Many thanks for the comprehensive reply Gondola. Unfortunately there are a number of problems with this:
- I am fairly sure (and I think others can confirm) that these emails started coming when Talktalk inadvertently leaked a number of email addresses a few years ago. The vast majority of my emails come from genuine senders and I don't see why I should have to make rules for all such senders, including some I may not be aware of yet, just because my provider has been so inefficient. I don't know how others use their emails, but I would expect to have a fairly dynamic list of legitimate senders that changes regularly (and would therefore need constantly updating) rather than one that hardly ever changes.
- Some spam senders do vary their email addresses, but there are still a large number who use exactly the same address time and again, and yet I am still getting these same messages coming through (well over a hundred in some cases) despite marking as Spam. Giving a command to block a sender has no effect either, you just get the email with a comment "this message is from a blocked send"! How many of these emails have to arrive before they can be authenticated as Spam - thousands?
Thanks anyway, but I do think Talktalk just aren't doing their job and should take more responsibility for their failures.
The ideal solution is to use an email address that doesn't get spam. Why don't you get a new email address and over time migrate wanted contacts to the new address? Never give the same address to casual contacts / temporary sign ups / one-off registrations as that's inviting more potentially unwanted mail.
If you wish to find out where your email address was compromised in known data breaches then enter the address at https://haveibeenpwned.com - if the HIBP webpage turns red then you'll get a list of known data breaches involving the email address. Breaches include the dropbox and linkedin data breaches of 2012 so the records do go back further than 2015. I believe impacted customers were compensated and had free monitoring activated.
If you keep an email address that's permanently getting unwanted mail then you have to accept some responsibility for mailbox filtering because an ISP cannot block all that unwanted mail. Yes, a safe sender's filter does need maintaining to include wanted senders. Far less maintenance than a blocked senders filter trying to block all spam which is a waste of time in my opinion.
You say that the sender address remains the same for a lot of your unwanted mail. That's just unwanted mail and can be blocked. The real spam is where the sender email and IP address can change every day and where there are many tricks to get around spam blocking.
Given that your email address and probably password are on the HIBP database and spammers know the address is valid and active they'll keep on spamming.