This documents headers specific to SurgeMail, this list is incomplete, if you see headers you want explained just email us and we'll update it 🙂
| X-Mash: sameip | Indicates the message has similar content and source ip address to a spam message. |
| X-Country: code=US country="United States" ip=104.140.143.54 | Uses a database to guess the country of origin based on the ip address, about 99% reliable. |
| X-Qnum: 1234 | The message que entry number (unique on this server) and used in all log entries |
| X-NotAscii: charset=XXXX | Records the charset used in the message if it's something special (other than plain ascii) |
| X-SpamContent: IsSpam | Simple content filter to try and detect 'spam like' messages |
| X-LangGuess: English | A guess at what language the email message is written in (not 100% accurate) |
| X-MyUrl: Color=Black found=izaprkg.com | NetWin's own url blacklist. |
| X-Phrase: IsSpam score=1.00 | Content filter based on popular spam phrases |
| X-Verify-Helo: -ERR missmatch: mail.izaprkg.com->104.206.192.217->.fake_nodots | Results of analysis of the 'helo' name from the sending server, the ip address should translate back to the name |
| X-MyRbl: Color=Unknown (rbl) Age=0 Spam=0 Notspam=0 Stars=0 Good=2 Friend=0 Surbl=0 Catch=0 r=0 ip=104.206.192.217 | Results from NetWin's database of ip addresses/history/reputation |
| X-IP-Stats: No info recorded yet ip=104.206.192.217 | Show local information about that ip address |
| X-Encryption: SSL encrypted | True if the message was sent to this host using SSL encryption |
| X-Dmarc: reject (or none or quarantine) | Exists if message passes DMARC/DKIM and has a dmarc rule. |
| X-UrlForgery: ... | Url appears to be pointing at a different domain than it claims |
| X-Triplet: ... | Records a match with previous spam/notspam message based on from/ip/subject matching |
| X-FromBadDom: True | True if the text part of the from header contains a domain name that isn't in the email address. |