Dealing with Spam Messages FAQs

To prevent spammers from delivering spam directly to your mail servers without filtering, you must make sure your mail server only accepts emails originating from the Mail Assure filtering system.

To only accept messages from your filtering nodes you need to allow emails based on your delivery server hostname or IP(s). Allow incoming delivery from the IP range 185.201.16.0/22 and master.antispamcloud.com.

Delivery Restriction Examples

The following describe how to configure your MTA to restrict filtering to the Mail Assure servers:

For any other MTA configuration details, please consult the relevant MTA documentation.

Allow incoming delivery from the IP range 185.201.16.0/22 and master.antispamcloud.com.

Even though you are using the anti-spam feature correctly, it is possible that you still receive some spam. The following page describes what steps you can take to determine why you are still receiving spam messages and how best to resolve this: What should I do when I receive spam?

Bounce spam can be a particularly frustrating type of spam mail to deal with. For full details on dealing with bounce spam see our How can I protect against bounce spam? page.

We advise that you ensure the Block attachments that contain hidden executables option is enabled for all your domains by default this is highly effective against so called 0-day malware. Once this is enabled, messages that are sent with executables within a compressed archive (e,g. .zip, .rar etc.) are rejected and quarantined.

Blocking specific attachments or extension types can be done by using our Manage Attachment Restrictions feature.

Mail Assure scans incoming email and assigns a spam score based on a number of different classifiers. This score, along with a classification is shown in the emails header. You can find details on how to view email headers using different products here.

Example headers for Mail Assure without branding:

X-MailAssure-Class: ham
X-MailAssure-Evidence: SB/antispamcloud_com (0.0269712609549)
X-Recommended-Action: accept

Example headers for Mail Assure with branding:

X-AceITSupport-Class: unsure
X-AceITSupport-Evidence: Combined (0.77)
X-Recommended-Action: accept

There are several reasons why a message cannot be found in the quarantine:

  • Quarantine days expired - Normally Mail Assure stores quarantined spam for a maximum of 14 days. After that, older messages are automatically removed so that new messages may be stored.
  • Quarantine is disabled - If the quarantine is disabled (in the Incoming - Filter Settings page), all messages are delivered to the recipient mailbox, including those that would normally be quarantined. Even though those messages have not been quarantined, they still appear as 'Rejected' in the log.
  • Message is already released - if a message has already been released from the quarantine, it will no longer be available. The Classification column in the Log Search should provide information about this.
  • Not all blocked messages are quarantined - whether or not blocked messages are quarantined depends on the reason they are blocked. For more info, see Message Classifications.

In order to perform any actions on these messages in the Log Search, they would have to be resent by the sender, assuming the issue that blocked the message in the first place has been resolved.

Each email application has a different method to view email headers. We have tried to document as many of these as we can, but please be aware that as this is third-party information, steps may not be up-to-date. See How can I view email headers in different email applications? for details.

It is not possible to block/allow messages based on character set, but you can block/allow messages based on MIME language using the Blacklist Filtering Rules and Whitelist Filtering Rules pages at Admin or Domain Level. For full details, see How do I block or allow messages based on language?.

Blocking or allowing based on country or continent is possible using the Blacklist Filtering Rules and white Filtering Rules pages at Admin or Domain Level. For full details, see How do I block or allow messages by country or continent?.