Due to the recent events impacting our clients globally, we are supporting your business with 60%+ discount for the first year on all orders

Spam Protection

SpamAssassin is a powerful mail filter, which uses text analysis to determine the probability of a mail message being spam. Some of the factors for this decision are the presence of HTML parts in the mail, phrases common for spam (“drastically reduced”, “save big money”, etc.), excessive HTML comment tags (often used to ‘hide’ common phrases from mail filters), invisible text (using the same foreground color as the background color) and many others. Each occurrence of something suspicious raises the probability of the message being spam (the spam level). You can configure the spam level above which the mail messages will be filtered.

The levels manage how strictly SpamAssassin reviews each message to consider whether it is spam or not.

Setting the spam level to a low value (1/10) will probably cause legitimate mail to be filtered. Setting it to a high value (10/10) may let some spam into your mailbox. The optimal level depends on the contents of the mail you receive – you will have to adjust it until you find the lowest level possible, at which no legitimate mail is filtered (you might need to check regularly your Junk mail folder to see if you have legitimate messages filtered). You can find step-by-step instructions on how to enable SpamAssassin or change the spam level in our Enable SpamAssassin article.

Statistics show that 5/10 is generally the optimal spam level. It usually does not result in filtering legitimate email, while it is still efficient against spam. However, we do recommend that you check your Junk mail folder regularly, in case there are filtered legitimate messages.

Enabling SpamAssassin globally will make it process any message, sent to your domain, while enabling it per user basis will make it scan only the messages, destined for the respective mailbox.

Depending on your Junk Mail folder setting, the filtered messages are delivered to your Junk Mail folder or simply deleted. You can read more about this folder in our Junk Mail folder article.

If the SpamAssassin filter is enabled for a mailbox, it will not change the way messages from white- or blacklisted email addresses are handled. Messages from whitelisted email addresses will be delivered directly to your mailbox, and messages from blacklisted email addresses will be automatically classified as spam by the SpamAssassin filter. More details about the white and black lists are available in our White and Black listing section article.

 

Spamdyke is a spam protection program that filters incoming messages at the SMTP level by blocking connections from mail servers identified as spam sources or that match certain reverse DNS validation rules.

The Spamdyke program is enabled by default. You can enable or disable Spamdyke and configure its options from the Control Panel > Mail Manager section under the Global mail settings tab. Spamdyke can be configured only globally for the hosting account; it cannot be managed per mailbox.

Note: Messages filtered by the Spamdyke program are blocked at the SMTP level, so such blocked messages will not be delivered to your Junk Mail folder and will not be delivered if the sender is whitelisted for your hosting account or mailbox.

Spamdyke uses several methods to determine whether a sending server can be identified as a spam source:

  • Reverse DNS check
  • Graylisting/Greylisting (optional)

Reverse DNS check

Messages originating from a sending mail server without valid reverse DNS record will be blocked and returned to the sender with the following error:

554 Refused. You have no reverse DNS entry.
If you are not our customer and receive the above error when sending to a server maintained by us, the SMTP server you use does not have a valid reverse DNS record/name. You need to contact the administrator of your mail server to have the DNS entry fixed, or you need to use another SMTP (outgoing) mail server.

If you receive the above message while trying to send a message through the SMTP server of your hosting account, please change the port of the outgoing server from 25 to 587.

Graylisting/Greylisting (optional)

Spamdyke can also be configured to use Graylisting. Graylisting is the technique of denying mail delivery the first time a sender tries to deliver to a recipient. The next time the remote server attempts to deliver the message, it is accepted. All future messages from the sender to the recipient are also allowed. With Graylisting enabled, our mail server will “temporarily reject” any messages from a sender it does not recognize. The originating server will try a new delivery, usually in a few minutes, and if the message is legitimate, it will be accepted. If the message is from a spammer, it will probably not be retried as spammers go through thousands of email addresses and cannot afford the time delay to retry a particular message. Standard mail servers, however, always attempt to deliver messages again if they are rejected with such a “temporary” error message, in accordance with the SMTP RFC specifications.

When a recipient/sender pair is marked as temporarily allowed, its status will remain for a given period. New messages sent within this period will refresh its duration. Once this period expires, the recipient/sender pair will undergo the Graylisting check.

The only downside of the Graylisting technique is that some messages may be received with delay which will depend on waiting period before the sending server tries to re-send the message.

Graylisting is not enabled by default, so if you wish to use it, you need to enable it through the Control Panel > Mail Manager section under the Global mail settings tab.

Information about all messages processed by Spamdyke is recorded in the mail server logs which are accessible via the Mail logs subsection of the Control Panel > Logs section.

The header filters allow you to selectively filter out mail messages based on the contents of their headers.

Basically, all the options correspond to different email headers. Email headers are added to a message by the sending email software, and most of them are visible only when you view the email message source.

You can choose between the following actions to take place in case the chosen header filter matches:
Junk mail: The message will be saved in the Junk Mail folder if it is enabled. If the Junk Mail folder is disabled, this action is the same as “Drop mail if”.
Drop mail: In this case, the message will be deleted.
Move mail: In this case, the message will be moved to chosen folder.
Forward mail: In this case, the message will be forwarded to the specified email address(es). You can enter up to five email addresses in the field, separated by a comma.
In all of the above cases, the sender is not notified of the taken action.

The Subject header contains the subject of the message. If you want to ban all messages that contain “viagra” in the subject, just select this option and type “viagra” (without the quotation marks) in the text box.

The From header contains the sender name and email address.

The To header contains the recipient email address. This would be normally your email address.

The CC header contains the other email addresses your message has been sent to. CC stands for “Carbon Copy”, which is used in most email clients for this purpose.

The Received header is actually added by the mail server, and contains the IP address of the sender. If you want to block all messages from a given IP address, use this option.

The X-Spam-Level header is added by SpamAssassin – an email scanning software that can add this header to messages it has scanned. If you are using some third party filtering services (SpamCop.net for example) you can take advantage of this setting. If you decide to use our SpamAssassin, this header will not be added to your messages.

The X-Mailer header identifies the email client used to send the email message. For example, if you select this option and type “Outlook” (without the quotation marks), you will ban all incoming messages that have been sent through MS Outlook and Outlook Express.

The X-Mailscanner header is added by an anti-virus software such as Mailscanner. We have added it upon user request because a particular virus was adding this header to all incoming messages, and banning messages with this header would ban all such viruses. However, it might also ban messages that have been scanned by Mailscanner, so we do not recommend using this option.

The Content-type header says what is the structure of the incoming mail message – it could be plain text, HTML, MIME encoded, etc.

The Attachment filter can block messages depending on their attachment. You can either block messages with a given type of attachment, or block messages with any attachment. Attachment types are combined in several different categories – archive file, image file, video file, audio file, document file, PDF file. In the table below, you can check what file types are included in each category:

Archive file7z, 7zip, 7zip2, ace, alz, arc, arj, ark, bz2, bzip, bzip2, cab, gz, gz2, gzip, gzip2, iso, lz, lzh, lzma, lzo, lzx, rar, rz2, sea, sfx, sqx, tar, tgz, xz, xz2, zip, zip2, zipx, apk, img, vhdx, vhd
Image filebmp, exif, gif, jfif, jpe, jpeg, png, tif, tiff, pcx, svg
Audio fileaac, flac, m4a, m4p, mp3, ogg, wav, wma, ra
Video file3gp, asf, asx, avi, flc, flv, flx, h264, m4e, m4v, mkv, mp4, mpeg, mpeg(1-9), mpg, ogm, ogv, ogx, rm, vob, webm, wmv, xvid, divx
Document filecsv, doc, docx, epub, xhtml, html, htm, log, ppt, pptx, txt, xls, xlsx, xml, ods, odt
PDF filepdf
Executable filebat, bin, cmd, com, cpl, deb, dll, elf, exe, gadget, hta, inf, jar, js, jse, msc, msh, msi, msp, pif, ps1, reg, rpm, scf, scr, sh, so, sys, vb, vbe, vbs, ws, wsc, wsf, wsh

You can also create a default filter for each mailbox. It allows you to have a filter that triggers when no other filter for the mailbox matches. Please note that if you add a default local filter for the mailbox, none of the global filters will be processed for that mailbox.

Please note that using header filters requires some general knowledge of how the email system works.

Wildcards are not supported when adding a header filter.

Our mail system utilizes a database, which contains IP addresses and networks that are known sources of unsolicited mail messages. Mail from these servers is rejected from our machines. The database that we use is extremely precise and is updated real-time.

This FAQ item explains how the White and Black listing section works.

The White and Black listing section allows blacklisting or whitelisting email addresses based on the Envelope Sender/Recipient.

Generally, the Envelope Sender/Recipient are the addresses that are used in the communication between email servers. The Envelope Sender would show the sender that is set by the sending email server. On our servers, the Envelope Sender is set as Return-Path of the message, and when viewing the source of an email message received on our servers, the Return-Path header would be the Envelope Sender from the SMTP communication between email servers. The Envelope Recipient would be the mailbox that will receive the message. Note that you may even not see this Envelope Recipient in the message itself. For example, if the sender uses a blind carbon-copy (BCC), it is possible that you would see a TO header in the message source, while the message could be received in a completely different mailbox (due to the BCC used when sending).

On the other side, the From and To addresses in the message headers are set by the sender, and they could be easily forged. That’s why most spam messages have incorrect From and To headers. Generally, message headers are not a reliable way of blocking spammers, because manipulating message headers is a very common spam-sending technique.

The White and Black listing section works on two levels:

  • Global level for all mailboxes on the account, through the Edit Global Mail Settings of the hosting Control Panel’s Mail Manager section.
  • Local level for each mailbox, through the Filters section next to the mailbox.

If you want to block messages based on From/To headers, you can do this through the Header Filters section.

This article is intended to warn you of the dangers of whitelisting or blacklisting your domain name or your mailbox using the SpamAssassin white and black listing functionality.

If you whitelist your domain name or mailbox as a sender, it will increase the number of spam messages reaching your mailbox. The spammers use the so-called “header spoofing” technique that allows them to use any e-mail address as From and Return-Path, whether or not they have access to the mail server for that domain. This is a flaw of the global SMTP protocol.

If you whitelist your domain name or mailbox as a recipient, it will stop the SpamAssassin and header filters spam protection. All messages sent to the mailbox will bypass the SpamAssassin and the header filters.

If you blacklist your domain name or mailbox as a sender, it will prevent you from sending messages from your domain or mailbox to yourself.

If you blacklist your domain name or mailbox as a recipient, it will stop the delivery of all email messages to the domain or the mailbox.

If you receive the above message while trying to send a message through the SMTP server of your hosting account, please change the port of the outgoing server from 25 to 587.


Graylisting/Greylisting (optional)
Spamdyke can also be configured to use Graylisting. Graylisting is the technique of denying mail delivery the first time a sender tries to deliver to a recipient. The next time the remote server attempts to deliver the message, it is accepted. All future messages from the sender to the recipient are also allowed. With Graylisting enabled, our mail server will “temporarily reject” any messages from a sender it does not recognize. The originating server will try a new delivery, usually in a few minutes, and if the message is legitimate, it will be accepted. If the message is from a spammer, it will probably not be retried as spammers go through thousands of email addresses and cannot afford the time delay to retry a particular message. Standard mail servers, however, always attempt to deliver messages again if they are rejected with such a “temporary” error message, in accordance with the SMTP RFC specifications.

When a recipient/sender pair is marked as temporarily allowed, its status will remain for a given period. New messages sent within this period will refresh its duration. Once this period expires, the recipient/sender pair will undergo the Graylisting check.

The only downside of the Graylisting technique is that some messages may be received with delay which will depend on waiting period before the sending server tries to re-send the message.

Graylisting is not enabled by default, so if you wish to use it, you need to enable it through the Control Panel > Mail Manager section under the Global mail settings tab.

Information about all messages processed by Spamdyke is recorded in the mail server logs which are accessible via the Mail logs subsection of the Control Panel > Logs section.