Advanced Spam Handling Techniques

SPAM just gets worse, so we have implemented some things on the server which you can utilize within your control panel to cut over 95% of it out. This document details how to implement these features.

We have implemented spam tagging within the headers of all messages. With this tagging you can utilize the Spam Filters in the Email Menu of your control Panel. You can also utilize the Spam Filters to gain more control of your SpamAssassin configuration.


Note: This advanced technique works best if you disable the “SpamBox” feature in your SpamAssassin controls if you are utilizing it. We are going to create a single mailbox for spam so that you can verify that spam is indeed getting filtered, and so you can recover any messages which get filtered as spam that shouldn’t be (false positives).


Step 1: Create a mail account in your control panel named something like thetrap or spamtrap. Do not just name the account spam or you may end up with problems as spam is utilized by server functions and you may end up with a conflict.


Step 2: Next we want to get rid of all the spam that comes in addressed to nonexistant addresses at your domain. By default your account comes with a default email address and that is a “catchall” for any mail addressed to your domain as well as any domain you park on your account.  We recommend that you go to the Email Menu in your control panel and then click on Default Address. Now you will see the following text with a dropdown box for each domain on your account. “Enter the (complete) e-mail address to receive all unrouted mail for” and then a box showing your domain name(s). Then directly below that is a empty box. You have the option of entering a email address to receive the mail which you created in step 1 above, or just deleting the mail, or bouncing it with a specific message.


Bouncing with a specific message works well, so if someone misaddresses a email to you they will get a message back indicating the mail failed because they had an incorrect address. If you use the bounce method, I do ask that if you do not have a postmaster account set up on your domain, create a spam filter that deletes mail to postmaster, otherwise I get all the bounces as postmaster for the server. To bounce messages put the following in the empty box:


:fail: user unknown


Notice the colons at the beginning and end of :fail: these are essential for this to work.


To simply delete it put the following in the empty box:


:blackhole:


Notice the colons at the beginning and end of :blackhole: these are essential for this to work.


Step 3: Now we are going to enable SpamAssassin if it is not enabled on your account, and set the “Required Hits” to designate something as spam. If you already have SpamAssassin enabled, then just set the “Required Hits“. We recommend setting “Required Hits” to 2.5 to start with in your SpamAssassin controls. If you find this setting is too strict, you can increase the number to 3 or whatever works best.


Step 4: The first Spam Filter you create will be for SpamAssassin tagged spams. Go to Spam Filters in your Email control panel, and scroll to the bottom section where it says Add Spam Filter.



  • In the first box select Spam Assassin Spam Header.
  • In the second box select begins
  • In the third box type in Yes
  • In the Destination field put in the email address you created in Step 1.

When you look at headers of messages this filtered they will contain X-Spam-Status: Yes followed by info on why SpamAssassin thinks they are spam.


If you leave this set to Discard it will delete the messages. Once you are confident valid email is not affected by this filter, you can Discard, but we recommend verifying the results first by routing to your spamtrap email account.


Step 5: The next filter will be for emails we are tagging as spam on a server level. We utilize many different spam lists to determine this. Some of the lists we use are Spamcop.net, dsbl and others. Go to Spam Filters in your Email control panel, and scroll to the bottom section where it says Add Spam Filter.



  • In the first box select Any Header.
  • In the second box select contains
  • In the third box type in X-cohost1-MailScanner-SpamCheck: spam
  • In the Destination field put in the email address you created in Step 1.

When you look at headers of messages this filtered they will contain X-cohost1-MailScanner-SpamCheck: spam followed by info on which spam lists they were found in.


If you leave this set to Discard it will delete the messages. Once you are confident valid email is not affected by this filter, you can Discard, but we recommend verifying the results first by routing to your spamtrap email account.


Step 6: This last filter will also be for emails we are tagging as spam on a server level with a slightly different system. This one is probably redundant with the step 5 filter but provides some backup if it doesn’t work for some reason. Go to Spam Filters in your Email control panel, and scroll to the bottom section where it says Add Spam Filter.



  • In the first box select Any Header.
  • In the second box select contains
  • In the third box type in X-DUL-Warning:
  • In the Destination field put in the email address you created in Step 1.

When you look at headers of messages this filtered they will contain X-DUL-Warning: followed by info on which spam list they were found in.


If you leave this set to Discard it will delete the messages. Once you are confident valid email is not affected by this filter, you can Discard, but we recommend verifying the results first by routing to your spamtrap email account.


Ok, now you have spam being filtered to a specific email account, but it still leaves you with having to deal with all the spam in that account if you are not discarding it. I have found that by using a free program called Mailwasher, I can quickly browse the spamtrap email account and delete all the spam without having to download it all. We have made Mailwasher available in our download library so you can easily deal with your spam.


An alternative to using MailWasher would be to use your webmail to browse and delete spam, but it is a lot slower.