![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Dear Ben Widdup
Welcome to Microsoft Community.
Thanks for your description, indeed, as you said, unfortunately most email clients, including Outlook, don't offer filtering rules based on emoticons in the email address itself. The challenge is how email systems handle and display these characters. Also, it seems that your email address is exposed to the public and someone can send you spam whenever they want.
I can see that you have done a lot of things to try and resolve this, really well done, and I really appreciate your efforts. From your description, you are facing a very difficult situation, and it seems that rules are not useful in these circumstances.
I'm sorry to say that there is no really effective and definitive way to deal with this issue, the following is just for your information.
Here is one thing that may be your reference is that I suspect these sender addresses are real, here are the steps to check the email header to find out the real sender of this email for Outlook.com or Outlook new, as some users give feedback that they don't get spam because they have blocked the real sender. This is not guaranteed to fix the problem, but it is worth a try.
1. Open Outlook.com or Outlook new
- Select the message, and then select ... From this message menu, select View, and then select View message source.
- You have now opened the email header.
- Search for X-SID-PRA, this will show you the real sender address. If it's encoded, decrypt it with a Base64 decoder, which you can easily find on the internet.
- Try to block the address of the real sender.
Also, there is one thing in my mind that in fact these spams have often failed with some authentication methods, so maybe we can create a rule for that, but they are just for reference.
You can try setting your rules as follows, for example:
Send to: Me
With specific words in the message header: Received-SPF: PermError; dkim=none; dmarc=none
Move to: Junk E-mail
Almost all spams do not pass these authentication methods when they send a disguised spam email, this information is in the email header, you can also use it to decide whether an email is spam or not.
This is likely due to a combination of inadequate spam filtering and the sophistication of phishing attacks. If the problem persists after following these steps, you may need to consider switching to a different email address and forwarding emails to that new email address and never share your email address on the public website.
I sincerely apologize for this inconvenience and thank you for your understanding and cooperation. I wish you all the best for your life and work. :)
Best Regards
Schale.P-MSFT | Microsoft Community Support Specialist