The Junk E-mail Filter in Outlook is turned on by default, and the protection level is set to Low. This level is designed to catch only the most obvious junk e-mail messages. You can make the filter more aggressive, but if you do it may catch legitimate messages sometimes. Any message that is caught by the Junk E-mail Filter is moved to a special Junk E-mail folder. You should review messages in the Junk E-mail folder from time to time to make sure that they are not legitimate messages that you want to see.
Note Text in this topic that is marked with a single asterisk ( ) indicates a feature that is introduced with Microsoft Office 2003 Service Pack 1. Text that is marked with two asterisks ( ) indicates a feature that is introduced with Microsoft Office 2003 Service Pack 2. Starting with Microsoft Office 2003 Service Pack 2, messages that are moved to the Junk E-mail folder are automatically converted to plain text format, and any links that they contain are disabled. Any message that you move out of the Junk E-mail folder has its links enabled and the original message format restored, unless the message is considered by the Junk E-mail Filter to contain suspicious links. In that case, even if you move it out of the Junk E-mail folder, the links in the message remain disabled by default. For details, see Block suspicious messages and phishing schemes.
To get Junk E-mail Filter updates and Microsoft Office 2003 Service Packs, go to Downloads on Office Online. Under Office Update, click Check for Updates.
In this article
Junk E-mail Filter Lists
There are two parts to the Junk E-mail Filter: the Junk E-mail Filter Lists, and the state-of-the-art technology developed by Microsoft Research that evaluates whether an unread message should be treated as a junk e-mail message. This evaluation is based on several factors, including the time when the message was sent and the content of the message. The filter does not single out any particular sender or type of e-mail message. The filter is based on the content of the message in general and uses advanced analysis of the message structure to determine the probability that it is a junk e-mail message.
There are five Junk E-mail Filter Lists: the Safe Senders List (Safe Senders List: A list of domain names and email addresses that you want to receive messages from. Email addresses in Contacts and in the Global Address Book are included in this list by default.), the Safe Recipients List (Safe Recipients List: A list of mailing lists or other subscription domain names and email addresses that you belong to and want to receive messages from. Messages sent to these addresses will not be treated as junk email.), the Blocked Senders List (Blocked Senders List: A list of domain names and email addresses that you want to be blocked. Email addresses and domain names on this list are always treated as junk email or spam.), and two International lists: the Blocked Encodings List (Blocked Encodings List: A list that allows you to block a language encoding or character set in order to filter out unwanted international email messages that display in a language you don't understand.) and the Blocked Top-Level Domains List (Blocked Top-Level Domains List: A list that allows you to block top-level domain names. Blocking country/region top-level domains allows you to filter unwanted email messages you receive from specific countries or regions.) .
Safe Senders List If the filter mistakenly marks an e-mail message as a junk e-mail message, you can add the sender of that message to the Safe Senders List. E-mail addresses and domain names on the Safe Senders List are never treated as junk e-mail, regardless of the content of the message.
- E-mail addresses in your Contacts folder are included in this list by default. Therefore, messages from people in your Contacts folder will never be treated as junk e-mail messages.
- E-mail addresses of people who are not in your Contacts folder but whom you correspond with regularly are included in this list by default when the Automatically add people I e-mail to the Safe Senders List check box is selected.
- The recipient's e-mail address is saved by default only when you create and send the message in the usual way in Outlook, and not when a message is generated automatically by a program.
- Personal distribution lists are not added by selecting this check box.
- If you accidentally reply to a spammer's e-mail message and this check box is selected, that spammer's address will be added to the Safe Senders List. If you notice the spammer's subsequent messages in your Inbox, you must add the spammer's address to the Blocked Senders List and remove the corresponding entry from the Safe Senders List.
- If the same address is included in both the Blocked Senders List and the Safe Senders List, the Safe Senders List takes precedence and the address will not be considered junk.
Safe Recipients List If you belong to mailing lists or distribution lists, you can add these names to your Safe Recipients List so that any messages sent to these e-mail addresses or domain names will never be treated as junk, regardless of the content of the message.
Blocked Senders List You can easily block messages from a specific sender by adding their e-mail address or domain name to this list. Messages from people or domain names on this list are always treated as junk, regardless of the content of the message. When you add a sender's name or e-mail address to the Blocked Senders List, Outlook moves all messages received from that source to the Junk E-mail folder.
- If Automatic Picture Download is turned off, messages from or to e-mail addresses or domain names in the Safe Senders List and Safe Recipients List are treated as exceptions, and content that is otherwise blocked is downloaded.
- If you have existing lists of safe or blocked names and addresses, you can import this information into Outlook.
- E-mail addresses are matched exactly, and specific address entries take precedence over domain name entries. To block an entire domain but still see messages from specific safe addresses, add the specific addresses to the Safe Senders List. For example, add firstname.lastname@example.org to the Safe Senders List and @example.com to your Blocked Senders List. This blocks any e-mail message you receive with @example.com in the e-mail address except a message from email@example.com.
International List To block unwanted e-mail messages that come from another country or region, or that appear in another language, there are two lists that you can use.
