FAQ

Home » FAQ » Spam

ZeroLag Communications offers you two separate methods to filter your spam. Though distinctly different, each method provides a great solution to blocking unwanted e-mail.

Please read about both solutions below, and choose which one is right for you.

General Questions

What's an e-mail client? - An e-mail client is simply the application you use to check your e-mail. Common examples include Microsoft Outlook, Mozilla Thunderbird, or a webmail system.

What's a header? - An e-mail has two parts - the headers and the message. Common headers include 'To', 'From', and 'Subject'. Although your e-mail client might not display them, e-mails have many more headers. These additional headers contain all sorts of information, like where the e-mail came from, and most importantly in this case, whether or not the message is spam.

Having problems sending us your headers? Please read this article on how to send full headers from a variety of e-mail clients.

What's a spam threshold? - Our filters analyze every e-mail sent to our servers, and run a series of tests on the e-mail. Based on the results of those tests, the filter will assign a score to the e-mail to reflect the likelihood of the message being spam. A higher score means that it looks more like spam. Our system lets you set the threshold at which you will consider a message to be spam. The default is 4.0, which is designed to be effective yet conservative, to minimize the chance of filtering a legitimate e-mail. At 4.0, for example, any e-mail with a score greater than or equal to 4.0 would be filtered, and any message below 4.0 would not be. If you want to increase the aggresiveness of the filter for your account, simply lower the threshold - we don't recommend, however, that you go far below 3.0, or you may miss legitimate e-mails. For debugging, every e-mail you receive will have the threshold as well as the spam score in the headers.

I'm still getting spam, what should I do? - The volume of spam on the Internet is growing at an extremely quick pace, and spammers are rapidly finding new ways to get around spam filters. In order to face this threat, we are constantly improving our spam filters. If you are still getting spam, we want to know about it. You can report unfiltered spam to us by sending it to spam_report@zerolag.com. Please forward the message with the full headers intact - we'll need those to determine why the spam got through. If you're unsure of how to display the full headers, please refer to this site.

Your system blocked a non-spam message! - One of the risks involved with spam filtering is that eventually a non-spam e-mail could be blocked. In our case, by default we err on the side of caution - generally it is worse to miss one legitimate e-mail than to receive one spam. Our caution pays off in that most of our customers never have a legitimate e-mail filtered. In addition, both Client-Side Filtering and Server-Side Filtering ensure that any e-mails marked as spam are not lost forever, they're simply contained in another folder. However, if our filter does mark a legitimate e-mail as spam, we want to know about it, so that we can make sure it does not happen again. Retrieve the e-mail from your spam folder, and forward it with full headers to ham_report@zerolag.com. 'Ham' is the term used to refer to non-spam e-mails.

I don't want these virus alerts. - By default, our system will always notify the recipient if it blocks an e-mail due to virus content. This is to prevent the chance of losing a legitimate e-mail that you may have needed. If you'd rather not get these virus alerts, simply log into your ZeroLag Control e-mail panel, select your e-mail address, and apply a blacklist for the address virusalert@zerolag.com.

I'm getting a lot of "Mail delivery failed" messages in response to spam that looks like it came from me! Is my email account hacked? - No, your account has not been compromised. "Backscatter spam" is the technical term for this irritating recent trend in which spammers send spam to email accounts that they know not to exist, with forged From addresses containing an account that they believe does exist (e.g., yours). The mail server that hosts the nonexistent address, trying to be helpful, sends a bounce message to your address letting you know that your message couldn't be delivered. Backscatter spam is triggered by the configuration of the remote mail server that hosts the nonexistent address, not our mail servers. We do continually add new rules to our spam-detection system to detect common backscatter spam, but there are only two general solutions to the problem:

If you have your own domain name and are trying to prevent backscatter spam from being sent to it, you can set up a Sender Policy Framework DNS record for your domain. However, not all remote mail servers honor SPF records, and spammers tend to find ones that don't. Also, setting up an effective SPF record requires that you only send mail out through a specified set of servers - usually just ours - which means that you might need to reconfigure your email client and you might have difficulty sending mail from computers that have restrictive Internet connections (for instance, a laptop on a hotel network). Contact us if you'd like to discuss setting up an SPF record.
You can create a new folder in your email client and configure your computer to route all "Mail delivery failed" and similar messages to that folder. This is particularly effective when combined with Bayesian spam detection on your computer, but it does mean that you'll need to remember to look in that folder for bounced copies of important messages that you really did send.

If you'd like to learn more about the technical details of spam, please see this article.

Client-side Filtering

Our custom mail scanners use a combination of specific filters and tests to determine if e-mail destined for your inbox is spam. If our system thinks an e-mail is spam, it will add a header to that e-mail in the form of X-Spam-Flag: YES. In order to prevent potential loss of important e-mails, our system will always pass the message on to the recipient if you use this method. To enable Spam Filtering for your e-mail account, you simply need to instruct your e-mail client to look for the X-Spam-Flag: YES header and filter the message accordingly. This approach offers the highest degree of flexibility for spam filtering, but if your e-mail client does not support filtering, you may need to use Server-Side Filtering.

Select your e-mail client below for instructions on setting up client side filtering. Our system is already set up to include the X-Spam-Flag header for all accounts, so there is no need for additional configuration on our side. If your question is not covered within these options, don't hesitate to contact us.

Server-Side Filtering

If you don't want the messages that our server marks as spam to be filtered at the client level, you can choose to enable Server-Side Filtering. This method, however, is a little more complex to set up than Client-Side Filtering. There are a few prerequisites:

Your e-mail domain name is currently configured in the ZeroLag Control site.
You have an 'All Access' or 'Technical (Full Access)' account for your company in Control.
The e-mail address has a login on our servers, and is not just a forward.

If you pass those three qualifications, you can enable Server Side Filtering by doing the following.

Log into ZeroLag Control with your Control username and password (not your e-mail username and password).
Click E-mail on the left side of the page.
Click on the appropriate domain from the list.
Click on the appropriate e-mail address from the list.
You're on the View E-mail page. Click Edit E-mail.
Check Server side spam filtering, and then click Save. You're done!

Once again, if you have any questions or comments about our spam filtering solutions, we would love to hear from you. Contact us at any time.