[SFF Net Logo]
[ -,-'-{@  ] In Memoriam
Eugie Foster
Home •  Help •  WebNews •  WebMail •  People Pages
Features •  Store •  Member Services •  Join SFF Net
    SFF Net FAQ

Choose a help topic from this list:
(or use the Master Help Index)

   FAQs
   Test your network connection
   Software Setup Instructions
   New to SFF Net?
   Your SFF Net Account

   Newsgroups


   About the Newsgroups
   Using WebNews

   Email


   About SFF Net Email
   Using WebMail

   People Pages & Hosted Domains


   Your SFF Net People Page
   Your People Newsgroup
   Blogging Tools
   Hosted Domains

Need more help? Click Here

 

    How SFF Net's Spam Filters Work

It's a dangerous world out there. SFF Net's spam filters offer you sophisticated and flexible protection from the scourges of the net such as spam (unsolicitied commercial advertisements), email viruses, worms, trojan programs, and scripts, etc. The filters are very good; however, it's a good idea to be familiar with how they work to be sure you're getting the level of protection you desire.

    System-wide Filters
    SFF Net doesn't accept email from known open-relays/proxies, domains or individuals with a long spam history, or people who send malformed email (missing headers, invalid return addresses, non-existent domains, non-RFC compliant mail servers, etc.). SFF Net also rejects email sent to generic addresses like friend@so-and-so, or email containing known viruses, worms, or trojans.

    You have no control over the system-wide filters. However, if you know of specific email that is being blocked incorrectly -- for example, a mailing list to which you subscribe that uses invalid headers but is otherwise desired -- you may write to Tech Support and ask to have the system-wide filters modified. You MUST include a copy of the headers for the blocked email (i.e., you need to get a copy from someone else, or that was delivered to you at another email address) in order for us to analyze it and make an exception for it.

    Domain Filters
    The Domains content filters allow you to control whether email will be rejected based on information gathered about the sending email client and transmitting server.

      Select these options with care. When these selections are enabled, mail that matches the criteria is rejected by the SFF Net server before any other information about the email is accepted. That means the sender will immediately receive an error and no other data is collected. As a result, SFF Net Tech Support will not necessarily be able to tell from our email logs anything about who was rejected.

    WebMail Options - Domain Filters

    • Accept email only from domains ending in .com, .net, .org, .edu, .mil, and .gov
      Much spam today originates from overseas or from domains that consist primarily of spammers. This section gives you the option of restricting your account to receive mail only from the six major top-level domains (TLDs) in use primarily in the United States.

      IMPORTANT: Before you select this option, there are several important consequences you should consider:

      1. You should only use this option if you are 100% certain that the only mail you will ever want to receive will originate from these domains. Any mail (spam or not) that originates from any other domain will be discarded. If someone from, say, Canada ever sends you an email, it's possible that their email will come from the .ca domain and you will never receive it.
      2. These domains do not represent all organizations used by people in the United States. If you have a friend who has signed up for a domain name using the .name TLD or you expect mail from a museum that's part of the .museum TLD, you'll never see mail from them.
      3. Mail from these domains may not only come from within the United States. Several of these domains (in particular the .com domain) have been granted to organizations outside the U.S. Enabling this option will not block email from those organizations.
      4. The filter uses reverse DNS to determine the origin of the mail. If the sending server does not have a proper reverse DNS entry, mail from that server will be rejected even if it actually is coming from a top-level domain.
      5. If this option is enabled, no exceptions to it are possible. Mail from blocked domains cannot be whitelisted or sent to your junk folder.

    • Refuse email from servers that do not appear to have static IP addresses
      By far the largest sources of spam today are end-user machines compromised by viruses/trojans that send spam without their owner's knowledge. The vast majority of those machines are on dial-up or broadband connections that are assigned their IP address dynamically by their ISP. Since legitimate mailservers use static (or fixed) IP addresses, SFF Net always flags email coming from a server with a dynamic IP address as spam.

      This option selects whether or not to refuse such emails immediately or to flag them as spam. If the option is selected, any email coming from a dynamic IP address will be rejected by the server and you will receive no notice (however, the sender will receive this bounce message "554 We do not accept unauthenticated email from dialup or DSL --send through your ISP").

      If this option is NOT selected, the email will be handled as spam according to your Spam Filters settings (see below). As a result, you may notice a significant increase in the number of spams arriving in your Junk folder with an X-Spam-Identifier header that indicates the email came from a dynamic IP address. If so, you may want to consider enabling this option.

    • Refuse email from servers that do not have reverse DNS
      Legitimate email servers have reverse DNS (rDNS) configured correctly, but many spamming machines do not. This makes the existence of correctly configured rDNS an excellent spam marker. SFF Net always flags email coming from servers with incorrect rDNS as spam.

      This option selects whether or not to refuse such emails immediately or to flag them as spam. If the option is selected, any email coming from a machine with incorrect rDNS will be rejected by the server and you will receive no notice (however, the sender will receive this bounce message "554 We do not accept unauthenticated email from hosts without reverse DNS").

