Hate spam? So does DreamHost! DreamHost has an anti-spam feature you can turn on from the panel's Mail -> Anti-spam page.
- 1 How does anti-spam filtering work?
- 2 Customizing the settings
- 3 Troubleshooting
- 4 This is a header for all the super-technical details
- 5 Alternative filtering setups
How does anti-spam filtering work?
The filters scan incoming emails and compare them against a set of rules or characteristics shared by spam emails. For each item matched, that rule's score is added to the email. If the email's total score is greater than the quarantine setting, the email is quarantined instead of delivered to the inbox.
Enabling anti-spam filtering
Filtering can be turned on for a domain and all email addresses on the domain in the panel's Mail -> Anti-spam page. Domains that have a catch-all address or use non-DreamHost mail service cannot use this filtering. Individual email addresses can have their own settings, but filtering can only be turned on and off completely for an entire domain.
Accessing quarantined emails
Emails are quarantined in the special 'Junk Mail' folder. This folder is not stored as part of the regular mail account. It can only be accessed from the mailboxes website and SquirrelMail webmail.
- The mailboxes website is linked from the panel's Manage Email page.
http://mailboxes.your_domain.com or https://mailboxes.your_domain.com replace your_domain.com with the actual domain http://mailboxes.dreamhost.com or https://mailboxes.dreamhost.com
- Webmail is linked from the panel's Mail -> Webmail page. The RoundCube alternate webmail option does not have access, only the default SquirrelMail.
http://webmail.your_domain.com or https://webmail.your_domain.com replace your_domain.com with the actual domain http://webmail.dreamhost.com or https://webmail.dreamhost.com
Inside the Junk Mail quarantine
The Junk Mail folder is the same from each URL, they all point to the same place.
The four columns (From or sender, Subject line, spam Score, and Date) can each be sorted ascending or descending using the small up and down black triangle arrows. Use the column of checkboxes on the left to select one or more emails to work with.
- Emails that are legitimate (not spam) - "Move to Inbox" button moves them them to the Inbox, "Whitelist/Inbox" button to move to Inbox and also whitelist the sender at the same time.
- Emails that are spam - "Delete" button deletes the emails completely and they cannot be recovered. "Blacklist/Delete" button deletes the emails completely and also blacklists the sender at the same time.
Emails will be automatically deleted from the Junk Mail quarantine folder after 35 days. It is a good idea to delete spam emails when you see them so that there are less emails in the folder to sort through.
Customizing the settings
All settings can be controlled from the panel's Anti-spam page. Individual mail account users can control their own settings in the mailboxes website.
Domain-wide versus mail account settings
Filtering is enabled for an entire domain at a time. Each fully-hosted mail account has their own filtering settings, including quarantine score and whitelist/blacklist entries. The domain has a separate set of filtering settings that are used by all forward-only addresses on the domain.
Adjusting the quarantine score
The default "Quarantine email with a spam score above" is 4. Emails must have a spam score lower than that to be delivered to the inbox.
- A higher score requires emails look more like spam before being quarantined, so less emails are quarantined and more emails are delivered directly to the inbox.
- A lower score lets emails that look less like spam be quarantined, so more emails are quarantined and less emails are delivered directly to the inbox.
- If you are having too many spam emails delivered to the inbox, lower the quarantine score to have more emails quarantined.
- If you are having too many emails quarantined and legitimate emails are not being delivered to the inbox, raise the quarantine score to have fewer emails quarantined.
To choose a quarantine score, look at the scores on emails you are receiving. Look at both spam emails and legitimate emails and pick a score between them. You want to select a quarantine score that is lower than spam and higher than legitimate email. The score can be fine-tuned to one decimal point at most.
The line in the full email headers with the score looks like this:
- X-Spam-Score: 4.013
Whitelist and blacklist
Blacklist entries are email addresses or domains you know you never want to receive mail from. Emails from blacklisted senders will be quarantined regardless of the email's spam score. These emails will always be quarantined in the 'Junk Mail' folder, not any IMAP quarantine folder.
Whitelist entries are email addresses or domains you know you always want to receive mail from. Emails from whitelisted senders will be delivered to the inbox regardless of the email's spam score.
List entries can be individual email addresses email@example.com or one entry to cover an entire domain @domain.tld.
The limit is 1000 blacklist entries and 7500 whitelist entries. If you are getting close to that limit, consolidate multiple email addresses on a single domain with just one entry for for entire domain. Adjusting the quarantine score can improve the effectiveness of spam score based sorting and also reduce the need for individual whitelist and blacklist entries.
NOTE: Whitelist and blacklist entries apply to the envelope or SMTP sender, which does not always match the information in the From header. The envelope sender is often recorded in an email's full headers as the original sender or the return path.
The priority of a whitelist or blacklist entry is generally ignored, and only used when an incoming email could match more than one entry.
All whitelist & blacklist entries are stored together, and any incoming email is potentially compared against all of them. If there is only one (black/white)list entry for firstname.lastname@example.org, and no entry for @domain.tld (all senders on that domain), then the priority doesn't matter, the entry for email@example.com will simply be used as-is.
The priority comes in to play when there are multiple entries. The priority informs which entry will take precedence. Think thunderdome -- higher priority wins; if two are tied it is a random toss-up which will win (aka be used to route the email).
