in message
Thanks Vanguard, but I do get emails with pdf attachments but ALWAYS
with a
subject matter and some content in the message field. Your solution
would
place those in the Junk folder as well. Your solution would not work.
If they are known senders then they should be in your Contacts folder
(or some other contact-type folder). So add a whitelist rule to check
if the sender is in one of your contact-type folder; if, do nothing
except use the stop-clause in that rule (so the e-mail remains in the
Inbox). Blacklist rules go first, whitelist next, and then spam rules.
The check on content-type goes in the spam rules section.
My suggestion doesn't work as offered because now you specify criteria
that was absent in your original post.
If you refuse to accept e-mails with blank subject headers (I do) then
add a rule to the spam rules section. That rule would check that there
were no vowel characters in the Subject (since there is no actual rule
to check for a blank value for Subject). I use separate rules for
testing if the Subject is blank and if there are suspicious attachments
but you could combine them into a single rule that ANDs these
conditions.
My rules (by description) are, in order from top down:
Junk - Non-Delivery Report (bounces, undeliverable)
I rarely care about bounces or NDRs. If I expect an immediate response,
like an auto-responder, I'll check the Junk folder since I'm expecting
something. If I send e-mail somewhere it isn't deliverable, the NDR is
worthless to me since I can't use that e-mail address to ask the
recipient what is their correct address and will have to use other
communication venues to update or contact.
Delete - SpamPal blacklist
A blacklist maintained in SpamPal so all e-mail clients can use it.
Keep - SpamPal whitelist
A whitelist maintained in SpamPal so all e-mail clients can use it.
Keep - Global passcode
A special and unique string added the Subject to bypass all further
filters. Mostly used by myself when sending test mails. Can be used by
other senders on special occasions when I want to make damn sure their
e-mail gets into my Inbox (unless they have been blacklisted). I can
change this string at-will in case it ever gets divulged or abused.
Delete - No local passcode (<accountname>)
Some accounts require a passcode in the Subject. For example, I don't
bother munging my e-mail address in my posts here. I don't care if
spambots harvest my e-mail address from here. They don't know how to
follow instructions in signatures (which is only included in *my* new
posts and not in replies), they don't harvest the body of posts (so the
spammer won't get those instructions), and the spammer isn't reading
harvested posts to follow instructions. Any e-mail delivered to this
account is immediately and permanently deleted unless the passcode
unique to this account is used which means a human added it. Again,
this passcode can be changed at-will. This is actually a blacklist
action and this rule could be moved into the blacklist rules section
above.
Move - Special whitelist rules
Whitelists based on strings in the Subject (from known senders that use
the same string, like job searches or newsletters), or by the sender who
isn't included in the SpamPal whitelist (because this rule is only
temporary for the sender(s) and I don't want to bother including them in
my SpamPal whitelist).
Keep - Known sender (Contacts)
If I added a sender to my Contacts folder, I want e-mails from them.
These are known good senders.
Keep - Known sender (Contacts - Work)
I have more than one contact-type folder. These are work folks related
to my employment. These are known good senders.
Delete - No @ in From
If the From header is blank (absence of "@" character would be included
if blank) or not a valid e-mail syntax (which always have the "@"
character) then I don't want them. If the sender doesn't want to
identify themself then I don't want their e-mails. The From header is
part of the *data* of a message that the sender's e-mail client includes
and is not the sender as identified in Received headers.
Delete - Subject is blank
If the sender doesn't want to give me a synopsis of their message, I'm
not interested in reading it.
Delete - Me in From (<accountname>)
I do not send e-mails to myself (except as a test and then I use the
global passcode caught by the above rule). Spammers often will pick a
name from their recipient list so it looks like you sent yourself the
e-mail. I have 8 accounts so there are 8 copies of this rule.
Junk - Not sent to me (<accountname>)
If I am not explicitly identified in the To or Cc headers then I
*probably* don't want that e-mail. I expect senders to address their
e-mails to me. However, until I whitelist a newsletter to which I just
subscribed or submit an online order that may not have me specified as
the recipient but which I am expecting to receive, I move these suspect
mails into the Junk folder. Since I'm expecting them, I can retrieve
from the Junk folder. 2 of my 8 accounts use this rule.
Delete - Not sent to me (<accountname>)
Some accounts I demand that I *must* be specified as the recipient. If
I am not in the To or Cc header then I don't want those e-mail delivered
through this account. If they Bcc me then I don't want their e-mails.
The other 6 of my accounts use this rule as they are for specific and
narrow purpose.
Junk - Suspect file attached
This is the rule you were interested in. It checks if a .pdf file is
attached or a .gif image is in the e-mail. If someone I know sends me a
..pdf file then they would've already been detected by a prior whitelist
rule. I don't accept .pdf files or e-mails with .gif image laden
e-mails from unknown senders.
Junk - SpamPal trap
SpamPal only tags spam e-mails. It doesn't do anything with them. It
is up to you to define a rule in your e-mail client(s) as to what you
want to do with spam. I move them into the Junk folder, mark them as
read, and auto-archiving on the Junk folder will permanently delete them
after 3 days. I junk them rather than immediately permanently delete
due to false positives under any reactive anti-spam scheme. Since they
are marked as read, I'm not prodded to go look in the Junk folder which
would otherwise get bolded for unread mails moved there.
Copy - Received Items
If an e-mail got whitelisted, it remains in my Inbox. All whitelist
rules include a clause to save a copy of the whitelisted e-mail into a
'Received Items' folder (a subfolder under 'Sent Items'). If an e-mail
gets past the gauntlet of blacklist and anti-spam rules then I want to
keep a copy of it (since I delete them from the Inbox when I'm done with
them). By having this as a subfolder, I can do a search starting from
the 'Sent Items' folder to find all e-mails both sent and received for a
particular discussion thread (and can even group the results by
conversation). I prefer to keep sent and received items in separate
folders (so I can easily tell which message in a thread was sent or
received). Auto-archiving gets rid of items over a year old from both
the 'Sent Items' and 'Received Items' (and auto-archiving on the
archive.pst file gets rid of them from there after 3 years).
Every rule has the stop-clause (except, for now, the last one for saving
a copy of received e-mail that got past all prior rules). If a rule
triggers, I don't want to waste time exercising further rules against
the same e-mail plus subsequent rules could cause side-effects that are
unwanted.
