How to Block Foreign Spam

Last reviewed on September 20, 2014   —  28 comments

A frequent question users ask is how to block foreign spam:

I’m receiving email that looks like it comes from Russia (funny looking letters). I keep adding the addresses to my block senders list however I seem to be getting more and more of them. I would like to make a rule to just delete them all, but I cannot find the letters anywhere to type into the rule.

Can we make a rule in which Outlook 2010 can auto-delete any emails that contain Asian characters?

Sure, you can create a rule to delete messages containing these (and other) character sets. You can also set the junk filter to delete mail that uses certain character sets.

But first, I’ll address the use of the blocked list: Don’t bother adding spammers to it. Because most spammers use an address once, you’re only filling up the list with bad addresses. The blocked list should be nearly empty. Set the Junk Email filter on High and let Outlook take care of spam; use the Safe lists to whitelist addresses as needed.

Junk Email Options

If you use Outlook 2003, 2007, or 2010, you can set the Junk email option to filter mail either by the top-level domain or character set. If you don’t correspond with users in certain high spam countries or who would be using alternate character sets, you can configure Outlook to filter all messages from the top level domain or that use foreign character sets.

Set the character encodingOpen the Junk Email Options dialog and go to the International tab. Block most of the encodings, but not ASCII or Western European, possibly not Latin 3 and 9 and any others that would be used by people from other countries that you correspond with.

Note: If the message (spam) doesn’t have a character set in the header, this filter won’t work.

The lines in the message header will look something like either of these two lines:

Content-Type: text/plain; charset=”ISO-8859-1″
Content-Language: en-us

The top level domain list blocks mail sent from addresses ending in a two-character country code (.de, .us, .ru etc). Because most spammers use .com addresses, this filter is less useful.

Find the Junk Email Dialog:

Expand the junk mail button to find optionsIn Outlook 2010, the Junk email options is Home ribbon in any mail folder; in Outlook 2003 and 2007, look on the Tools, Options dialog.

Note that Outlook 2010 maintains separate junk mail settings for each account.

If you have multiple accounts and deliver the mail to different Inboxes, select an Inbox and review the junk mail settings, then repeat for each Inbox. If you use one Inbox, select a message from one account and review the settings, then select a message from another account and check the settings.

Create a Rule for Foreign Spam

Users of all versions of Outlook can create rules that look for foreign characters in message bodies. Copy a few of the most common characters from a spam message and paste them into a rule. You only need about 8 to 10 letters from each language for maximum spam filtering.

To create a rule

First, locate a message with the characters you want to filter on and copy one or more characters.

  1. Open Rules Wizard. In Outlook 2010, look for Manage Rules & Alerts on the Home ribbon, Move section, under the Rules button. In Outlook 2007 and earlier, Rules & Alerts is on the Tools menu.
  2. Click Add Rule.
  3. Choose Apply rule on messages I receive near the bottom of the dialog.
  4. Click Next to move to the Conditions screen.
  5. Select the “with specific words in the subject or body” condition.
  6. Click on “specific words”in the lower part of the dialog and paste the characters in the Specify words… field. Click Add.  If you copied multiple characters, delete all but one character, then click Add. Repeat until all characters are added.
  7. Create a rule to delete spamClick Next to move to the Actions screen.
  8. Select “delete it” and click Next. At this point, the rule should look something like the rule shown in the screenshot.
  9. Click Next if you want to add exceptions to the rule or run it on messages in your Inbox, otherwise, click Finish to return to the Rules Wizard dialog.

Written by

Diane Poremsky
A Microsoft Outlook Most Valuable Professional (MVP) since 1999, Diane is the author of several books, including Outlook 2013 Absolute Beginners Book. She also created video training CDs and online training classes for Microsoft Outlook. You can find her helping people online in Outlook Forums as well as in the Microsoft Answers and TechNet forums.

Please post long or more complicated questions at Outlookforums.

28 responses to “How to Block Foreign Spam”

  1. jigneshhrathod

    Thank you! This was so helpful. I was really tired of getting junk emails written in some Chinese languages. I didn't think of any solution. Thanks a lot for the simple solution.

  2. NN

    Tried all this but outlook will not let me paste the characters.

  3. ereemst

    Great article, but now one to you how do i block russian spam with cyrillic letters in Exchange 2013 with spam options on if i block a cyrillic letter A its just gives ? as return

  4. PapaGolf

    Next step - block email with an embedded LINK to a foreign country?

