this post was submitted on 08 Dec 2023
35 points (90.7% liked)

Technology

34437 readers
169 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
[email protected]
35
Spammers are starting to use email addresses with "renewal" in the address, bypassing junk filters. How do we fight this without blocking legitimate renewal emails? (lemmy.world)
submitted 9 months ago by [email protected] to c/[email protected]
9 comments fedilink hide all child comments
 

For several months now I've started to receive an unprecedented number of emails from addresses named some variation of "renewal@".

The issue is that creating an email filter which would move these emails to your junk folder would also inadvertently move legitimate subscription renewal emails to your junk folder as well. What are some steps that can be taken to deal with this issue? Which apps, clients, or email services deal with junk/spam the best?

all 11 comments
sorted by: hot top controversial new old
[–] [email protected] 38 points 9 months ago* (last edited 9 months ago) (2 children)

I've transitioned over the last couple of years to using exclusively aliases. I do not give my actual email address to absolutely anyone.

If someone leaks the alias I gave them to spammers, I write the offending company a strongly-worded email, then disable or spin up a new alias to use.

For your situation, these things happen all the time and your email provider will likely work it out soon enough. It's just a bit cat and mouse game with spam.

You can create a temporary filter to move them to and disable the notification for those emails for now.

[–] [email protected] 2 points 9 months ago

Ah that's a good tip. Next step for me is figuring out how to use aliases in outlook then, thanks

[–] [email protected] 1 points 9 months ago (2 children)

Do you use a service for the relays, or is it possible to self-host?

[–] [email protected] 3 points 9 months ago

I use Proton/SimpleLogin.

I suppose it's possible but you'd need to buy and maintain several domains. Very easy to use with Proton or AnonAddy or Firefox Relay. And then any of those domains could be tied back to you.

[–] [email protected] 11 points 9 months ago (1 children)

Spam filters rely on many signals besides the from address to decide if a message is spam, because one signal alone is often not reliable enough.

It’s hard to see who deals with spam with the best because when the filters are working well, you don’t notice how much is being blocked.

I can say that both Fastmail and Google work fairly well. Unless things have changed, about 90% of email is spam, with most getting blocked or diverted at different levels. So even if some gets through, it’s possible the systems to block it are still working very well.

[–] [email protected] 1 points 9 months ago

Yeah and I have to be honest, usually outlook/Hotmail is pretty good about adapting to spam but this seems to have evaded them for much longer than other types of spam. Fingers crossed they figure it out soon

[–] [email protected] 7 points 9 months ago* (last edited 9 months ago)

Subscribe to things with personalized individual aliases instead of your main address.

That way you don't get much spam to begin with because they'd have to guess what aliases you use, and you reject anything that's not sent to one of those aliases.

Assuming one of the sites you subscribe to sold you out or was broken into and their alias starts receiving spam, you simply block or disconnect their alias.

If you haven't been doing this, the address you use now (for everything) is undoubtedly on many spamming lists. It's best to get a domain and start moving subscriptions to aliases on that domain.

Nobody should ever know the main account address, it should be reserved for logging in to the account. Even friends and family should be given aliases (because their address books and contact lists inevitably get sold and compromised eventually).

[–] [email protected] 2 points 9 months ago

I just use a separate email for subscriptions and whatnot vs "actual" email. That helps mitigate a lot of it since I can easily dismiss any "business" communications from one and be on my guard with the other.

But the real solution imo is to not use email for such things. If I need to renew something yearly, I set up a reminder on my calendar or wherever yearly.