There are three spam filtering modes on Web Hosting and Custom Email accounts:
Regardless of the selected option, the following checks are always performed on email messages:
- Check against Cloudmark Sender Intelligence
- Check for empty To and From fields in headers.
- Check for a valid fully-qualified sender's (From) address.
- Check for a valid domain in the From address (check for a valid A or MX record).
If an email message fails to pass one of these checks, it is not accepted by mail servers for delivery to recipients.
Note: Messages that are larger than 1 MB are not filtered.
When spam filtering is disabled, all filtering options are turned off for all mailboxes, with the exception for Cloudmark Sender Intelligence and basic mail header checks described above.
In the Basic mode, which is a default one, spam filtering can be managed on the server level only (settings apply to all domains and mailboxes on your account).
The following settings are applied in the Basic mode:
- Spam scanner protection level is set to 3 and cannot be changed.
- Messages with "bad" mail headers are rejected on the server side. These are headers that are non-compliant with RFC-2821. Bad headers could contain executable code and might be used to infect client systems.
- Messages with dangerous attachments are rejected on the server side. Read the KB article on Why do attachments without viruses get rejected by the content filter of my shared web hosting mail server? for a list of dangerous attachments.
In HostPilot on the Mail Server Settings > SPAM Filter page, you can choose to either add the [SPAM] prefix to the subject for spam messages and still deliver the messages to your mailbox, or reject such messages without delivering them to your mailbox.
SpamStopper is an advanced anti-spam solution custom-designed for the Intermedia environment and is based on SpamAssasin and Cloudmark Security Platform filtering software, that, besides checking against real-time black lists, use a sophisticated analysis of message header and text to assign a weight to each message. This weight is called a spam score. A higher spam score indicates a higher chance that the message is spam (read our knowledge base article on Understanding the headers of a spam message for more information).
When the assigned weight exceeds a certain threshold, the filter marks such messages as [SPAM] or permanently deletes them depending on the settings. However, this does not happen when the sender's address is in your Safe Senders list, either at the account level or the mailbox level.
SpamStopper performs checks against the following Realtime Blackhole Lists (RBLs) to increase the spam score of the message:
Note: RBL checks are performed during the SMTP transaction and rejected prior to the DATA command. The mail is rejected before the message is received; therefore, mail from sending mail servers whose IPs are on one of the RBLs used by Intermedia will be rejected even if they are on the account-wide Safe Senders list. There is no workaround or fix for this, other than for the sender to have their IP address removed from the listing RBL.
With SpamStopper you can:
You can change how messages are handled based on the spam score they receive. To adjust the settings, change the appropriate spam filter sensitivity values on the Mail Server > SpamStopper page in HostPilot.
- Spam score - mark messages with spam score above this value as SPAM: Changing this value allows you to set the sensitivity level for when to mark messages as spam. Those messages will be delivered to your Inbox with [SPAM] appended to the subject so you can sort them locally.
- Kill score - permanently delete messages with spam score above this value: Changing this value allows you to specify your SpamStopper protection level. All incoming messages that get a spam score higher than this value will be rejected on the server side and will not be delivered.
By default, SpamStopper is set to automatically delete all messages with a spam score of 20 and higher.
Note: Since no spam filter is perfect, some legitimate messages may be erroneously identified as spam and rejected. Unless you opt out of the automatic deletion by going to SpamStopper settings and setting the kill score above this value to 999, you agree to accept such risk of loss.
With SpamStopper, you can manage spam filtering settings on both the server level (for all domains and mailboxes on your account) and the individual mailbox level. Read our knowledgebase article on How Do I Manage My POP/IMAP Mailbox? for more information.
Also you can manage the following server-level settings:
- Enable or disable rejecting messages with "bad" mail headers. When this option is enabled, the server rejects email messages with headers that are non-compliant with RFC-2821. Bad headers may contain executable code and might be used to infect client systems.
- Enable or disable rejecting messages with dangerous attachments. Read our knowledge base article on Why do attachments without viruses get rejected by the content filter of my shared web hosting mail server? for a list of dangerous attachments.
- Accept messages with dangerous attachments from safe senders
With SpamStopper you may create server-level Blocked Senders and Safe Senders lists, which will be effective for all the mailboxes on your account. The Blocked Senders list is for email addresses you never want to receive messages from again (messages from these addresses will always be rejected). The Safe Senders list is for email addresses that you always want to receive messages from (messages from these addresses will never be considered spam).
On the SpamStopper page, click Manage Blocked/Safe Lists to view and manage the account-wide Safe Senders and Blocked Senders lists.
To add new addresses or domains to a list, open the tab for the list you want to add to. Enter the email address or domain in the box, then click Add. If you add a domain to a list, it causes mail from ALL USERS at that domain to be treated as safe or blocked.
- The format for email addresses must be firstname.lastname@example.org.
- The format for domains must be @domain.com.
- Wildcards (* or ?) are not allowed in the Blocked or Safe Senders lists (for example, you can't use @*.tld or @domain??.tld).
Note: Mailbox-level lists always take priority over server-level lists. Also you cannot blacklist local addresses (mailbox addresses from our mail server), because this mail does not go through the spam filtering server but is moved locally on the mail server from one mailbox folder to another.
To filter addresses, you can enter the beginning letters in the search box and click the Search button.
To remove an email address from its respective list, check the box next to that address (or addresses), then click Delete Address(es).
To export the current Safe Senders or Blocked Senders lists to a file, click the Export List to CSV File button on the appropriate tab.