# Relentless spammer in my gmail



## zki (Feb 1, 2020)

The spammer has a long address that changes daily but always has the following at the end of their address: us-west-2.compute.amazonaws.com
Using gmail filers with key words or putting in the above does not help.
Blocking doesn't work because the start of the address is always changed.
I chk for virus and malware and clear browsing data regularly ... I've checked for solutions in google support but no one seems to be able to block this spammer

I have desktop - windows 8.1 - chrome browser - gmail


----------



## britechguy (Dec 6, 2019)

All you would have to do is set up a filter for From email address contains, using what you've already specified, and make the action move it to spam.

What makes more sense first, though, is marking each and every one of those messages as spam as they arrive for a couple of days. Google's Gmail spam filters are updated on a continuous basis based upon what users mark as spam. It would probably start getting spam trapped and going straight to your spam box that way, and you'd be doing others a favor, too.


----------



## zki (Feb 1, 2020)

Yeah, putting that part of spammer email as a "from" filter does not work since its connected to a varying email address with lots of numbers and letters attached to it. They are going to spam., I want them to got to trash. I don't think anyone has a fix for this yet...


----------



## Corday (Mar 3, 2010)

I've been on a rant forever to allow wildcarding of parts of Email addresses to be able to effectively block spammers.


----------



## britechguy (Dec 6, 2019)

Yes, it will work. The whole purpose of the "contains" filter is that it allows you to specify "the fixed part only" of the address, which you have already stated is always "us-west-2.compute.amazonaws.com." I guess I should have been more clear that under Gmail's filters that means setting the From field for the filter to "*@us-west-2.compute.amazonaws.com".

I cannot count the number of times I've set up "contains" filters to shuttle messages to a specific destination. Certain e-mail clients actually have a filtering mechanism where you choose "contains" then give only the part you know is fixed. Gmail allows wildcards in it's match strings, which achieves the same end.

Your choice of what to do with any message matching that filter would be "Delete it."

-----------------------------------------
Addendum: I just checked my own filters on my primary personal account and I have one that is _Matches: from*discover.com)_ and which applies a specific label. It works, and will apply this label for anything, no matter how long, that precedes a terminal "discover.com" in the incoming From address.


----------



## zki (Feb 1, 2020)

Thanks --- I put an gmail filter in the "from" field using exactly:

"*@us-west-2.compute.amazonaws.com" 

I'll see if the spam emails from this clown go to trash...

Up until now I was "report phishing" and blocking sender which was useless.

I also ran into the problem of their being clever and using common words that would inhibit my blocking keyword attempt useless


----------



## britechguy (Dec 6, 2019)

I just want to be certain that you didn't include, literally, the double quotes in that filter.

Yours should read, literally, _Matches: from*@us-west-2.compute.amazonaws.com)_ in the Filter listing.


----------



## zki (Feb 1, 2020)

Ok, thanks -- I adjusted the "from" field to:

*@us-west-2.compute.amazonaws.com


----------



## britechguy (Dec 6, 2019)

By the way, this article: https://zapier.com/blog/gmail-filters/
does an excellent job of discussing the Gmail filter mechanism, the operators (or some of them) it supports, and combining same.

Google's own page for their search operators, https://support.google.com/mail/answer/7190?hl=en, is helpful, too.


----------



## zki (Feb 1, 2020)

I'll chk these out, thanks. I find it interesting that in the Gmail community help, this exact query is asked 5x and no one had a clue what to do...


----------



## Corday (Mar 3, 2010)

I won't be specifically naming * my *Email providers, but wildcards don't work with either of the two. One is no problem. Their filter limits anything in the spam folder to about three a week. The other, more like a dozen a day, but at least they end up as spam, not in the Inbox.


----------



## zki (Feb 1, 2020)

I noticed there is no "@" on this spammer - gmail says to block sender - use the text after the "@" -- as you can see from a spam email below its hard to know what part of this clown's address to put into the gmail filter:

From: <[email protected]> via google.dwvmic---------------.us-west-2.compute.amazonaws.com

Any suggestions on what part to pull?


----------



## VividProfessional (Apr 29, 2009)

[email protected]


----------



## zki (Feb 1, 2020)

Thanks , should I put an asterisk before it in the filter?


----------



## britechguy (Dec 6, 2019)

zki said:


> I noticed there is no "@" on this spammer - gmail says to block sender - use the text after the "@" -- as you can see from a spam email below its hard to know what part of this clown's address to put into the gmail filter:
> 
> From: <[email protected]> via google.dwvmic---------------.us-west-2.compute.amazonaws.com
> 
> Any suggestions on what part to pull?


There is always an @ in an e-mail address, and the one you quote above is no exception. Look after the capital X.

In this case, though, I would presume that you do not expect to ever get any legitimate e-mail from any address ending in "offerpartners.com." So, when you're setting up the filter on the From, use:

*offerpartners.com

*Note*: I still suggest you use the Spam marking capability of Gmail first. I have never seen an instance where marking any more than 10 examples was necessary before their own spam filters were updated to trap this stuff. They examine every element of messages marked as spam, including the header and the message body. There's certainly got to be something they all have in common that would allow any spam trapping mechanism to do its job and trap them.


----------



## zki (Feb 1, 2020)

Thanks, I'll try that.


----------



## Ztruker (Jul 17, 2005)

Don't use the *, use just *contains us-west-.compute.amazonaws.com*, 
that should work.


----------



## kerflot (Mar 28, 2009)

And if that is also a legitimate address component regularly check your Deleted Files bin for legitimate emails.


----------



## zki (Feb 1, 2020)

When you say "contains" which of the following gmail filters are you referring to?
From
To
Subject
Has the words
Doesn't have

Also, would you put quotes at beginning and end of the address?
I say that because I'm not sure if I input us-west-.compute.amazonaws.com
would Gmail then filter any emails with words: us --- west --- compute?

Thanks


----------



## britechguy (Dec 6, 2019)

You need to drop your concern about the "via" part of the e-mail header, and stick with the actual "From:" addresses when creating filters.

Gmail does not, as I noted earlier, have a literal "contains:" filter, though some e-mail clients do. If you are using their web interface to create filters the * wildcard is what allows you to create the equivalent of "contains:," which I explained earlier.

With this, I'm done. I've given the full explanation of exactly what you need to do and suggested you use the spam reporting mechanism in Gmail so that they'll actually start doing it for you, and others, so that filter creation is not necessary. Gmail has one of the most robust spam filters on earth, and they update it continuously based on fresh spam reports.


----------



## gregandrene (May 29, 2008)

I just block the entire domain amazonaws.com, since I can forsee no legitimate mail from there. I also block .xyz and several others. I use Hotmail and the old Earthlink.


----------

