Here I'm going to try and explain my "e-mail forwarding" I do.
There's a lot of people out there that think they have the RIGHT to e-mail another, but the fact is, for one person to e-mail another, it is a PRIVLEDGE, not a right. I have several domains, one of which is only for e-mail. The domain is my property, thus it is my rules, that people must follow if they want to e-mail me. Even if I didn't have my own e-mail domain, the rules would still apply.
I have a set of rules that people must follow to e-mail me, and if they don't, I cancel the account they use IMMEDIATELY, and they are never allowed to e-mail me again, regardless of who they are, be it family, friends, etc.
The rules that people must follow to be allowed to e-mail me is:
1. My e-mail may not be shared without my explicit, written permission, of each person that uses it.
2. I assign each person, or group a separate e-mail to contact me. The group or person is responsible for the security of my e-mail. This includes periodically changing the password, on their account.
3. If I receive any SPAM on an account a group or person uses to contact me, the account will be canceled IMMEDIATELY and only phone or snail mail contact will be allowed. This is absolute. This doesn't matter if the person's account was hacked or not. The group or person is responsible for the security of my e-mail. This includes periodically changing the password, on their account.
4. If the group or person sends my e-mail out "in the plain" (e.g. in the TO or CC lines, and other can see it), the account will be canceled IMMEDIATELY, and only phone or snail mail contact will be allowed. This is absolute. The group or person is responsible for the security of my e-mail. This includes periodically changing the password, on their account. This is to prevent possible SPAM, from the user's, or addressee's accounts being hacked.
5. I will not accept forwarded jokes, ads, etc whatsoever. Anyone violating this will have the account they're using to contact me canceled IMMEDIATELY. This is an absolute.
6. LINKEDIN has the option to allow them to access their user's e-mail, and adds the person's contact list to their database, then continues to send e-mails to the individuals on the users contact list to join LINKEDIN.
I have multiple e-mail accounts (don't ask the number, because I won't say). Each e-mail contact, or group is assigned a separate e-mail, like this:
So, say that the person using "1st_account@fake_out.com" compromises my e-mail, I simply delete the "1st_account@fake_out.com" account, and all the e-mails bounce back to the individual. The other alternative is to disable the e-mail forwarding on this account, but I don't do that, the account they use to contact me is deleted.
Other items to consider:
1. If a family, friends, etc has something important he/she wants to forward to me (e.g. a notice they received, they want me to look at), they must tell me on the phone, or e-mail. I then create a one-time use only e-mail account, that they can forward it to. If what they forwarded is a joke, ad, etc... in other words, not what they said it was, the e-mail they use to contact me normally is canceled IMMEDIATELY as well as the one-time only e-mail. The one-time use only e-mail is accessed from my test machine, and only via the web interface.
2. When placing an on-line order, create a temporary e-mail
I'm ruthless when it comes to these rules, it doesn't matter who they are, family, friends, etc. The security of our computers are more important than allowing people to e-mail me.
OK, ON WITH E-MAIL FORWARDING.
1. E-Mail provider that you can set up forwarding filters to other accounts, with no interaction on your part, after the filter is set up.
2. POP Accounts, if desired, with the abilities in #1.
1. These instructions will presume that you're using M$ Outlook, although they can be adapted for other pop clients like Thunderbird, etc. But the adaptations for clients other than M$ Outlook is on your own.
2. These instructions will presume the following e-mails (e-mails are fake):
PROCEDURE (BASIC SETUP):
1. Create a "receive only" account (e.g. item 2.4), where all other e-mails will be forwarded.
2. Sign into the other accounts (items 2.1, 2.2, 2.3), and forward those accounts to account (item 2.4).
3. Copy all filters you may have in all accounts (items 2.1, 2.2, 2.3) except the "receive only" account. Some e-mail providers may allow you to export/import the filters. Check this first.
4. Delete all filters in the other accounts, other than the "receive only" account. All filtering will be done on the "receive only" account. This centralizes the filtering.
5. In M$ Outlook, disable the RECEIVE ability on all accounts except for the "receive only" account. All incoming e-mails will be accessed from the "receive only" account.
6. In M$ Outlook, disable the send ability for the "receive only" account.
7. In the names that are displayed in M$ Outlook (not the actual login credentials), I suggest you prefix the name with (send) for the ones with receive disabled, and prefix (receive) for the receive only account. This will make it easy to identify each account.
8. OK at this point, all your e-mail accounts are forwarded to the "receive only" account, where you put in all your filters.
In order to protect your computers, you must be ruthless when it comes to e-mails, among other things.
Here are other things to consider. To protect me, other than server side filters, is a SPAM protection program, called Mailwasher. This program will connect to your e-mail account, in this example, receive_only@fake_out.com, and you can place filter in Mailwasher. The program provides you a list of what's on the server, and you can delete the e-mails before they're downloaded.
There are currently 500+ top level domains, and all but 6 are blacklisted. But in addition to the ones that aren't blacklisted, I have filters looking for keywords. For example:
* If the Subject field contains "Microsoft Office Outlook Test Message" then mark the message as mail to be deleted.
* If the entire header contains (MASKED) then automatically (without warning or notification) add the sender to the blacklist, and delete the message.
I'm actually writing a replacement for Mailwasher. Mailwasher is an older version, and I won't pay for a new copy, or use their freeware version. I figured, "Hey, I'll just write my own!"
I realize that I can't "order" a person to change their password, but if I get SPAM (which I haven't yet), I can ask them when they changed their password last, and if it hasn't been recent, then they are at fault. As for my e-mail being in the plain, it could actually be the person(s) they sent the e-mail to that got compromised. It doesn't matter, my e-mail was in the plain, they violated my rules, so they're guilty of causing the spam.
I've had a few friends get "upset" about my rules, and they were cut off. However, that's too bad.
Hope this gives people a few ideas on how to handle things. Remember, that once the initial work is done on the e-mail forwarding, it's easy to maintain. For instance, if I create an e-mail for a new friend, when creating the e-mail, I put in the forwarding at the same time. It's all done, until I have to delete the e-mail. Filters are added on the receive only account and/or Mailwasher, so I don't have to put them in anywhere else.