We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Thunderbird blacklist doesn't seem to be working

  • 2 uphendule
  • 1 inale nkinga
  • 1 view
  • Igcine ukuphendulwa ngu Don Peters

more options

Thunderbird normally does a great job of filtering out spam, but over the past few months I've been getting some spam messages in my inbox. They are all from the same source. So, to combat this, I set up the source in Thunderbird's "blacklist".

I set up my blacklist message rule to filter the "from", and "contains", and the target to:

  .onmicrosoft.com

Yet I still keep getting these spam e-mails from a source whose "from" contains ".onmicrosoft.com". That doesn't make any sense to me... unless the Thunderbird blacklist feature doesn't work.

As an extra check, I clicked one of those spam messages, them "more", then "view source" to verify that the "from" was indeed ".onmicrosoft.com", and it was. So, what's going on here?

Thunderbird normally does a great job of filtering out spam, but over the past few months I've been getting some spam messages in my inbox. They are all from the same source. So, to combat this, I set up the source in Thunderbird's "blacklist". I set up my blacklist message rule to filter the "from", and "contains", and the target to: .onmicrosoft.com Yet I still keep getting these spam e-mails from a source whose "from" contains ".onmicrosoft.com". That doesn't make any sense to me... unless the Thunderbird blacklist feature doesn't work. As an extra check, I clicked one of those spam messages, them "more", then "view source" to verify that the "from" was indeed ".onmicrosoft.com", and it was. So, what's going on here?

All Replies (2)

more options

is the filter actually set to run on the account getting the mail? It defaults, if memory serves, to the "local Folders" account.

more options

Thanks for the reply Matt. Yes, as far as I know the filter is set to the account. Regarding "local folders", I don't understand that comment, i.e., a message arrives at my inbox and is then filtered. After the filtering process, if I then see it, I can move it to a local folder, and as far as I know, no filtering takes place when I do this move.

BUT... I may have found the problem. Upon closer examination, I see that the whitelist filtering runs before the blacklist filtering, and in my whitelist filtering I have the entry "microsoft.com". Since that's a substring of "onmicrosoft.com", it will pass the white filter test, and never get to the blacklist check. My fix, which I'm testing now, is to change the white filter "microsoft.com" to ".microsoft.com". If that works, the error was on my part in both not realizing the whitelist filtering took place first AND that I had a too simple whitelist filter called simply "microsoft.com". My guess is that scammers might have anticipated this might happen to some!