Frequently Asked Questions

Here are some of the most often asked “SpyderMail FAQs” we are asked by clients.

If you have any other questions that aren’t addressed here, feel free to contact us. If you are a domain manager for a domain that we are filtering, you can use the Support Form here.


Not usually. We “step between” the internet and your mail server in order to clean your incoming mail. However optional hosted solutions are available.

Yes. All you need to do is get your MX Record changed to point to us. If you host your own server, it’s easy to do. If someone else hosts your site/mail, you just log into the control panel and change the record, or have your host do it.


In case there’s a problem with you mail server, and it occurs during your “off hours” we’re able to give you the head’s up.

Yes. We are able to deliver to your main mail server and a failover one.

We offer flexibility when dealing with alias users and domains. For more information , contact us.

If you’re uncertain, we can provide advice / feedback on changing your MX record.

No. We’re not in control of it. You are in control of your organization’s DNS. Either you host it, or you can have it change via your hosting company.

If you prefer to leave it on, make sure you check it regularly, in case an email that has been allowed through by SpyderMail Email Security gets put in the junk folder in error, by Microsoft Outlook.

No, since your mail is being filtered by the SpyderMail Email Security system, it’s better to utilize just one system, as it’s easier to monitor and adjust.

The SpyderMail platform will keep up to 90 days of message logs.

Yes, the SpyderMail system supports Encrypted Email – TLS (Transport Layer Security) including large file handling.

We can typically have our end set up in minutes (after hours might take longer, and we perform quality checks, sanity checks and test and provide custom feedback for your unique environment.

Log into the Management Portal and review your logs to see if anything has come from this domain recently.

Do you have a subject line or something else that can help track down this message?

We have seen this type of problem when two domains used to share a mail server and one migrated off. If the domain configuration and mailboxes were never deleted from the old mail server then any e-mail sent to the old mail server would be placed directly into the old mailboxes and never forwarded on to the new mail server.

We have also seen problems when a domain moves DNS servers and the records are never removed from the old DNS servers. It can cause similar problems to the one mentioned above but usually results in a bounce message.


The nature of UCE (unsolicited commercial email) is that once a way has been found to defeat one method, another is found for use by the spammers. The only thing that we can do is try to minimize the spam that actually reaches the inbox. The complete solution toward this goal, also requires some action on the user’s part.

Configuring Your Firewall:

  • Once e-mail is flowing through the SpyderMail service, you need to configure your Firewall to only allow inbound access from our IP space.
  • Restricting inbound to our delivery servers will stop Spammers from bypassing the protection of the SpyderMail Service by sending Spam directly to your mail server. Don’t forget, spammers can check MX records as easily as we do!

Posted by SpyderMail on September 18, 2018


Personal Allow and Block Lists The SpyderMail service can be configured to allow end users to have control over their individual allow and Block lists which further reduces the chance of false positives.

End-User Quarantine The SpyderMail Email Security service provides the ability to setup quarantine mailboxes where users can direct questionable email for later review. This greatly reduces the support load for large organizations.

Quarantine Summary Emails A daily email is sent to all end users with a quarantine account summarizing the contents of their individual quarantine mailboxes. Here, each user will be able to choose if a particular email is spam or not thereby allowing the SpyderMail service to adapt to the individual user’s preferences.

Note: End-users do not have to remember any passwords or user IDs to access their quarantine mailbox; each summary account email is an html document with direct links pointing to the end-users quarantine mailbox with the appropriate verification embedded.


Yes. If you wish, each email address (including aliases) will be quarantined individually to allow controlled custom settings for the specific email address (or alias). This is setup automatically by the service and requires no additional work on behalf of the Domain Manager. However, if you do not want individual quarantined mailboxes for all users, ALL quarantined email can be sent to a single mailbox specified by the Domain Manager upon sign-up. This way, the Domain Manager is responsible for sifting through quarantined messages.


