Spam filters and mail blocks

Most receivers use some kind of reputation-based spam filtering, either purchased, home grown, or a combination. Spam filters have different ways of accomplishing the goal of protecting their users from unwanted email, but they all have some basics in common.

How do ISPs respond to undesired email?

For email that is sent from an IP address or domain with poor reputation and poor or missing authentication, ISPs typically respond in increasing levels of rejection:

Throttling or temp-failing
Spamfolder
Hard bounce
Hard block

Depending on the ISP, the blocks disappear over an arbitrary time (24 - 72 hours, generally) if the problem that caused the block stops.

If a block is issued and does not go away, you must open a ticket and the resolve the problem to the satisfaction of the ISP before the block is removed.
Of the four major ISPs (Yahoo, Gmail, Hotmail, and AOL), only Gmail has no way to open tickets or ask for help.

Note: It is always easier to avoid being blocked by doing the required work for ramp up and maintenance than it is to get a hard block removed.

Spam filters, block lists, and blacklists

The terms "spam filter" and "block/blacklist" can be used interchangeably. Generally, Gmail, Hotmail, Yahoo, and AOL use mostly home-grown spam-filtering technology. Because they are mailbox providers, they have access to a huge amount of data about their own users' email behavior. They prefer to use their own data because it is more accurate for their situations.

Providers like Comcast, Roadrunner, and Sky use commercial spam filters like Cloudmark and Spamhaus.

Modern spam filters are sophisticated and fast. If your email is blocked by any spam filter, it can be time-consuming and expensive to resolve. The impact depends on many factors, including how widespread the use of the filter is. There are hundreds of block lists in the world, but only a few have a broad impact. For example, a listing on the Spamhaus block list has enormous reach, whereas a listing by SPEWS might be ignored.

Spam filtering technologies

Language-based filters
Heuristic based
Bayseian

Black/white listing
Reputation Systems
- Internal/external
- Domain reputation

Other techniques

Challenge-response
Throttling, tar-pitting, deferrals
Collaborative
Fingerprinting
Image analysis
Virus scans
Traffic shaping
Bulk mail filtering

More information

For more information, see the following websites:

Spamhaus Frequently Asked Questions
Symantec Cloud Based Protection
Microsoft Office 365 email anti-spam protection
Apache SpamAssassin Frequently Asked Questions
Totera Cloud Solutions (formerly MXLogic at http://www.emailsecurity.mx)
DNSBL (DNS-based blacklist) of NiX Spam (used primarily by German ISPs)
Fundamentals of Cloudmark Technology
Gmail Bulk Sender Guidelines
Cisco Senderbase
Cisco Senderbase Spam Overview
SpamCop.net
Proofpoint Email Protection Product Suite