DCI / Gateway

Before looking at the types of spam you are receiving, please ensure that the following tests are enabled or operational:

  1. 1. RBLs 2. Botnet Analysis3. Network Testing4. DNS Responses
    Make sure you have added these three recommended RBL servers:

    See Managing Realtime Blackhole Lists.

Once you have verified the tests above are enabled or operational, take a look at the different types of spam listed below and the options you have to reduce them.


Spoofed email can arrive in many forms. Which best describes the spoofed mails you are receiving:

  • My email domain is being spoofed:

To prevent this, enable SPF and DMARC.

See Enabling & Configuring DMARC and also SPF Settings.

  • The names of users in my organisation are being spoofed:

See AntiSpoofing.

Malicious links

If you ran the test in step 3 above and got a positive result, but you are still receiving malicious links, submit a ticket on our Support Portal. Attach examples of the full emails you are receiving, not just the links.

Malicious Attachments
  1. Go to Reporting > System Information > Services and check that both Clam and Bitdefender are running. See Available Services.
  2. Enable sandboxing. See Sandboxing.
  3. Enable Google Safebrowsing Database in your Clam AV settings. 
  4. Use third party databases. See Configuring Clam AV Settings.
  5. Use banned attachments if uncommon files. See Configuring Attachment Filters

If you are still receiving malicious attachments after changing these settings, submit a ticket to Support and attach the original emails you are receiving.

Unsoliciated Marketing Email

Submit a ticket to Support and request that additional Unsolicited Marketing Email rules are added to your SpamTitan.

None of the Above
  1. If you have checked the three tests at the top of this page and are still receiving a high level of spam that does not match the types listed here, consider the following actions: