Spam Filters

Spam Filters

Spam filters are enabled by default and will put email accepted but categorized as Spam in your Spam Folder.  Spam is a general term for unwanted email however it is far harder to identify that you may think.  Email may come from a legitimate email account that was compromised and pass all technical tests and not yet be on a spam list or be from a marketing company where you don't want it but its not on a standard RBL real time block List.

Email systems are dynamic.  A party that sends you email yesterday may be using a mail server that become compromised and be classified as Spam today and after remediation resume as normal a day later.

There is no such thing as a perfect spam filter and you will always receive some of unwanted email but overall we are able to classify  85 -95% and you can fine tune the system for even higher accuracy. 


Our system uses Magic Spam as a connection level filter to drop and classify and route most email at connection what ever passes through Magic Spam is then processed by Spam Assassin where it is Scored and mail that passes the Spam Assassin threshold is then classified for final delivery as Ham or Spam and delivered to your Inbox or Spam Folder.   Magic Spam is where all white and blacklisting should be set.

Magic Spam offers the Following Features:

  • Checks all inbound email for technical checks.
  • Checks all inbound email against User selectable RBL blacklists & marketing lists.
  • Allows you to set the routing for some of the optional lists to mark as spam or reject and return to sender.
  • Allows you to view Statistics to view total mail and spam volume and how changes in your settings effect accuracy.
  • Allows you to route email classified as Spam to your Inbox or spam folder automatically
  • Allows you to view inbound mail logs to verify if the email reached your server and how it was classified and routed.
  • Allows you to block email based on country so you can kill off junk email from foreign countries you don't do business with.
  • Allows you to set Blacklists for problem emails that are getting through the normal filters.
  • Allows you to set Whitelists to insure important emails bypass all filters and are always delivered.
  • Allows you to set Blacklists or Whitelists for email sender, mail server IP or Country.

OVERVIEW:  By default, Magicspam and Spam Assassin  will work well for most normal accounts  however every user has different needs so you may need to modify the settings to make the filter more aggressive or to whitelist the occasional False Positive where a sender you desire is being marked or rejected as spam.

If a senders email server is compromised and on one of the IP reputation lists it will be processed as Spam.  You should initially review the logs over a few days or review mails marked as **** Spam ****  in your spam folder to identify False Positives (Email that you desire but are  categorized as Spam) and adding them to your whitelist or changing the RBL list from ON which rejects to Flag which saves as spam or OFF if the list is causing more problems than its solving.

 

NOTE TO POP3 USERS:  If you are using older POP3 Protocol to read email then you don't have the ability to view Virtual Folders like the Spam Folder which means you must either (a) switch to IMAP which is a more modern system that allows for sharing of a mailbox across multiple devices and will display the Spam Folder or (b) log into your webmail at webmail.yourdomain to view the spam folder or (c) set both Magicspam and Spam Assassin to put emails marked as **** Spam ****  into your Inbox instead of Spam Folder.  This is not recommended as it causes. you more work to sort through spam defeating the purpose of the spam filter.

 

DASHBOARD: Displays daily mail summary of volume of email and mail categorized as spam.

SEARCH MAIL LOGS

You can search the Mail Logs by Date Range and or by Sender or Recipient.  You can also set the filter to display all events or just Spam or Quarantine or Ham .  If you leave the search and filters blank and just click SEARCH all emails received will be displayed.

LOG DETAILS:  Email marked as HAM has been accepted.  Mail marked as QUARANTINE has failed one or more checks and has been marked as ***SPAM*** in the subject and saved to your  INBOX or SPAM Folder depending on your Spam Settings / Routing Option settings.  Mail marked as SPAM in the logs was Rejected and sent back to sender. You can CLICK on the IP or Sender or Country to add the entry to the Block or Allow Exception List.


SPAM SETTINGS:  

 

 

 

SPAM ROUTING  OPTIONS: Once the filter determines an inbound mail is Spam it will mark its subject with **** Spam **** . You can then choose to have the mail added to your Inbox, placed inside a "Spam" folder which can be accessed via IMAP from your email software, or the online Webmail system or Deleted.   By Default both MagicSpam and Spam Assassin will put all mail Classified  as SPAM folder.  You would have to uncheck the routing in both systems to have Spam put into your inbox.


