Webmail | Forums | FRWS Blogs | Support

SPAM Filtering, Methods, Recourse and General Information
NOTE: If you are an FRWS Customer and you are not receiving some legitimate mail, or if we are missing SPAM from a particular company/sender please contact support@frws.com.

You are probably here because you are either tired of SPAM (as we are) or you are current customer wondering how the heck we do this... Continue below for some explanations.

Disclaimer: First a note for the would be SPAMmers reading this page. FRWS and our customers AGREE to have their mail filtered using the methods below. They all know we do this, they all appreciate the effort we put into this system and the success we have keeping their mailboxes as free from SPAM and viruses as humanly possible. Should any of our customers desire SPAM or if we are blocking email they desire, we make every effort to let that email through.

Now on to the Good Stuff!

General SPAM Filtering and Filtering Methods:

FRWS servers use a variety of methods to test email entering and leaving the mail servers. Below is a summary of some of these methods. There is no end-user interaction required: no learning filtering techniques, no forms to fill out or options to choose - the system requires no effort on the part of the mailbox owner other than to report SPAM they do not wish to get, or to call or email us about mail they may be missing. A perfect system for businesses and individuals alike that have no time to fool with the complication and dangers of email filtering. Let us do it for you. You will like the results!

Virus Scanning: All mail entering and leaving the FRWS mail servers is ACTIVELY Virus scanned. We use the Clam AntiVirus system on all our servers, with signatures updated hourly.

1. All mail entering the mail servers is tested against the following public and private DNSBL (DNS Based Black Lists) databases.
If the email is from an IP address and/or domain of a listed SPAMmer or Open Mail Relay that mail is blocked from entering the mail servers with an appropriate message.

a. The following public Anti-SPAM and Open Relay databases are currently in use here:
  • SPAMHAUS: Listing of known and confirmed SPAM sources continually updated. SPAMHaus

  • SORBS.NET DUL: Confirmed SPAM sources continually updated. Dynamic IPs at dul.sorbs.net

  • DSBL: A listing of confirmed SPAM sources continually updated. DSBL

  • SBG-RBL: These are databases set to block email from various countries, dynamic (cable modems, private DSL lines, dialup connections) and known SPAM sites not caught by the lists above. DNSBL Lists at SBG-RBL

  • Other Lists: From time to time we employ other lists, as appropriate. If we continue to use them, we will list them above

  • b. Why were these particular lists chosen, and why do we need so many?
    The lists above were chosen from a variety of choices available to ISPs and individuals to use to defend against SPAM. They allow us to selectively defend against the level of SPAM we choose to allow onto the servers here. These lists are the least severe and have not been known to block legitimate email from reliable and truly Opt-In mail systems.
    Indeed there are other lists we could use - those above do not block entire ISPs, or large netblocks that would or could deny legitimate email from getting to you.

    c. What about sites/servers that have SPAMmed and change their ways?
    Each list we use has a method of removal and those sites that choose to stop SPAMming can get removed once retested. See the links to the various lists above for these instructions if you are interested.

    2. If the email passes through the DNSBL filters above - it is then tested against a large list of internally blocked sites and IP addresses.
    This list is maintained by FRWS using information from all our mail servers, servers hosted elsewhere that contribute to the system, and from individuals.

    The list contains:
  • IP addresses and hosts from dynamic IPs. These IPs are typically used by private/personal DSL, Cable modems, dormitories at colleges and schools, and regular dialup modem connections. Why block these? We do not block ALL of them, obviously. But we do block those with a high incidence of SPAM to our servers. Dynamic connections should not be sending email directly to outside email servers, they should be using their ISPs provided email servers. Enough said!
  • Spamming domains that have spammed you or our list servers, and that have been reported to us. While being reported does not guarantee the IP or domain will make this list, it does mean we will investigate the IP/Host and if warranted, or if the email received was obviously SPAM or there were numerous complaints, they will get added.
  • IP addresses from countries, and/or geographical areas that have a history of HIGH spam complaints, are non-responsive to complaints about SPAM or have no laws regulating SPAM. This list is continually updated as things change rapidly in today's Internet world. The current list includes blocks for most of mainland China, Korea, Turkey, Thailand, some parts of Africa and the Middle East, and a good portion of South America.
  • Hosts that have spammed some addresses/accounts we have that are considered "dead", are maintenance accounts, unused domains or are simply old customer email addresses that have not been with us for years. Why use this as a test? Simply put - if a SPAMmer insists that you got placed on their list because you OPTed in to it, they would have a hard time explaining and confirming that a 4 year old DEAD ISP account or the local Time server signed itself up for a list hawking the latest herbal cures for whatever ails you! These SPAMming domains get placed on the list!
  • Hosts that have probed our systems for Open Relays, that try and send commercial mail through us, tried to get customer lists from our servers, harvested email addresses from our web servers, and other probes designed to SPAM or gather information to be used to SPAM our users.
  • Hosts known to have a virus, tried to spread that virus, or host servers/domains that propagate viruses make our lists also.

  • 3. If the email still has not been blocked - is it considered legitimate?
    Not by any means!
    Now that email is tested against a list of subject lines that are known SPAM subject lines. This is not an exhaustive list, but it does catch some SPAM and it also catches viruses sent into the system. The sender will get a message back informing them the email has been blocked and why.

