Spam Control Help
- You will need to look at the X-Alligate headers in your messages to determine the details about why messages are arriving in your mailbox without being filtered. The X-Alligate headers are the ones that are related to the spam control system.
- You may need to adjust your spam control sensitivity by lowering your hold scores and/or your delete scores.
- You may have one or more entries in your whitelist that are too broad. For example, if you whitelist "com" in the From section, that would whitelist all messages with "com" in the From field, including "yourfriend@something.com", "spammer@junkmail.com" and "abccompany@commercialgarbage.net").
- You may want to review your blacklist settings. Since that is used to automatically hold or delete messages (based on country of origin), using this feature can often dramatically reduce the amount of garbage you receive.
- A malformatted whitelist entry may cause this if it contains special characters that could potentially confuse the spam control system during the filtering process.
- Some spam messages take advantage of Cascading Style Sheets (CSS) in HTML-formatted messages to take seemingly random characters in the message body and visually arrange them to appear like normal words when you view the content.
Filtering these types of messages is a bit tricky. The manufacturer of the software we use continues to improve internal methods for filtering these types of messages.
- Some messages are sent with nothing more than an image or two attached (displayed in-line) with all of the spam content contained in the images.
Spam filtering systems have no way of reading whatever text may appear as part of an image.
Some mail programs such as Outlook Express 6 (on Windows XP) and Outlook 2003 and later automatically prevent displaying images embedded into HTML-formatted messages unless you request that the images be displayed.
- Some messages are sent with nothing more than a PDF (Adobe Acrobat) document attached to the message. Since PDF files are binary files, there's no way for the spam control system to filter based on the content contained within the PDF files.
- Whitelisted messages are automatically delivered to you without being filtered.
- There are countless factors that are considered when the spam control system filters messages. Whether a message is delivered to you, gets held in the spam digest, or gets deleted depends on those factors as well as the various spam control settings configured throughout this site.
- Add the following to your whitelist: friends, family members, coworkers, business contacts, and anyone else from whom you would normally expect to receive legitimate mail.
- Include email addresses or names from your address book in your whitelist
- Review your whitelist and blacklist settings to make sure you haven't blacklisted a particular country without first adding that sender to your whitelist. For example, if "myfriend@someplace.com" sends you email from Germany, but you blacklisted all mail from Germany, you would not receive the messages from that person unless he/she has been added to your whitelist.
- If you have registered a domain name such as mycompany.com, you should whitelist the domain registrar (e.g. @networksolutions.com) since they will periodically contact you regarding domain registration renewals and reminders to keep your domain registration contact information current.
- Reply to the Spam Digest that was emailed to you, selecting the messages you want. Instructions are included in the digests that are emailed to you.
- View/process any of your Spam Digests using this web site. Instructions are on that page.
- One of our other mail processing servers may automatically delete the message if a virus is detected in the message.
- If you have any message filtering configured on the POP3 server (via the webmail), you may need to review the configuration to make sure you're not filtering out legitimate mail. Log onto the webmail then click Rules on the left...
- If you have any client-side message filtering / message rules configured in your mail program (Outlook Express, etc.), review your settings to make sure you not filtering out legitimate mail.
- If you connect to the internet through a different ISP, your outgoing (SMTP) mail may be passing through their mail systems before the mail arrives here to be processed. If that ISP incorporates spam filtering of their own, they may be filtering outgoing mail from their own customer connections. Since the replies to the spam digests look like they may be spam messages (to a machine), the legitimate replies to the spam digests may be filtered and deleted by that other ISP without the reply ever reaching us. You can log into the Spam Control web site and view/process your spam digests from there.
- If your spam control sensitivity is set too leniently, the assessed penalty points may never reach the hold scores (threshold limits) you've configured.
- If your adult delete score is the same as your adult hold score, affected messages are deleted instead of held.
If your spam delete score is the same as your spam hold score, affected messages are deleted instead of held.
- If you have any message filtering configured on the POP3 server (via the webmail), you may need to review the configuration to make sure you're not filtering out the spam digests.
Log onto the webmail then click Rules on the left where the folders are displayed.
- If you have any client-side message filtering / message rules configured in your mail program (Outlook Express, etc.), review your settings to make sure you not filtering out the spam digests.
- The most common and obvious cause for this is that the sender sent the message to an invalid email address:
- The sender mis-typed your email address
- Your mail program may have your email address incorrectly entered into it; this affects replies to your messages. See this: http://support.nettally.com/mail
- If the bounce message contains a website address resembling the following (the IP address will be different), the sender needs to go to that address to find out why the message bounced back and get the problem resolved.
550 mx1.nettally.com refused - see http://www.mxrate.com/lookup/refused.asp?ipaddress=192.168.222.45
- See Why do messages sent to me get bounced back to some senders? above.
- Review your spam digest(s) to see if the message was held. If it was, deliver it and optionally trust the sender.
- If someone sent you an email with large attachments, your mailbox may not have the capacity to accept the message.
- If the sender sent the message through a mail server known to distribute a lot of spam, our mail servers may have rejected the SMTP connection from that remote mail server.
If this is the case, the sender would have received a bounce message indicating this.
False-positives of this nature are rare.
See the Why do messages sent to me get bounced back to some senders? above.
