Consider a better spam utility: As I've said, Mail's junk mail filtering is reasonably good, but it's not great. If you want great then you want C-Command Software's $30 SpamSieve. It's a far more comprehensive and effective tool than Mail's built-in junk mail feature. It's easy to train and, once trained, it gets the job done. I've used it for years and can't recall the last time it made a mistake. If Mail fails to identify spam to your satisfaction, SpamSieve is a must-have.
Reply to spammers: One of the purposes of spamming is to accumulate addresses that someone actively uses. If you click an "unsubscribe" link or send a reply along the lines of "You filthy brute!" you're only confirming that they have a live address. They will then sell this address (along with thousands more) to other spammers. When you reply to spam in any fashion, you're inviting more spam.
Bounce messages back to spammers: At one time Mail had a "Bounce" feature. The idea was that Mail would concoct a message that looked like a "Sorry, there's no one at this address" missive and fling it at the sender's email address. There are two problems with this technique in today's world.
The first is that spam is automated. There's no one guy sitting at the other end of the line who reads such messages and reacts "Ah, a bad address. I'll just remove this from our nefarious list." There is no such removal because it costs almost nothing to send out millions of spam messages. Spammers don't care if the bulk of them go to dead addresses. So, this technique does nothing to have your address removed from spammers' lists.
Secondly--and most important--the return address for spam messages is invariably faked. When you bounce a message it may very well go to some poor shmoe whose address was hijacked by spammers. By bouncing the message, you've just spammed this innocent person. Now imagine thousands of people doing that.
In short: Bouncing messages is ineffective and only compounds the problem. Don't do it.
Believe everything you read: There's a particularly nasty form of spam called "phishing." Its purpose is to get you to visit what looks to be a legitimate website and provide that site with such personal information as your bank account, credit card, and social security numbers. Do that and you've set yourself up for a bad case of identity theft--the results of which may be an empty bank account and a fleet of yachts charged to your credit card.
This email can look like it came from your bank, a credit card company, an online shopping site, or the government. And it often comes in the form of a dire threat: "We'll disable your account unless you confirm your account information immediately!"
Sign up for CIO Asia eNewsletters.