menga

my insane way of dealing with email spam

NeoMutt

I've pretty much been through all the standard ways of filtering spam. After a lot of research, I found a way that works for me that I'll detail in a moment.

Everybody's spam experience is different based on which companies are selling off account data and absolutely not giving a shit otherwise, where an email address has been leaked, how many of the email address owner's dopey friends had their email accounts compromised (in which the contact list is harvested and put into a spam database), and so on.

I can tell that the lion's share of spam I'm receiving right now is all coming from one botnet and most likely being sent from infected office PCs. How do I know? I get blasted with the same type of spam over and over with only minor variations, and like clockwork, the spam slows significantly on weekends and major holidays.

The fortunate part is that I was able to nail a pattern the spammer was using since all the spam was done in a specific way. After some experimentation, I found a pattern I could match, and now 100% of whatever that asshole sends goes straight to the spam folder.

So what's this insane way I deal with email spam?

I use no spam filters at all.

Why not? I don't trust them. It's a certainty that spam filters will flag messages that aren't spam, and not flag messages that are spam.

If you just said to yourself, "But I can't turn off my spam filters?" Ah, yes, you're one of those 'free' email users. Yeah, you can't turn those filters off. Not possible.

I use hosted email, and that allows me to completely disable all the filters.

So how do I stop the spam? Server-side regular expression a.k.a. regex email filter rules written by hand.

"Only receive emails from my contact list" doesn't work.

Automatic "reply back to confirm and your message will be delivered" doesn't work, and pisses people off who are just trying to email you.

"Click this to confirm you're a human" doesn't work (and again, pisses people off).

Token-based anything doesn't work.

Blocking IP ranges doesn't work.

Blocking specific gTLDs (addresses ending in .shop, .cc, .app, etc.) doesn't work.

Relying on blocklists of any kind, paid or free, doesn't work.

Plus addressing doesn't work.

Mail relays a.k.a. mail masking doesn't work.

Out of every single way to filter email spam, manual regex filter rules is the only thing that actually works.

Oh, and "I'M STARTING OVER!" doesn't work either.

Let's say you decided to:

  1. Register a domain the internet has never seen before
  2. Host using a provider that allows to turn all the filters off
  3. Set up a master email account for that domain
  4. Set up separate forwarders going to the master account for EVERY SINGLE PERSON AND COMPANY that emails you

...doesn't matter. You still lose. You'll end up with a giant pile of forwarders that will be difficult to manage, and then one day in not-too-distant future... a spam gets to your inbox. And you will rage. It will most likely be from some dopey company you do business with. So, of course, you dump that forwarder, make a new one, and adjust your account with that company to email you at the new forwarder. But now you know that new forwarder will eventually get spammed since it happened before with that same company.

What can you do about that? Nothing.

And that's why it's better to get good at regex pattern matching. Online tools are available. One of my favorites is regex101, although RegExr is pretty good too and has a cheatsheet directly in plain sight. Nice.

Of the spam I'm currently receiving, it's mainly spammers faking messages from Omaha Steaks, Tractor Supply, Marriott hotels, and a sprinkling of others. The addresses used go all over the place, but that doesn't matter because I filter it with just a few lines of regex.

The key thing to making regex work with filtering email is figuring out the pattern the spammer is using, then nailing it using the shortest amount of lines possible.

When I first started filtering out what that botnet was sending, my regex filter rules list got huge because I was doing the whack-a-mole thing. And I'd argue that's sometimes unavoidable when trying to nail down a regex pattern that works.

The eureka moment happened when I came up with one particular regex line using negative lookahead that nailed the pattern only the spammer was using and didn't mistakenly match legitimate emails. From there, everything came together. I was able to greatly decrease the amount of regex lines I was using, and my inbox was clear once again.

The insane way is the only way to filter out the spam

Before I deleted Thunderbird, I was using a craptastic plugin to get the regex filtering I needed. I'm now using NeoMutt and having the filtering done server-side instead of client-side.

To me, using email without regex is actually more insane. If I had to deal with the always-on and can't-be-disabled spam filter from a 'free' email provider... no. Just no. Their filter would screw up routinely and I'd be fighting with it left and right.

Regex is somewhat of a danger zone for filtering and not for the timid, but there's nothing better for ridding the inbox of spam.

❤️ Like this post? Leave a tip

Published 2026 Jan 12

Previous Post
 Next Post

As an Amazon Associate I earn from qualifying purchases. (What does this mean?)

💾SanDisk 512GB flash drives now under $40

Best ZOOM R8 tutorial book - highly rated, start recording audio like a pro at home quick!