E-mail account types and the Junk E-mail Filter
Using the Junk E-mail Filter with various versions of Microsoft Exchange Server
Versions earlier than Microsoft Exchange Server 2003
- If you use Cached Exchange Mode or download to a Personal Folders file (.pst) You can create and use the Junk E-mail Filter Lists, which are stored on the server and available from any computer that you use. Note, however, that if you use both Cached Exchange Mode and the option to download to a Personal Folders file (.pst) as your default delivery location, the Junk E-mail Filter Lists are available only on the computer that is used to add the names and addresses.
- If you work online The Junk E-mail Filter is not available.
Exchange Server 2003
- If you use Cached Exchange Mode or download to a Personal Folders file (.pst) The Junk E-mail Filter Lists are stored on the server and are available from any computer. They are also used by the server to evaluate messages. This means that if a sender is on your Blocked Senders List, messages from the sender are moved to the Junk E-mail folder on the server and are not evaluated by Outlook 2003.
- If you work online The Junk E-mail Filter Lists are stored on the server and are available from any computer. They are also used by the server to evaluate messages. This means that if a sender is on your Blocked Senders List, messages from that sender are moved to the Junk E-mail folder on the server and are not evaluated by Outlook 2003.
Note If you work online or use Cached Exchange Mode and the option to download to a Personal Folders file (.pst) as your default delivery location, the Junk E-mail Filter Lists are available only on the computer used to add the names and addresses.
Rules and the Junk E-mail Filter
Rules are now designed so that they do not act on messages that are moved to the Junk E-mail folder. This keeps e-mail you mark as junk in the correct place rather than moving it to another folder according to a rule that would otherwise apply.
Best practices for managing junk e-mail
- Increase your protection level as needed To obtain the maximum protection possible from the Junk E-mail Filter and other enhanced privacy features, set the protection level of the Junk E-mail Filter to High or to Safe Lists Only.
- Keep your Junk E-mail Filter updated Updates are available at Downloads on Office Online. Under Office Update, click Check for Updates.
- Block images in HTML messages that spammers use as Web beacons A Web beacon can be a graphic image, linked to an external Web server, that is placed in an HTML-formatted message and can be used to verify that your e-mail address is valid when the message is opened and the images in it are downloaded. By default, Outlook is set to block automatic picture downloads. To verify what your automatic download settings are, on the Tools menu, click Options. Click the Security tab, and then click Change Automatic Download Settings. Verify that the Don't download pictures or other content automatically in HTML e-mail check box is selected.
- Turn off automatic processing of meeting requests and of read and delivery receipts Spammers sometimes resort to sending meeting requests and messages that include requests for read and delivery receipts. Responding to meeting requests and read and delivery receipts automatically makes you vulnerable to Web beacons.
- Limit where you post your e-mail address Be cautious about posting your e-mail address on public Web sites, and remove your e-mail address from your personal Web site. If you list or link to your e-mail address, you can expect to be spammed.
- Disguise your e-mail address when you post it to a newsgroup, chat room, bulletin board, or other public location For example, you can give your e-mail address as "firstname.lastname@example.org" by using the number zero instead of the letter "o." This way, a person can interpret your address, but the automated programs that spammers use cannot.
- Use separate e-mail addresses for separate purposes You might set up one address for personal use to correspond with friends, family, or colleagues, and use another address for more public activities, such as requesting information, shopping, or subscribing to newsletters, discussion lists, and newsgroups.
- Watch out for check boxes that are already selected When you shop online, companies sometimes add a check box (already selected) to indicate that it is fine with you for them to sell or give your e-mail address to other businesses (or "third parties"). Clear the check box so that your e-mail address will not be shared.
- Don't reply to spam Never reply — not even to unsubscribe — unless you know and trust the sender. Answering spam just confirms that your e-mail address is live.
- If a company uses e-mail messages to ask for personal information, don't respond by sending a message Most legitimate companies will not ask for personal information in e-mail. Be suspicious if they do. It could be a spoofed e-mail message meant to look like a legitimate one. This tactic is known as "phishing" because, as the name implies, the spam is used as a means to "fish" for your credentials, such as your account number and passwords that are necessary to access and manipulate your financial accounts. If the spam is from a company that you do business with — for example, your credit card company — call the company, but don't use a phone number provided on the e-mail. Use a number that you find by yourself, through directory assistance, a statement, a bill, or another source. If the request is legitimate, the company's switchboard operator should be able to assist you.
- Don't contribute to a charity based on a request in e-mail Unfortunately, some spammers prey on your good will. If you receive an appeal from a charity, treat it as spam. If it is a charity that you want to support, find their number elsewhere and call them to find out how you can make a contribution.
- Don't forward chain e-mail messages Besides causing more traffic, by forwarding a chain e-mail message you might be furthering a hoax — and meanwhile, you lose control over who sees your e-mail address.
Blocking suspicious messages and phishing schemes
Starting with Microsoft Office 2003 Service Pack 2, the Junk E-mail Filter is enhanced to automatically evaluate any incoming message to discover whether it might be suspicious, potentially fraudulent, or part of a "phishing" scheme. For details, see Block suspicious messages and phishing schemes.