Spam filtering
EmailConnect provides built-in spam filtering powered by Rspamd to protect your webhooks from unwanted emails. For Pro users, spam analysis is automatically enabled on all custom domains.
How spam filtering works
Every email sent to your Pro custom domains is automatically analyzed by Rspamd, which:
- Checks SPF, DKIM, and DMARC authentication
- Analyzes email headers and content patterns
- Checks sender reputation against blocklists
- Identifies phishing attempts and malicious content
- Assigns a spam score from 0 (ham) to 15+ (definite spam)
The spam score and analysis results are included in every webhook payload, giving you full visibility into email authenticity.
What's included in webhooks
When spam filtering is active, your webhook payload includes a spam object:
{
"message": {
"sender": { "email": "user@example.com" },
"subject": "Hello world",
...
},
"spam": {
"score": 2.3,
"threshold": 5.0,
"engine": "rspamd"
}
}
| Field | Description |
|---|---|
score |
The spam score (0 = clean, higher = more likely spam) |
threshold |
Reference threshold (typically 5.0) |
engine |
The spam detection engine used |
Controlling spam behavior with alias rules
While spam analysis runs automatically, you decide what happens based on the results. Use alias rules to define actions based on spam score:
Example: Block high-scoring spam
Create a rule to reject emails with a spam score >= 7:
- Go to your alias settings
- Click "Configure rules"
- Add a condition: Spam score >= 7
- Set action: Block
- Optionally enable sender notification
Example: Tag suspicious emails
For moderate spam scores, you might want to deliver but tag:
- Add a condition: Spam score >= 5
- Set action: Tag
- Save the rule
Tagged emails are delivered with an X-EmailConnect-Tagged: spam header and X-EmailConnect-Spam-Score header, allowing your webhook endpoint to handle them differently.
Example: Allow trusted senders regardless of score
Combine spam score with sender rules:
- Condition 1: Sender domain equals @trusted-partner.com
- Set action: Allow
This ensures emails from trusted partners are never blocked, even if they trigger spam detection.
Understanding spam scores
| Score range | Interpretation | Recommended action |
|---|---|---|
| 0 - 2 | Clean email | Allow |
| 2 - 5 | Slightly suspicious | Allow or monitor |
| 5 - 7 | Likely spam | Tag or block |
| 7 - 10 | Very likely spam | Block |
| 10+ | Definite spam | Block |
These are guidelines - adjust thresholds based on your use case.
Best practices
For public-facing addresses (support@, info@)
- Set a rule to block spam score >= 7
- Consider tagging scores >= 5 for manual review
- Enable sender notifications for blocked emails
For transactional addresses (orders@, invoices@)
- Be more conservative - block only score >= 10
- Allow known sender domains explicitly
- Monitor for false positives initially
For internal automation
- Consider lower thresholds since automated emails can sometimes trigger spam detection
- Use sender allowlists for known automation sources
Availability
| Plan | Spam filtering |
|---|---|
| Free | Not available |
| Pro | Automatic on all custom domains |
| Enterprise | Automatic with custom configuration |
System aliases (@user.emailconnect.eu) use basic processing and do not include spam analysis.
FAQ
Is spam filtering automatic for Pro users?
Yes. Once you have a Pro subscription, spam analysis runs on all emails to your custom domains. You don't need to enable anything.
Do I have to create rules?
No. Without rules, all emails are delivered to your webhook with spam data included. You can filter in your own application using the spam score, or set up rules in EmailConnect to block/tag before delivery.
What happens to blocked emails?
Blocked emails are rejected at delivery time. If you enable sender notification, the sender receives a bounce message explaining the rejection.
Can spam filtering block legitimate emails?
It's possible. If you suspect false positives:
- Check the spam score in your webhook logs
- Create an allow rule for the sender domain
- Lower your blocking threshold
- Contact support if issues persist
Does spam filtering affect email speed?
No. Spam analysis runs in real-time as part of email processing with negligible latency impact.
Can I see why an email was flagged?
The spam score indicates the overall suspiciousness. For detailed analysis (which rules triggered), contact support with the email details.
Related documentation
- Alias rules - Configure actions based on spam score and other conditions
- Email processing - Understanding the email processing pipeline
- Domain setup - Setting up custom domains