Using Microsoft Office Outlook 2003 to Limit Junk E-Mail Messages

On This Page

Introduction
Before You Begin
Using a Strict Degree of Filtering for Junk E-mail Messages
Using a High Degree of Filtering for Junk E-mail Messages
Using a Low Degree of Filtering for Junk E-mail Messages
Blocking External Content
Updating Outlook 2003
Related Information

Introduction

Unsolicited e-mail messages, also known as spam or junk e-mail, can consume your organization's resources and pose a security threat. E-mail messages can transfer computer bugs, viruses and other malicious code from the Internet to your computer. Junk e-mail can also stifle productivity with the time-consuming task of dealing with volumes of unwanted messages. The Junk E-mail filter in Microsoft Office Outlook 2003 helps prevent junk e-mail messages from being displayed by moving many of them directly to the Junk E-mail folder. You can then assess the folder contents, and delete or save these e-mail messages as appropriate. This technical article provides information that can help you decide which level of e-mail filtering you should use.

You can configure the Junk E-mail filter for a strict degree of e-mail filtering by using the Safe List Only option, described in "Using a Strict Degree of Filtering for E-mail Messages" later in this article. A less strict degree of filtering is achieved when you choose the High option, described in "Using a High Degree of Filtering for E-mail Messages". Finally, when using the Junk E-mail filter, you can achieve the lowest degree of filtering when you choose the Low option, described in "Using a Low Degree of Filtering for E-mail Messages." Additionally, you can choose "no protection" at all.

Expect to spend an hour or less choosing one of the strategies above, and then configure the Junk E-mail filter on your computer accordingly. It is a good idea to experiment with different strategies to find the one that best suits you and your organization's needs. Some strategies require you to follow up by checking the contents of your Junk E-mail folder more or less frequently, depending on the chosen level of junk e-mail protection.

IMPORTANT: The instructions in this document were developed by using the Start menu that appears by default when you install your operating system. If you have modified your Start menu, the steps might differ slightly.

For definitions of security-related terms, see the following:

• Microsoft Security Glossary on the Microsoft Web site at https://go.microsoft.com/fwlink/?LinkId=31701

Before You Begin

Before you can use the Junk E-mail filter in Outlook 2003, you must:

• Install and configure Outlook 2003 on your desktop computer or network.

• Make sure that you have the permissions that are required to add or change various settings of the Junk E-mail filter in Outlook 2003.

Using a Strict Degree of Filtering for Junk E-mail Messages

The strictest level of filtering available through the Outlook 2003 Junk E-mail filter is accomplished by allowing e-mail messages to be sent and received only from people or domains on your designated Safe Lists. This is optimal for businesses that have users who only need the ability to communicate with specific people or organizations.

Senders and Recipients Lists as a Filtering Strategy

You can create lists of people or domains that you consider either trustworthy or untrustworthy. There are implicit circles of trust for messages sent from people in your Outlook contacts. If you use Exchange, your Exchange organization is another circle of implicit trust. Exchange users in your organization can send you e-mail, but you cannot add these users to your Blocked Senders List.

Other types of e-mail accounts, such as POP3, IMAP, HTTP (Hotmail, for example) will need to be added in order to be trusted if they are not on your Outlook contacts list. The Junk E-mail filter uses the information in these lists to determine whether a given e-mail message is wanted or unwanted.

• Safe Senders List - Several of the Junk E-mail configuration options use the Safe Senders List to determine whether or not an e-mail message should be considered junk or not. E-mail messages that are sent from people and domains on the Safe Senders List are never treated as junk, regardless of the content of the message.

• Blocked Senders List -When you want to block a potentially or proven harmful sender, you add the e-mail address of the person or the domain to your Blocked Sender List. After an e-mail message from such a sender is blocked, it is flagged as junk e-mail. E-mail messages from people or domain names on this list are always treated as junk, regardless of the content of the message.

• Safe Recipients List -Just as with the Blocked Senders List and the Safe Senders List, you can import and export e-mail addresses from specific e-mail distribution lists or domains to the Safe Recipients List. No message sent to e-mail addresses or domain names on this list will be treated as junk e-mail, regardless of the content of the message.

