tips

How to Filter Gmail Headers & Stop “Via” Spam

8 Comments

In this article I will show you how to use a Google Apps Script to mark certain messages as spam based on their headers.

This script basically checks the 5 newest inbox messages every 10 minutes looking for a specific header. If it finds that header it will mark the message as spam automatically. Of course, you can modify the code to fit your needs.

This script won’t prevent you from receiving this spam in the first place, but it will save you the trouble of manually identifying and deleting them yourself. Plus, if you use Gmail’s Priority Inbox, you won’t be notified about receiving them anymore.

If you want to skip my explanations and get straight to the code, click here.

Gmail filters can do a lot, but one thing they can’t do is catch messages sent via another domain.

I’m referring to emails with the sender name displayed in this format: xxx@yyy.com via xyz.com

Screenshot:
Email via domain

Why is that “via” there? Here’s an answer from Google:

Why am I seeing “via” followed by a domain name next to the sender’s name?

Gmail detected that the email was sent via another mail service. This means that the sender may be using a third-party email service to generate this message. For example, the message may have been sent through a social networking site which offers an email service or sent through a mailing list that you’re subscribed to.

Gmail displays this information because many of the services that send emails on behalf of others don’t verify that the name that the sender gives matches that email address. We want to protect you against misleading messages from people pretending to be someone you know.

In my case, I get a lot of spam via a specific domain, but I can’t use Gmail’s filters to block them.

This “via” information comes from the X-Forwarded-For email header. Gmail filters can’t be applied to this data, but fortunately you can use a Google Apps Script to do it instead.

Follow These Steps

1. Go to gmail in your web browser and open an email with a via domain that you want to block.

2. Use the dropdown menu (pictured below) and click Show original.
gmail - show original

3. Search for “X-Forwarded-For” and copy that line. You’ll need this info for your code.

It should like this: 

X-Forwarded-For: email@example1.com email@example2.com

4. Go to script.google.com to create a new Google Apps Script.

5. Choose to create a script for a Blank Project.

Your screen should look like this:
Untitled Project

6. Now clear out any pre-existing code under the Code.gs tab and replace it with the code below.

function filterViaSpam() {
  var threads = GmailApp.getInboxThreads(0, 5);
  for (var i = 0; i < threads.length; i++) {
    var messages=threads[i].getMessages();
    for (var j = 0; j < messages.length; j++) {
      var message=messages[j];
      var body=message.getRawContent();
      if(body.indexOf("X-Forwarded-For: email@example1.com email@example2.com")>-1){
        GmailApp.moveThreadToSpam(threads[i]);
      }
      Utilities.sleep(1000);
    }
  }
}

Make sure you replace the
X-Forwarded-For: email@example1.com email@example2.com
part on Line 8 with the line you copied from your unwanted email earlier.

7. Click the little clock button pictured below to set up the trigger:
google apps script trigger

8. If you haven’t named your project yet, it will ask you for a project title. Name it “Filter Via Spam” or whatever you want. After naming it you should see the “Current project’s triggers” popup window.

9. Click the link to set a trigger. I have mine set to run every 10 minutes. Copy mine or choose your own frequency.
trigger frequency

10. Hit save and it may ask for authorization. Go ahead and accept.

11. Now you’re pretty much done. Run it and see if it works. Pay careful attention to your inbox before and after running it to make sure the right emails are being marked as spam.

12. Keep in mind, the spam we are filtering will still initially go to your inbox, and it will be there until the script is run based on the frequency you set. So with the settings used in my example, the spam will sit in your inbox for up to 10 minutes before being filtered.

Using Gmail’s default inbox, you will also still be notified when you receive this spam. This is why I recommend using Gmail’s Priority Inbox. You won’t be notified and will mostly never see this spam at all.

Hope someone else finds this useful! I’ve been running this script for the past few months and it has worked really well. All the “via” spam I was getting is now out of sight and out of mind.

Functions of Note

getInboxThreads(start,max) retrieves a range of Inbox threads irrespective of labels.
Start is the index of the first thread to retrieve.
Max is the maximum number of threads to retrieve.
Change the max value (5 in my code) if you want to check more or less at a time.
It is located on Line 2 in the code above.

body.indexOf() searches the body for specified text. If you want to filter based on different headers, just change the text inside the parentheses.
It is located on Line 8 in the code above.

More Info on Google Apps Scripts

There are tutorials and quick-start guides on the Google Apps Scripts Homepage if you need additional help.

Latest posts by Chris Zalamia (see all)