    4. The email has made it this far - does it get delivered yet?
    No. There is still one more test or set of filters it must pass by.
    The above listed filters block email BEFORE it gets onto the mail server - this last test is against the email right before it goes to your mailbox!

    This set of filters test a variety of things, including:
  • Checks for forged or illegitimate email headers. There are legitimate email headers - this tests against forged addresses, and the like.
  • Checks to make sure the sending domain actually exists! If the domain does not exist - the email is discarded.
  • Checks to see that Message IDs match the type of email program that supposedly sent it. For example, Outlook places a particular ID string in all emails that are sent out using it - one filter checks to see if that ID matches should the sender claim to be using Outlook. That is but one example.
  • Checks to see if the email address of the sender is legitimate. How? Well for instance, AOL and Hotmail addresses are NEVER all numbers, or start with numbers. Addresses such as this are blocked.
  • Checks to see if the email was sent using one of many listed Bulk Email sending programs. For some reason, a lot of these Bulk Mailer programs actually SIGN the email messages. Those programs that are open to abuse, or are used to exploit open relays and other non-legitimate means of sending mail are listed and blocked.
  • Checks to see if the entire message is HTML or Base64 encoded, and runs other tests.
  • Checks to see if the email has any dangerous HTML Forms or CodeBased Objects in it - these harbour viruses and worms, and are not allowed through.
  • Subject line tests, again. This one tests against some known mass-mailer programs that have obvious and posted "signatures" in Subject lines. Subject lines containing "flagged" words or statements, have 'garbage' in them, etc etc
  • Email trailer messages. Those "This email has been sent in accordance with..." trailing messages. Not ALL of these are bad, obviously. However there are known message trailers that dictate an email is most likely SPAM - these are flagged and tested against the Body lists below.
  • Email Body tests. This tests against known SPAMming domains (the URLs in the email), spamming hosts, those Nigerian "we have 3 million $$ we need to get out of the country" scams, viruses, pornography and personal 'enhancement' ads, and other text that has been identified as probable SPAM.
  • "Other" tests are performed using a variety of methods, and the email is finally "weighed" against legitimate emails...
  • Finally - the email is tested to see if it has an attachment that could be harboring a VIRUS on its way to your computer! Known virus attachments are listed and if the file type of the attachment is one of those known to be used to send out viruses - the email is discarded.

  • Mail tested with this final set of filters and blocked is archived so we can go through the mails we have blocked. Why? Mainly because we REALLY do not want to block 'legitimate' email. Really. Several times a day these emails are gone through, legitimate emails are posted to the user that missed them, and the obvious SPAM is archived for later use should someone complain, or need reason to have the block justified.

    NOW, IF the email passes all those tests, it gets delivered to your mailbox!!
    If it was SPAM (and we do miss some!) - well, report it to: i-hate-spam@frws.com and if it appears to be SPAM that we could and should block, we will take action to try to ensure that you no longer get any email from this sender.

    Notice to any spammers - UCE - Bulk Mail senders: Blocked domains will be removed from our internal block list in 30 days should we or our customers not receive any more SPAM mail from you.
    FRWS does use "Spam Trap" mailboxes - and any email sent to these addresses will all but guarantee a special place on our SPAM block lists! Email sent to these addresses IS UNSOLICITED.

    Finally - should you decide to spam the postmaster, admin, root or the maintenance email addresses at our domains, your domain/host will be blacklisted permanently because:
  • Those addresses did not subscribe or opt-in to your list.
  • They do not even EXIST in the sense of sending and receiving regular email - so they could not have signed up through one of your marketing partners either.
  • They do not care that you have the "Lowest Mortgage rates in 50 years!" or that you sell Viagra at GREAT prices.
  • They do not need any "Valuable information on Real Estate" or a business loan.
  • They do not own printers, FAX machines or a car.
  • To the best of our knowledge, they have no need for "visual entertainment" nor have they received complaints about "size" or "performance".
  • They do not know anyone in Russia, Korea, China or anywhere for that matter!
  • They do not and will not remember you, really - except to blacklist you.

  • And a couple Special Notes:
    Chief Justice Berger, U.S. Supreme Court "Nothing in the Constitution compels us to listen to or view any unwanted communication, whatever its merit. We categorically reject the argument that a vendor has a right under the Constitution or otherwise to send unwanted material into the home of another. If this prohibition operates to impede the flow of even valid ideas, the answer is that no one has a right to press even 'good' ideas on an unwilling recipient. The asserted right of a mailer, we repeat, stops at the outer boundary of every person's domain."

    US Federal Judge Stanley Sporkin: "[Spammers] have come to court not because their freedom of speech is threatened but because their profits are; to dress up their complaints in First Amendment garb demeans the principles for which the First Amendment stands."

    Go to FRWS

    Or Maybe Order an Email Account?

    Front Range Web Services, LLC is a VA Verified Service Disabled Veteran Owned Small Business (SDVOSB).

    Before ordering any service, please review and agree to our Usage Policy and the FRWS Privacy Policy.
    FRWS reserves the right to deny service to any individual, group, organization or company.

    Copyright © 2001-, All rights reserved. Front Range Web Services, LLC. (FRWS)