Thursday, July 05, 2012

The Outlook 2007 blocked sender list import file function is flaky: how to fix it.

Outlook 2007 (and 2010 I assume) supports an old-school blacklist feature in addition to the new-school algorithmic exchange server filters. When you get spam you can add the sender address to the blacklist (called "Blocked Senders").

The default behavior is to add a single sender address, such as sender194@badcorp.com.

Once upon a time these blacklists were obsolete. Now, however, they work very well. Most of the spam that makes it to my corporate inbox is "legal" corporate spam, email from desperate businesses with one foot over the line. These businesses need to use valid domain names, because they want to read replies. They do play around with changing domain names for their mail servers, but not that often. On the other hand, they do change the sender prefix.

Of course asking to be removed from sending lists doesn't work, but a blacklist is perfect. Blocking domain names, like badcorp.com, works.

That's why I wanted to change my individual sender block list to a set of domain name blocks [1]. I exported my block list, did a bit of grep in the text file, and tried to import e-mail addresses into your Junk E-mail Filter Lists.

It didn't work. I'd get a single character appearing in my block list.

I tried several tricks, including changing the text file encoding. Nothing worked. Then I tried a single email address in a fresh file - my own.

That worked. Then I deleted it and I could import the entire list.

As best I can tell something in my original import gave Outlook 2007 heartburn. I had to clear that out for it to work. It might be that it can't handle a domain name beginning with a number (a spammy technique).

Now I have a better blacklist, and now you know there's a problem.

[1] This is the current list of corporations that spam my business email - I now block all these domains on the client side. (PS. reading this I see I'm missing a few tricks :-)

asdreports.com
azulsystems.com
bioeventsmail.com
bossoft.com
complianceonline.com
crossgate.com
demarc.com
digitalml.com
dmsgs.com
elsevier.com
enterpriseguide.com
essentialbusinesstraining.com
fxtrans.com
globalcompliancepanel.com
hci.org
healthcareupdatenewsservice.com
i24insight.com
insight.dnb.com
learnnowllc.com
messages.com
messages2.com
messages3.com
newsgator.com
noreply.wcbf.com
omniture.com
pbconferences.com
pocp.com
qlikview.com
sap-press.com
ska.messages2.com
sqmgroup.com
sun.ztfsg.com
trackstick.com
virimatech.com
workplacetrainingcenter.com
zoominfo.com

2 comments:

jasper robinson said...

BRILLIANT! Thank you so much. I've passed this on to our tech team at my work and I know have a pretty comprehensive domain, level black list.

I had tried using Rules which allow you to Cut & Paste semi-colon separated email addresses but not domains.

BTW, do you have any tips for creating the black list? I'd moved the spam messages into a folder on Exchange over the course of a couple of months. Then I'd used some Applescript to rip only (or, rather, mostly) the email addresses. Next I grepped the list up into the fomat that you use (no @s or ;s or ,s). Do you know of a more efficient way?

John Gordon said...

No, I pretty much do what you do , except I used RegEx rather than AppleScript to process the file.