Take back control of your inbox
Signup and Get Started
Frequently Asked Questions
What is behind the Infomail filter?
Pulse8 security Technologies provide an optional propriety Bulk email, Newsletter filter called the Infomail filter.
The infomail filter is an aggressive filter that contains over 15,000 individual Bulk email and Newsletter heuristics, which can be triggered individually or indeed multiple heuristics can be triggered in tandem.
Generally Bulk emails and Newsletter are not fundamentally malicious in nature, but please be advised that the infomail filter does not differentiate between malicious Bulk email and Newsletters and genuine Bulk email and News letters, it is simply a filter that filters out all Bulk email and Newsletters, regardless if the sender reputation is positive. However, please note that a negative sender reputation will also be evaluated if user complaints have been upheld.
In addition, Pulse8 security also monitors all multi connection senders platform wide, monitoring specifically the number of simultaneous connections deriving from a given source within a short period and in some instances the aggressive and optional info-mail filter will define multi connection senders as Info-mail, which will on occasions inevitably cause some false positives. It is for that reason Pulse8 security has not deployed the Info-mail filter as a mandatory filter and therefore the info-mail filter remains an optional preference both at a customer level and individual user level.
Pulse8 security's Info-mail filter additionally contains some heuristics that are very similar in nature to platform wide spam filtering heuristics. That means on occasions whereby Pulse8 security's users have reported emails that they consider to be unsolicited via our control panel or Outlook plugin facility as info-mail, the mail signatures will be added to the Info-mail heuristics.
Why are Pulse8 security IP addresses listed at Backscatterer?
- What are backscatters?
Backscatter emails are automatic responses via email (such as non-delivery reports, delivery confirmations and out-of-office notes), or so-called bounce messages. If the sender of the original email is faked, it can happen that said emails are delivered to innocent third parties.
What is the backscatterer.org deny list?
Why are Pulse8 security IP addresses listed by backscatterer.org?
First we distinguish between incoming and outgoing channel. Incoming: Pulse8 security takes all possible and necessary measures to identify incoming backscatter spam and to prevent it from spreading through various mechanisms. Incoming backscatter emails are effectively detected and rejected by the MTA before they are accepted within the SMTP channel. The following NDR is not generated by Pulse8 security and therefore cannot enrich backscatter further. Furthermore, Pulse8 security uses a specially developed bounce management, which distinguishes real from fake bounce messages, to provide the highest possible quality of incoming messages for service users. Outgoing: Let's take as an example an out-of-office notification that is triggered after a regular email to a service user is received. It is considered a "hit" for a recipient who uses the RBL Backscatterer as blacklist. The same applies to the other email types mentioned above.
Does Pulse8 security request the removal of the own IP addresses from the blacklist of backscatterer.org?
What can a service user of Pulse8 security do, if emails are rejected due to the blacklist of backscatterer.org?
Whoever uses this blacklist to block, without softening the consequences of the compelling "false positives" through a whitelist, accepts intentionally or negligently that even legitimate emails will not reach him. The external communication partner should not use the blacklist of backscatterer.org as the only classification criterion.
Our recommendation is not to use SMTP rejects for backscatterer hits, but to process them as softfail: e.g. quarantine, tagging or drop. But not to use a reject or bounce. This often prevents legitimate business transactions, which are extremely frustrating for end users. The configuration of a mail server is always a matter for the operator. We recommend our service users to contact the communication partner in order to perhaps achieve a configuration adjustment in a dialog.
Backscatterer.org is a list that captures IPs that send the above mentioned email types with the goal of reducing backscatter spam. This is first a respectable goal, which could reduce the global spammail volume.
As your external email security provider we are obliged, even commissioned by you, to deliver the above mentioned outgoing email types to the sender. Therefore, Pulse8 security does not consider these emails as spam. The removal at the blacklist backscatterer.org can only be done for a fee, no matter if the sender actually disturbs the mail operation. Pulse8 security considers the blacklist-operator Backscatterer as dubious, as long as he also enriches himself with legitimate bounce messages and demands a fee for the activation.
How long are spam mails in the quarantine accessible via the spam report or the control panel?
The quarantined emails are kept for 90 days and can be retrieved via the spam report or directly in the control panel and delivered to your email address.
Can emails be incorrectly evaluated and blocked even though they are not spam?
This is theoretically possible, but it is extremely unlikely. This is then a so-called "false positive". Our technical department has determined the threshold values for spam detection in extensive and complex tests, so that our false positive rate is below 0.0004%. The threshold values are adjusted hourly to the requirements.
How is outbound spam being handled?
- What are backscatters?
Will I get blocked for sending spam? Yes, sending spam causes temporary bans for the sending user, domain or IP.
- How will I be informed to be aware the presence of outbound spam?
When spam sending from your mail server is being detected by our monitoring system, we will contact you via email shortly.
- Will you provide some evidence of outbound spam?
Yes, we will send you details of the header of the outbound spam mail.
- Is there a list of anti-relay measures or guidance for customers?
Keep an eye on your configuration: do not allow anyone to relay via your server and limit permissions to known IPs or accounts with SMTP-auth. Regarding generic accounts (webmaster, admin etc.) and use strong passwords.
- Does your service block the outbound spam?
Virus emails are always blocked. If we detect suspicious mass mailings (monitoring the content, amount of unusual mail flow, unknown sender etc.) we manually take a look before we block the mails to avoid false positives e.g. blocking of legitimate newsletters send by our customers.
- Are all outbound emails tested for spam content?
- How can I get unblocked when being blocked for spam sending?
You will be contacted when being blocked for outbound spam. Send your feedback on appropriate countermeasures that have been taken by the responsible person/admin in a reply to get your case re-investigated by a support agent.
When will another delivery attempt be made if my mail server is not available?
If your mail server is not available, the incoming emails are held in reserve by our service. A retry is first tried every minute, depending on the current performance. Afterwards, the clock rate is increased step by step, so that hours later it can be several minutes before a new delivery attempt is made. By the way, you can also access your emails during the outage via our Continuity Service. In addition, you have included a 3-month archiving service. If you are interested, you can find request more information here.