Once you are done reading this FAQ information, you may simply close this window
If you send a message to some who has had their account locked by the FastMail.FM postmaster, you will receive a delivery notification error like this:
I'm sorry to have to inform you that the message returned below could not be delivered to one or more destinations. For further assistance, please send mail to postmaster@fastmail.fm If you do so, please include this problem report. You can delete your own text from the message returned below. The Postfix program user@fastmail.fm: host fastmail.fm said: 554 user@fastmail.fm: Recipient address rejected: Account locked for abuse or overuse; see http://www.fastmail.fm/docs/faqparts/Email.htm#Locked
This means that this account has been locked. There are two reasons why an account is locked: either the user breached their Terms of Service (such as by spamming), or they have gone over their bandwidth quota. If you received an unsolicited commercial email ('spam') which contained a reference to a FastMail.FM address, that address would have been terminated because the FastMail.FM Terms of Service do not permit this type of use. If you want more details of why this email was rejected, please contact the Postmaster.
If you received an email you think was spam, forward the entire email (with complete headers) to "abuse@fastmail.fm". We'll analyse it to see if the relevant FastMail.FM addresses exist and/or have been locked and send a report back to you.
In general though, a FastMail.FM user has not sent you spam, even although it may appear that they have. FastMail.FM's mail servers are secured, and require a valid FastMail.FM user login to use them. Guest users may not send more than 80 items in one hour (an "item" is one message to one recipient) and are automatically locked out of their account if they break this quota. Spammers often use unsecured "open relays" for sending spam, as discussed here.
So, why could you have an unsolicited commercial email in front of you that contains one of FastMail.FM's domains in an address in the header? This is due to header forging. A forged header occurs when a spammer uses one email server to send an email, but inserts the address of another email system in the header of that message. That causes the email you look at to appear to come from a different place to where it actually came from. Unfortunately there is nothing we can do to stop people that use other sites' insecure mail servers to forge headers to make it appear that the message came from FastMail.FM.
There is also another common reason. Some spammers send emails with invalid email addresses such as:
From: Some Spammer To: Spam Recipients Subject: Yes, this is spam
Since "Some Spammer" is not a valid email address, our SMTP tries to fix it. In this case, it sees 2 email addresses in both the 'From' and 'To' headers, both without domains, so it turns them into:
From: Some@fastmail.fm, Spammer@fastmail.fm To: Spam@fastmail.fm, Recipients@fastmail.fm Subject: Yes, this is spam
Again, this have nothing to do with fastmail.fm, the @fastmail.fm part has just been added to make it a valid email address
But don't fret! It's actually possible to automatically parse headers of an email and send reports to the real source of the problem. And better still, there's a service you can use that does this for you! The service is SpamCop, and we strongly recommend using them instead of reporting Spam directly.
For information about some spam campaigns that have led to complaints to FastMail.FM, please see our spam log.
Basically an email is made up of 2 parts: the header and the body. The header is that part that contains all the "meta" information about the email, such as the Subject, the From address, the To address. However this header is generated by the email software itself. You can easily use malicious software to generate a completely false header part of the email, include a false From address, and even rubbish To and Cc addresses.
So if an email has a false To address, how does it actually make it a destination? Well that's part of a separate internet protocol called SMTP. SMTP (Simple Mail Transfer Protocol) is what is used to actually move an email from one machine to another. Part of the protocol includes the real destination address the email is being sent to, and then the actual email, including the entire header and body. Since this underlying transfer address never appears visible to the user, and since SMTP just takes the entire email, header, body and all and moves it to the destination email address, it's possible to send an email with a completely fraudulent header to any address.
So why is this all the case? It's basically to do with the early days of the Internet, where everything was just between a few trusted university computers. No one had a need or reason to forge email headers, because people really did just want to email each other. These days of course, there are lots of people trying to push advertising on you, and they don't want their original address to be identified.
Some users find themselves receiving a lot of spam, even though they haven't told anyone else their email address. Often the assumption is that we've sold a list of email addresses.
We NEVER sell email addresses. We never disclose email addresses at our site to anyone else.
These emails probably have forged headers. With email, the underlying email protocol that actually delivers email is actually separate to what you see on the 'To' or 'Cc' line of the email. Most email programs generate them to be the same, but of course, spammers try and create deceptive headers as much as possible. This all dates back to when the Internet was small, and email was between trusted providers and people.
What we've seen recently is that spammers are sending email to <common-names>@fastmail.fm or <names-known-at-other-providers>@fastmail.fm.
We do everything in our power to stop SPAM and hate it as much as you do, but in these cases unfortunately, there's really not a lot we can do about this. If you are having spam problems, we recommend you look into our advanced spam filter.
Anyone can make emails appear to come from any account, it's called "header forging".
There are several reasons you may have received an email from someone you don't know:
Someone you know probably has the 'Klez' virus. A nasty piece of work that sends out emails to all the addresses in their address book, but also changes the 'From' address to a different address in their address book.
There are two main ways you can end up with one of these in your inbox.
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.e@mm.html
In addition, the worm searches the Windows address book, the ICQ database, and local files (such as .html and text files) for email addresses. The worm sends an email message to these addresses with itself as an attachment. The worm contains its own SMTP engine and attempts to guess at available SMTP servers.
The subject line, message bodies, and attachment file names are random. The from address is randomly chosen from email addresses that the worm finds on the infected computer.
Unfortunately, not a lot we can do about this since they're not being sent through out systems, and since the header is entirely forged, it's hard to find out exactly who has the virus and sent the original message.
Please send a link to this FAQ entry to postmaster@<thesite.com>, webmaster@<thesite.com>, abuse@<thesite.com> and support@<thesite.com>. You'll have to do it from a non-FastMail.FM account obviously...
Most sites that do block FastMail.FM claim that it's because they've received SPAM from us. In fact, it's almost impossible for spam to be sent from FastMail.FM because of our powerful spam blocking and rate limiting procedures. However, vengeful spammers regularly forge email headers to make it appear that email has come from our site to damage our reputation because of our strict anti-spam policies. This even has a term, 'joe job'.
http://www.cotse.com/11022000.html
It's important to realise that just because an email has '@fastmail.fm' in the 'From' address, this DOES NOT mean it's from our system. All spammers forge the 'From' address of emails. See these links:
http://www.rahul.net/falk/mailtrack.html
http://www.fastmail.fm/docs/faqparts/Email.htm#Spam
You'll even notice that a google search for "email header forging" even includes our site as a reliable reference of what header forging is and what it means:
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=email+header+forging
You will note that FastMail.FM is listed as a role-model for anti-spam by spam.org:
http://www.spam.org/anti-spam_policy.htm
FastMail.FM has contributed to the anti-spam community a wide range of anti-spam tools including rate limiters, Javascript deobfuscators, and much more, as well as actively contributing to databases such as ORDB and DSBL. FastMail.FM has probably the most sophisticated mail abuse blocking systems and technology in the world.
By blocking us, all you are doing is helping the spammers, and blocking one of the most reliable and trustworthy services around!
So what should be done? Well rather than using 'From' addresses for blocking, you should properly analyse the email to find the source, and block any open relays, or known spamming hosts.
Good information on spam analysis can be found at:
http://ddi.digital.net/~gandalf/spamfaq.html
http://www.spamcop.net/
You should also check out the main anti-spam news groups and their FAQ:
http://www.spamfaq.net/
news://news.admin.net-abuse.email
This is frequented by some of the world's best anti-spam campaigners.
Please check out the above information. Spamming is certainly the worst aspect of email on the Internet, but arbitrarily blocking an innocent provider is not the way to solve it.
The terms of service you signed up to specifically prohibit 'unsolicited commercial email'. Remember that even one complaint of an unsolicited email where the email clearly shows that it's 'commercial' is enough to break the terms of service, so you need to be careful.
An important first point: "it's impossible to purchase a list, and meet these terms. A user may have solicited communication from some company, but they didn't solicit it from you, they solicited it from the company you are purchasing the list from. Any time you purchase a list and email the address on it, you will always get complaints of unsolicited commercial email, and will be even open to legal action in some jurisdictions!
If you wish to use your FastMail.FM account for drumming up business, you may do so as long as it is to people that you have evidence solicited communication from your company. To ensure you have the necessary evidence, you will need to request a "confirmation email" from the person signing up. Your opt-in confirmation should be short and simple and contain some key information to confirm the source of the opt-in. The subject should be something like:
Subject: Confirmation of subscription to <list name> for <email address>
The text should be something like:
We have received a request to subscribe your email address, <email address>, to the <list name> mailing list. To confirm that your email address should be added to this list, click 'reply' and then click 'send', leaving the subject and message unchanged. If you do not want to sign up for this list, simply delete this message.
The request details are as follows:
Date: <date and time>
Email Address: <email address>
Request source: <url>
From IP: <source ip>
The all important details section shows the date and time that the opt-in request was made, the address that is being signed up, the URL that the request was made from, and the IP address of the PC that clicked that URL.
If you use this confirmed opt-in strategy, including providing the details of the source of the opt-in, and avoiding any advertising or promotion in the message itself, we would happy for you to use your FastMail.FM address in future messages to that user. So that we can confirm this in the case that one of your recipients claims that they did not opt-in, you should ensure that you do the following:
If you upgrade to Member, Full or Enhanced level service, tag lines will not be added to your emails. Also for Guests, if you change your signature to include the text "http://www.fastmail.fm" in the signature, a tag line will not be added.
You may send any kind of attachment, as long as the resulting email is under 10MB in size (due to encoding issues this usually means an attachment of 6M). Attachments with names of the form 'filename.doc.exe' are commonly used for virus transmission, because under Windows they are shown as 'filename.doc' (hiding the fact that it is an executable program). These types of attachments are blocked for this reason.
FastMail.FM does not carry mailing lists used to distribute binaries (e.g. images, MP3s, etc) for guest accounts. Messages to or from these lists will be rejected. Paid accounts do not have this limitation.
There are bandwidth limits dependent on your service level as detailed on the pricing details page.
There are limitations on sending and receiving emails designed to avoid mail abuse and keep FastMail.FM fast. Guests cannot send a message to more than 50 recipients at a time--simply send multiple messages with 50 recipients per message if you occasionally need to send to more people. Avoid sending more than 80 items in an hour (an item is one message to one recipient), and avoid having your email software check your email more than once every 5 minutes. If there are more than 200 logins to your account in an hour, you will be sent a warning mail. If the limit of 400 logins in an hour is crossed, your account will be locked up for an hour, and if it crosses 1000 logins an hour, your account will be locked up forever. For Guest users, these limits are kept at 130, 250 and 800 respectively. You will get a warning well before any action is taken, so keep an eye out on your mailbox if you're sending lots of email. Paid accounts have higher limits. If you approach these limits, you will get an email sent to your FastMail.FM address and to your backup address, which explains how to avoid the problem and what triggered it.
To forward all email as soon as it arrives, click Options, and then Define Rules. Scroll down to the section 'Automatic Notification/Forwarding' and type a single "*" in the 'For text matching' field and select 'Any Header' for the 'Look in' field. Enter the email address to forward to in the 'Forward to' field, choose whether or not to delete the original from FastMail.FM using the checkbox, and click 'Add'. Of course, you can choose just a subset of messages to forward by selecting criteria in the 'Look in' and 'For text matching' columns.
To forward mail after you've received it, check the boxes on the Mailbox screen for the emails to forward, select 'Redirect' from the Do Action popup, type the address to forward to, and hit the 'Do Action' button.
To reply to all email with a fixed response as soon as it arrives, click Options, and then Define Rules. Scroll down to the section 'Automatic notification/forwarding' and check the 'Enable vacation message' box. Type your auto-reply message in the 'Vacation message text' box.
Please ensure that you check in 'Personalities' that you have included all the email addresses you use in the 'Send From' section, since only messages to these addresses result in vacation replies being generated. Also, please note that only one reply will be sent to each sender address, each 3 days. This is to ensure that people sending messages to you do not get multiple identical auto-replies from you every day (which would get very annoying!) This does however make it a little hard to test your own auto-reply, since once you have tested it successfully once, you will get no further replies.
It depends on your membership level. You can see the details on the comparison page. These are the sizes of attachments you are allowed. Due to the way that emails are encoded, an email with 10M of attachments could use 14-15M of quota.
The server has a feature called 'duplicate delivery suppression'. Basically most messages have a unique identifier called the 'message id'. For each message that arrives for an account, the message id is noted. If a second message with the same id arrives, then it is 'suppressed'. This is used to stop infinite mail loops overloading your account or our system. However, it can result in odd behaviour where the same message arriving from different sources, only the first one will actually be delivered, the rest will be suppressed.
The server blocks a few emails with certain attachments due to security reasons. The blocked attachments are:
Delivered email goes through a number of steps. You can use the various transformations along these steps to help filter or understand how mail delivery occurs.
The steps are described here:
No. If you send an email via the FastMail.FM web-interface, one email header are added: 'X-Sasl-Enc', which includes two parts, separated by a space. These include a cryptographically secure encrypted version of your username. They allow us to correctly tell the account name an email was sent from if an email is reported as spam to us. These cannot be decoded by anyone but us. That way we can check who sent a particular mail in case of abuse. We can still track abusers, but don't give out the IP address of our customers.
Note that if you send via the SMTP server, then a standard Received: header is added, which will contain your IP address.
While your email is being processed, a number of headers are added.