He noticed that the image spam emails always have two distinguishing marks: they come from a different address each time and the Content-Type header begins with “multipart/related”.
So a rule that matches both those conditions like the one below will snag them before they hit your inbox:
The only tricky thing here is selecting the “Edit Header List…” from the list of conditions and then entering “Content-Type” in the next window. “Content-Type” will now appear in the list of conditions. You will need to select it and enter as its content “multipart/related”.
You might choose to replace the “Not in my previous recipients list” condition with “Not in my Address Book” depending on your own correspondence patterns. Adjust to suit your own tastes.
There is a small downside. It seems likely that this rule will move some “false positives” into the Junk folder. But checking that from time to time is much better than wading through the image spam that Mail.app’s Junk filter is currently missing.
UPDATE: It will be easier to spot any false positives moved by this rule, if you add a “Set Color of Message” action to it, choosing a unique colour. That will help them stand out in an overstuffed Junk folder.
- Another Mail.app rule to catch image spam
- Image spam: Spam gets more canny
- A new wave of high brow “empty spam”
- Image spam surge powered by Russian bot-net
- Spam: Reducing false positives in Mail.app
Tags: Apple Mail, image spam, Junk, mail.app, rules, spam, stocks