  5. Maisy

    Hi Diane, When I copy the symbol (which I can't copy and paste here as it wont allow it) it shows up differently after I add it in the search list box and you cannot break it apart from the symbol. This spam cannot be stopped by Verizon, it also enters my junk box and removes itself back to the inbox. I am also seeing domains in my safe senders list. The one thing I would like to do which is consistent with all of them is there is nothing in the TO: field. I don't see how to block it in outlook. I am told it might be in the bcc field. I can send you some samples which will blow your mind. Otherwise, I tried to do what you say and it simply wont let me have just one symbol and it always contains the domain address which changes with each email (so obviously it would be a waste of my time which is what they want). I am going out of my mind with trying to block these. They have figured out all the ways you can block a spam email and countered it. Thanks

  6. Alan Striegel

    What mechanism (if any) is there for blocking by some of the new top-level domains that I'm starting to see as sending addresses?
    For example, quite a bit of the spam I'm seeing lately comes from domains that end in .club.

  7. dennis

    I changed the international language settings, but it isn't saved permanently. How can I get it to be permanent?

  8. Barry Foate

    "At this time there is no built-in way to block them, but you could use a rule that looks for .club> in the header."

  9. Bill Guidera

    I may have misread or misunderstood earlier posts. But for these common spams, since I do not see anything in the To: line, creating a rule by checking the option "where my name is not in the To box" then "delete it" then "except with @ in the recipients' address", correct?

  10. Dale

    I created a rule in Outlook 2007 to move any email with .info in the header to the junk email file. Sometimes it won't work, then other times it will move it there, display the notice that it's downloaded an apparent spam email. When I click "ok" it moves the email from the junk file to my inbox. ????

  11. Dale

    Not sure what an "addin" is. Yes, the message is just like the dialog you show.

  12. Dale

    I'll try that, thanks. It seems like 90% of my spam comes from .info - 5% from .tk, and the rest from .com and/or .net.
    I'll let you know if that works.

  13. Dale

    That doesn't seem to help either. Maybe I'm telling the rule to look in the wrong place for the .info.(?) I'll try to past the wording below from the email when I click on "Message Options". (I took out my email address and replaced it with asterisks.

    Return-Path:
    Received: from cdptpa-pub-iedge-vip.email.rr.com ([107.14.174.245])
    by cdptpa-fep11.email.rr.com
    (InterMail vM.8.04.01.13 201-2343-100-167-20131028) with ESMTP
    id
    for ; Wed, 29 Oct 2014 20:11:31 +0000
    Return-Path:
    Received: from [84.239.57.231] ([84.239.57.231:62377] helo=Ayresmith.ndBreakfastShow.C.8S.com)
    by cdptpa-iedge09 (envelope-from )
    (ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP
    id 31/80-10686-2F941545; Wed, 29 Oct 2014 20:11:31 +0000
    Date: Wed, 29 Oct 2014 20:11:29 -0000
    From: "=?ISO-8859-15?B?X1dpbmRvdyBEaXNjb3VudHM=?="
    Subject: =?Windows-1252?B?UXVhbGl0eaBXaW5kb3dfUmVwbGFjZW1lbnQuRGVhbHNf?=
    MIME-Version: 1.0
    Content-Type:
    multipart/alternative; boundary="SaI6111-IJ-1757323-676=_!"

    Message-ID:
    X-RR-Connecting-IP: 107.14.168.141:25
    X-Authority-Analysis: v=2.1 cv=GrbM+yFC c=1 sm=1 tr=0 a=K61abTOxmzkdaQiVxOMUpA==:117 a=K61abTOxmzkdaQiVxOMUpA==:17 a=ayC55rCoAAAA:8 a=0oj8HZZGiqAA:10 a=9cW_t1CCXrUA:10 a=jPJDawAOAc8A:10 a=13Gyjc2-_UYruZWFdh0A:9
    X-Cloudmark-Score: 0
    X-EsetId: 37303A29E3E9CF636D7162

  14. Dale

    I did what you said with the "Windows-1252. I haven't had any spam from .info or .tk since - not even in my junk box or deleted file. I can't tell if this is stopping it before it hits my webmail at Road Runner, or if I'm just not getting any spam right now.

Leave a Reply

If the Post Coment button disappears, press your Tab key.