With all of our Plesk web hosting packages you have the ability to enable spam protection using the Spamassassin scoring system. There are a few tweaks you can do to the spam settings in Plesk to improve spam recognition.
Enable Spam filtering
- Start by logging in to Plesk. If you have more than one hosting account hosted on the same server, select the correct subscription using the drop down at the top of the page.
- Go to the Mail tab
- Select the mail account you wish to configure from the list
- Choose the Spam Filter tab
- Select the option to “Switch on spam filtering for this email address”
- Choose what you wish to do with spam when it is detected. We recommend the option to “Move spam to the Spam folder”
- Click OK and your spam filter will now be enabled.
If you chose the option to move your spam to the Spam folder, the filter will now be doing that for you.
Tip for non-Websavers customers: watch out for mislabelled folders! Many mail apps will try to use a folder called “Junk” or “Junk E-Mails” rather than “Spam” to push all your spam there. Because those folders aren’t the correct Spam folder, the messages will not be trained properly. (We automatically enable aliasing on our systems).
Follow steps 1-7 above, then expand the Advanced Options section. Here you can set your Spam Filter threshold. Although 7 is the default, we find it to be extremely conservative.
If you’d like Gmail or Hotmail-level spam filtering where occasionally legitimate messages get filtered to Spam, but you get very little in your inbox, enter a value of 1.5.
If you want a nice balance where some spam might reach your inbox and legitimate email is unlikely to be filtered to Spam, enter a value of 3.
What does it do with spam?
Marking: If you’ve configured Plesk to mark the message (change the subject), then when an incoming email is believed to be spam, the subject of the email will be prepended with “*****SPAM*****” or whatever text you have specified (we’re partial to [spam]).
Moving: If you’ve configured Plesk to move the spam to the “Spam” folder, then it will do exactly that. Note that the Spam folder is only visible via webmail or if you connect to the email server via IMAP. If you wish to train your spam, but connect via POP, then you’ll need to do your training in webmail.
How are the spam scores determined?
The spam filter will check all your incoming emails against a massive database of common attributes often found in spam. Each attribute is paired with a weight indicating roughly how often that attribute is found in spam emails. For example, if an email with the word ‘viagra’ is found to be spam 98% of the time, but an email with the phrase ‘weight loss’ is only confirmed to be spam 40% of the time, the word ‘viagra’ will carry a higher weight. This also works in reverse – if there are positive attributes to your email, that are rarely (or never) found in confirmed spam, then those attributes will be a negative weight.
All of these scores are added up at the end of the checks to give the message its final spam score. The lower the score, the less likely the message is spam. If the score breaches the threshold you set above in the sensitivity section, then the message is either moved to the Spam folder or marked as spam according to your configuration (see above).
Note that you can adjust the threshold score by following the directions above to reach the Spam Settings and selecting “Show Advanced Settings”.
But, clever spammers can get around this…
There’s just one major problem with how this works. Since the spammy attributes are public knowledge, all a spammer must do to get around the filter is to avoid those attributes when sending out emails.
As an example, let’s say that most of the spam emails you receive are trying to sell you premium software like Microsoft Office for Businesses, but because the spammer has avoided spammy attributes, the messages only score a 1.0 when your threshold is 3. Thus every time they send you an email, it’s never marked as spam and your premium software spam starts collecting in your inbox. How do we fix this? Training.
Training your spam filter
By training Spamassassin, you’re giving it information about what kinds of spam and what kinds of non-spam email you normally receive. This way it can start to detect patterns specific to your spam (and non-spam).
All you must do is move any spam messages you received into the folder called “Spam”. All messages moved to the Spam folder will be automatically scanned and trained nightly. This means you must leave the Spam messages in the Spam folder for 24 hours before removing them, otherwise the classification will not occur.
This also works the opposite way! If you wish to train the filter to understand that a message that went to spam is not actually spam, you can move it to the inbox, then leave it there for 24 hours and the filter will learn that you believe the message isn’t spam after all. Note that it may take classifying a number of similar looking messages to ensure future messages like them do not go to spam, in other words, this doesn’t instantly apply to all future messages, though you *can* use the whitelist function in Plesk to make it happen instantly if you wish.
If you connect to your email account via POP, you won’t be able to train in your mail application. You may train the spam via webmail or switch to an IMAP connection instead.
If you’re receiving spam messages from a very consistent source email address or top-level domain (TLD), you can block the entire email address or domain. But keep in mind that this won’t block the messages from being received, it’ll just increase their messages’ spam score by 100, ensuring they’re always either marked as spam or delivered to the Spam mailbox. Click for more details on the blocklist function.
Head here to learn how best to troubleshoot ongoing issues with spam, after you’ve already completed at least a week’s worth of training as described above.
Using Plesk 10 or older? Manual training required [Legacy]
1. As above, head on over to the Spam Filter option for your email account in Plesk
2. Choose the “Training” tab
In the list you will see all emails found within your inbox. Simply check off all emails that are spam, then click the “It’s spam” option at the bottom. That’s it! Keep repeating this as often as possible until you have at least 100 spam emails and 100 non-spam emails trained. The more you train, the better it will be at correctly categorizing your email.
If you don’t see any messages in the list, it’s because you’ve already moved them out of the inbox either by deleting them, or by moving them to another folder. You must leave email in your inbox until you have trained them for this to work. Once you have completed training, you can delete them or move them to another mail folder as you normally would.
Once you’ve trained about 100 emails you should start to see some positive results. Use the comments below to let us know how effective this was for you!
Each of your Plesk 9 email accounts have their own login to Plesk that’s limited to just managing their own mail account’s settings. You can send your email users to your server’s Plesk URL and have them login with their email address and email password so they can train their own spam. Your Plesk URL can be found in your address bar once you’re logged in; for our shared servers it looks something like: https://thyme.websavers.ca:8443