Spam filtering


Unsolicited commerical email (spam) is a significant problem for just about all Internet users, and unfortunately there is no silver bullet. All anti-spam approaches are a compromise between getting rid of as much spam as possible, and the risk of rejecting legitimate email.

At Mythic Beasts, we've always believed in putting users in control by giving you your email almost completely unfiltered, and letting you decide how aggressively you want to filter it.

The only compulsory filtering that we apply to all mail is to refuse mail from hosts on the SpamHaus ZEN block list (which includes the SBL, SBLCSS, XBL and the PBL). This stops a huge amount of spam, and we believe that it does so very safely.

We then pass all incoming mail through rspamd. rspamd is a popular, open source spam filtering package. rspamd assigns a score to each message based on many different aspects of the e-mail. Spam messages will be given a high score; legitimate messages will be given a low (or even negative) score.

You can use the rspamd score to filter mail as you wish. An example is shown below.

Simple filtering

You have the option to simply discard (irretrievably) all mail that exceeds a specified rspamd score. This is configured through the control panel: follow Hosting accounts and then the Anti-spam link next to the domain you wish to configure. We would not recommend setting a threshold of less than 5 as this will filter mail very aggressively and will often result in legitimate email being characterised as spam. A higher threshold of 10 or 15 will result in much more conservative mail filtering with a lower risk of false positives.

Sender verify and Greylisting

As well as the rspamd options, you may see reference to two other spam reduction methods: sender verify and greylisting.

We strongly recommend leaving these switched off (the default for all new accounts). They were quite useful 10 years ago. Today, they catch very little spam, but do cause problems receiving mail from legitimate (if poorly configured) senders. At some point we shall remove these options.

Custom mail filtering

If you have a shell account, you can configure your own custom mail filtering, for complete control. The easiest way to filter mail is to look for a spam flag header. rspamd marks all mail that it considers spam by adding the following header:

X-Spam-Status: Yes

You can use an Exim filter file to sort on this header, by putting the following text in your .forward file.

# Exim filter
if $header_x-spam-status: begins "Yes" then
    save Maildir/.spam/
    save Maildir/

In this case, we are saving any spam in a folder called spam. Other mail will be delivered as normal to the inbox.

For more advanced cases, one could use procmail. To do this, create a .forward file in your home directory with the following contents:

|/usr/bin/procmail -f-

Then create a .procmailrc file containing:

* ^X-Spam-Status: Yes

This filter does the same as the above Exim filter.