SpamStopsHere is very effective with little or no customization. It sends email through a sequential set of spam and virus filters; each optimized to perform its type of blocking efficiently. You can change the default filter behaviors, although many customers don't.

Filter Actions

Most of the available spam and virus filters let you decide what action to take for email they flag as spam. You can set a different action for each available filter, but most users don't change the default (recommended) actions.

When you're done making your changes, click Set. Your changes should take effect within about 10-15 minutes .

Quarantine

(Pro and Enterprise Editions) Sends the message to the user's quarantine and where it can be reviewed and optionally released.

The Quarantine action is independent of the message handling settings, below.

Message Handling

(All Editions) Choose what you want SpamStopsHere to do with emails flagged by the given filter. You can only choose one action, but you can choose a different action for each filter. Available actions can vary based on the filter and your SpamStopsHere edition.

Modify Subject
Delivers the message with text that you specify inserted at the beginning of the subject line. We suggest something like [Suspicious Sender] or [Blacklisted Sender]. Note: The SPF Filter lets you select this action independently of the other actions.
The SPF Filter lets you select this action independently of the others so you can, for example, configure a "soft-fail". If the message fails SPF, you can Modify the subject and Continue normal spam filtering to warn the user if the message gets through, or block it if it doesn't.
Forward to
Instead of fully blocking spam, it forwards the message to an address that you specify in one of your domains. You can redirect suspicious messages to a special spam mailbox at your domain (e.g. spam@example.com) so you can examine them to make sure no legitimate email is being blocked.
Set up the forwarding email account before using this option. Also remember to monitor the mailbox so that it doesn't get full to where it no longer accepts any new messages and start queueing up on our server as undeliverable.
Reject
Deletes the message (does not deliver it to the recipient) and sends a rejection message back to the sender. You can customize the rejection message. In the rare case of a false positive (legitimate message flagged as spam), the sender will know the message was not delivered and can try to contact you another way. In most cases, the message is rejected at the SMTP layer, so the spammer gets the rejection message even if they are using a fake reply email address.
Rejecting during the SMTP transmission helps to prevent "backscatter" (where forged senders get flooded with bounces for messages they didn't send), and in many cases is the recommended filtering action.
Delete
Deletes the message and does not notify the sender.
Continue (SPF Filter Only)
Continue filtering the email. If you select this action, we recommend that you also choose to Modify the subject. So, if no other filter blocks it, the recipient will know the SPF filter flagged it as suspicious.

Available Spam and Virus Filters

To see the list of filters and options available for your domain:

  1. Login to the control panel
  2. On left navigation bar under Hosted Services, click SpamStopsHere .
  3. Click Configurations Options for the domain you want to see.

You'll see a list of the filter and other settings available for the selected domain. They are organized by category:

Primary Spam Filters
Settings for the four primary anti-spam filters
Optional Spam Filters
Settings for the many optional anti-spam filters.
Attachment/Anti-Virus Filtering
Settings for handling email attachments (all editions) and additional antivirus (Business Edition and up)
Outbound Filtering
Footer information for outbound email (Enterprise Edition)
Custom Filtering
Rules that you have created to filter email based on content

Click on any of the choices or Edit to go to its configuration page.

Primary Spam Filters

These are the four primary SpamStopsHere filters. Customers can control how each one handles messages flagged as spam. The default is "Reject" to sender.

Spammer IP Blacklist
This is our own proprietary blacklist of IP addresses. Email from IPs on the list are flagged unconditionally. The default (and recommended) action is Reject, as this filter produces almost no false positives. We achieve that by only listing servers that are owned by spammers and do not include servers only temporarily abused by them. Other filters block the remaining spam.
URL/Phone Filter
Blocks messages that contain a URL (e.g. www.example.com) or phone number that we have identified as being owned or controlled by a spammer. Typical domains include fake login pages that steal your username and password. All entries are reviewed by our professional threat analysts to make sure only bad domains are blocked.
Phrase Filter
This flags sentences and long phrases that we know only appear in spam and would never be in legitimate email. It does not block based on individual words and short phrases. For example, the mere presence of the word "Viagra" would not be blocked as it could be a valid email to a Doctor, but a message with the phrase "GENUINE LASTING RESULTS! OUR PILLS WILL" would be blocked.
Pattern Matching
This highly advanced filter analyzes the raw source of a message. The last of our four primary filters (IP Blacklist, URL, Phrase, Pattern), it sees only a small percentage of mail not blocked by the first three. It is incredibly effective. The default action is REJECT, which we strongly recommend.

Optional Spam Filters

Customers can enable and disable these filters, as well as control how they handle messages flagged as spam.

SPF Filtering
The Sender Policy Framework (SPF) is an open standard that lets domain owners publish which email servers they use to send mail. It helps prevent "spoofing", where the spammer forges the sender's address to make the email appear legitimate to the recipient (e.g., From: alerts@yourbank.com). If a mail is sent sent from a server not authorized by the alleged sender's domain, the SPF filter flags the message.
Domain Whitelist
The domain whitelist lets you accept e-mail unconditionally from IP and email addresses that you specify. Because SpamStopsHere is so accurate and whitelisting can be so dangerous, we recommend limiting it to special circumstances. More info on Whitelist.
Country Blocking
This is a list of countries from which large amounts of spam are sent. You can select which countries on the list you would like to flag. We suggest that you do not flag countries from which you receive mail.
Domain Blacklist
The domain blacklist lets you flag e-mail unconditionally from IP and email addresses that you specify. Because SpamStopsHere is so accurate, you might not need to use a blacklist at all. More info on Blacklist.
Real-Time Blacklist (RBL)
We subscribe to a Realtime Blacklist (RBL) that you can enable or disable and customize the filter action. The default setting is to tag messages by prepending the subject line with "[Blacklisted Sender]". The tag is informational only and it may help you to determine whether to look at the message. RBLs are prone to blocking legitimate mail like newsletters, so we don't recommend the Reject or Delete action.
Additional Filtering
You can individually enable and disable a variety of specialized filters. Visit the Additional Filters page for descriptions of each. You can also apply a filter action quarantine/modify/foward/reject/delete to all of those that are enabled.

Attachment and Anti-Virus Filtering

Attachment Filters
You can specify a list of attachment file types and names to strip off the email and replace with a warning message telling the recipient that the attachment was removed. You can also specify a separate list of file types and names to take some filtering action on. The default action is Reject. Read more
Anti-Virus
(Business, Professional and Enterprise editions) This is a traditional anti-virus filter that removes known malicious attachments. It also adds a message to the email informing the recipient. Read more
This is separate from our zero-hour malware protection included with every edition of SpamStopsHere and adds an extra layer of protection.

Outbound Filtering

(Enterprise edition only) Outbound filtering provides reputation protection for your enterprise by filtering sent email for spam and malware just like inbound email. You can also append a disclaimer to outbound messages.

Outbound Footer
This lets you add a custom disclaimer to the end of each outbound email. It is disabled by default.
Outbound Footer Exclude List
This is a list of email addresses that won't receive the Outbound Footer.

Custom Filtering

You can define your own custom filters based on email content. This is great to help resolve unique email issues. Our 24/7 support staff can even help you write them.

Custom Content filters will only have an effect on inbound email traffic.
Filter Conditions
Specify what part of the message to act on (subject, header, etc.) and whether it contains, doesn't contain, equals, is less than, is greater than a condition. You can even match regular expressions, which is very powerful.
Filter Position
Choose whether to apply the filter before or after blacklisting.
Filter Action
Choose wheter to Accept, Reject Forward or Delete matching email.
Add Headers
Add custom content to the email header

Other Resources