Use Gmail as a spam filter (three ways)

April 18, 2005

UPDATE: I've just been made aware that someone else posted a similar, though more detailed, description of the first method I talk about below.

This is something I meant to write about months ago, but just never got around to it. I don't think the idea is new (perhaps it was when I thought to write this), but that shouldn't deter me from sharing it with everyone.

I guess the title begs the question, "Why would I want to use Gmail to filter my spam?" Well, if you're currently relying only on client-side filtering, the question is answered. If however, you have both a client and server-side solution, the answer isn't so clear; perhaps you aren't satisfied with the server-side filter or you just want to try something new.

Notwithstanding your current setup (and requirements), Gmail does a decent job of siphoning out the good e-mails from the bad, and while it's certainly far from perfect, I'm sure that over time, partly because it can set filter rules based on the aggregate "report spam" actions of its users, it will become an excellent filter. I've come up with three different ways for you to take advantage of Gmail's spam-filtering capabilities, all of which allow you to keep your current e-mail address.

Method One

You can only use this method if you have the ability to set server-side e-mail filter rules. It's based on the fact that Gmail adds some extra information to the header of the e-mail before forwarding it along. There are a number of things you can predicate your rule upon and I'll place a few of them at the end of this section. The method is outlined below.

  1. Forward the e-mail from your current account to Gmail.
  2. Forward your Gmail e-mail back to your current account.
  3. Gmail will filter your e-mail before forwarding it along.
  4. Setup a server-side filter rule to check for the existence of certain data in the header (see below) and forward it to Gmail if the header lacks this data; let it pass through to the inbox of your current account if it contains this data.

Like I said above, there are quite a few things that you can check for in the header and use as the basis of your forwarding rule. Three of the most obvious are:

  • X-Forwarded-For: user@gmail.com forwarded@to.com
  • X-Gmail-Received: some-random-number
  • Delivered-To: user@gmail.com

Method Two

This method is best for those that can't edit server-side filters, but can create multiple mail accounts. The method is outlined below.

  1. Create a new mail account (the username doesn't matter; no one will see it).
  2. Forward the e-mail from your current account to Gmail.
  3. Forward your Gmail e-mail to the account you just created.
  4. Gmail will filter your e-mail before forwarding it along.
  5. Use your new mail account (you'll obviously want to set the "reply-to" and "from" fields to your current address and not the one you just created).

Method Three

This is the simplest method and the one you should use if you can't setup server-side rules or create extra e-mail addresses. The first thing you'll need to do is setup your current account to forward to Gmail. The next and final step is to setup your local mail client to access Gmail through POP.

Archiving and Privacy

All of the methods shown above (forwarding and POP) allow you to keep your Gmail messages in your inbox, archive them (i.e., keep a backup of your local mail), or trash them. All e-mail in the trash "folder" will be automatically deleted after 30 days. Keep in mind though that just because you delete a message doesn't mean that it's entirely gone. From Gmail's Privacy Policy:

Because we keep back-up copies of data for the purposes of recovery from errors or system failure, residual copies of email may remain on our systems for some time, even after you have deleted messages from your mailbox or after the termination of your account.

You should follow me on Twitter here