Block unsafe (external) content all senders

VanguardLH · June 24, 2019, 2:06am

In settings for Mail -> Privacy, the option “Block unsafe content except from whitelisted senders (recommended)” is selected. Is the whitelist only used for this option? If not, I want to “Block unsafe content from all senders”.

I sometimes get e-mails from family or friends that use unknown and untrusted sites to send messages; e.g., they use a web form or some online service to send me a message usually riddled with linked and web beacons. My sister likes to use holiday card sites that use web beacons for tracking (to let the user of their site know when the recipient opens the e-mail).

I’ve found that safe senders (regarding spam filtering) are not always safe senders (regarding privacy). I’m used to e-mail clients with a safe/whitelisted senders list that get employed by their spam filtering feature. Does em Client even have spam filtering?

Seems the whitelist is only for the “Block unsafe content except from whitelisted senders”.

Gary · June 24, 2019, 7:37am

Yes, that is the purpose of the whitelist. If you add an address to the list, it will be considered safe, and so will display all external content.

If you want to block content from all senders, clear the whitelist.

VanguardLH · June 24, 2019, 8:03am

Okay, I’ll leave the whitelist empty. I’m new to em Client, and in other e-mail clients the Safe Senders list was also applied toward spam filtering. Outlook has its pre-compiled Bayesian list for spam filtering (and why an update would get pushed every so often). Thunderbird has its Safe Senders list which is also used as an exception list to their Bayesian spam filtering. I wasn’t sure if em Client had any client-side spam filtering, or relied solely on server-side spam filtering at the e-mail provider.

Since em Client does not have client-side spam filtering, I can leave empty its safe sender whitelist. Thanks for the info.

Gary · June 24, 2019, 8:08am

eM Client does have the Spam Rule, which allows it to recognize messages that have been flagged by the server as Spam and move them to the Junk folder. That is all.

VanguardLH · June 24, 2019, 9:28am

Thanks for the info on rules. I notice I can define my own rule that tests on a header’s value. Alas, I’m not sure the included Spam rule or one that I define will work at Hotmail. I had a false positive where an e-mail got moved into the Junk folder (on the server). I looked as the message source. While there were some headers showing Microsoft’s spam handling, there really was no header that acted like a red/green flag or rating on spam.

I haven’t investigate their spam-related headers. Of the 3 they add, maybe 1 indicates the message was moved to the Junk folder due to their Forefront’s spam rating, which is:

X-Microsoft-Antispam-Mailbox-Delivery: abwl:0;wl:0;pcwl:0;kl:0;iwl:0;dwl:0;dkl:0;rwl:0;ucf:0;jmr:0;ex:0;auth:1;dest:J;OFR:SpamFilterAuthJ;ENG:(5062000261)(5061607266)(5061608174)(4900115)(4920090)(6375004)(4950130)(4990090)(9140004);RF:JunkEmail;

However, unless em Client supports regex (regular expressions), how could I define a rule inside of em Client to parse that header? In regex, I could use:

(?-s)^X-Microsoft-Antispam-Mailbox-Delivery: \S*RF:JunkEmail

where (?-s) means to scan to the end of the line and not further (to prevent the greedy rule from going past the header section and matching on a string in the body of the message), ^ means to anchor the string to column 1 (all headers must start in column 1), include that header name with a colon and a space (required to delimit header from its value), and series of optional non-space characters, and look for “RF: JunkEmail” somewhere in the header’s value.

However, that only tells me the message got moved into the Junk folder. em Client doesn’t need spam filtering for that since the server already moved the message into the Junk folder and em Client would retrieve the message in that folder. I don’t see anything in Hotmail’s headers for received e-mail that shows the message is spammy. If Microsoft thinks it is spammy, well, it’s going to move it into the Junk folder. Don’t need a client-side rule for that.

em Client won’t let me edit its Spam rule to see on what it tests. Most servers, if they suspect a message as spam, are going to move it into the Junk folder (on the server). So, em Client is just going to reflect the same when it syncs with the server: that the suspect e-mail already got moved into the Junk folder. The only purpose the client-side Spam rule could have is if the server rates the spamminess of a message but does NOT move it into the Junk folder. Don’t remember ever using an e-mail provider whose server’s spam filter rates a message as spam but doesn’t move it into the server-side Junk folder. Maybe that might be what happens with POP access since that only understands the concept of a mailbox (POP doesn’t understand or have any commands for folder management).

Thanks for pointing out the safe sender whitelist has nothing to do with any spam filtering inside of em Client (assuming the Spam rule doesn’t use that whitelist).

Gary · June 24, 2019, 9:42am

You can look at the Spam Rule by creating a new one.

I think you may be correct that this Spam Rule is intended for POP3. If you are using POP3, with a GMail account, you may not want your spam moved to a server folder, because you will never see it in the client.