Today's updates to the MWP Filters were to add a rule to the "RX Spam" filter and to correct a Regular Expression error in the "Blocked Countries" filter that caused a few false positives.

I have been using the Wizcraft filters for a few weeks now and would like to complement on them. The shorter list is more than sufficient for the mail I receive.

I have discovered an anomaly with MWP involving your filter set. If you do not have bounce enabled for any account and you trigger a filter rule that uses bounce, MWP will hang for a while, presumably waiting for a time out, and then will continue.

I more or less stumbled across the solution while I was checking the filter rules to see if I could get any ideas why MWP was hanging. I saw one of the Image Spam filters was using bounce. Invoking the swag (Scientific Wild Add Guess) priinciple of debugging, I did a search and replace on the ruleset removing bounce wherever it appeared. I ran MWP for a few days and never had the hanging issue.

For confirmation, I replaced the modified filter rules with an original set. The next morning, sure enough, MSW hung scanning the incoming mail.

Note: The MWP slowdown did not occur all the time. It tended to be during scans of email that contained the most spam.

This may be just my system (Vista Ultimate, Outlook 2007, MWP 5.3.4.44 beta) but removing the bounce statement eliminated the slowdown.

LoPhatPhuud;
Thanx for the heads-up! I went through both lists and removed any lingering bounce directives. They are left overs from earlier days when spammers actually sent their own spam and should be removed. Virtually all of today's spam is sent from infected zombie computers that are in botnets.

Bouncing spam is no longer a useful tactic because almost every piece of spam you will receive has a forged "From" and "Return To" address, and the sender is a compromised personal computer that has become part of a spam botnet. The computer's owner is probably not aware that this is happening on his/her computer, until somebody like me files a report with SpamCop and his ISP is notified and they hopefully take him offline until his or her computer is disinfected. Please join Spamcop as a reporting member and forward all spam messages to them for reporting to the ISPs and web hosts involved!

I mentioned reporting spam to SpamCop in my last post, but I neglected to make it clear that this can be done directly from MailWasher Pro. After you join SpamCop you will receive a password and personal code by email, to use when reporting spam. You will input these credentials into the (MWP) configuration utility by clicking on "Spam Tools" then "SpamCop" where you should check the checkbox to enable SpamCop reporting, then copy and paste your personal encoded SpamCop email address into the (SpamCop) "Email" field.

Set a valid SMTP (outgoing) email server in the SMTP field (as supplied by your ISP or use one on your website), click OK, and OK again and you will be ready to report spam. When a message is flagged as spam a new field will appear under the label SpamCop. You can add a checkmark to spam messages and they will be forwarded directly to SpamCop. In a little while SpamCop will send you a confirmation request link to click on, where you will see the content of the spam headers and tracking details. You yourself must finish the reporting process by scrolling down and clicking the "Send Spam Report Now" button.

That ends tonight's special lesson.

I apologize for not taking the time to read through five pages of past posts on this thread.

For the past couple of months, Mailwasher doesn't appear to be doing nearly as good a job as it used to. This dates back to before the time when people started sending PDF attachments.

Anyway, I was wondering whether the Wiz filters should help weed out some of the current crud.

Can you please supply a download link for the Wiz filter.

Thank you very much

Sorry it appeared to be anonymous. I hadn't logged in!

I have updated my MailWasher Pro Filters to detect and hide the latest type of PDF spams - composed in Qualcomm's email client. The new filter is PDF Spam #3. I expect that I will have to alter this rule over the next week or two, as variants appear. Your input on any filters that fail to identify their type of spam will be appreciated!

I also updated the "Postcard Trojan Scam" and the "RX Spam" filters last night, and have moved the most common spam rules to the top of the list. This will save processing time, because once a filter rule matches a type of spam no further rules are checked (and some of you have commented on how CPU-intensive my rules can be). I will be moving the order around to respond to changing spam runs and as certain types become less prevalent.

Maybe identifying the email client is not a good idea for the PDF's. I have seen them sent with OE5.5 as well as OE6 and Thunderbird. If sent via zombies they could literally be sent with anything.

Davews, i like your icon. Do you know what this means?
... .--. .- -- ... ..- -.-. -.- ...

Thanks for the input JE. Hiding spam is the last resort before opting for automatic deletions. I use it to test filters for accuracy and sometimes just leave it that way after a rule proves effective, especially if it occasionally flags legitimate email as spam. If hiding flagged email is an annoyance just remove that directive by editing out this phrase from all filter rules: Hidden,
You can use your text editor's built-in Find feature, or even find and replace, where you would replace Hidden, with nothing (test this before saving changes).

Alternately, open the filters sidebar in MailWasher Pro and switch the display option to "Display the email" instead of "Hide the email."

Notice: I removed the version number from the X-Mailer in PDF Spam #2 because a new run of that spam was composed using a later email client version. If you ever receive pdf attachments from contacts I advise you to add these accounts or domains to your Friends List now.

Regarding restoring deleted messages; I set my scanning options to at least 250 lines, or 300, depending on the current types of spam I am seeing, and how much my filters slow down the processing time. This way if I restore a deleted message I get most of it back. Anything less than 250 lines will probably toast an HTML message, unless it was really minimal.

If you experience problems restoring deleted messages there are two main things to check.
1: Did you check the option to "Allow deleted email to be restored from the Summary screen"
2: Have you set a valid SMTP server, along with the correct port number, user name and password?

Those items are found in the MailWasher Pro Options, on the "Summary" tab.