Outlook 2003 enables granular control over individual addresses that you handle differently than the rest of an organization by using the Blocked Senders List in conjunction with the Safe Senders List or the Safe Recipients List. For example, if contoso.com is on the Blocked Senders List and eremick@contoso.com is added to the Safe Senders List, messages from eremick@contoso.com will be allowed, while all other messages from contoso.com will be blocked. Conversely, if contoso.com is on the Safe Senders List and eremick@contoso.com is on the Blocked Senders List, messages from eremick@contoso.com will be blocked while all other messages from contoso.com will be allowed. Individual addresses are handled first, whether they are blocked or safe, then the rest of the organization is handled according to the rule of the domain name.

Creating a Safe Senders List

The Safe Senders List can be used by both high- and low-level e-mail message filtering or as a stand-alone solution to provide the strictest level of filtering. The following steps will walk you through configuring your Junk E-mail filter with the strictest settings. Or, you can choose to repeat these steps after configuring your filter for high- or low-level filtering to add specific users or domains to your list. You can also refer to the section, "Creating a Contact List," later in this document to import a list from another existing list or alternate source.

To configure Outlook 2003 to accept messages only from the Safe Senders List

1. Open Outlook 2003, and on the Actions menu, point to Junk E-mail. Then click Junk E-mail Options.

2. In the Junk E-mail Options dialog box, click the Safe Senders tab (Figure 1).

3. Click the Add button.

4. In the Add address or domain dialog box, type the e-mail address or Internet domain name that you want to add to your Safe Senders List, and then click OK.

   NOTE: You can also configure Outlook 2003 to accept messages only from your Outlook Contacts. However, if you use Exchange, all e-mail sent from people in your organization will be automatically accepted. To add your Outlook Contacts to your Safe Senders List, select Also trust e-mail from my Contacts (Figure 1). If no other names are in the Safe Senders List, then only your Outlook Contacts will be considered as Safe Senders.

   NOTE: Screen shots in this document reflect a test environment. The information that you see on your screen might differ slightly from the information shown in these screen shots.

   

   Figure 1 Adding trusted senders to your Safe Senders List

If your company uses Microsoft Exchange Server, no e-mail from within your organization will be treated as junk e-mail, regardless of the content of the message.

Creating a Blocked Senders List

Like the Safe Senders and Recipients list, the Blocked Senders List can be used by all three levels of Junk E-mail filtering. The Blocked Senders List is typically a list that grows over a period of time, as new senders are identified and then saved to the Blocked Senders List. Use the following steps as needed to mark a user or domain as a blocked sender. All messages received from a blocked sender will be automatically transferred to the Junk E-mail folder unless the sender's address or domain is included in the Safe Senders List. No other procedures are necessary to complete this process.

To block an unwanted e-mail message

1. Identify an e-mail message sent by an address or domain name you want to block.

2. Right-click the e-mail message in the message list.

3. Point to Junk E-mail, and then click Add Sender to Blocked Senders List.

Creating a Safe Recipients List

The Safe Recipients List uses other recipients to qualify a message as being wanted or unwanted. In other words, you indicate that you want to receive an e-mail message based on the other recipients to whom the message is sent. You indicate these addresses in the Safe Recipients List. For this reason, you do not want to put your e-mail address in the Safe Recipients List because it would cause all messages to go directly to your Inbox rather than into the Junk E-mail folder, regardless of other settings.

The Safe Recipients List is useful if your filtering is based on Safe Lists Only, although it can also be configured to run with high or low filtering. You can add a user or domain to the Safe Recipients List by right-clicking the e-mail address of an e-mail message, or use the steps below to import from a list. Contact lists can come from a variety of sources including other e-mail programs, another instance of Outlook (from your home office, for example), contacts from a customer relationship management (CRM) application, or a simple Microsoft Excel spreadsheet.

To add e-mail addresses to a Safe Recipients List from a Contacts list

1. On the Actions menu, point to Junk E-mail, and then click Junk E-mail Options.

2. Click the Safe Recipients tab (Figure 2).

3. Click the Import from File button.

   

   Figure 2 Adding trusted recipients to your Safe Recipients List

4. Navigate to your Contacts list and open it.

   

   Figure 3 Safe Recipients file import selection screen

   The e-mail addresses from the imported Contacts list appear on the Safe Recipients tab of the Junk E-mail Options dialog box (Figure 4).

