Why am I getting spam in my mailbox?
Why do I receive spam?
mailbox (and Heinlein-Support) operate reliable mail servers and spam filters. Almost 20 years of experience as consultants specialized in mail and spam protection systems for many companies and well-known providers help us to recognize what is possible – but also why several large providers do not implement everything. Spam cannot be completely avoided. However, anyone who wants to filter spam successfully must examine certain characteristics or properties of mails and, if necessary, reject them.
On the one hand, there are content-related characteristics, for example:
- the subject line contains “insults”
- the body text contains a link to a website that is known to distribute malware
On the other hand, there are technical characteristics, such as:
- Who is sending this mail?
- How does the sender behave?
- Is it a “normal” mail server or a botnet?
- From which country or location is this mail being sent?
Spam and virus protection at mailbox
Further technical details and configuration options can be found in the article Spam and virus protection at mailbox.
How do we recognize spam?
For a spam filter, it is crucial to recognize whether a message comes from a spammer (or their software). This is, fortunately, quite easy and reliable due to special characteristics and technical features that occur when mails are sent.
At this point, the content of the mail is not of great interest – a mail is not spam simply because the subject line says “Viagra.” Rather, it is spam because it was sent by a spammer with a particular intent.
This distinction is very important to us, because we are convinced that providers must not carry out content-based evaluation or censorship – instead, they must recognize spammers based on their behavior. Spam filtering should therefore only take place when it becomes clear that the mail comes from a spammer.
Responsibility of providers
The problem is that all technical identification features are lost as soon as the first regular mail server has accepted a spam mail. Afterwards, this mail is forwarded from one system to the next and is therefore evaluated as technically unproblematic.
Therefore, the first provider that accepts a mail is always responsible for spam filtering.
The problem with filtering based on content-related characteristics
As soon as a provider has accepted and forwarded a mail, all subsequent providers can only try to limit the damage or “save what can be saved.”
Due to the lost details, filtering based on technical features is no longer reliable for this mail. The only remaining option would therefore be filtering based on content-related characteristics. However, there are several risks involved:
- Aggressive content filtering enormously increases the rate of mistakenly rejected, genuine mails (“false positives”).
- Indirect stigmatization may occur, for example if all “Viagra” mails (including those from doctors and pharmacies) are rejected.
- Content filters process personal content (since they must access the mails).
From these considerations, it becomes clear why we strongly prefer filtering based on technical features and only filter based on content-related features where it is absolutely necessary – in your interest as well as ours.
Spam in case of forwarding
If you have your mailbox with another provider – e.g. Gmail, GMX, web.de, a university … – and from there forward all your mails to your mailbox account, our spam filters have to accept the majority of these mails. All technical features of spam delivery have been lost or altered during forwarding. Spam mails forwarded in this way can therefore rarely be detected based solely on content-related features.
Correcting this is unfortunately not in our hands at mailbox – please complain to your provider. Perhaps they have simply ove