I have ISPC3 set up and running. It's managing several mailboxes on several domains. Most spam email seems to get flagged via x-spam and automatically moved to the junk folder. But some email isn't. I can't understand how the spam score is calculated. I seem to recall in previous email headers that this was listed, but now, I don't get anything other than the total score and unsure how it determines whether email is spam or not. I've just replaced the receving mailbox domain by mydomain.co.uk, but otherwise, the headers are unchanged. Here's an example of email that was correctly marked as spam: Code: Return-Path: <[email protected]> Delivered-To: [email protected] Received: from srv1.xavserver.co.uk by srv1.xavserver.co.uk with LMTP id SMxdKeYhlWiU2gQAAhqsVA (envelope-from <[email protected]>) for <[email protected]>; Thu, 07 Aug 2025 22:00:06 +0000 Received: from kossenlux.city (kossenlux.city [77.87.213.13]) by srv1.xavserver.co.uk (Postfix) with ESMTP id B9A91402BE for <[email protected]>; Thu, 7 Aug 2025 22:00:05 +0000 (UTC) Authentication-Results: srv1.xavserver.co.uk; dkim=none; spf=pass (srv1.xavserver.co.uk: domain of [email protected] designates 77.87.213.13 as permitted sender) [email protected]; dmarc=none ARC-Seal: i=1; s=default; d=mydomain.co.uk; t=1754604006; a=rsa-sha256; cv=none; b=lUvxwjeEh7ykEBTu2GhRgXPJj2p8YjyvIY+cWUO9TRmDLGqeJLudjbsnV+qzI3z0Q6EckK OV+ovrxKDT5elcmEZl6j6ecPCF5ugZLUgHvx42V/VuA6RHMAm2ntAgpPZpTM/gumIYs/yN 6XPMPjEXwiTspbgNjP31uPzKqD/0OAxTa5T62zCw/vnpULOIpKPzUtqus//db1c9CBBwqS bwu3T9mS0loWFYHla3JGrQi7kIWZoGhAfFBFfyQsbWBPysb+cjq71QUyH2ZvF5tMrAj0tX F24FaGTCxtxptgvVtXxl3mEXAVcCX5dqSylJzJqmHKLwgp96R7tE8kED5uzAxg== ARC-Authentication-Results: i=1; srv1.xavserver.co.uk; dkim=none; spf=pass (srv1.xavserver.co.uk: domain of [email protected] designates 77.87.213.13 as permitted sender) [email protected]; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.co.uk; s=default; t=1754604006; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=sofxSSREK0AkmnxgV0r1AJdXaYpS4Bq7Wo1ee3kvGqg=; b=CP9wzVljhMzhIoREI18qZWb53Rk+kmwrnXOXnO3CkaDRaXlKQpa7Wi7KfBgN2r95sJdgdE M5l0wnu6o1BMCCRKs7sLspwuBOZNwUumEfy7c9Ub7IYmPZ2l3XiM1eQma5X0XZqP5qoRba Mc/e988tMdMpltFl1oYD6XO6GFtzSeDeess6g94OWDhZ0Jv1Oi86TX3PvyZSUmNhbmPX1R ASyYCUZ+2NH+Ww/c8r4Uf9oQj1fYSXGhiH8RBSUbTbW35WbtFGc0HRzJrml2JIUTiHMJS1 XZpNCs6Py9Pxp1bf9s5qHcsFQrJRsAnImoWvtvVsmoMpuaLwX+xmFHE+zMzLhA== Received: from mossane.pro (s19.ocolas.blog [194.39.204.19]) by kossenlux.city (Postfix) with ESMTPA id BA6D327B16; Thu, 7 Aug 2025 20:21:15 +0300 (EEST) Message-ID: <65746621B02271420B22462677D75585307R@idopnonvh> From: "SeatCushion" <[email protected]> To: <[email protected]> Subject: *** SPAM *** Sit comfortably, anywhere... Date: Thu, 07 Aug 2025 20:42:34 +0300 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_000F_01DC07D8.F68899B0" X-Spam-Status: Yes, score=7.78 X-Spamd-Bar: +++++++ X-Spam-Level: ******* This is a multi-part message in MIME format. ------=_NextPart_000_000F_01DC07D8.F68899B0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0010_01DC07D8.F68899B0" ------=_NextPart_000_0010_01DC07D8.F68899B0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: quoted-printable =0D=0A=0D=0A=0D=0A=0D=0A=0D=0A =0D=0ABack pains will disappear! K= laudena - comfort in every chair!=0D=0A =0D=0A =0D=0A =0D=0A=0D=0A= =0D=0A=0D=0A=0D=0A=0D=0A=0D=0A=0D=0AWe do our best to share only=20= the most useful =0D=0Aand interesting content.