- If you have any message filtering configured on the POP3 server (via the webmail), you may need to review the configuration to make sure you're not filtering out legitimate mail.
Log onto the webmail then click Rules on the left where the folders are displayed.
- If you have any client-side message filtering / message rules configured in your mail program (Outlook Express, etc.), review your settings to make sure you not filtering out legitimate mail.
- The spam filtering system only scans for whitelisted data contained in the message headers.
The message body is not scanned for whitelist data.
For most users, whitelisting data found in any combination of the From, Reply-To, To, Subject message headers is sufficient.
The name portion of the apparent sender and the recipients (e.g. John Smith in "John Smith" <jsmith@something.com>) is not scanned for whitelist data when using the From, To references.
Technically, when the spam control system scans a message, it looks at the MAIL FROM and RCPT TO data found in the SMTP message envelope rather than the sender and recipient email addresses found in the message headers (From, To, etc.).
- The spam control system does support whitelisting other message header data, such as IP addresses, mail server names, sender and recipient names, etc., however most people would not have a need to reference these, so we didn't create an interface through this website to reference other header data. If you have a special case and need something else in the message headers whitelisted, contact us and provide the full message headers from any messages you're having problems whitelisting via the existing interface on this site.
- The blacklisting capabilities built into the spam control system are vastly more complex and powerful than most people realize.
With the exception of blocking mail from specified countries, we presently do not provide user access to the blacklisting features.
- Most people would have a tendency to start entering in various words/phrases and email addresses that are associated with spam and this would usually be unnecessary and slow the filtering process down.
Entering in various words and phrases is almost always pointless because the spam filtering system already penalizes messages based on these words/phrases and various permutations of them.
Entering in email addresses of the apparent senders is no longer practical in most cases because spammers (and virus creators) almost never use email addresses that relate to them in any way.
The addresses in the From headers of spam messages are almost always dynamically changed with each message and are made up or harvested by spyware/adware running on unsuspecting users' computers.
The addresses may be real email addresses--but not of the actual spammer.
- If you have already reviewed all of your various spam control settings and you have a special case where you are still receiving spam from a consistent source or a consistent non-encoded word/phrase appears somewhere in the message or message headers, you can contact us to see if it's something we can help with.
Do not forward spam email without including the full message headers.
Spam is unsolicited junk email--something that has become increasingly annoying to everyone but the spammers--the ones who create and distribute the garbage.
See the following references for all sorts of useful information about spam:
Since spam and viruses are often distributed the same way and recipients' email addresses are often harvested the same way, the information here applies to both spam and viruses.
Most spam is now sent with spoofed (falsified) From addresses--which either has already or probably will include your own email address. This benefits the spammers in at least two ways:
- It makes it harder for people to determine the message's true origin, so complaints are often misdirected to invalid addresses or unsuspecting innocent people.
- When messages are bounced back for some reason (e.g. the recipient's mailbox doesn't exist or is full, etc.), the bounced messages won't fill up the distributor's mailbox--it'll go elsewhere.
Unfortunately, because so many people's email addresses have already been harvested by spammers and virus creators, virtually everyone has received bounced messages that make it seem as if they (you) have sent a message to someone that you don't know, yet it's bouncing back to you. There's little you can do to prevent this from happening, so unless you have the time to research email message headers to determine the true origin of the junk, just delete the messages keeping in mind that some of the bounced messages may contain virues as attachments.
How can you prevent someone from sending out mail using your email address? For the most part, you can't. It's essentially the same thing as putting someone else's address in the upper-left corner of an envelope and sending off the mail. If it gets returned for some reason, it'll go to the address in the upper-left corner regardless of who really sent the mail. You can't stop that or the email version.
- If you receive legitimate email or spam that was sent to someone else and you don't see your email address in the "To" field (message header) or "CC" (carbon copy) message header, then your email address must have been included in the "BCC" (blind carbon copy) message header. Email addresses included in that field are not visible to the recipients, hence the term blind carbon copy.
See also:
Email Address Harvesting: How Spammers Reap What You Sow
Network Tallahassee Support: Internet Security
Spammers and virus creators often use specialized software to search the internet for email addresses that appear on websites, archived newsgroup postings, message boards, etc. If your email address is visible somewhere on the internet, you can bet that you will receive spam at one point or another.
Any time you enter your email address into a form on a website (e.g. for purchasing products, signing up for some kind of service, etc.) read the fine-print! You may be granting them permission to distribute some/all of the information you enter into the forms.
Any time you install software onto your computer--especially software obtained from the internet, read the EULA (End-User License Agreement)--the very long agreement that no one wants to read. You may be granting them permission to distribute some/all of the information you enter into the registration forms.
Another method for harvesting email addresses is by using address books and cached webpages that exist on computers that have been infected by viruses and/or spyware / adware. Some spyware/adware does nothing but cause annoying pop-up advertisements to appear on your computer for no apparent reason. Other forms of spyware can be used to cause all sorts of mayhem on your computer--similar in ways to some viruses or worms. Trying to manually remove some of this garbage is often nearly impossible.
Luckily, there exists software that can remove much of this mysterious trouble-making garbage on your computer. A few popular anti-spyware/adware utilities are:
For an in-depth article on spyware/adware (including reviews of anti-spyware/adware software), see this:
Spyware--It's lurking on your machine