   

   Figure 4 Importing your Outlook Contacts list to your Safe Recipients List

5. Click Apply, and then click OK.

Filtering E-Mail Messages by Using the Lists You Created

The strictest configuration for the Junk E-mail filter is Safe List Only, which limits e-mail messages that are displayed to your Outlook Inbox to messages from only those people or domains that are saved in your Safe Senders List and your Safe Recipients List. Any e-mail messages from people or domains in the Safe Senders List or sent to e-mail addresses in the Safe Recipients List will not be moved to the Junk E-mail folder.

The disadvantage of using the Safe List Only option is that a wanted e-mail message might be blocked. This might happen because the list does not include the e-mail address of the person who sent you the message. For example, if a person changes his or her e-mail address, the new address will not be on the Safe List and the person's message will not appear in your Inbox.

To configure the Junk E-mail filter to the Safe List Only security level

1. In Outlook 2003 on the Actions menu, point to Junk E-mail, and then click Junk E-mail Options.

2. On the Options tab of the Junk E-mail Options dialog box, select Safe Lists Only (Figure 5).

3. Optionally, select the Permanently delete suspected junk e-mail instead of moving it to the Junk E-mail folder check box, and then click OK.

   The Junk E-mail filter will immediately delete all suspected junk e-mail messages. If you choose this option, wanted messages could be deleted.

   

   Figure 5 Configuring the Junk E-mail filter to use safe lists

When a message arrives, the Junk E-mail filter in Outlook 2003 evaluates messages in this order:

1. Determine if the sender's address is in the Safe Senders List.

2. Determine if one or more recipients is on the Safe Recipients List.

3. Determine if the sender's address is in the Blocked Senders List.

4. Determine if the sender's domain is in the Safe Senders List.

5. Determine if one or more recipient domains are on the Safe Recipients List.

6. Determine if the sender's domain is in the Blocked Senders List.

Based on these criteria, a message is either delivered to you or it is handled as junk e-mail.

Using a High Degree of Filtering for Junk E-mail Messages

The second most secure configuration option for the Junk E-mail filter is High, which differs from the Safe Lists Only option in that it allows e-mail messages from senders that do not appear on your safe lists to go to your Inbox. Microsoft created technology for the Junk E-mail filter that looks for characteristics of junk e-mail. It looks for inconsistencies or keys that trigger the Junk E-mail filter to move the message to the Junk E-mail folder.

When it is configured to a High setting, the Junk E-mail filter will sometimes mistakenly prevent legitimate e-mail messages from going to the Inbox. For this reason, it is important to check your Junk E-mail folder regularly to make sure that it contains only unwanted messages. Delete the unwanted e-mail messages to send them to the Deleted Items folder. It is important to make sure that the Permanently delete check box is clear (not selected) so that suspicious e-mail messages will be transferred to the Junk E-mail folder and not automatically transferred to the Deleted Items folder.

To configure the Junk E-mail filter to High

1. Open Outlook 2003 and on the Actions menu, point to Junk E-mail, and then click Junk E-mail Options.

2. On the Options tab of the Junk E-mail Options dialog box, select High: Most e-mail is caught, but some regular mail may be caught as well. Check your Junk E-mail folder often (Figure 6).

3. Make sure that the check box next to Permanently delete suspected junk e-mail instead of moving it to the Junk E-mail folder is cleared (not selected), and then click OK.

   

   Figure 6 Configuring the Junk E-mail filter with a high level of security

Using a Low Degree of Filtering for Junk E-mail Messages

The most relaxed configuration option for the Junk E-mail filter is Low, which is the default setting in the Junk E-mail Options dialog box. Although this option is not as rigorous as it is on High, it blocks the most obvious junk e-mail messages, such as messages with subject lines that contain obscene or vulgar language, or messages with other character sequences common to junk e-mail.

