Glossary
Quick reference for the terminology used throughout MxGuard.
- Bounce / VERP
- A Variable Envelope Return Path — a way of encoding tracking information
into the bounce-return address. Looks like
bounces+8690725-790a-bill=transcom.net@em1538.currensea.com. Common in legitimate bulk mail; MxGuard recognises VERP-shaped addresses structurally and doesn't penalise them. - ClamAV
- Open-source antivirus engine, run as a milter ahead of MxGuard's scanner. Rejects infected attachments before the message body is scored.
- DKIM
- DomainKeys Identified Mail. A signature in the message header proving the message hasn't been tampered with and was sent by an authorised server for the From domain. MxGuard verifies DKIM via OpenDKIM.
- DMARC
- A policy framework on top of SPF and DKIM telling receiving servers what to do when authentication fails. MxGuard's OpenDMARC validates incoming mail's DMARC policy.
- DNSBL
- DNS-based Block List. A blocklist queried via DNS, listing known-bad IPs (e.g. Spamhaus ZEN, Barracuda Reputation Block List, SORBS). MxGuard previously used these at postscreen but they're now disabled in favour of body-content-based scoring.
- DNSWL
- DNS-based Whitelist. Lists of known-good senders. The opposite of a DNSBL. Used to give negative weights in the DNSBL threshold sum, pulling trusted senders below the rejection threshold.
- Envelope-from / MAIL FROM
- The address used in the SMTP
MAIL FROMcommand. Often different from the visibleFrom:header (especially in bulk mail). MxGuard uses the envelope-from for sender reputation and most heuristics. - Ham
- Mail that isn't spam. Marking a message as ham adds a positive label to the training corpus and gives the sender's domain a score discount.
- LightGBM
- A gradient-boosted decision tree library used to train MxGuard's spam classifier. Each scan extracts ~80 features and the model outputs a probability 0.0–1.0.
- List-Unsubscribe / RFC 8058
- A standard email header (RFC 2369) that legitimate bulk-mail senders include to advertise how to unsubscribe. Contains one or more URLs (HTTP and/or mailto). MxGuard surfaces these in the message detail panel and shows a 📬 icon in the feed for messages that carry the header. RFC 8058 extends this with one-click POST support that mail clients use for their built-in "Unsubscribe" buttons.
- Milter
- Mail filter. A Postfix integration point where external programs inspect mail at various SMTP phases (connect, helo, mail, rcpt, data, eom) and decide accept/reject/modify. MxGuard's scanner is a milter.
- MX record
- Mail Exchanger DNS record. Tells the world where mail for a domain
should be delivered. To use MxGuard, set your MX to
mx1.mxguard.uk. - Postfix
- The underlying SMTP server MxGuard is built on. Handles all the SMTP protocol details and routing.
- Postscreen
- A Postfix component that does cheap pre-connection filtering (DNSBLs, protocol tests) before handing off to the SMTP daemon. Currently disabled in MxGuard in favour of content scanning.
- Recipient verification
- Asking your backend mail server "does this recipient exist?" before accepting a message. Reduces backscatter. Enabled per-domain via the validated recipients mode.
- Registrable domain
- The "real" top-level domain you can register, ignoring subdomains.
For
em1538.currensea.comthe registrable domain iscurrensea.com. Formail.hsbc.co.ukit'shsbc.co.uk(because .co.uk is a public suffix). - SPF
- Sender Policy Framework. A DNS record listing which mail servers are authorised to send mail for a domain. MxGuard checks SPF via policy daemon.
- URIBL
- URI Block List. Like a DNSBL but for URLs/domains found inside message bodies, not sender IPs. MxGuard uses surbl.org and dbl.spamhaus.org.
- URLhaus
- A threat-intel feed of currently-active malicious URLs from abuse.ch. Refreshed every 6 hours into MxGuard's threat-feed module.