

Discover more from Heuristic Security
Can the Spam v2
Spam and phishing emails are still the #1 way individuals and businesses are compromised. With a little effort you can significantly lower your risk.

Spam (unwanted email) is not only an annoyance, it is the primary way in which business and individuals are compromised through phishing emails. While businesses often have sophisticated anti-spam and phishing systems to deal with this problem, individuals are usually left to fend for themselves, having to depend on whatever spam protections are available from their email account provider.
To help with this problem, I developed a simple scripted application to help individuals protect themselves. This script is both an enhancement to my original Can the Spam approach, a significant simplification, and finally works much better at eliminating almost all spam from your mailbox.
This scripted application assumes that: 1) you are using an Apple computer, 2) you are using Apple Mail as your primary mail client, and 3) you are looking to protect your Apple email account (iCloud.com).
This new version eliminates the need for the external spam filter application, SpamSieve. While SpamSieve is a great application, the bayesian method of email analysis that it uses to detect spam is equivalent to 7 blind men feeling an elephant and trying to determine what it is. Better to just open your eyes and identify the characteristics you are looking for.
In the case of my new approach, the characteristic I am looking for is the failure to properly implement the SPF, DKIM and DMARC email controls. Anyone spoofing a sender to send you spam will likely not be able to bypass these controls, and thus their failure can be used to spot the spam.
If you are still interested, the installation and use instructions are all detailed at the CanSpam Github repository, where you can download the script to compile on your computer (it’s AppleScript so all you need is already on your (Apple) computer). Enjoy!