fail: No such person at this address lawguru@example.com: :fail: No such person at this address lis@example.com: :fail: No such person at this address monsterjobs@example.com: :fail: No such person at this address ohon@example.com: :fail: No such person at this address petcarerx@example.com: :fail: No such person at this address stell@example.com: :fail: No such person at this address yde@example.com: :fail: No such person at this address [myhostname:~] myuser%
(Note for the lawyers out there: no suggestion is made that any of the foregoing accounts were actually spammed by the companies referenced…)
Remove anything that you want to keep, add it to the end of your domain’s valias file located at /etc/valiases/yourdomain.com, and you will never get email at that compromised address again. It takes about 5 minutes end-to-end and—done once a quarter or so—it can dramatically cut down on the spam you receive. It works brilliantly for me.
Leave A Comment