U

Visitor

 • 

6 Messages

Thu, Nov 25, 2021 3:34 PM

Xfinity SPAM filters are no longer working

For the past week or two I've been getting numerous spam emails that aren't being filtered. The weird thing about them is that when they are delivered to my 3rd party email client (Thunderbird) they always show as being received on July 6th or 7th of 2021 (over four months ago), yet I'm just getting them now.

I'm wondering if the spammers have figured out a way to bypass your filters by using old send dates.

Official Employee

 • 

658 Messages

4 d ago

Hello and thank you for taking the time to reach out to us here on our Xfinity Forums. I can absolutely understand not wanting to get spam mail and I would be just as confused if I were getting mail from months ago! The spam filters you have set up, did you set those filters up in the 3rd party email client or via the Xfinity website? I would recommend checking to make sure the filters are set on both options.

Visitor

 • 

6 Messages

3 d ago

I have Xfinity's overall SPAM filter turned on, that is the filter I'm referring to as not working. My third party email client has nothing to do with the problem I'm having. If the Xfinity SPAM filter works as it should then spam emails go to the spam folder thus never reaching my inbox that my third party email client pulls from.

The only way I've ever set up a personal filter to block spam is by blocking the sender's domain, but these spam emails are from different domains each day, which would require me to setup about 5 filters everyday. If you know of a "catchall" filter to setup I'd love to know what it is. 

XfinityEva

Official Employee

 • 

276 Messages

You can also try using the email safe list to only receive mail from your approved addresses. You can do this by going to Settings > Advanced Settings in Xfinity Connect, this lets you list the only email addresses from which you want to receive emails. I know this may be inconvenient, but can also be a good way to only receive the emails from senders you want and avoid those different addresses each day. 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick
BruceW

Gold Problem Solver

 • 

23.1K Messages

3 d ago

... they always show as being received on July 6th or 7th of 2021...

You should be able to catch these with a filter like:

Conditions:   Header   Name   Date   Contains   Jul

Actions:        Move to folder   Select folder   Spam

Visitor

 • 

6 Messages

@BruceW 

Good idea, that'll work, but the dates are moving forward, so every few days I'm still going to have to setup a new filter date.

I still think there is something wrong with the Xfinity spam filter that it's not catching these. I've been marking them as spam on Xfinity Web Connect, but they still continue to show up.

Visitor

 • 

6 Messages

@BruceW 

I was so hopeful with your suggestion but it didn't work. Still getting emails dated from July even with a content filter turned on. Maybe the "contains" operative only looks at the message body and not the header/source?

 

Official Employee

 • 

621 Messages

2 d ago

@user_3f87fe 
Good Morning,

Unfortunately, the time/date timestamp provided for the header LMTP log is not the reason these emails have been delivered to the inbox. Dates/Times are never accurate means of filtration due to it being a commonality amongst all emails regardless of their content/intention. If emails were to be filtered by time/date - you would not only block potential spam, but all emails sent at that exact date/time leading to a larger issues. Reviewing our logs for the domain in the screenshot you provided it appears they are likely escaping the filtration due to changing their email address every time (green@domain.com, blue@domain.com, purple@domain.com, etc.). In regards to the spam filtration system, it does take some time to create an accurate filtration pattern which means that a large bulk of initial emails sent by a spammer will likely end up in the inbox until properly filtered. Each "mark as spam" report assists in the speed of the filtration as our system will have further examples to compare the emails by. 

As mentioned above, you can create a filter rule to specifically target the domain and place them into your spam folder automatically. Example filter setup:


To note, reviewing our logs it appears to be a domain that has been sending large amounts of spam to our users and has since been filtered as a spam sender and should be going to the spam folder currently. It also appears the volume of spam has significantly reduced due to likely high volumes of Comcast recipients marking their emails as "spam", making their spam campaign likely useless. Unfortunately, this usually indicates that a new email domain will likely be created for further spamming activities. Should you receive further spam emails, please be sure to mark as many as possible as "spam" so that our system can record the email and start processing the emails for spam filtration.

 

BruceW

Gold Problem Solver

 • 

23.1K Messages

2 d ago

@user_3f87fe wrote: "... Maybe the "contains" operative only looks at the message body and not the header/source?"

Your filter looks good except for the "Content" keyword. I know of no actual documentation, but my impressions is that "Content" means "look through the message body", whereas here you want to be looking at the "Date:" header. That's why I recommended using a "Header   Name   Date   Contains" condition. 

Visitor

 • 

6 Messages

@BruceW 

Thanks for the clarification Bruce. When I try to set up that filter it requires text in the "Name" field, do you think the @ symbol would work or does the name field only check the actual name and not the email address?

BruceW

Gold Problem Solver

 • 

23.1K Messages

14 h ago

"... When I try to set up that filter it requires text in the "Name" field ..."

The Name field in the Header condition is just the name of the header you want to compare the contents of the Contains field to. So in this case the name should be "Date" (without the quotes, without an "@" symbol, and without a trailing ":").

It should look just like I posted above:

  • Header   Name   Date   Contains   Jul

Which just means "If the 'Date:' header contains 'Jul', take the Action following"

Visitor

 • 

6 Messages

@BruceW 

Ahhh...that's a bit clearer now, thanks for explaining. Xfinity needs to put you on the payroll!

(edited)

BruceW

Gold Problem Solver

 • 

23.1K Messages

12 h ago

"... thanks for explaining ..."

Most welcome. What I would rather see them do is document some of this stuff! We shouldn't have to guess what the keywords mean or what the syntax is, we should be able to find the information in some sort of reference. C'mon Comcast!

New to the Community?

Start Here