What is an anti-spam system? How can it block an email?

Noé Soriano

In this post we will review what are antispam systems and other filters that can block a newsletter.

Many of you certainly know these rules, but others can be new to you and in this article you will know what to consider when identifying possible problems in your newsletters.

Let’s see these filters one by one in the order in which they can block or accept an email.

Emails in sending queue

It can be called temporary block by its reputation, instead of spam, because the server doesn’t really do any analysis of the campaign, but considers the empirical data of previous emails, to accept, or not, the message being sent, based on the reputation created by the spam filter.

You should remember, however, that sending spam will increase the number of emails in sending queue very sharply.

Queued emails occur basically when an ISP or hosting accepts only a certain number of messages per hour. When this limit is reached, the server requests that the rest of the emails should be sent later.

The system will try to send these emails again later, this process is automatic, so there is nothing for you to do manually.

When this happens, those that could not be sent are placed in a sending queue, hence the queue name.

The system will continue to try to send the message according to the rules of the server. After this number of attempts, the emails not delivered will be discarded.

In these articles you can see more information about queued emails, to know what you can do and how to avoid or decrease this type of problem:

  1. Because some emails are queued for shipping
  2. Messages rejected by an isp due to the number of emails sent

Robinson Lists

The name comes from the famous character created by Daniel Defoe and tries to create the same type of strategy, that is, offer an isolation of advertising as in the famous shipwreck.

It is a blocking method and not spam, as it is not an active solution, it is a passive system.

These lists are created by associations that may be affiliated with ESPs, which will ensure that these emails will not receive any advertising, even if the address is registered in the database uploaded by the sender of the newsletter.

Advertised as mail preference services (mps) these lists are a good option for users who want to avoid receiving commercial newsletters of any kind. By registering in these lists, the user is sure that his email address will no longer receive any commercial email from any affiliated sender.

SPF Lock

it  receives an email, be it commercial or not.

The filter will simply block or penalize incoming messages when the IP is not authorized in the SPF record.

RBL or blacklists

These locking systems are already a bit more advanced and complex.

RBL is an acronym for Real-time Blackhole List the name of the first system created for blocking IPs or domains which are sending SPAM.

These companies, associations or even home users who share a list of IPs or senders who have had spam complaints or which were detected as such on their servers.

Some are free and others paid and email server administrators can enable a script offered by these lists so that if an email is received from Ips or senders listed, the newsletter is added to the spam folder or blocked directly.

They have evolved in many ways (beyond senders or IPs) including controls on DNS servers, SMTP open, analysis of whether the sender has control and abuse accounts created, etc.

In total, there are hundreds of blacklists.

On this site you can check if an IP address or domain is in one of these blacklists:


However, the vast majority are irrelevant and only the most important are used on servers and email systems, such as:

  1. Barracuda Networks: barracudacentral.org
  2. Spamcop: bl.spamcop.net
  3. Spamhaus: sbl-xbl.spamhaus.org
  4. URIBL: uribl.com

When your domain is added to one of these important blacklists, it is important to take action to request removal.


A consequence of the above.

Due to false positive or dubious alerts, some companies created “Grey” lists.

These lists add to quarantine emails sent by a specific IP or domain, but not permanently, the message is sent some hours later.

Others work the same way, but with a number of spam complaints. If the maximum number of complaints is not reached, the messages are delivered.


A peculiar antispam system. Email addresses “spamtraps” are added for example on web pages in the contact section, in business directories, etc.

If someone sends newsletters to these addresses, the filter will know that these emails were inserted into the database illegally, without complying with the rules and the antispam filter can confirm that this is a sender that doesn’t work with opt-in lists.

Once the filter detects that the sender is sending to one of these email addresses, the domain can be added to blacklists or blocked permanently. In this article, we can better understand how they work:

What are spamtraps?

IP reputation systems

The most famous is www.senderscore.org created by ReturnPath.

These are services that give a score for IPs or ranges of IPs based on spam complaints received by these IPs, changes in volume of sent emails sent to spamtraps.

ISPs like hotmail or gmail and hosting providers have their internal evaluation systems in this sense.

When blocking occurs for this reason, it is usually done with a soft bounce, to give the sender the possibility to take the necessary steps  to correct and send the message again.

