Spam filtering

Unsolicited commerical email (spam) is a significant problem for just about all Internet users, and unfortunately there is no silver bullet. All anti-spam approaches are a compromise between getting rid of as much spam as possible, and the risk of rejecting legitimate email.

At Mythic Beasts, we've always believed in putting users in control by giving you your email almost completely unfiltered, and letting you decide how aggressively you want to filter it.

The only compulsory filtering that we apply to all mail is to refuse mail from hosts on the SpamHaus ZEN block list (which includes the SBL, SBLCSS, XBL and the PBL). This stops a huge amount of spam, and we believe that it does so very safely.

We then pass all incoming mail through rspamd. rspamd is a popular, open source spam filtering package. rspamd assigns a score to each message based on many different aspects of the e-mail. Spam messages will be given a high score; legitimate messages will be given a low (or even negative) score.

You can use the rspamd score to filter mail as you wish. An example is shown below.

Simple filtering

It is possible to discard mail based on its rspamd score. This can be done at a domain-wide level, or for individual addresses, or both.

Domain-level filtering

To filter at a domain level, go to the Web and Email Hosting area of the customer control panel, and use the Email settings link for your domain.

This will give you the option to filter email that exceeds a specified threshold score.

We would not recommend setting a threshold of less than 5 as this will filter mail very aggressively and will often result in legitimate email being characterised as spam. A higher threshold of 10 or 15 will result in much more conservative mail filtering with a lower risk of false positives.

Address-level filtering

To filter individual addresses, go to the Web and Email Hosting area of the customer control panel, and use the Email addresses link for your domain.

You can then add or edit an email address, and select Discard spam as a deliver action before saving to a mailbox or forwarding to another email address.

Note that:

  • Address-level filtering is based on a fixed rspamd threshold of 15
  • Delivery actions are handled in order, so the discard spam action will only affect actions that follow it.

If you need more control, you can use custom Exim filter (see next section).

Custom mail filtering

Custom mail filters allow you to perform advanced filtering of incoming mail. Custom mail filters can be configured by selecting custom Exim filter when creating or editing an email address.

The mail filters use the Exim filter file format.

For example, it is possible save messages to a different folder based on the rspamd score. The score is available in the X-BlackCat-Spam-Score header (the value provided by this header is 10 times the rspamd score).

The following filter file will save messages in a folder called "Junk" if it exceeds an rspamd score of 9.9.

# Exim filter
if "${if def:h_x-blackcat-spam-score:{present}{absent}}" is "present"  and $header_x-blackcat-spam-score: is above 99 then
      save "/home/user/popboxes/mailbox%mydomain.com/Maildir/.Junk/"
      seen finish
endif
save "/home/user/popboxes/mailbox%mydomain.com/Maildir/"

Note that you will need to update the path to your mailbox in the two "save" lines. If you are unsure what these should be, create and save an address that saves email in the desired mailbox. You can then edit the address and click on Custom Exim filter. This will show you the Exim filter code that is used to save mail in that mailbox.

Sender verify and Greylisting

As well as the rspamd options, you may see reference to two other spam reduction methods: sender verify and greylisting.

We strongly recommend leaving these switched off (the default for all new accounts). They were quite useful 10 years ago. Today, they catch very little spam, but do cause problems receiving mail from legitimate (if poorly configured) senders. It is likely that these options will be removed in the future.