To home page

Fighting spam on your mail server

Modern methods to protect email from spam.

Spam is the mass unsolicited distribution of advertising and fraudulent messages. Today, spam accounts for over 50–60% of global email traffic. It mainly originates from botnets (networks of compromised computers and servers), open relays, and proxy servers.

There are two primary layers of spam protection:

  1. Pre-delivery filtering — blocking spam before it reaches the mailbox
  2. Content filtering — analyzing messages after they have been accepted

1. Pre-delivery filtering

These techniques allow you to reject the majority of spam before it even lands on your server.

DNS Blacklists (DNSBL / RBL)

One of the most popular and effective methods. The server checks the sender’s IP address against public blacklists such as Spamhaus, SpamCop, Barracuda, and others. If the IP is listed, the message is either rejected or flagged as spam.

Greylisting

A highly effective defense against spam bots.
When an unknown sender attempts to deliver a message for the first time, the server temporarily rejects it with a 4xx error (temporary failure). A legitimate mail server will queue the message and retry later. Most spam bots do not retry. Once a successful retry occurs, the sender is added to a whitelist.

SPF, DKIM, and DMARC

  • SPF — verifies whether the sending server is authorized to send mail for the domain.
  • DKIM — checks the digital signature of the message.
  • DMARC — a policy that combines SPF and DKIM and defines what to do with messages that fail authentication.

Together, these three technologies dramatically reduce email spoofing and phishing.

Additional technical checks

  • HELO/EHLO hostname validation
  • Callback verification (checking if the sender actually exists)
  • Rate limiting (restricting the number of messages from a single IP in a short time)

2. Content filtering (Post-Delivery)

Even if a message passes initial checks, it can still be analyzed for spam characteristics.

Popular tools include:

  • SpamAssassin — a powerful, rule-based filter with Bayesian learning and DNSBL integration.
  • Rspamd — a modern, fast, and highly efficient alternative to SpamAssassin (recommended in 2026).
  • Dovecot Antispam + Sieve — filtering directly at the mailbox level.

  1. At the Gateway (Pre-Delivery):

    • Greylisting
    • SPF + DKIM + DMARC
    • Multiple DNSBLs (Spamhaus Zen, Barracuda, etc.)
    • Rate limiting

  2. Content Analysis:

    • Rspamd (preferred) or SpamAssassin

  3. User-Level Filtering:

    • Sieve rules
    • Dedicated “Spam” folder in the email client

Best practices

  • Never rely on a single method — combine multiple layers for the best results.
  • Regularly update spam rules and blacklists.
  • Avoid overly aggressive settings initially — you risk blocking legitimate mail.
  • For business or high-volume email, consider professional services such as Mailchannels, MXGuard, or SpamExperts.

Help

If you have any questions or need assistance, please contact us through the ticket system — we're always here to help!

Need help?Our engineers will help you free of charge with any question in minutesContact us