Ultimate Guide to Deliverability: How Spam Filters Work

How Spam Filters Work

This is an excerpt from the Ultimate Guide to Deliverability. Download the guide to get a complete understanding of what it takes to reach the inbox.

There are countless articles on the web entitled, “How to Avoid Spam Filters.” The problem with most of these articles and their advice is that they’re based on the false premise that it’s even possible to avoid spam filters.

Spam filters are part of the process. If you send email, it will be filtered—either to the inbox, a categories tab, a spam folder, or it will be blocked completely. Filter technology plays a massive role in the success of your email campaigns. That’s why, at Return Path, we encourage our clients to embrace spam filters, learn how they work, and understand how mailbox providers use them.


What is a filter?

Email filters organize email according to specified criteria. Originally, filters were designed primarily to identify spam and block it or place it in the spam folder. Today, some mailbox providers use email filters to categorize messages for inbox organization purposes (e.g., Gmail categories or Microsoft’s Focused inbox).


Why do mailbox providers filter email?

Mailbox providers have strong motivations to use spam filters, whether they build their own system, leverage third party spam filter technology, or use a combination of home grown and partner anti-spam solutions.

Spam is annoying, no doubt, but it can also be dangerous. Malware and phishing are hugely profitable for scammers and can be costly for mailbox providers’ customers, as well as the mailbox providers who face intense market competition. Practically speaking, spam filters drastically reduce the load on server resources, considering that 70 percent of all mail sent globally is spam.

Types of Filters

As a message traverses from the sender to the subscriber’s inbox, various types of filters can influence deliverability and inbox placement:

  • Gateway spam filters are physical servers that are installed at the border of a company’s network, and serve as a mailbox provider’s first line of defense in preventing spam. All mail attempting to come into the company must pass through this “gate” before it can enter the system. This spam filter learns what to deem as spam based on all the email coming into the company, which means it has less email data to learn from than a hosted spam filter (discussed below). Examples of gateway spam filters include Cisco’s IronPort and Barracuda.
  • Third party (or hosted) spam filters are companies that have developed a proprietary method of using content and reputation metrics to distinguish spam from legitimate mail. Third party spam filters can influence filtering decisions at the gateway or after a message is accepted through the gateway (i.e., spam or inbox placement). Since these spam filters have a large book of clients using their service, they have a broad scope of information to use in determining whether to deliver to the inbox, spam, quarantine folder, or block the message completely. Third party spam filters can include technology that is integrated by vendors directly into their own products. Examples of third party filters spam filters include Cloudmark and MessageLabs.
  • Desktop spam filters are a version of third party spam filters that live on the end user’s computer. They are highly customizable by the individual, so they can be among the more difficult filters to pass through. An example of a desktop spam filter is Outlook, which uses Microsoft’s anti-spam filter SmartScreen to help filter email. SmartScreen uses the feedback from Windows Live Hotmail users to help distinguish legitimate emails from spam.

To find out more about how the top three webmail providers filter email, download the Marketers Guide to Gmail, Outlook.com, and Yahoo.


The basics of filter technology

Spam filter technology may be placed on both inbound email (email entering the system) or outbound email (email leaving the system). Mailbox providers use both methods to help protect their customers. Senders may encounter both types of filters but are mostly concerned with inbound filters.

Both outbound and inbound filter methods use algorithms, heuristics, and the more advanced form of heuristics known as Bayesian as part of their filtering technology. Algorithms in this context are rules that tell a program what to do. Heuristics work by subjecting email messages to thousands of predefined rules (algorithms). Each rule assigns a numerical score to the probability of the message being spam.


The main types of filtering analysis

Mailbox providers look at four main aspects of mail when making filtering decisions:

  • The source of the mail
  • The reputation of the sender
  • The content of the mail they send
  • Subscriber engagement