I don’t get much spam these days: 2-3 pieces hit my local spam box a week, with almost nothing in my inbox.

The crux of this strategy is never, ever, giving any online entity the same email address. Thus:

  • Amazon -> amazon@example.com
  • eBay -> ebay@example.com
  • Cat Fancy Forums -> catfancyforums@example.com

(I’d hate to be the guy trying to use example.com for anything related to email…)

Since *@example.com gets delivered to my mailbox by default, this is a painless strategy.

Once in a while, one of these addresses will get compromised. (As a side note, based on my analysis it’s now my opinion that almost anything that eventually gets handled by Constant Contact gets compromised but that’s a different issue entirely.) So a bunch of stuff starts showing up in my Apple Mail junk mailbox. Again, not much but I’d rather not see it on my phone.

So, here’s the trick: Almost everything in that junk mailbox is a result of an email address getting compromised or spammers doing dictionary attacks against the domain (happens all the time). So, it’d be nice to quickly get a list of all of those “compromised” addresses.

Enter sed:

(Change [%Mailbox name%] to reflect the actual path to your email account (explore ~/Library/Mail).

You’ll get something like:

(Note for the lawyers out there: no suggestion is made that any of the foregoing accounts were actually spammed by the companies referenced…)

Remove anything that you want to keep, add it to the end of your domain’s valias file located at /etc/valiases/yourdomain.com, and you will never get email at that compromised address again. It takes about 5 minutes end-to-end and—done once a quarter or so—it can dramatically cut down on the spam you receive. It works brilliantly for me.