Spam filtering

Fastmail has robust spam filtering options that can be customized to a user's needs. We can stop many spam emails before they even arrive in our servers, and most remaining spam messages are caught and filed into Spam for an individual user to check.

Custom spam protection settings

Spam protection settings can be be controlled on the Settings → Spam Protection screen. Selecting Custom gives complete control over when messages are:

These are determined by a message's spam score: a number that shows how likely the message is to be spam. By default, we move anything with a score of 5 or higher to your Spam folder.

You can also specify how to deal with backscatter.

The spam checking process

As mentioned on the SMTP checks page, Fastmail performs many checks at the time an email is received to stop spam. While these tests are very effective, they can't stop all spam, and some still enters the Fastmail system. After Fastmail receives the email, we perform a number of checks based on the content of the email to try and determine if the email is spam.

Each message we receive is analyzed using SpamAssassin and assigned a spam score.

The main types of checks done by SpamAssassin are:

Forwarding hosts

In Show advanced preferences, you can specify "Forwarding hosts". Forwarding hosts are other services that you forward mail through and trust, for example, your university alumni account. This can help you receive mail from this service more reliably.

In most cases, SpamAssassin will only look at the most recent service through which an email is transferred. This is because it is difficult to verify message headers once an email has been passed through more than one network (for instance, through forwarding). This means that if a message is forwarded without the forwarding service being added to your Forwarding hosts, then the service you forward messages through will be checked against RBL's (Realtime Block Lists).

By specifying the forwarding services as trusted hosts, we can scan back through them to find out the real source of the email. Internally, we have a list of trusted hosts for all users (for common mail providers).

You can add to this list (for your account) by specifying the domain names in the "Forwarding hosts" field on the Settings → Spam Protection screen under Show Advanced Preferences. For instance, you may have an email address at your old university and forward all the email that arrives in this account to Fastmail. In this case, you would want to add the domain of the university to the trusted hosts list. Doing this will allow us to check back through those forwarding headers to find the true source (originating IP address) of the message.

Being a "trusted" system doesn't mean we don't spam check the message, it just means that we check back through the Received headers to find what server delivered the email to that service, rather than using that service's IP address.

Fastmail does support ARC, a new standard designed to solve the problems with email forwarding and authentication. However, few other services currently support ARC, so it's still necessary to add forwarding hosts to your Fastmail account to help us detect legitimately forwarded messages more accurately.

Trusted hosts

If you have certain hosts you don't want to subject to regular spam filtering, you can "whitelist" them. By adding the domain to your contacts using a wildcard alias (*@trusted-domain.com), all mail coming from that domain will be automatically accepted. By adding this alias to your contacts, you are marking the domain as trusted.

Whitelisting a domain only works if we detect that the message was actually sent from the domain that is whitelisted. If a message has forged headers to make you believe it is coming from the whitelisted domain, it will still be detected as spam.

Spam check headers

The Fastmail system adds the following headers to spam checked email.

Not all headers may be added on each message.