Anti-spam

hMailServer includes a number of anti-spam features. They can be found in hMailAdmin, under Settings -> Protocols -> SMTP -> Spam protection. This page describes the different options.

Use SPF

SPF stands for Sender Policy Framework. Domain owners can, by means of a TEXT record in their DNS, identifiy the email servers that are allowed to send email from their domain. If you enable SPF in hMailServer, hMailServer will check if the sender's IP address matches the IP address in the DNS-TEXT record. If not, the email message will be deleted without any notification. More information about SPF can be found on http://spf.pobox.com/. hMailServer rejects FAIL but accepts SOFTFAIL.

Check that sender has DNS MX records

If you enable this option, hMailServer will check if the domain name in the sender's email address has valid DNS-MX records. For example, if bill@microsoft.com sends you an email, hMailServer will check if the domain, microsoft.com, has valid DNS-MX records. If it has, the email is accepted. If it hasn't, the email is dropped. Some spammers send email from bogus domains that do not exist. Turning this feature on prevents hMailServer from accepting them. The downside of this option is that the server may reject legitimate email. For example, if an automatic email is generated by cgi.domain.com and cgi.domain.com does not have valid MX records, the email will be deleted.

Allow empty sender address

This option lets you configure whether or not hMailServer should accept email messages that do not have a sender email address. Turning off Allow empty sender address might lead to legitimate email messages being rejected. For example, some servers might send email with an empty sender address, so-called bounce-email. Also, turning off the option is in violation of some RFCs.

Tarpitting

Tarpitting can be used to slow down the communication hMailServer makes with spammers. Some spammers may stop sending email to your server if it is responding very slowly to their requests. The feature assumes that the spammer sends one email to several recipients on your server during one SMTP session. If the number of recipients exceeds the Tarpitting count, hMailServer will delay the response of every subsequent recipient, for the specified number of seconds.

DNS blacklists

Blacklists are lists of email servers that are known to send spam. Blacklists are maintained by different organizations or individuals. If you enable blacklists in hMailServer, whenever hMailServer receives an email message it will check the sender's IP address against the blacklists you have chosen to use. If the IP is found to be in any of the blacklists, hMailServer will not accept the email message.

Varying statistics exist, but it is known that blacklists can cut your spam by around 15-25%, simply on the basis of the sender's IP address. Please be aware that blacklisting can block legitimate emails; for example, if a spammer uses a particular ISP's email server and gets it blacklisted, and your friend uses that same ISP, your friend's emails will also be blocked.

SURBL

SURBLs differ from most other RBLs in that they're used to detect spam based on message body URIs (usually web sites). Unlike most other RBLs, SURBLs are not meant to identify spam senders by their message headers or connection IP addresses. Instead they allow you to identify messages by the spam sites mentioned in their message bodies. This means that when you have enabled SURBL, hMailServer searches the e-mail message for links. If any links are found, hMailServer checks with the SURBL server whether these links normally exists in spam messages.

Grey listing

Grey listing allows you to prevent spam by temporarly rejecting email to your server. Grey listing benefits from the fact that properly configured email servers will try to resend messages later, while spammers normally will give up immediately if your server rejects an email.

When a sender tries to deliver a message for the first time to your server, hMailServer will save the senders IP adderss, the senders email address and the recipient email address. This information is called a triplet. hMailServer will reject the message and kindly ask the sending server to retry later. The next time the sending server tries to deliver an email which matches the triplet, hMailServer will accept the message.

External tools

External tools, such as ASSP or SpamAssassin, can be used alongside hMailServer to prevent spam. Both ASSP and SpamAssassin are specialist software with the sole purpose of detecting whether an email is spam. They therefore offer much richer spam protection functionality than the one included in hMailServer.

Related information

IP ranges

It is possible to turn off hMailServer's spam protection functionality per IP range. For example, one normally does not have to check for spam on one's local network. Consult the IP range documentation for more information on this.

White listing

It's possible to use white listing records to disable spam protection for email messages sent from specific email or IP addresses. This is a more flexible solution than to use IP ranges.

Search documentation