What spam filters do you use?

Our email servers can reject messages that are likely to be unwanted junk mail, or "spam".

You can choose three different filtering levels:

  • Standard Filtering
    Recommended for most addresses. We use this for our own mailboxes and consider it reliable and accurate. It blocks most spam, with only a very slight risk of incorrectly blocking legitimate mail.
  • Low Filtering
    This still blocks many spam messages, but allows “borderline” messages we’re not absolutely sure about. Choose this option if you want to guarantee that no “legitimate” message can ever be rejected as spam, even if it looks a lot like spam — and you don’t mind getting significantly more real spam.
  • Off
    Allows almost all messages, even if we’re positive that the sender address is a forgery. This should be used only if you knowingly want to get malicious spam messages because you're collecting them to compare other spam filtering solutions (or some similar purpose). We don’t recommend this for normal mailboxes.

So how do these filtering levels decide which messages are spam? We use several different methods:

Restrictions applied to all mail

First of all, we use a set of rules to reject mail from certain extremely abusive senders. The rules reject:

  • Mail from spammers who have sent spam to us or to a customer of ours who has complained; and
  • Some common viruses that have consistent "From" addresses, subjects, or links in their messages.

This first step is applied to all messages, regardless of whether you have the spam filter turned on. It should block only blatant spammers and other senders of extremely abusive email, and should never incorrectly block any legitimate messages. Our statistics indicate that fewer than one message per million is rejected in error by these rules, and in those cases, the sender will receive a message indicating why the message was blocked, allowing them to change their message and resend it.

Next, we pass all incoming mail through an anti-virus scanner. Any messages containing viruses are not delivered, although we keep copies of such messages for one week in case we receive a report of the virus scanner incorrectly discarding a message.

Allowing messages from within our network

Next, we check if the message is coming from our own network — that is, whether it's from one of our own customers, or sent by a script on your own website. If it is, we automatically allow it. This ensures that messages our customers send to each other, or messages your website sends you, are never blocked.

Manual Reject and Allow lists

The next check is manual allow and reject lists.

You can use our control panel to accept or reject all mail from certain senders. To add custom rules:

  1. Login to the “My Account” control panel (having trouble?)
  2. Click E-Mail Options
  3. Scroll down the page to the "Reject and Allow Lists" section.

If you've added the sender to your manual allow list, the message will be accepted for delivery at this stage. If it's not on the manual allow list, but you've added the sender to your manual reject list, the message will be rejected.

We check the allow list first so you can enter specific allow rules that override reject rules. For example, if you enter "charlotte@example.com" in the allow list and "example.com" in the reject list, you can receive mail from charlotte@example.com while blocking everyone else at example.com.

If the sender isn't in your allow or reject list, the spam filter settings for the email address are checked. If you have the spam filter turned "Off", the message will be delivered to your mailbox at this point. If you have the spam filter set to "Low" or "Standard", the message is next checked to see if it should be automatically allowed based on your previous outgoing mail.

Allowing based on previous outgoing mail

The next check is whether you've written to the sender within the last year. If so, a return message from that address will be automatically allowed without further spam checking.

This means that when you write to someone, you don't need to worry about spam blocking. Nothing that person later sends you will be blocked, even if our spam filters would otherwise think the message is spam.

(There's one exception: Messages won't be automatically allowed if an SPF check, described in the next section, suggests that the message is using a forged sender address. It wouldn't make sense to allow all forged messages falsely claiming to be from "paypal.com" just because you're a PayPal customer who has written to the legitimate version of that address.)

We also automatically allow messages from several sources we trust (mostly large companies and ISPs).

Extra checks performed by "Low Spam Filtering"

The next checks involve your spam filter setting.

"Low Spam Filtering" will:

  • Block a message if our filters strongly think it's spam for two or more independent reasons; or
  • Delay a message if our filters strongly think it's spam for one reason.

In detail, the "Low Spam Filtering" check uses SPF, greylisting, blocklist checking, and SpamAssassin scores based on the content of the message.