Antispam server system

Corporate servers and hostings typically enable internal antispam systems that filter all messages before delivering them to the recipient’s various accounts.

Usually, it is an intermediate layer between locks by SPF or main RBLs and local antispam that we’ll see later.

There are paid systems like SpamTitan or Spamina (they usually have added reports and dashboards for users) and free systems, such as SpamAssassin.

The reason why the server will review the email using  RBLs, SPF and other systems is to eliminate spammers before checking the messages using the internal antispam software.

These systems will only review emails that have not been previously discarded and this is very important. First, some systems are paid and charge for the number of messages analyzed. In addition, important resources of the servers are used, because the local antispam will do a more complex  analysis.

Specifically, what they do is generate a SpamScore as well as checking the reputation of the IP and domain of the sender and their presence or absence in several blacklists and reputation systems.

These servers review emails based on internal criteria, such as the design of the message, to compare with emails sent by spammers, in addition to comparing email with other messages that were received by registered users on the system and were marked as spam.

This article has more information about how this works and what is the SpamScore:

What is SpamScore?


Created in 1997 and since 2004 belongs to Apache Sofware foundation, is the most widely used open source antispam server system especially in B2B environments.

You have over 700 bonus or penalty rules according to the design, RBL, sender configuration, etc.

SpamScore will review the message and allow or block access depending on the limit score that the admin user has indicated.

It is a method to verify the email and check whether it could be considered as spam or will be accepted, in fact, the Mailrelay panel uses Spamassassin for newsletters processing and generation of reports.

Wikipedia Spamassassin


Smart or social B2C antispam

B2C ISPs like Hotmail, Gmail etc, use blacklists and IP reputation, SPF and SpamScore to check messages before accepting the emails.

But then they add an extra layer of control that we can call social detection control of unsolicited newsletters.

For campaigns passing the rest of the controls, fhe filter will analyze how the subscribers who received the message will interact with the newsletter and block or decrease the reputation according to the actions of the users, if for example they are opening the email, if they are clicking on the button to mark it as spam, excluding the email, etc.

An example is the Microsoft SmartScreen filter:


In one of their sections they perform these tasks so that Outlook and Hotmail can block newsletters in real time.

And this is important: in real time.

This is perhaps why newsletters, which in principle have no problems of SpamScore or blacklist or other locks, get delivered in the inbox initially.

But while the system is sending the campaign:

The rest of the emails land in the  spam folder or are blocked by the interaction or lack of it of the subscribers who are receiving the message, if for example several of them  are flagging this newsletter as spam.

Local antispam

The last barrier, and about which we cannot have any feedback, is the Antispam that the recipient may have installed on his computer.

If the subscriber uses a desktop e-mail client, such as Outlook or Thunderbird, this software will use its own antispam rules, or of complements offered by the most known antivirus.

Most of these add-ons use the systems we just saw, so the message will probably not be blocked, if it has already passed all the previous controls.

If your message is blocked, try to change it, check your settings and send it again.

To conclude, let’s do a quick review to see a summary of the filters that can block your newsletters:

  1. Emails in sending queue
  2. Robinson Lists
  3. SPF blocking
  4. RBL or blacklists
  5. Greylisting
  6. Spamtraps
  7. IP Reputation Systems
  8. Antispam Servers
  9. Smart or social Antispam systems B2C
  10. Local Antispam

This list should not be taken as a linear system, we are just explaining the filters that can block a newsletter.

In fact, many of these systems are combined into a single filter that Check the emails received by the servers.

This doesn’t mean that all work together, if a filter doesn’t accept the email, another can deliver the message in the inbox without problems.

And the newsletter was accepted correctly by a public filter, like Gmail, it can be sent because together, these 2 systems review almost all the points listed in this article.

If the messages are not delivered, to detect where is the problem, in addition to using the dashboard spam report, you should check what is the response of the destination server, because in many cases, this message will tell you the reason for the problem.

This can be done directly on your panel in Mailrelay in the menu sent newsletters -> Search logs.

As we saw there are many systems to block spam, but you don’t have to panic.

Noé Soriano

Leave a Reply

Your email address will not be published. Required fields are marked *