Getting lots of spam on an alias to the Outlook.com account

emailoutlook.comspam-prevention

Recently, I started getting lots of spam emails to (mainly) an alias to my Outlook.com account. Those spam emails are not caught my Outlook.com spam filter and end up in my Inbox (I get more than 20 every day). Most of these emails are obviously spam; e.g., emails without content, emails with weird fonts in the subject, or emails that reach my inbox and they are "important" flag already set!

I tried blocking the sender, but those spammers are "smart" enough to use different sender email every time. I also added the SMTP server to the blocked senders' list, but that did not have any effect.

Given that I would like to keep the alias:

  1. What options do I have to block those spam emails? Or,
  2. How to block all emails to this alias, except if they are from "known" senders?

Best Answer

I hate to tell you this, but you cannot do it reliably, but I have a couple of suggestions at the end that might help. I have owned an computer networking company for 25 years, and I used to be in charge of 52,000 email users for a Fortune 50 company, so I know something about email and spam. Before it became illegal, I also knew a 17-year-old (at the time), who was one of the world's biggest spammers, so I so also saw how he did it up close and in person.

First, the programs used to send out spam allow you to import a list of names to use as the "from". The spammer kid, who now 40-ish and owns a legitimate business by the way, used to take a portion of his list of 10 million email addresses, and use them as the from on a random basis daily. That prevents you from blocking individual names reliably. Also, please don't reply and cuss out the victim, whose name was used at random. They are not at fault.

Second, if Microsoft's spam filter missed it, it is because the spammer has been smart enough to somehow get around it, often by using a different character set that looks like standard English letters, but are not really. That is tough to block. Over time, as Microsoft gets enough flags on certain emails, they do improve their filters, but it is like playing whack-a-mole. Do click on the "Junk" button to flag them.

Lastly, what I have seen is that these spammers do come and go. They typically have to use what is called bulletproof services. Those are unscrupulous companies based in 3rd-world places that do not care about protecting us from spam, or worse. Nevertheless, sometimes these bulletproof hosting companies do get taken down or blocked, and you will find that the problem gets better for a while.

What you can do is two things, but the first may, or may not, be practical for you.

  1. Create a whitelist and only allow whitelisted email through. To do this, you go into Settings>Junk email and click the filter that says "Only trust email from addresses in my Safe senders and domains list and Safe mailing lists" at the bottom of the page. This will send everything else to the Junk Email folder, and you can then check it every once in a while for false positives.
  2. You can create rules in Settings>Rules, and create rules, like anything that comes in with the word "Viagra", send it to the Junk Email folder. The problem is those character sets.

Again, I hate to say it, but if it were at all easy to block junk email, there would probably be none. It has been a problem for decades with no end in sight. I know you would have liked an answer that solves your problem totally, but please do not kill the messenger.

P.S. One final thing you can do is simply create a new account, and be more careful with it. You can inform anyone that emails you at that address of your new email address. Keep checking, and informing, for 6-12 months.

I actually create a series of accounts. Being in the computer business, I have many, many accounts, however, even for regular people, I recommend having three.

  1. The first is for business or personal use with ONLY people you know. Ask them explicitly never to enter your email into any website like an "e-greeting-card" site, because once they do that, you are out there. I have had my main business email address for well over 20 years, and I still do not get spam in it.
  2. The second is for ordering things. This is the account you use when you order from Amazon, or other online retailers. The advantage is that you only have to check it when you want to order things, and want to check on your orders. This account will become "polluted" over time, but at least you only have to check it every now and then, and you can change it with minor ramifications.
  3. The third account is a total throw-away account. This is one for when some website demands that you register to get something, but you know that you never want to hear from them again. You register, confirm the account, get what you want, and never look at the account again until you need to do this for some other site.

Pro tip for network administrators using Office 365 or on premise Exchange, at least if you have some control over it. You can have many email addresses associated with your email box, so I create one for every business that I have to deal with: So, MyRealAccount@mydomain.com, dell@mydomain.com, microsoft@mydomain.com, etc. If all of a sudden, I were to start getting spam from dell@mydomain.com that is not really from Dell, I could just change that one address to dell2@mydomain.com, with nothing lost. I also know who plays fast and loose with my information.

Related Topic