If configured for per-user quarantine, the email is stored on the antispam servers. A “Spam Quarantine Summary” report will be sent to any users who have at least one email “quarantined”. Admins can configure the timing of these quarantine digest messages in a very flexible way – up to 24 times a day!. Each user can decide for themself whether they would like to release the quarantined messages and / or classify them as spam. A second option, instead, is that the Domain Manager can receive ALL quarantined email (sent to a single mailbox specified by the Domain Manager upon sign-up). With the exception of viruses, email messages are stored in their entirety, and can be retrieved should the need arise. From the designated quarantine mailbox the Domain Manager can determine what action to take against the quarantined emails.


Incoming email is routed through the SpyderMail Email Security Service before it hits your mail server. Spam is tagged, quarantined or blocked based on preferences setup by the Domain Manager and/or end-user. Legitimate email is allowed through to the recipient.


The false positive rate of the SpyderMail Email Security Service is one of the lowest in the industry. In the rare event a wanted message is blocked, the Domain Admin has the ability to review, and request release of the message.


Email is processed inside the platform. The administrator can specify who can access the machine and it is password protected. For more information on the privacy of the SpyderMail service, please read our Service Agreement


A team of security engineers continuously monitors the Internet for trends in spam and virus attacks. As they detect trends, regular updates are created and distributed to the SpyderMail service which is automatically updated with new spam rules, spam algorithms, and virus definitions. These updates require zero administration and ensure that your network has comprehensive and accurate protection even as the methods of attack change. For the SpyderMail service, the spam and virus definitions are updated hourly.



Our hours for tech support are 8AM to 5PM MST, however we monitor the service 24 x 7 and have staff on call to respond to any issues. Additionally staff are notified if a support question comes in after hours from our website. After initial setup and testing most customers have very few questions and support concerns.


We do not charge for SpyderMail-related technical support. Our toll-free support number 1-877-386-3763.

Here are a few client examples

To obtain it from your client it’s best to refer to your product’s documentation, but we’ve gathered a few examples as a convenience for you:

Microsoft Outlook Express 5 and 6
  1. Click the File menu.
  2. From here, choose Properties and then the Details tab.
  3. Click “message source” and then highlight, copy, and then paste everything from this window (Ctrl A and Ctrl C).
Microsoft Outlook 2000, 2002/XP, and 2003
  1. Double-click the message that you want to open.
  2. Select the Options submenu, which is located under the the View menu.
  3. From here, copy the text from the Internet Headers section.
Microsoft Outlook 2007
  1. Right-click on the message in your Inbox. (You don’t have to open the message).
  2. Select “Message Options”
  3. From here, a Message Options pop-up window will appear on your screen. The Internet header information is located at the bottom, in a big textbox.
  4. Click in that “headers” textbox
  5. Press Ctrl A to select all the header information, and then press Ctrl C to copy the Internet header information.
Microsoft Outlook 2010
  1. Open the e-mail in which you wish to view the headers, and then click the File menu.
  2. From here, click the Info tab.
  3. Click the Properties button in the menu.
  4. A pop-up window will appear on your screen containing the e-mail with full headers.
  5. Place the cursor in the Internet headers: text box.
  6. Press Ctrl A to select all the header information, and then press Ctrl C to copy the Internet header information.
Microsoft Exchange
  1. Click the File menu.
  2. From here, click Properties and the Details tab.
  3. Click Message Source.
  4. Press Ctrl A to select all the header information, and then press Ctrl C to copy the Internet header information
  1. Double-click on the subject line, which will open the e-mail.
  2. Click the blah blah blah button to reveal the headers.
  3. Copy the entire message from the body of the e-mail and then click Edit/Select All or Ctrl A.
  4. Right-click the message, press Ctrl C or Edit/Copy to copy the entire e-mail.

As messages are processed by the system some tests are yes/no tests (virus infected / sending IP address black listed) and some are value tests. After a message has passed all the yes/no tests then the content of the message and the way it is put together is checked against 1000s of value tests. Each test has a value or weight and the message gets the sum total of all failed tests. It is this final total score that is compared against the various thresholds to decide the fate of a particular message. We call this our three strikes and you’re out testing.

  • virus
  • bulk
  • low threat
  • medium threat
  • high threat
  • spam

You will need to get in touch with your Domain Manager. If you are uncertain how to contact him/her, please send an email to and we can help you with the contact information.