Neomailbox

Enhanced Spam Filtering

~ 3 min read

Today we activated some major improvements to our spam filtering systems. The main changes are summarized below:

  • Grey-listing is now disabled - Although grey-listing was very effective at cutting out a large amount of spam without any false positives, it did introduce a delay in receiving an initial mail from a server that was not previously known to the grey-listing system. While this is usually not a major problem, it can be in some cases, such as with account verification emails, or emails containing time sensitive e-banking PINs or other time-critical information. The elimination of the grey-listing layer ensures that going forward customers will receive all mail without any delay.

  • All messages are assigned a spam score - Every incoming message is assigned a weighted spam score, based on a variety of criteria, using the leading open source anti-spam system SpamAssassin. The spam score for each message is inserted as a header into the message, the “X-SA-Score:” header. If the spam score for a message is greater than a threshold (currently 1) another header “X-SA-Report:” is inserted as well, providing more information on the criteria that contributed to the spam score.

  • Messages with high spam scores are rejected - If an incoming message is assigned a spam score greater than a limit (currently set to 7) the message is almost certain to be spam, and it is rejected at SMTP time - it is not accepted by our servers at all. This means that the sending SMTP server is responsible for generating an error message or bounce message for the sender. This ensures that we do not create “backscatter” spam by sending a bounce message to the (possibly forged) sender address on the message. In the unlikely event that the message was actually a legitimate message incorrectly scored as spam, it doesn’t silently disappear into a spam folder, but is bounced back to the sender so the sender knows it was not delivered and can try sending it again, perhaps through a different email server.

  • Messages with medium spam scores are tagged - If an incoming message is assigned a medium spam score (currently, greater than 5 but less than 7) it is tagged with a header “X-SA-Status: YES”. Messages tagged with this header are also most likely spam, and can usually be safely filtered into a spam folder and reviewed occasionally to catch any false positives.

The new anti-spam system will result in instant delivery of all legitimate incoming mail and much lower incoming spam levels by default, without requiring the configuration of any mail filters by users, while still maintaining a near-zero false-positive level. Users who want an even higher level of spam protection and are prepared to deal with the possibility of the occasional false positive can use the new headers described above to filter messages at lower spam score level.

We do have a few more anti-spam enhancements in the works, but this major overhaul of the anti-spam protections in Neomailbox should already result in the elimination of almost all spam from your mailbox.