      If this option is NOT selected, the email will be handled as spam according to your Spam Filters settings (see below). As a result, you may notice a significant increase in the number of spams arriving in your Junk folder with an X-Spam-Identifier header that indicates the email came from a machine with no rDNS. If so, you may want to consider enabling this option.

    Personal Spam Filters
    You can configure your mailbox to determine how to handle email that can be identified as spam. To configure your mailbox, go to WebMail, log on, select Options, then WebMail Options.

    WebMail Options - Content Filters

    • Call it spam if it looks like spam
      Check this box to have SFF Net examine your incoming email for known spam markers in the body of the email. This includes things like all-numeric URLs, "Make Big Money!!!" come-ons, links to known spam or scam sites, and other keywords associated with spam.

    • Call it spam if it comes from a known spam domain
      Check this box to have SFF Net examine the headers of your incoming email for indications that the email came from a known spammer. This includes searching for specific IP addresses, server names, or other header information that is associated with sources of spam received in the past.

    • Call it spam if it isn't addressed or CC'd to me
      Check this box to have SFF Net scan the TO and CC headers of incoming email for your email address. The TO and CC addresses are easily forged, and often have nothing to do with the actual recipients. Note that mailing lists often send email with the TO header set to the list address rather than the individual recipient. If you subscribe to mailing lists, or receive mail under aliases, you probably don't want to enable this filter.

    • Call it spam if the envelope and headers don't match, or if the TO is invalid
      Check this box to have SFF Net compare the FROM header with the sender's claimed identity. This filter also checks that the TO header contains a valid email address (but does not check to see if that email address is yours).

      Note that mailing lists often send email with the TO header set to the list address rather than the individual recipient, or with the FROM address set to the list reply address rather than the poster's address. If you subscribe to mailing lists, or receive mail under aliases, you probably don't want to enable this filter.

    • Mail identified as spam should be
      When email makes it through the system-wide filters but not your personal content filters, SFF Net will deal with the email according to your selection here.

      • Discarded -- the flagged email is thrown away
        Caution: Use care before selecting this option. If you choose this option, any legitimate email that gets incorrectly flagged as spam will also be deleted.

      • Delivered to my Junk folder -- the flagged email is delivered to a "junk" folder, which you may read online using WebMail

        There is an additional advantage to using the Junk folder option: you may Whitelist any mail incorrectly flagged as spam so that the sender will be exempt from any further spam checks. To whitelist an email, use WebMail to find the message in your Junk folder, open it to read the message, and then click the Whitelist button. The message will be automatically moved to your inbox, and the sender will be whitelisted.

      • Delivered to my Inbox -- the email is delivered to your inbox, which you may read either online or with a POP3 client. Mail identified as spam but delivered anyway will have an extra header line, X-Spam-Identifier, which tells you why the email was considered spam. You can use this line to easily sort out spam using your email client's message rules, for example.

        The only disadvantage to this selection is that you cannot whitelist a sender yourself. If you wish to whitelist a sender and you're not using a Junk folder, forward a copy of the flagged message (along with full headers) to techsupport@sff.net.

        Note: This option cannot be selected if you have your inbox set to forward to another email address.

    • Do NOT call it spam if the subject line contains the word
      This option allows you to set a "secret word" which can be given out to trusted correspondents to exempt their mail from the Personal Spam Filters checks. Any email that contains the secret word in the subject line will not be flagged as spam by the Personal Spam Filters.

      The word is case-sensitive (i.e. "Gumdrop," "gumdrop," and "GumDrop" are three different words) and should only contain alphanumeric ASCII characters. Since every mail with the chosen word in the headers will be exempted, you should select the word with care. Don't use your name, or a word common to subject lines (like "Hello"), or a word that's a common combining part of other words (such as "auto"]. Like other filter options, this option does not apply if you have forwarding enabled on your SFF Net mailbox.

    Worm, Virus, Trojan, and Identity Protection
    These settings indicate whether or not you want the SFF Net email server to automatically "sterilize" your mail by disabling scripts and executable programs so they can't be automatically or accidentally run and possibly infect your system.

    WebMail Options - Worm, Virus, Trojan, and Identity Protection

    • Disable embedded scripts found in email
      Check this box if you want to have scripts in your HTML mail automatically disabled. The actual script code is not deleted, however the line of code that calls the script for automatic execution is renamed to "$cript" and thus rendered harmless. Any known script commands (such as OnLoad, Script, IFrame, etc.) are disabled.

    • Rename exectuable attachments to non-executable filenames
      Check this box if you want to rename file attachments that arrive with filenames that can be executed (and thus possibly be a virus, or other harmful program) so that they cannot be executed. Filenames are changed by renaming the last period to an underscore. For example, filenames such as "IAmAVirus.txt.pif" would be renamed to "IAmAVirus.txt_pif".

 

      Home •  Help •  Search •  Contact Us

Copyright © 1996-2014 SFF Net(tm)  All Rights Reserved
We welcome your Feedback at any time.