Improving spam protection

Fastmail uses many tools that help catch and stop as much spam as possible. We have personalized spam filters that learn what you do and don't want to see in your inbox. By reporting messages as spam and not spam, you can have an inbox full of messages you want, instead of sifting through spam.

Adjust Fastmail settings

Every email that arrives at your account is reviewed by our spam filtering service and given a score to show how likely we think it is that the message is spam. Since most people find false-positives (where we mistakenly think a real email is spam) are much worse than false-negatives (where a spam message slips through to your inbox), we are reasonably moderate with our cut-off level.

We allow you to customize how aggressive your spam filtering is. We provide three preset options in the Settings → Spam Protection screen: Off, Standard, and Aggressive, which change how we treat spam. This controls whether spam is moved to the Spam folder or deleted. Mail from known spam hosts is blocked. If you'd like even more control, you can use the Custom settings to refine how you'd like your spam to be treated.

If you do raise the level of your spam filtering, it's more likely that a message you wanted to receive will be mistakenly marked as spam, so be sure to check your spam folder every so often.

You can also choose to automatically mark spam as read, and if you click show advanced preferences, you have the option to (anonymously) share your spam reporting data with other spam-fighting companies.

If you forward mail to Fastmail from other email accounts, use the forwarding hosts field to enter a list of all domain names you're forwarding from. We can then use this information to determine the true sender of mail, which improves our spam detection for you.

When a spammer impersonates your email address, you can often end up with a lot of bounced mail being returned to you, bombarding you with backscatter spam. By default we move these messages into your Spam folder. You can adjust this setting to do nothing, or to discard these mails. If you send mail using non-Fastmail servers, you can add their hostnames to the SMTP hosts used field which ensures we don't incorrectly classify your mail as bounce spam.

Your personal spam filter

Everybody's spam is different. When you report spam that's slipped through our filters, or non-spam that we've mistakenly marked as spam, we feed this information into a filter that's tuned just for you. Messages that you delete from your Spam folder also are reported as spam to train your filter, and messages that you move from Spam to another folder or reply to are reported as non-spam.

Once your personal spam filter has seen more than 200 spam and more than 200 non-spam emails, we automatically start using it to filter your incoming mail. Because it's been trained by the exact messages you receive, your filter is more accurate at finding spam than our general filter. However, it can only do so once it's seen enough spam and non-spam messages.

If you go to the Spam Protection screen, you can see how many spam and non-spam emails have been reported so far.

How do we detect spam?

We perform a number of checks on incoming messages to see if they're spam. Check out the technical details if you're interested in learning more.

Report spam and non-spam emails

If you get a spam message in your inbox, you can help train our spam filters by selecting it and clicking the Report Spam button. Every so often, it's a good idea to check your Spam folder to see if anything you wanted has been accidentally marked as spam. If it has, select it and click the not spam button so we can learn from the mistake. This will also move the message to your inbox.

Reporting spam/non-spam with an email client

When you report a message as spam on your email client, it doesn't immediately train our spam filters. However, you can create special folders in your account which we'll scan once a day to learn spam/non-spam.

  1. Log in to your account at https://www.fastmail.com.
  2. Go to the Settings → Folders screen.
  3. Create a new folder called something like "learn spam". Mark that folder's "Spam learning" as "As spam", and if you'd like, you can also set it to "Auto-purge older than 7 days".

Then, in your email client, move any spam emails you receive into that folder. They will automatically be fed to our spam filter, and later deleted if you have the folder set to auto-purge.

We do not recommend that you mark your Spam/Junk Mail folder to automatically learn "As spam". This can create a false positive feedback loop. Imagine an email is incorrectly classified as spam, put in your Spam/Junk Mail folder, and then learned as spam. That means future emails that aren't spam are now more likely to be incorrectly marked as spam, sent to your Spam/Junk Mail folder, and learned as spam. Only mark folders to learn "As spam" if they're folders you manually move email to.

Avoid using forwarding services

Fastmail does a lot of work at the SMTP stage to identify and block spam bots. If you use a forwarding service, we can't do these checks and more spam will get through.

If you forward email from an old email address, tell people to use your new Fastmail address instead and close down forwarding from the old account.

If you use your own domain, point the MX records for your domain directly at our servers.

If you send through an external server

If you regularly send email through a non-Fastmail server and any of those emails bounce, they will be marked as backscatter (a type of spam) since they did not pass through one of our servers.

To avoid this happening, go to the Settings -> Spam Protection screen. In the "SMTP hosts used" box in the Backscatter section, enter a list of hostnames that you regularly also send email through where replies might come to Fastmail.

For instance, if you use the ISP iinet.com.au, and regularly send email through their SMTP server with your Fastmail email address as the From address, then you should add iinet.com.au to the Backscatter SMTP Hosts text box. This way, any email sent through the iinet.com.au SMTP server that bounces will correctly arrive at Fastmail and not be considered backscatter.

Add known senders to your contacts

Email from senders in your contact list get special treatment. They avoid greylisting and get a reduced spam score. If you use an email client (like Outlook, Thunderbird, or Apple Mail), you don't have to enter addresses into your Fastmail contact list manually. Instead, you can upload contacts on the Import & Setup screen.

To avoid spam checks on a whole domain, you can add a contact with the email address *@domain.tld to your contact list in the email field. This will whitelist messages from all senders in this domain, which means that messages sent from any address at that domain will not be marked as spam. Contacts in a shared contact group (for multi-user accounts) are also included.

If you don't want to clutter up your contacts with lots of whitelist entries (for example: legitimate mailing lists), create a single contact called "whitelist" and add each whitelist domain to that entry as extra addresses.

Where does spam come from?

Most spam these days is sent through automated servers or zombie PC's infected by viruses. The incoming spam can get to you through your main account's email address, any aliases you use, or email forwarded to you from other accounts. The more addresses which end up in your inbox, the more likely you are to get spam.

How do spammers get email addresses?

Some people find that they receive a lot of spam, even though they haven't told anyone else their email address. This causes them to think that we may have sold their email address. We never sell email addresses!

There are a lot of ways a spammer can get ahold of your email addresses:

If you'd like to check whether an email address has been compromised in some way or placed on any spamming lists, we advise visiting [Haveibeenpwned] (https://haveibeenpwned.com/). Enter your commonly used email addresses and the tool will return a list of any breaches or spam lists the email address appears in.

Almost all email addresses will get spam at some point. The longer your email address has been around, the more likely you are to get spam.

I still have too much spam!

Even after taking all of the actions listed above, you're still getting spam. What can you do about it?

If the sender is in your contacts and/or the spam score is low, it's most likely a legitimate message.

Stopping virus mail

If we detect that an incoming message has a virus in an attachment, the mail is discarded, preventing you from any risk of opening the infected message.