Spam filtering

As mentioned on the SMTP checks page, FastMail performs many checks at the time an email is received to stop spam. While these tests are very effective, they can't stop all spam, and some still enters the FastMail system. After FastMail receives the email, we perform a number of checks based on the content of the email to try and determine if the email is spam.

Each message we receive is analysed using SpamAssasin and assigned a spam score: a number that shows how likely the message is to be spam. By default, we consign anything with a score greater than or equal to 5.0 to your Spam folder.

The main types of checks done by SpamAssassin are:

Custom spam protection settings

Spam protection settings can be be controlled on the Advanced → Spam/Virus Protection screen. Selecting "Custom" gives complete control over at which thresholds messages should be:

You can also specify how to deal with backscatter.

Trusted hosts

In custom spam-filtering mode, you can specify "Trusted hosts". This is useful if you have email forwarded to your FastMail account via another provider you trust. Basically SpamAssassin will, in quite a few cases, only look at the network "edge" where the email came from to our system because you can't trust headers beyond that. In the case of forwarding services, that means the forwarding service itself, which are legitimate trusted servers (e.g. gmail.com, outlook.com etc.), are checked against RBLs. That's not really useful and you might end up getting a lot of spam forwarded from them.

By specifying the forwarding services as trusted hosts, we can scan back through them to find out the real source. Internally, we have a list of always-trusted hosts (for common mail providers).

You can add to this list (for your account) by specifying the domain names in the "Trusted Hosts" field on the Advanced → Spam/Virus Protection screen. For instance, you may have an email address at your old university and forward all the email that arrives there to FastMail, in which case you would want to add the domain of the university to the trusted hosts list. Doing this will allow us to parse back through those forwarding headers to find the true source IP of the message.

Note that being a "trusted" system doesn't mean we don't spam check it, it just means that we parse back through the Received headers to find what server delivered the email to that service, rather than using that services IP.

Spam check headers

The FastMail system adds the following headers to spam checked email.

Note that not all headers may be added on each message. No X-Spam headers are added if the message is not spam checked because: