Fixing Mailcow's Spam Filter Once and For All

If you’re here because Mailcow’s spam filter is not working (or because obvious spam keeps landing in your inbox), this is for you.

First, a quick checklist to troubleshoot an existing Mailcow/Rspamd setup (so you know why the message got through). After that, I’ll show the fix I ended up shipping - a second layer that reliably catches this kind of junk.

Quick checklist: why Mailcow lets spam through (5 minutes)

1. Open the message in Mailcow and check Rspamd

   • Look at the total score and the symbols that triggered.
   • Check whether it was just under your Junk/Reject thresholds.

2. Check SPF/DKIM/DMARC

   • If SPF or DKIM passes and DMARC isn’t strict, a lot of spam looks “valid enough” to slip through.

3. Don’t overestimate Bayes learning

   • Training helps, but it needs volume and time. On smaller inboxes it can feel slow.

4. Thresholds might be too conservative

   • Many setups prefer avoiding false positives, so spam gets treated politely unless you tune scoring.

5. Some spam is mostly pattern-based

   • Display-name tricks, Reply-To mismatch, unicode weirdness - the stuff that looks obvious to humans, but doesn’t always score high.

If you do only one thing: read the Rspamd symbols on the spam that landed in Inbox. That usually answers the mystery instantly. But even though it clarifies why the mail was not sorted out as spam, it does not fix the problem magically and MailCow’s configuration has to be adjusted to your needs. Since I was not able to do that even after trying several things, I will explain you now how I fixed the problem in the end.

My desperate and unconventional way to fix the weak Spam filter

Jokes are often at the expense of others, but in decent conversation, we try not to cross the line from funny to insulting. Defining what is “too far” is subjective. Yet, there is a clear pattern: the more secure a person is in a certain domain, the less likely they are to feel insulted, and the easier they end up laughing at the accuser’s silly joke.

You see this dynamic everywhere. Think of the triathlete spending a fortune on a carbon bike seat that feels like a rock, the developer who spends weeks configuring Neovim instead of just opening VS Code, or me lacking webcam support on my laptop because the driver hasn’t been merged upstream yet. To an outsider, it looks like unnecessary pain, but to the person doing it, the struggle is part of the fun.H

However, we often misjudge what will actually trigger someone. Usually, it isn’t the struggles we choose for ourselves that make us defensive, but the things we feel powerless to change.

The Frustration of Mailcow’s Default Filter

My real source of frustration is our managed Mailcow instance. As the administrator, I take it personally when the system fails to block even the most trivial junk. It stings, especially when followed by comments like, “My private Gmail never has these problems, but it’s great that we have to use this ‘Open Source’ solution.”

Even if those comments are friendly jabs from tech-savvy colleagues, it still triggers me to a certain extent. Despite strictly instructing the team to train the spam filter by moving messages to Junk or forwarding them to spam@… (which triggers the Rspamd learning process), the system simply isn’t adapting fast enough.

I am no email hosting expert—that is exactly why we pay for a managed service—but I find it hard to believe that default filters are this bad at catching obvious patterns.

This is the latest example from “💬Rebeca💌” which made it into the inbox on Dec 20, 2025:

Why Standard Spam Rules Miss the Obvious

As a disclaimer: I have no deep expertise in how email protocols work under the hood. That is exactly why we pay for a managed Mailcow instance; I assume there should be acceptable default settings that handle the basics.

But looking at the headers in the screenshot below, it is frustrating to see that standard filtering rules sometimes miss what is clearly junk. This isn’t even the cheap, LLM-generated cold outreach that is becoming hard to detect—this is just old-school, obvious garbage.

In my head, I kept thinking that even the “dumbest” AI model would instantly realize this is spam. I really just wanted a service that lets me run a custom LLM prompt over every incoming email to categorize it exactly how I want—whether that is Spam, Marketing, or specific work topics.

Yes, routing email through an LLM might seem like a heavy-handed approach to solving a spam problem, but I don’t have the expertise to tinker with the mail server internals or the time to go back and forth with support. Furthermore, we can use this approach to filter mails according to specific projects or urgency, which is also becoming a necessity.

However, I couldn’t just sign everyone up for an existing email organizer tool. The whole reason we self-host is for data sovereignty. If we started sending every single company email to a third-party startup to be harvested, we could just as well use Gmail for Business.

The Solution: An LLM-Powered Spam Filter

So, over the Christmas break, I finally sat down to build a fix. I put together a tool that connects to our accounts and uses an LLM to sort mail based on a simple prompt—nothing too crazy, but it worked.

I spent some time cleaning up the UI for my colleagues, specifically designing it so they could connect their own LLM endpoints. This was the key: we get the intelligence of AI, but because we plug in our own API keys (or local endpoints), we don’t have to worry about a third party storing our data.

Once the interface was done and the hosting was set up for the team, I figured I might as well open it up to the public. I’m already a co-founder of a company, and once you’re in that headspace, you forget how to build something useful without putting a checkout process on it. It’s just a habit at this point.

I called it email-filter.ai—partly to finally silence those jokes about my inbox, but mostly because it turned into a really solid tool.