-
Notifications
You must be signed in to change notification settings - Fork 3
FAQ ‐ Users
MailCleaner was designed as a community and collaborative anti-spam software. To be more precise, the MailCleaner core team maintains many databases in real-time to improve the spam detection based on reports for all of our users.
When a user reports a mis-classified email to us we will train those databases, add entries to our reputation databases and possibly create SpamC (SpamAssassin rules) to address targeted issues so that you and all other users can benefit from those reports.
For each of the following reports, when we ask you to send it to a specific email address, we are expecting that you use your mail reader to forward a copy of the email as an attachment to that address. This can be done in the following mail readers by:
- Outlook 2013-2016 - On the spam message, near the "Forward" Button, click on "More ▼", then click on "Forward as attachment".
- Outlook 2007-2010 - Click on the spam message, then in Home tab, click on the more button (subcategory Respond), then click on "Forward as attachment".
- Thunderbird - Right click on the spam message, "Forward and Redirect", "As Attachment"
- Others - Try to find the "Forward as attachment" button, usually near the "Forward" button or by right clicking the message.
If you get messages that you think should not have been stopped by MailCleaner but they were, please report those to [email protected]
If you get messages that you think should have been stopped by MailCleaner but they were not, please report those to [email protected]
If you get messages that you think should have been classified as newsletter but they were not, please report those to [email protected]
If you get messages that you think should have been classified as phishing but they were not, please report those to [email protected]
If you get messages that you think should have been detected as virus but they were not, please report those to [email protected]
You will not get a dedicated response to these reports, or necessarily see immediate effectiveness from the analysis that was done. Our Bayesian analysis system is a form of machine learning which can require several instances of similar messages to reinforce the training enough to have a consistent impact.
Community Edition users will only download the latest Bayes data once per month. Enterprise Edition will download it up to every 15 minutes (typically a few times per day).
Email reported to [email protected] are processed daily by a human-assisted parser. One of the features is to detect the URLs used in the message to blacklist them. If these staff reviewers notice regular, or particularly egregious patterns in the mails, they may opt to make a more general adjustment via SpamAssassin rules which are made available to Enterprise Edition users only.
Email reported to [email protected] are shared daily with our anti-virus partners so that they can generate new virus signatures.
The MailCleaner user experience operates in 2 main ways depending on your user preference setting. If you have access to log in to MailCleaner you will find this preference from Configuration->Address settings->For each message detected as spam:
- retain in quarantine (AKA Quarantine Mode)
- deliver with subject keyword (AKA Tag Mode)
If you see a pattern like {?Spam} in the subject, it is probably because you are running in Tag Mode. This tag is added so that you can still receive the message, instead of having to recover it from the Quarantine or via a daily summary report, but you will be able to still treat it with caution.
In most cases, you administrator can configure your mail server to automatically send messages with this tag into your Junk folder instead of your Inbox. If they have not done so, you can probably set up a filter in your mail reading application to do this instead.
So, this tag indicates that we think the message is spam and you can make any of the normal adjustments if you think this is incorrect (eg. report false-positives, whitelist, etc.). Note that it may have actually been detected as a newsletter and you may be configured to treat newsletters as if they are spam (For each message detected as newsletter setting further on the same Address Settings page). If you don't consider newsletters to be spam, you can set them to be delivered, instead.
Note that this tag can modified, so it may not be exactly {?Spam}.
This tag will appear when an attachment has been stripped out of the email because it was detected to contain a virus or some other form of content that your administrator does not allow (eg. attachment types, specific HTML elements, etc.). You should find that it will contain a new attachment like AttentionVirus.txt which provides details on how to recover that attachment if you think it was a false-positive. You can also see the next section for more details.
Only an administrator can release items from the Content Quarantine.
When an attachment is stripped, the email will contain an attachment like AttentionVirus.txt. This will contain details of the stripped attachment including an ID like:
host1:20240101/1abcde-00000000000-1234
You can provide this ID to one of your system administrators. If you don't know who this is, check the Headers of any incoming email and look for the email address in the X-MailCleaner-Information header.
If you are using the MailCleaner Cloud Service, please use this form to request that the item be released:
http://www.mailcleaner.net/support/dangerous-content-release.html
- Installation
- Overview of Admin Interface
- General Administration and Maintenance Issues
- Clustering
- Upgrading
- FAQ
Expand ▶ Pages above to view the Table of Contents for the article you are already reading, or to browse additional topics. You can also search for keywords in the Wiki.