Doing IMAP server-side email filtering at Stanford

If you read mail from an IMAP server using multiple mail clients, especially if some of them are mobile (phone/PDA) clients or ones with limited functionality, then you're much better off doing email filtering (spam filtering and/or also other email foldering) on the IMAP email server. Stanford's (Cyrus) IMAP server supports such server-side filtering via writing SIEVE scripts (RFC3028).

The new version of Stanford Webmail (i.e., Imp) provides a web interface to defining SIEVE under the name "Filter Rules". Now, you're almost certainly better off now using that than the instructions below. At any rate, that's what I now do :-).

Here's how you can actually make use of it. These instructions use the Cyrusoft Mulberry program to install filters. A couple of other tools support the server side filtering available on the IMAP server, but very few. None of the more common or Stanford-recommended mail clients will let you do this. You can do all the below with the 30 day demo of Mulberry. Not that I want to discourage you from buying it, but you don't have to buy it to get some filters installed (and, personally, I suspect you won't want to use it as your regular mail client).

  1. If you need some folders to put your new email into, create some folders under INBOX on the server using your current mail client. (This is easy to do, but the details depend on what mail client you use. In Thunderbird, you right-click on Inbox, and select New Folder, and then name it, for instance as Spam.)
  2. Download Mulberry from http://www.cyrusoft.com/mulberry/
  3. Install Mulberry
  4. Run Mulberry. If you haven't bought it, click "Run as demo" and then OK.
  5. Mostly follow these wonderful instructions from the University of Bath [local copy]. However, for Stanford, your server is SuNetID.pobox.stanford.edu, and, most importantly, in the Authenticate portion, although it is fine to say that the Method is "Plain Text" in the upper portion, you need to do something with the Secure drop box to encrypt your password in the lower portion, as Stanford no longer allows unencrypted connections. I used STARTTLS - SSL, and that seemed to work fine.
  6. I used the GUI to write my rules. For spam, the easiest thing to do is to just match the rewritten subject lines that local spam filters use. If you are matching subject lines rewritten by the Computer Science spam filter which uses asterisks in the subject line, one technical thing to know about SIEVE rules is that "*" is a wildcard if you choose "begins with" or "matches" but not if you choose "contains". So it's probably easiest to use "contains". You can in the designer choose any header field and you may well want to interrogate the "X-Spam" header for the stanford.edu spam filter or the "X-Spam-Status" header for the cs.stanford.edu spam filter. If you choose the arbitrary header option in the GUI, you get two text boxes: in the first you type the header name, and in the second a string, and the test is always "contains", it appears.
    7. http://www.stanford.edu/~manning/mobile/IMAPfiltering.html
    Christopher Manning -- Last modified: Sun Sep 11 14:38:25 PDT 2005