Unfortunately, in rare cases it happens that spam messages are not detected by EuropeanMX. With the following article we would like to describe the steps you can take to determine why you are still receiving spam messages and the easiest way to fix it.
Spammers are often very creative and inventive with their methods to bypass a spam filter. For example, it may be that the message did not go through the filter cloud at all, but was delivered directly to your mail server. You have two options to check if the message has been processed by EuropeanMX:
To effectively protect your domain from spam, you should only use our MX servers in the DNS settings of your domain. If you use other mail servers in the MX settings, then a spammer can deliver spam through them very easily. You can check your current MX records via our MX Checkup.
The message header of an email contains detailed information about the origin of a message and the various stages it has taken. You can learn how to read the message header of an email in our FAQ article "How can I read the message header of a message?". If the message header contains the line "X-Recommended-Action:", then the message went through EuropeanMX and was checked by the filter. Now you can also search for the line "X-EuropeanMX-Evidence:". For example, if the line says "Allow listed", it means that the message was not checked because the sender/recipient is listed in the allow list in EuropeanMX.
The following lines are added by EuropeanMX:
If the EuropeanMX "X-Headers" are missing in the message header, it may mean that they have been removed by your mail server. But it can also mean that the message did not go through our filter and was delivered directly to your mail server. There can be different reasons for this:
If you see the value "Allow listed" in the line "X-EuropeanMX-Class", it means that the sender or recipient address is listed in the respective allow list of your domain. Spammers very often use fake sender addresses when sending mail. If possible, they try to use sender addresses that have been entered by the recipient on his allow list. That is why it is important that you never enter your own e-mail address in the sender allow list, otherwise you may receive spam messages with your own address as sender. You should really only use the allow list for addresses where you know the sender is safe but whose messages may be suspicious. However, legitimate messages are blocked only in very rare cases.
In order to protect you optimally from "false-positives" (legitimate messages that have been marked as spam), EuropeanMX combines many different technologies. Of course, we always want to avoid that legitimate messages are blocked, so it may happen that a spam message is classified as "ham" (legitimate message) or "unsure" (unsure if legitimate). This can happen, for example, if a message appears to come from a legitimate source. You then have the option to report such a message as spam and thus train the filter algorithm to improve the detection of similar messages. You can learn how to train messages in our FAQ article "How can I report spam messages that have not been filtered as spam?".
Forwarding domains policy: If you use multiple domains that act as forwarding domains for the domain you are using our spam filter for, then we will not block spam messages as they originate from a forwarding server. You are welcome to set up the forwarding domains as free alias domains with us and set our MX records for those domains to protect them as well. If you want to check which email address a message was originally sent to, please check the "Received:" lines in the message header.
Despite the measures taken, it is still possible that you will receive a spam message because the filter did not recognize it correctly. If this is the case, you can report this message to our system as spam and thus contribute to the improvement of the filter technology. All reported messages are analyzed and processed centrally by us. You can find out how to report messages as spam in our FAQ article "How can I report spam messages that have not been filtered as spam?".
Please note that a spam message can only be reported and processed for training if the message header contains the "X-Filter ID" line. If this is removed, we cannot assign message in the system and thus cannot analyze it.
If, despite using our spam filter and after checking the above steps, you continue to receive many spam messages, please collect all spam messages in a zip file in .eml or .msg format and send it to us. Please contact us to find out the appropriate mail address to send them to.
Finally, we would like to ask you to make sure that the messages you collect are indeed spam messages. Messages from senders you have subscribed to in the past (newsletters, etc.) are not considered as spam by us. They offer an unsubscribe feature, which allows you to unsubscribe if you no longer wish to receive such messages.
If a legitimate message has been classified as spam by EuropeanMX, then you should check the content of the message. It is possible that the message contains suspicious elements that could cause the filter to classify it as spam.
If a legitimate message has been detected as spam and quarantined, then you can release and train it. You can learn how to train a message as "Ham" in our FAQ article "What is HAM?". How can I report HAM messages?".
English
Deutsch
Arabic
Armenian
Bosnian
Bulgarian
Croatian
Czech
Danish
Dutch
Estonian
Finnish
French
Georgian
Greek
Icelandic
Italian
Latvian
Lithuanian
Luxembourgish
Macedonian
Norwegian
Portuguese
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Turkish
Ukrainian