=0D=0AIf our emails= ever feel like too much, you can =0D=0Aunsubscribe =0D=0Aat any=20= time.=0D=0ABut we=92d love for you to stay =97 there=92s so much=20= good stuff =0D=0Aahead=0D=0A ------=_NextPart_000_0010_01DC07D8.F68899B0 Content-Type: text/html; charset="windows-1251" Content-Transfer-Encoding: quoted-printable . . . And here's an email that was delivered but is spam: Code: X-Mozilla-Status: 0001 X-Mozilla-Status2: 00000000 Return-Path: <[email protected]> Delivered-To: [email protected] Received: from srv1.xavserver.co.uk by srv1.xavserver.co.uk with LMTP id BbX9GQOGmGgDXhIAAhqsVA (envelope-from <[email protected]>) for <[email protected]>; Sun, 10 Aug 2025 11:44:03 +0000 Received: from zeep.tashkent.su (zeep.tashkent.su [62.173.141.4]) by srv1.xavserver.co.uk (Postfix) with ESMTPS id 2F049402BE for <[email protected]>; Sun, 10 Aug 2025 11:44:02 +0000 (UTC) Authentication-Results: srv1.xavserver.co.uk; dkim=none; spf=pass (srv1.xavserver.co.uk: domain of [email protected] designates 62.173.141.4 as permitted sender) [email protected]; dmarc=pass (policy=none) header.from=fizertin.de ARC-Seal: i=1; s=default; d=mydomain.co.uk; t=1754826242; a=rsa-sha256; cv=none; b=mrdBWucTjzl0iMUYg36pprpUYgTxsNe4wQtQbWt6p9eWcPL39WEkvRKo2So+a53VS6ZDdM ew/8JudVpO5ZopFfkHIy7rsSdwVLa19IjElNfkwz0Mc7b6NbETQEaPJXVlXmB7Y/+H9eR5 W3Bjf/cE6yjHRg3lLGY6XXjH89a7zDb4/Em2gK2SmOZZ4+O+jxSkNJmh852aRugoYYxHO+ vd/riEOh43g7Mm835B+JeBlRqaYDsIIB0LM8Esr31gjdv3p5EAtALwGqw1Ah34qH6tIFcc KSRpf4G2G8Rk+UMo//253iYbMRrUYfJYUadi0oUwkR/aB6NGJqB47z5o/ed5LA== ARC-Authentication-Results: i=1; srv1.xavserver.co.uk; dkim=none; spf=pass (srv1.xavserver.co.uk: domain of [email protected] designates 62.173.141.4 as permitted sender) [email protected]; dmarc=pass (policy=none) header.from=fizertin.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.co.uk; s=default; t=1754826242; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type; bh=SezQIE3EMU1rjIp6HVIr0DwpuiRQoppkMclpjbs9oLA=; b=NEFKc9CyvRxpbY33TPeL3uDufti0sSVjyveanrJf37zErRHuBiof8pajD8vKhTpAfJVEjc OaA+B5GaixdUCl6oaP+Ix59bM6m7+TBqKIlfzbHnez70/+CuQUt/Kfey47lFWn9s4ebqc8 tYscDlWO9ZVpNpoRu2mWLWmeOB920UTaMMjAPk+RiQ+m0WPRrXVioaJLgWR/gVmQrq8IPV Xoq6a/4sqCGBWW58cRqgXpQm8sL8Z9uTUpzBIgePqMfzA97/7PezGAYY/0oDFmjyBeQ9PT S6vzucMPRP6SeO2dE9V5fPcyLlWCI6CEWDHD5t3Z8B6LzKSQwIzs89mkbTjx7w== Message-ID: <[email protected]> From: "New Derila ERGO" <[email protected]> To: <[email protected]> Subject: perfect neck alignment, no more sleepless nights Date: Sun, 10 Aug 2025 11:57:05 +0300 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0006_01DC09EB.5D980280" X-Spam-Status: No, score=1.29 X-Spamd-Bar: + X-Spam-Level: * This is a multi-part message in MIME format. ------=_NextPart_000_0006_01DC09EB.5D980280 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0007_01DC09EB.5D980280" ------=_NextPart_000_0007_01DC09EB.5D980280 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: quoted-printable# . . . Any ideas on what I'm missing?
If you use Rspamd as the spam filter, then you can find more information about the scores of an email in the Rspamd GUI. Login details see System > Server config > Email in ISPConfig.
Thank you Till, I hadn't seen that before. Looks very comprehensive. Yet another system for me to look into and understand
You can also enable extended headers in order to show the complete info about scores in every single mail header: https://www.allerstorfer.at/rspamd-show-extended-spam-headers/