IP REPUTATION: 

DEFAULT IP REPUTATION LISTS SET TO FLAG:  UCEPROTECT-1 (List Number: 4).   UCEPROTECT-2 (List Number: 5). SORBS-DUL    (List Number: 23)

Mail matching these lists will be ACCEPTED and marked a ***SPAM***  in subject and put into your Spam Folder.  You can set them to ON if you would rather reject the email and return it to sender.

 

OPTIONAL IP REPUTATION LISTS :  

MIPSpace-worst (List Number: 40)  https://www.mipspace.com/ratings.php
MIPSpace-poor (List Number: 41)
MIPSpace-pros (List Number: 42)

RATS-Dyna (List Number: 36)    https://www.spamrats.com/rats-dyna.php
RATS-NOPTR (List Number: 37) https://www.spamrats.com/rats-noptr.php
RATS-Spam (List Number: 38)   https://www.spamrats.com/rats-spam.php

 

These are optional lists that include known marketers and bulk mail sources should be used with caution.  They will kill off a tremendous amount of spam but may also classify email some email that you desire as spam (false positive) especially if the sender is using a third party mailing relay that may be shared with other known spammers.  These are set to OFF by default and we suggest you test them by setting the list(s) to FLAG mode so email matching the list will still be ACCEPTED and marked ***SPAM*** and you can whitelist any desired senders and after testing  you can set them to ON which will then reject the spams.

EXCEPTIONS: Force the filters to exempt any email to be Allowed if it was being mislabeled or block if its getting through by:Sender's specific email address ie: spammer@acme.com or a wildcard address such as *@acme.com or a subdomain wildcard *@*.acme.com that will cover any email address from the specified domain.

Some senders use mail gateways that are often on junk lists because the same mail gateway ip is shared by many users sending bulk mail. When you see a gateway sender it may not be obvious who the source is, some gateways add an account user name ie: uniqueidnumber.client@gateway.com  where the Uniqueid number changes so clicking on the whitelist in the log won't work you would need to add a wildcard *@mailgateway.com in those cases or whitelist the mail server IP address.

 

ADVANCED LOG SEARCH:  The reply to you often see is not the same as the actual sender.  If you have email marked as spam or rejected even after whitelisting it means the sender is using a gateway or third party mailer.  To locate the sender in the logs:

1. Open the email in your spam folder and view its headers (in roundcube there is an option to view Header) locate the X-MagicSpam-TUUID value at the bottom of the header: it will be a value like e7959b6a-5ed6-4499-8b34-407c04b82835 and Copy it (control C)

2. In cPanel / Magicspam / Logs paste the value (control V) into the Transaction UUID field and click search

3. This will display the log entry for that email and you can view the true sender and click on the sender to whitelist the specific sender or whitelist domain to allow email from the entire domain of the sender.

If you still have difficulty open a support ticket and provide us the  To / From / subject / date / and folder location ie: spam folder or inbox so we can view the email itself for analysis and assistance. If the email is not on your server because you are using pop to download emails you would have to provide its headers in the ticket.

 

SECURITY: This section allows you to block email by the sending country and is very effective at reducing junk and spam.  Countries that are blocked that are preset by your host are in GREY and you can select one or multiple countries in the "Allowed Countries" list and move them to the Block side and save to block even more junk mail.

 

 

  • spam filters, magic spam, spam assassin
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Email Accounts

Adding Mailboxes, Changing Quota, Resetting Password, Viewing Configuration For Email Software or...

Auto Responders

Configuring Email Auto responders An auto responder allows you to send an automatic reply to...

Configure Outlook

1. click the File menu and click Add Account.2. Select Manually configure server settings or...

Configure Outlook Express

1. In Microsoft Outlook Express, from the Tools menu, select Accounts.2. Go to the Mail tab and...

Configure IOS

1. Press to select "Settings" from your SpringBoard. 2. Press to select "Mail" from the...