How it works
Outbound Filtering works like a credit score for email senders. Every user, application, or script that sends mail through MailChannels builds a reputation score over time. The system tracks each sender individually, so a compromised WordPress plugin or a single hijacked user account can be isolated and shut down without affecting everyone else on your server. When you point your mail server at MailChannels as a smart host, every outbound message passes through the filter before it reaches the recipient. MailChannels delivers the message, removes spam, and manages IP blocklisting on your behalf.Compromised account detection
Spammers constantly search for new resources to exploit — through phishing attacks, malware, and web application vulnerabilities. Because you cannot reliably prevent every compromise, Outbound Filtering watches the email these compromised accounts generate and shuts them down automatically. The system uses several techniques to identify compromised senders:- Spam signature matching — Each message is checked against a real-time database of known spam signatures. A sudden uptick in matched messages can trigger rate-limiting or blocking for that sender.
- Volume and behavioral statistics — MailChannels tracks dozens of per-minute statistics for every sender: message volume, suspicious content patterns, recipient validation failures, and more. Unusual trends surface spammers before significant damage occurs.
- External reputation databases — The system consults domain and IP reputation services to flag messages connected to known spam operations.
- Receiver feedback analysis — MailChannels monitors responses from recipient mail servers. Negative feedback can identify a compromised sender even before other signals appear.
Notifications
When Outbound Filtering detects a compromised sender, the message is rejected automatically during the SMTP transaction. The sender receives a non-delivery report containing an error code that can be used for troubleshooting. If you have configured Monitors, a notification is also sent to alert you — so you can investigate and remediate the root cause, for example by disabling a user account or deactivating a vulnerable plugin. Notifications can be delivered as human-readable emails or as webhook calls.Multi-password support
You can create multiple SMTP passwords for a single account — one per server if you choose. If a server is compromised, you retire its password with a single click without disrupting any other servers.Multi-user support
Outbound Filtering supports unlimited web console logins. You can assign regular or administrator access levels, making it straightforward to give your support team read access while reserving administrative controls for senior staff.Email management features
- Log Search — Every delivery attempt is logged. You can search months of logs in seconds through the Host Console to diagnose delivery problems or answer questions from your users.
- Insights — When a message is rejected, Outbound Filtering generates a non-delivery report (NDR) with a link to an Insights page. Users can review their own sending history and often resolve delivery issues without contacting your support team.
Domain Lockdown
Domain Lockdown is an optional but strongly recommended DNS-based security feature. Adding a_mailchannels TXT record to your DNS ties your domain to your MailChannels account, preventing other MailChannels customers from sending email that appears to come from your domain. See Domain Lockdown for setup instructions.
What to do next
Configure your mail server
Point your MTA at MailChannels as a smart host and configure SMTP authentication.
Set up SPF records
Add MailChannels to your SPF record to authorize outbound delivery from your domains.
Monitors and alerts
Configure email or webhook notifications for compromised account events.
Webhooks
Automate account shutdown by sending real-time alerts to your own systems.
Domain Lockdown
Restrict which MailChannels accounts are authorized to send from your domain.