Example: all mail you get from AOL is spam or chain letters, mail you don't ever want to read. BUT, you have to read your mother-in-law's emails on penalty of death. Create a blacklist entry for @aol.com with priority low, and a separate whitelist entry for firstname.lastname@example.org with a higher priority. With that combination, emails from email@example.com will be handled by the higher priority whitelist entry, and all other emails from other senders @aol.com will be handled by the lower priority blacklist entry.
Changing the quarantine location
The default quarantine location is the 'Junk Mail' folder, accessible from the mailboxes website and SquirrelMail webmail.
Quarantined emails can be put in a regular IMAP folder, accessible from any mail client program using IMAP, instead of the 'Junk Mail' quarantine folder. Three settings are involved:
- Set to 999 the "Quarantine email with a spam score above" setting so no emails are sent to the 'Junk Mail' folder.
- Enter the quarantine score (default 4) for the "Tag as spam if the score is above" setting.
- Select an existing IMAP folder and enter it for the "Quarantine to IMAP folder" setting. A folder name that does not exist may not be automatically created, so pre-make that folder to ensure emails are moved to it and not lost.
NOTE: Emails from blacklisted senders will still go to the Junk Mail folder.
Junk Mail Report notification email
Quarantine reports are emails containing a summary of all the emails currently in the mail account's Junk Mail folder. This "Junk Mail Report" is delivered by default every Friday, the other schedule options are every day, the first day of each month, or never.
Too much spam is still showing up in the inbox
- Try lowering the quarantine score to catch more emails.
- Add some domains (not email addresses but just the @domain.com) to the blacklist to block all emails from that domain.
No emails are being filtered or quarantined
- Make sure filtering is turned on for the domain in the panel's Mail -> Anti-spam page.
- Wait a few hours after first turning on filtering, to give the new MX DNS records time to propagate or spread. This can take 4 to 8 hours.
- If the domain is not using our nameservers, make sure you manually update your domain's DNS with the new anti-spam filtering MX records.
Email from a whitelisted address is still quarantined
- The email's From email address may not match where the email was actually sent from. Try using the Junk Mail folder's 'Whitelist/Inbox' button to whitelist the sender of the quarantined email.
Email's sender is blacklisted in the SquirrelMail's SpamAssassin Settings but the email was not quarantined
- Make sure filtering is turned on for the domain in the panel's Mail -> Anti-spam page. SquirrelMail's SpamAssassin Settings are inactive if the domain does not have filtering active in the panel.
This is a header for all the super-technical details
Anti-spam filtering is enabled by changing the domain's MX records to route incoming emails to the filtering servers. Domains using non-DreamHost nameservers will need to manually update their MX records to reflect the change.
MX 0 fltr-in1.mail.dreamhost.com. MX 0 fltr-in2.mail.dreamhost.com.
Special considerations for forwarding addresses
- If the domain is being filtered, and the address is being forwarded to another DreamHost email address which is also filtered: email gets sorted based on the junk mail settings of the receiving mailbox/primary address. You don't need to set separate settings for the forwarding addresses, as they will just inherit those.
- If the domain is being filtered, and the address is being forwarded to another DreamHost email that is not filtered or is being forwarded to an outside address only (like @gmail), then the settings for the forwarding address's domain will be used. The quarantined spam emails will not be stored, they will be discarded.
- If the domain is NOT being filtered and it forwards to a DH email address that is on a filtered domain, the mail will not get filtered.
This table shows how Anti-spam filtering works for/with forward-only addresses. A@example.com is forward-only and sends emails to B@example.net a fully hosted mail account.
|A@example.com uses filtering||B@example.net uses filtering||Is filtering done on incoming mail?||What score is used?|
|Yes||No||Yes, but filtered spam emails are discarded.||A@example.com|
|No||Yes||No filtering done||N/A|
|No||No||No filtering done||N/A|
All emails that pass through the filtering servers have some extra headers added. Here's examples of each of those headers and what they mean:
> X-Spam-Score: 2.4
- The total spam score the email had, the sum of the scores of all the rules it matched on
> X-Spam-Level: **
- The X-Spam-Level line contains a number of "*" that describes the spam score. The number of asterixis shown is based on the digit(s) to the left of the decimal point - The score of 2.4 becomes 2 asterixis and a score of 12 would result in 12 asterixis listed in this field.
> X-Spam-Flag: NO
- Yes or no, did the total spam score exceed the setting used by quarantine to IMAP, "Tag as spam if the score is above".
> X-Spam-Status: No, score=2.4 tagged_above=-999 required=999 tests=[HTML_MESSAGE=0.001, MIME_HTML_ONLY=2.299, RDNS_DYNAMIC=0.1]
- A summary of all the above and more.
- No: the spam flag(?)
- score: the spam score, same as the X-Spam-Score header
- tagged_above: emails w/ spam scores above this get headers added, -999 means all email get done
- required: score required to add 'spam detected' headers, 999 is never
- tests: the rules the email matched on, with each rule's score
What does the filtering?
Alternative filtering setups
- Message filters are a great way to make customized rules to sort emails.
- SpamAssassin or other filtering programs can be installed and run from your own hosting space, giving you full control over them.
- Third-party filtering providers can filter emails and deliver them back to your DreamHost-hosted mailboxes.