Server and email client work as a team in spam protection – with clear role distribution: The server analyzes the message, evaluates it, and adds an appropriate tag. The client then takes care of the practical handling and decides what to do with the email. Only the interaction of both ensures that spam is not only detected but also handled correctly.
Handling Spam on the Server
The main task of the mail server is to reliably deliver emails. It ensures that no message is lost or blocked without cause. Additionally, potential spam mails are detected through targeted checks like greylisting, marked accordingly, and only rejected in cases of very low quality – but only in rare exceptions.
Our mail servers have different SPAM escalation levels:
- Do nothing -> Message is delivered without intervention
- Greylist -> Initial delivery delayed (retry after 10 minutes)
- Add Header -> Invisible note added in the email header
- Add Subject Rewrite -> Visible note added to the subject line (SPAM)
- Reject -> Message is rejected (rare)
Note: The transition between escalation levels is based on a so-called Spam Score – a numeric value the server calculates for each incoming email.
The Spam Score results from many small characteristics that may indicate spam (e.g., suspicious links, missing sender ID, unusual subject lines). The more of these characteristics apply, the higher the Spam Score – and the more likely the message will be flagged or rejected. The exact evaluation is done automatically on the server via our spam detection service.
The order of escalation levels is fixed. The thresholds determining the transition between these levels are continuously monitored and adjusted by the system administration to ensure optimal spam detection.
Users also have the option to configure individual thresholds for specific mailboxes or domains in the Control Panel, allowing more precise spam filter control.
Note: Our system learns continuously – mails that remain in the junk folder help the server better recognize future spam patterns.
Details on the evaluation can be found in the rspamd Spam Metric documentation.
Handling Spam on the Client
The markings set by the server during spam analysis can be used in the email client to specifically filter or process emails.
As already described under Handling Spam on the Server, two measures are primarily applied:
- Add Header
- Add Subject Rewrite
The “Add Header” is set at a lower spam score than the “Add Subject Rewrite” and can be used by the client, for example, to automatically move mails or mark them differently.
More about filtering spam using the header can be found in our article Filtering Email Spam.
Additional Measures
Some email programs additionally support local spam filters like “SpamAssassin” or offer learning functions by manually moving messages to the junk folder.
SpamAssassin is a well-known spam detection tool often used in the email client. It analyzes incoming mails based on various characteristics and helps the client reliably filter or mark spam.
Important: Our mail servers already run a powerful spam filter called rspamd, which handles the described functions (Greylist, Add Header, Subject Rewrite, etc.). SpamAssassin therefore does not need to be configured on the server side but can be used additionally in the email client to improve local spam detection.