SurgeMail spam and virus prevention

This email server offers advanced features to identify undesirable spam email, block virus infected mail and prevent abuse of your mail server by spammers. Naturally these features can be individually configured. In addition you can choose between several virus scanner options (Avast, F-Prot or any command line scanner)

E Mail Server With Spam and Virus Protection

Open Relay database check + SPF checks

Surgemail has integrated support for a variety of sender identification checks. This includes:

- Integrated Open Relay check connecting to any external ORB database to ensure the sender is not blacklisted for sending spam email.

- Integrated SPF checks to verify the sender is actually who they say they are.

If a message fails one of these checks the message can the message can be bounced or rejected immediately or this result can be used to add to the ASpam spam detect score to reduce false positives.

Sender behaviour limitation

SurgeMail email server has dozens of configuration options to directly block or tarpit users or servers identified as abusing the mail server. These include banning by sender IP address, recipient mail address, from mail address, limits on number of recipients per email, maximum bad addresses in a row, email per sender IP address and maximum messages to a single mail account.

Virus scanner integration

SurgeMail email server will integrate with any external command line virus scanner that has the option to delete mail if it contains a virus. eg: This allows you to use for example Command, Sophos or Norton virus scanners. See here for details.

For Windows we recommend "Avast! for SurgeMail" based on ALWIL Software antivirus technology which is fully integrated. See installation and configuration.

F-Prot is also supported for UNIX and Windows, see here for details.

ASpam anti-spam system

SurgeMail has built in support for Aspam. This is a message "spamminess" scoring system based on the sum of the following:

- Customisable rule database maintained by netwin staff - This is approx 60% accurate on common spam.
- Auto training database of recent messages that "look like spam" based on poly and multi symbol statistical word matching. Approx 90% effective if no local training is done, approx 99% effective if local training is done.
- Auto training database of recent messages that "look like spam" based on message parameters such as URL content. Approx 40% effective if no local training is done, approx 99.5 effective on trained data.
- Catcher addresses that should never receive genuine mail, and if mail is received on these addresses it a known a spammer.
- Optional modification of scoring based on ORBS and SPF checks.

The auto training databases consist of a base set of rules maintained at combined with local training based on messages submitted by the users of your system as uncaught spam or as a false positive.

Based on this "SpamDetect score" messages can be filtered at a serverwide level or at a per user level allowing individual users to fully customise their filtering setting up a totally customised "personal antispam policy" based on their chosen level of spam 'tolerance'.

Advanced mail rules

Using elaborate rules customised policies can be setup for mail forwarding, archiving and filtering. Filtering will typically take some form of action on messages identified as spam by SmiteSpam or external spam identification filters. An alternative use for filtering is to limit mail based on content. This can be internal to surgemail using mfilter rules or externally using your own filter application using g_filter_pipe.

eg: This could allow you to setup policies that

  • Mail identified as almost certainly spam is either dropped or bounced
  • Mail with undesirable subject matter in body or subject line is bounced

Friends only system

The friends only system is a challenge response system allowing users to opt to receive messages only from friends. Non friends are automatically questioned to determine if they are human. All mail from non friends is held pending on the server until the user has decided what to do with it. Status reports are sent to the user on a regular basis to provide information on the Friends system and any mail pending delivery.

See our brief guide on stopping spam for existing and new users.


Next: Extended SPF