Copyright © 1999–2019 FastMail Pty Ltd
As mentioned on the SMTP checks page, FastMail performs many checks at the time an email is received to stop spam. While these tests are very effective, they can't stop all spam, and some still enters the FastMail system. After FastMail receives the email, we perform a number of checks based on the content of the email to try and determine if the email is spam.
Each message we receive is analysed using SpamAssassin and assigned a spam score: a number that shows how likely the message is to be spam. By default, we consign anything with a score greater than or equal to 5.0 to your Spam folder.
The main types of checks done by SpamAssassin are:
- Content filter: email is checked with our content filter, which adds headers as detailed in our email delivery page, SpamAssassin checks for these headers, and adds a ME_VADE score as appropriate. our content filter checks email against a wide and rapidly changing set of rules to set a category and score for the email. Our content filter vendor uses data from FastMail and other major providers to quickly update these rules to deal with current and emerging threats.
- Bayes database: compares tokens found in the message with a local database and computes a probability that this message is spam. The database is updated using high-scoring and low-scoring messages as examples. This method will adapt to evolutions in the structure of spam, but not revolutions.
- Razor: Creates a checksum of the message and compares it to recently reported spam in a global database; if they match, it's spam.
- DNSBL: Check all servers in the SMTP path for open relays, open proxies, and blacklisted hosts in many blacklists, each one weighted differently depending on past results.
- Header and body checks: Various checks for common spam phrases like "This is not spam!" and "This is sent in compliance with bill S1618".
- Structure: Checks whether it's HTML mail, has an embedded form, contains formatting errors, etc.
Custom spam protection settings
Spam protection settings can be be controlled on the Settings → Spam Protection screen. Selecting "Custom" gives complete control over at which thresholds messages should be:
- discarded immediately, without you ever seeing the message.
- delivered to your Spam folder, or another folder of your choosing.
- have the subject changed so you can easily see the spam score (this will be removed if you then mark the message as not spam).
You can also specify how to deal with backscatter.
In custom spam-filtering mode, you can specify "Forwarding hosts". This is useful if you have email forwarded to your FastMail account via another provider you trust. Basically SpamAssassin will, in quite a few cases, only look at the network "edge" where the email came from to our system because you can't trust headers beyond that. In the case of forwarding services, that means the forwarding service itself, which are legitimate trusted servers (e.g. gmail.com, outlook.com etc.), are checked against RBLs (Realtime Blackhole Lists). That's not really useful and you might end up getting a lot of spam forwarded from them.
By specifying the forwarding services as trusted hosts, we can scan back through them to find out the real source. Internally, we have a list of always-trusted hosts (for common mail providers).
You can add to this list (for your account) by specifying the domain names in the "Forwarding Hosts" field on the Settings → Spam Protection screen in the "Advanced" settings. For instance, you may have an email address at your old university and forward all the email that arrives there to FastMail, in which case you would want to add the domain of the university to the trusted hosts list. Doing this will allow us to parse back through those forwarding headers to find the true source IP of the message.
Note that being a "trusted" system doesn't mean we don't spam check it, it just means that we parse back through the
Received headers to find what server delivered the email to that service, rather than using that services IP.
If you have certain hosts you don't want to subject to regular spam filtering, you can "whitelist" them. By adding the domain to your contacts using a wildcard alias (
*@trusted-domain.com), all mail coming from that domain will be automatically accepted. By adding this alias to your contacts, you are marking the domain as trusted.
Spam check headers
The FastMail system adds the following headers to spam checked email.
X-Spam-score— aggregate spam score. A number with 1 decimal place. At "Normal" spam protection level, scores <5.0 are considered not-spam, scores >= 5.0 are considered spam.
X-Spam-hits— shows which SpamAssassin rules were triggered by an email and the score of each rule that hit.
So a header like this:
X-Spam-score: 5.5 X-Spam-hits: BAYES_99 3.5, EXTRA_MPART_TYPE 1.091, HTML_MESSAGE 0.001, SPAMMY_XMAILER 1
Shows that BAYES_99 had a score of 3.5, EXTRA_MPART_TYPE a score of 1.091, etc. Adding these all up gives the final score of 5.5 (always rounded to 1 decimal place).
X-Spam-source— information parsed from the
Receivedheaders that shows the calculated source of the message. This may not be the server FastMail received the email from if you have trusted hosts set up.
X-Spam-charsets— character sets found in the message either in message headers, or in the content-type headers for each section of the message.
X-Spam— legacy header present and set to "spam" if a message has a score greater than the threshold score, or "high" if a message has a score twice the threshold score. Do not use.
Note that not all headers may be added on each message. No X-Spam headers are added if the message is not spam checked because:
- Spam checking has been disabled.
- The message is greater than 2 MB in size (may change in the future).
- The message was detected as containing a virus.