SPF allows our servers to ask the sending domain name for a list of mail servers that are authorized to send mail. For example, if we receive a message claiming to be from "service@chase.com" (an address that's frequently used in "phishing" spam), we check to see if chase.com agrees that the sending mail server is authorized to use the chase.com address. If they say the sending mail server is never authorized, or is probably not authorized, our servers will consider it "suspicious" in the next step, greylisting.

Greylisting is a method for delaying "suspicious" mail. When our servers receive suspicious mail from a first-time sender, we reply with a standard email error code meaning "we can't accept this message now, but try again later". Our servers can consider messages "suspicious" if the SPF result seems dubious, or if the sending server is on a spam blocklist, or if the sending server looks like it might be a virus-infected personal computer.

When spammers receive a "try again later" error, they rarely try again (they have special software that tries once and gives up), so you usually won't receive their spam. However, in the few cases where the "suspicious" mail wasn't spam, the sending mail server is required by Internet mail standards to redeliver the message (usually a few minutes later), and our servers will then accept it.

Greylisting works very well, eliminating more than 80% of spam. The drawback is that the very first time someone writes to you, there is a small chance that the message will be delayed for a few minutes because it looks "suspicious". However, no legitimate mail should ever be lost.

We also check whether the domain name appears on certain blocklists, described in more detail in the next section. We reject the message if it appears on certain combinations of multiple blocklists run by independent organizations.

Checking for combinations makes "false positives" (incorrect rejections of messages that aren't really spam) extremely unlikely for this rule — in fact, we've never had one reported. The chances that two or more independent organizations have both made the same mistake and incorrectly listed someone as a spammer are very low.

Finally, we check the SpamAssassin score of the message, blocking it if the score is higher than 21 (which is an extremely high score: we've never seen a message with a score this high that isn't blatant spam).

If you have the spam filter set to "Low Spam Filtering", the message is delivered if it passes these checks. If the spam filter is set to "Standard", further checks are performed.

Extra checks performed by "Standard Spam Filtering"

"Standard Spam Filtering" additionally rejects messages from computers appearing on certain "spam blocklists" that are run by other organizations. These blocklists include:

  • mail servers run by known spam companies;
  • mail servers that are misconfigured to allow spammers to send unlimited amounts of mail through them; and
  • computers that should not be directly sending mail without using their ISP's mail server (these are usually personal computers that have been hijacked by spammers).

In contrast to "Low Spam Filtering", "Standard Spam Filtering" will sometimes block messages from servers listed on a single blocklist that we consider extremely reliable, so it catches significantly more spam with only a slightly higher risk of "false positives".

The only blocklist we currently use that can reject mail for this reason alone is:

Blocklists that are used in combination with other factors are:

If the SPF record says the sending server is never authorized to send mail for this domain name, that's treated as being equivalent to a "combination factor" blocklist entry.

Finally, we check the SpamAssassin score of the message, blocking it if the score is higher than 14. This is still a very high score with almost no risk of false positives.

How accurate is the spam filter?

If mail sent to you matches any of the spam filter checks, the chances are extremely high that it's unwanted spam. We're confident enough of this that our staff use "Standard Spam Filtering" for all our own mailboxes.

However, you should keep in mind that although such a message is almost certainly spam, we can't guarantee it. For example, one of your friends may have misconfigured his mail program to use an invalid "From" address, or he may have signed up with an ISP that has misconfigured their servers to allow spammers to send messages through their network. Such situations can lead to incorrect blocking. (If incorrect blocking does happen, the person writing to you will receive an error message saying why the message can't be delivered; the message won't just vanish.)

If you're concerned about missing any mail, you may wish to set the spam filter to "Standard Spam Filtering" for any addresses you list in a public place where a spammer could find them (such as on your Web page), and set the spam filter to "Low Spam Filtering" for private addresses you give only to friends and business associates.

There should never be a reason to completely disable the filtering, unless you knowingly want to get malicious spam messages because you're collecting them to compare other spam filtering solutions (or some similar purpose).

We’ve heard of people turning off the spam filtering because they need to receive mail from a sender who is using a misconfigured mail server that does “forge” addresses (in the sense that sends mail from addresses without the permission of the domain name owner), but the allow list is a better solution for that.