Filter Settings

In this page you can manage your quarantine settings for filtered emails. You can also control the inbound TLS enforcement settings from this page.

If you choose to disable your quarantine, all emails detected as Spam will be delivered to your email server unfiltered.

This page is available at the Domain Level only and settings are determined on a per-domain basis. They cannot be set at a higher level for all domains under one Admin.

In the Domain Level Control Panel, select Incoming - Protection Settings > Filter settings. The Filter settings page for the selected domain is displayed:

The following settings are available:

Setting Description
Manage list of domains and IP addresses with disabled SPF, DKIM, and DMARC checks

This link opens a page which allows you to disable SPF, DKIM and DMARC checks for specific domains, IPs or subnets - so that if, for example, an SPF check fails for any of the specified domains or sender IPs, the system will continue to process the message.

Use these options with caution as this can greatly increase the risk of spoofed messages being delivered

Quarantine enabled

Enables/disables the Spam Experts quarantine

If you choose to disable your quarantine, all emails detected as Spam will be delivered to your email server unfiltered.

Quarantine threshold

Messages in Spam Experts that have a combined score above this setting will be classed as spam and will be handled as spam. If this quarantine threshold setting is lowered from the default (recommended) value of 0.9, more messages will be classified as spam.

If this setting is increased towards 1.0, fewer messages will be classified as spam and so the potential for spam to be delivered is much higher.

We do not recommend making any significant changes to this setting. Any changes should be small, either increasing the aggressiveness of the filter by setting a lower numeric value closer to 0.0 or lowering the aggressiveness by raising the slider closer to 1.0.

Beneficial to train threshold

Messages in Spam Experts which have a combined score between the Beneficial to train threshold and the Quarantine threshold will be considered "unsure" to the filter. A Beneficial to train notation is available, to prepend the subject line of messages receiving this classification (as a warning that this message scored above the threshold which mail is considered to be good mail or "Ham"). This setting is used to tag messages with a specific notation, which are considered suspicious to the filter but not suspicious enough to be treated as spam. All messages with a score below this threshold will be delivered.

If a message with this classification is delivered but is a spam message, please train the message as spam. It is not necessary to train legitimate messages with this classification.

Sender checks

Deselecting these options completely disables the type of check. We strongly advise against disabling these as this significantly increases the risk of spoofed messages being delivered.

  • SPF (Sender Policy Framework) - This is a common check that allows the sending domain administrator to indicate which IPs are allowed to deliver email for their domain. We advise keeping this enabled to block Spam
  • DKIM (Domain Keys Identified Mail) - This allows the sending server of a message to cryptographically sign fields of the message to ensure its integrity upon its receipt
  • DMARC (Domain-based Message Authentication, Reporting & Conformance) - An email authentication system that adds to SPF and DKIM by also checking the Header From address for SPF validation and ensuring that the From address and DKIM signature domain are aligned with the SMTP From domain. This also includes a reporting function that allows senders and recipients to improve protection of the domain from fraudulent email sources
Skip maximum line length check

As per RFC5322 - Section 2.1.1, there are strict regulations on allowed line length in emails which are automatically enforced by the receiving MTA of a message. Some applications or poorly developed scripts do not adhere to the official specifications thereby exceeding the maximum allowed line length.

This check can be disabled in Spam Experts by ticking this box, however, we advise keeping it enabled to block Spam.

Disabling this option may cause the receiving destination server to reject a message as it does not comply with official standards.

Reject messages from newly registered domains If set, then any message sent from a domain that is newly registered (less than a day) will be rejected. We advise enabling this setting to help tackle 0-day spam.
Block messages from sending email servers without a valid PTR reccord If set, then any message sent from a sending email server that does not have a valid DNS pointer record (PTR record) will be quarantined.
Beneficial to train notation Text added here is prepended to the subject line of all messages classed as unsure as per the Beneficial to train threshold.

Quarantine response

This setting will apply to both Inbound and Outbound filtered messages

When a message is detected as spam and quarantined, the response you send to the sending server can be Rejected or Accepted. Regardless of the setting, spam messages will be added to the Spam Experts quarantine (if enabled).

  • Accepted: the message will be quarantined and the sender receive no notification about the message status
  • Rejected: the message will be quarantined and the sending server will receive a 550 SMTP response code at the end of transmission. It is then the sending servers responsibility to generate an NDR to send to the sending user with the reason for the quarantined status

The default and advised setting is 'Rejected'.

Require TLS Settings

By default, all email is securely processed using TLS encryption as long as the sending/receiving server provides support for it.

Using these settings, you can specify that TLS is compulsory for specific senders/recipients; if a TLS connection is unsuccessful the email will not be processed or delivered. See Enforce Incoming TLS Encryption.