The filter might still occasionally filter a non-junk e-mail message into the Junk E-mail folder, for example, if a wanted message contains a suspicious subject line. However, this should happen less frequently than when using the High junk e-mail protection level.

To configure the Junk E-mail filter to Low

1. Open Outlook 2003 and on the Actions menu, point to Junk E-mail, and then click Junk E-mail Options.

2. In the Junk E-mail Options dialog box, select Low: Move the most obvious junk e-mail to the Junk E-mail folder (Figure 7).

3. Make sure that the check box next to Permanently delete suspected e-mail instead of moving it to the Junk E-mail folder is cleared (not selected), and then click OK.

   

   Figure 7 Configuring the Junk E-mail filter with a low level of security

Alternatively, you can select the option, No Automatic Filtering. Mail from blocked senders is still moved to the Junk E-mail folder. Other than moving e-mail messages from blocked senders to the Junk E-mail folder, this option has no effect.

Blocking External Content

The Outlook 2003 Junk E-mail filter also provides you with the ability to block unwanted external content in e-mail messages. This feature helps to reduce the amount of inappropriate or offensive content that users see in their e-mail.

Senders can use small transparent images, called Web beacons or Web bugs, to validate your e-mail address, identify your IP address, and gather information about your computer, including when a message was received. By blocking external content, you will limit the ability of senders to use Web bugs to further target your address for junk e-mail.

Outlook is set by default not to allow the download of pictures or other content from a Web site, unless the content comes from a Web site in the Trusted Site zone or from an e-mail address or domain from the Safe Senders List. There are also options that configure your Junk E-mail filter to permit downloads from trusted senders and domains.

To Block External Content

To configure options for automatic picture download behavior in Outlook 2003

1. Open Outlook 2003, and on the Tools menu, click Options.

2. Click the Security tab.

3. Click Change Automatic Download Settings.

4. In the Automatic Picture Download Settings dialog box, select the check box next to Don't download pictures or other content automatically in HTML e-mail.

5. Optionally, select the Permit downloads in e-mail messages from the senders and to recipients defined in the Safe Senders and Safe Recipients Lists used by the Junk E-mail filter check box if you want to allow downloading of content in e-mail messages sent by people on your Safe Senders list, or e-mail sent to people on your Safe Recipients list.

6. Optionally, select the check box Permit downloads from Web sites in this security zone: Trusted Zone if you want to allow downloading of e-mail content from domains listed in the Trusted Sites security zone in Internet Explorer.

Updating Outlook 2003

Microsoft continually modifies Outlook 2003 features, including the Junk E-mail filter, to improve security. Protect your organization by downloading the latest updates from the Office Updates Web site.

To update Outlook 2003 from the Microsoft Office Online Web site

1. Visit the Office Update page at https://go.microsoft.com/fwlink/?LinkId=31726.

2. In the Office Update box, click Check for Updates.

The Web site scans your computer to determine whether it needs any Office updates. Either a list of critical or recommended updates appears, or a message appears stating that your Office products do not need any updates.

If you need to install updates, be prepared with your original Office installation CDs, because you might be prompted to use them during the update process.

Related Information

For more information about the Junk E-mail Filter in Outlook 2003, see the following:

• "Outlook 2003 Junk E-mail Filter" on the Microsoft Office Online Web site at https://go.microsoft.com/fwlink/?LinkId=31727

• "About the Junk E-mail Filter" on the Microsoft Office Online Web site at https://go.microsoft.com/fwlink/?LinkId=31729

For information about how to back up your organization's critical data, see the following:

• "Step 6: Backup Critical Data" of the Small Business Computer Security Checklist on the Microsoft Small Business Center Web site at https://go.microsoft.com/fwlink/?LinkId=31730

For general information about Microsoft Exchange and Outlook 2003, including user assistance, free online training, and product updates for Microsoft Office 2003, see the following:

• Microsoft Exchange Server Web site at https://go.microsoft.com/fwlink/?LinkId=31731

• Microsoft Office Online Web site at https://go.microsoft.com/fwlink/?LinkId=31732

For definitions of security-related terms, see the following:

• Microsoft Security Glossary on the Microsoft Web site at https://go.microsoft.com/fwlink/?LinkId=31701