X-Header

Explanation

X-IMAIL-SPAM- ADDRBL:(service >,< message id>,< IP address /reason>)

The message matched an ADDR blacklist.

X-IMAIL-SPAM- DNSBL:(<name of service>,< message ID>, <IP address/reason>)

The message matched a realtime blacklist.

X-IMAIL-SPAM- HELOBL:(<name of service>,< message ID>,< IP address/reason>)

The message matched a HELO/EHLO blacklist.

X-IMAIL-SPAM- HELODOMAIN:(<message ID>,< domain name>)

The message failed the HELO/EHLO domain verification.

X-IMAIL-SPAM- INVALIDFROM: (<message ID>, <from address>)

The message contained an invalid "from" address.

X-IMAIL-SPAM-IP4R: (<message ID>, <name of service>)

The message matched an IP4R (PTR) blacklist.

X-IMAIL-SPAM- STATISTICS:(<message ID>,<spam probability>)

The message has been identified as spam by the statistical filter.

X-IMAIL-SPAM-RHSBL: (<name of service>, <message ID>, <address/reason>)

The message matched an RHS blacklist.

X-IMAIL-SPAM- PHRASE: (<message ID>, <phrase>)

A phrase in the message matched the phrase list.

X-IMAIL-SPAM- VALFROM:(<message ID>)

The message failed the "MAIL FROM" address verification.

X-IMAIL-SPAM- VALREVDNS:(<message ID>)

The message failed the reverse DNS lookup verification.

X-IMAIL-SPAM- VALHELO

The message failed the HELO/EHLO domain verification.

X-IMAIL-SPAM-HTML- FEATURES:(<message ID>,<found features)

The message contained the specified HTML tags.

X-IMAIL-SPAM-URL- DBL:(<message ID>,<domain>)

The message contained HREF or IMG SRC tags with links to a domain in the URL Domain Blacklist.

X-IMail-SPAM-Premium

The message contained spam content.

X-IMail-SPAM-SPF- None

The domain did not publish SPF data.

X-IMail-SPAM-SPF- Neutral

The domain published SPF data and returned a "?" value.

X-IMail-SPAM-SPF- Pass

The domain published SPF data and the message met the publishing domain's definition of legitimacy.

X-IMail-SPAM-SPF-Fail

The domain published SPF data and the message did not meet a domain's definition of legitimacy. The message was identified as a forged message by the SPF filter.

X-IMail-SPAM-SPF- Softfail

The domain published SPF data and the message did not meet a domain's strict definition of legitimacy, but the domain cannot confidently state the message is forged. The message was identified as a forged message by the SPF filter.

X-IMail-SPAM-SPF- Error

There was an error during the SPF record lookup and could not correctly interpret the error.

X-IMail-SPAM-SPF- TempError

There was an error during SPF record lookup. For example, the server was up, but it gave an error.

X-IMail-Broken-Mime- Header

The message included a broken MIME header.

X-IMAIL-Attachment- Blocked

The message included a file attachment type or MIME type that was selected to be blocked.

X-IMAIL-ThreadID: (<message ID>)

Message written to a mailbox includes a ThreadID to simplify tracing the message path through the logs. The ThreadID corresponds to the ID number placed in the syslogs and the number given to corresponding Q and D files.

X-CTCH-SPAM: (Message-ID) Confirmed

Premium Anti-spam Confirmed X-Header for spam messages from known spam sources

X-CTCH-SPAM: (Message-ID) Bulk

Premium Anti-spam Bulk X-Header for spam messages from sources that are not confirmed spammers.

X-CTCH-SPAM: (Message-ID) Suspected

Premium Anti-spam Suspected X-Header for legitimate messages that are sent to slightly larger than average distribution or are unidentified spam messages in the first few seconds of a massive spam outbreak.

X-CTCH-SPAM: (Message-ID) Unknown

Premium Anti-spam Unknown X-Header for messages which Commtouch does not have any incriminating information, and are therefore assumed to represent legitimate correspondence.

X-CTCH-RefID: str=0001.0A01020A.48c14898.006B:SCFSTAT211622a,ss=1,fgs=0

A transaction reference record is added by the IMail Server to the header of every message scanned by Commtouch for technical support purposes.