Once you are done reading this FAQ information, you may simply close this window
E-mail system users at OKmail are provided with virus checks of all incoming messages and file attachments. When harmful code of any type is found (viruses, Internet-worms, Trojan horses etc.) you will receive a warning. OKmail's anti-virus reliably fends off most virus attacks. It is able to scan a wide range of archives and compressed files and supports any amount of file attachment levels.
If you receive a virus while scanning is enabled (by checking this checkbox), the mail is discarded, and you will receive a notification that a message to you was discarded, and you will also be told who sent it.
However there is no guarantee that a virus is present; sometimes safe files are marked incorrectly, and sometimes unsafe files are not identified. For this reason we recommend that you take precautions with files received via e-mail - especially messages sent from unfamiliar sources.
When the virus-scanner detects a virus in an email sent to you it will discard the email that contains the virus and send you a notification to let you know who sent you which virus. However, since most viruses send out mails with forged addresses, this information is oftentimes not very useful. By turning this option on you will no longer receive notifications of mails being stopped by the virusscanner.
Unsolicited Commercial Email ("spam", or UCE) can be a major problem making it difficult to sort out your important emails from junk mail. However, spam can often be identified by looking for telltale signs such as mention of pornography, formatting used by certain bulk-email software, and the presence of known spam servers in the headers. By enabling the spam protection option, OKmail automatically searches for these signs and performs various actions depending how 'spammy' the message is.
The following levels are available:
Normal - most users will want this level of protection. It contains a sensible combination of actions that will file probable spam into a folder called 'Junk Mail'. Messages that are just possibly spam are marked with a 'Spam Score' in their subject. A higher score means that the message is more 'spammy'. If email comes from people in your address book, then it will be less likely to be recognised as spam. Probable backscatter is also filed into the 'Junk Mail' folder.
When spam protection is enabled, OKmail automatically searches each message for characteristics that are typical of spam and assigns a 'spam score' using the SpamAssassin engine. Research by SpamAssassin shows that 99.5% of messages that score over 5.0 are spam.
The assigned score is placed in the header of incoming emails. OKmail may take some actions based on the value of the spam score, depending on how you have configured the spam protection.
Advanced users can also define additional actions (reject, file, or forward) in the Define Rules screen, by selecting 'Spam Score >=' as the field to Look In, and entering the spam score theshold into the 'For Text Matching' field.
The main types of checks done by SpamAssassin are:
In general, people who you know are less likely to send you spam than anonymous spammers who harvest your email addresses from the web. To allow for this, you can specify special treatment of spam scores for messages that come from people in your Address Book.
By default, the "Normal" and "Aggressive" levels treat email from people in your address book as highly unlikely to be spam, so if you're using one of those levels, you can help ensure that email is not marked as spam by adding people you know to your address book.
The "White list only" level ONLY lets email from people in your address book through, everything else is regarded as spam.
You can decide that these messages will always be accepted, in which case the X-Spam-score header will be set to 0, or you can specify a 'bonus' that is subtracted from the spam score of these messages.
This special treatment does not apply for messages that appear to have the sender forged so as to fool address book whitelisting.
Spammers know that you probably don't want to reject mail that you sent, so one technique they sometimes use is to forge the sender addresses so that it looks like you are sending mail to yourself.
In order to correctly detect these messages as spam, the spam protection does not perform Address Book whitelisting if the sender matches one of your Personality addresses.
A side effect is that if you send email to yourself it may be marked as spam.
A workaround to this is to use the secret word on the Define Rules screen. The message will still get assigned an X-Spam-score, and have the subject marked, but it will not be discarded or filed into Junk Mail by the spam protection.
If you select the discard mail checkbox, then messages that have a spam score greater than or equal to the threshold will be silently discarded, via the sieve "discard" command. You won't see them in any of your folders, or in the trash, and the sender will not receive a bounce or reject message.
It is usually wise to set this threshold larger than the spam score on any real message (i.e. not spam) that you have ever received!
If you select the file mail checkbox, then messages that have a spam score greater than or equal to the threshold will be placed in the indicated folder. You can choose whatever folder you like, but it is easier to empty if you file to "Junk Mail".
If you select the change subject checkbox, then messages that have a spam score greater than or equal to the threshold will have their subject modified according to the value you select in the drop down list.
The possible values are:
There is a side effect of selecting subject marking. The threshold that you specify will be used to set the (deprecated) X-Spam header. If you are using X-Spam in the Define Rules screen, or in a custom sieve script, you should be very careful of changing this threshold!
"Backscatter" is basically "bounce emails you receive for messages you never sent". These are usually bounced spam messages from spammers using your email address as a forged 'From' address. A more detailed explanation follows.
When email is delivered to a system, if there is a problem delivering the email (eg account doesn't exist, user over quota, etc) then most systems will generate a "bounce" email back to the sender to let them know there was a problem. The way to determine the original sender of the email and thus where to send the bounce is by using the 'From' address on the original email.
Unfortunately there is no way for systems to verify that a 'From' address is correct (there are attempts like SPF and DomainKeys, though these have flaws). When spammers send email, they almost always forge the 'From' address the email is sent from. This is why blocking specific sender addresses is ineffective, spammers usually forge every email to come from a different address.
If there is a problem delivering the email the spammer has sent, then a bounce will be sent back to the 'From' address on the email, which is whatever the spammer has made up. The problem occurs when spammers use YOUR email address as the 'From' address on emails. In these cases, you may get many bounce emails appearing in your inbox for emails you never sent!
This is called "backscatter", and is unfortunately a consequence of just how the Internet email system was originally setup.
However, there are some things that can be done to try and reduce backscatter. When most systems bounce an email, they include all or part of the original email in the bounce. What we can do is check the original email as attached in the bounce, and see that it appears to have been sent through our server. If not, then we know it was an email sent by a spammer with a forged 'From' address.
When this happens, we mark the email as "backscatter", and perform whatever action is specified by this popup menu.
Unfortunately the backscatter filter isn't perfect. To work, the "bounce" email has to have part of the original message in it so we can check if you were actually the original sender. Quite a few systems don't include the original message in the "bounce" (the most common being challenge/response systems that are supposed to stop spam, and just end up adding to the problem for others). In these cases, we can't determine the true original sender of the email, and thus we can't mark the emails as backscatter.
Our testing suggests the backscatter filter is still very effective, catching around 90% to 95% of all unsolicited bounce emails. Unfortunately if for some reason a spammer is forging your address on their emails, then they can send millions of spam emails. Most systems will absorb, SMTP block, or discard the spam emails, but for those systems that do bounce them, if even 1000 of those generate backscatter bounces and 5% to 10% get through, that's still around 50 to 100 emails that get through, a lot better than 1000, but still annoying. Unfortunately there's not much we can do to improve that until more systems correctly attach the original email in the bounce message.
As part of the backscatter analysis process, we attach a header to the email when we think it might be backscatter. The header is X-Backscatter and can be one of the values:
As mentioned in the backscatter section, bounces where the original email does not appear to have come through one of our hosts is marked as spam backscatter. If you regularly send email through a non-OKmail server, then if any of those emails bounce, they will be classed as backscatter as they did not pass through one of our servers.
To avoid that, you can enter a list of hostnames here (separated by commas) of servers that you regularly also send email through where replies might come to OKmail.
For instance, if you use the ISP iinet.com.au, and regularly send email through their SMTP server with your OKmail email address as the 'From' address, then you should add iinet.com.au to the Backscatter Whitelist Hosts text box, this will ensure that any email sent via the iinet.com.au SMTP server that bounces will correctly arrive at OKmail and not be considered backscatter.
Greylisting is a method designed to stop spam being accepted from the large number of zombie computers that are connected to the internet. Currently all accounts have greylisting applied to them. One of the main concerns users have with greylisting is that naive implementations will often delay all email. In our implementation we've gone to great lengths to ensure that this doesn't happen (see below).
Greylisting works by returning a temporary failure response (4xx code) to the first attempt to deliver an email, but accepts it on the second attempt. Every proper email server will attempt to redeliver a message after a temporary failure response, while currently almost all spam software does not, thus effectively blocking the emails from the spam software.
To avoid delaying proper email servers, our greylisting implementation performs a number of checks on a connection before applying the greylisting policy:
When combined, these features provide an excellent balance of greylisting hosts which should not be sending email, and allowing those hosts which should be sending email to get their email straight through.
Additionally, to help with the tracking of any problems, once a message passes greylisting and is accepted, a new header is added "X-Spam-greylist". This header tells you how many seconds the email was delayed and whether that host has been whitelisted for 24 hours. (Technical: Well, actually the delay figure is the how long the last delay for the ip/sender/recipient combination was, so in the case of multiple emails from the same person, to the same person, from the same machine in a short time period, the figure will be a bit messy and hard to calculate).
If you feel that email is being delayed by greylisting, please check the headers of your email for the "X-Spam-greylist" header first. If it's not present, then the email was NOT delayed by greylisting, and it was probably just held up on the senders side, something beyond out control.
Address enumeration detection (AED) is designed to stop other people trying to find what addresses are valid email addresses at FastMail. It does this by trying to detect attempts to send to many different similar email addresses in a short period of time from a non-email server host.
Address enumeration detection provides a defense against spammers trying to work out what are valid email addresses by just trying lots of different addresses over and over.
OKmail uses two RBLs to block incoming email.
The reason we use these two RBLs and only these two RBLs is:
We also provide a whitelisting ability if for some reason a particular IP has been listed and needs to be worked around.
To recreate your 'Junk Mail' folder, just go to 'Options' -> 'Spam/Virus protection' screen, reset your spam setting to 'Basic' and click the 'Save' button. Now you can reset it to the 'Normal' setting, which will automatically create the 'Junk Mail' folder.