
Free JSON API to instantly check the spam score of your email messages - alexknowshtml
http://spamcheck.postmarkapp.com/
======
alexknowshtml
If mail goes to spam while using Postmark, it's almost ALWAYS related to the
content. So we built this very simply tool to help you test the headers and
contents of your emails to make sure that they're scoring as well as possible
to go one step further in avoiding the spam folder!

We decided to offer it as a free API to make the world of email just a bit
better. We also built a simple single-page scoring tool for anyone to use even
if they're not API savvy.

Ideas and feedback are welcome!

~~~
DTrejo
This is great — now I can test my spamminess without needing to have an expert
look at it first :)

Update: would be nice to see a legend with the whole scale ratings possible.

~~~
orenmazor
The scale is actually just the SpamAssassin score. _Usually_ anything over 5
can cause delivery problems as the SpamAssassin daemon will mark it as spam.
keep in mind though that this is configurable and other people's servers can
set a different value. but from my experience, five seems to be the average.

------
darklajid
Help me out here: What is the target audience?

1) I don't know your app, but ran SA in the past. You can configure the hell
out of it. How is this test setup representable for the (that's the thing you
want to archive, I guess) spam filter configuration of the final recipient?

2) Aren't you basically offering a way to ~somewhat easily~ avoid being
flagged as spam, even for people with dark glasses and the tendency to sell
potent drugs over the internet? I somehow think that you're offering a nice
test setup to people that want to 'tune' their unsolicited emails first?

No offense intended, I guess I'm just too negative here? Would love to get
feedback on those things nevertheless.

~~~
orenmazor
Hey Benjamin,

1) This test is representative of our system. I realize that other systems can
be set up different with different settings. given that users of the Postmark
app send email through us, they might be interested to see what _we_ might
consider as spam.

2) The thing is that there are a lot of tests that spamd does that they can't
defeat, even if they're aware of them. security by obscurity isn't really how
spamd works anyway :)

and no, you're not at all negative. by all means, please feedback at us :)

~~~
darklajid
Thanks for getting back - and looking up my profile is - special. :)

1) Agreed. So it's ~accurate~ really only for recipients that would use your
service/the same configuration/classification, right? For everyone else this
is an approximation. With a nice api and some UI love, but still.

2) Agreed, a lot of things are unbeatable. But you yourself market this as
'most often the _content_ leads to classification as spam' solution. Everyone
can change the content, good guy and bad guy.

I'm not saying that the idea sucks and quite frankly someone involved into a
business that sends unsolicited mail should know the deal already, but I still
think that you're offering yet another testcase.

Security by obscurity is not the problem, the thing is: Can I create a client
for your API that randomly appends/prepends/inserts meaningful text into my
crap content and evaluate your opinion on my crap x times per second? You
commented elsewhere that you're not keeping my content, so - how are you going
to notice this abuse?

Okay, _NOW_ I'm too negative. Still - rate limit that stuff. :)

~~~
orenmazor
Thanks a lot. Now I'm going to spend half the evening writing a script to grab
random spam out of my gmail and using this API to try and automatically turn
spam into ham.

I bet siri can already do this.

~~~
darklajid
I'd expect her to answer with "I'm afraid I can't do that, Oren" - but give it
a try and good luck :)

------
redstripe
It could use a short privacy policy. Do you keep the email contents at all -
even in a log?

~~~
orenmazor
not in the live version, but you're right. I'm adding this to the todo list.

------
brdrak
This is very interesting, but I can't figure out how to use this in Bash, when
I try:

    
    
      xargs -I % curl -X POST "http://sa-api.postmarkapp.com/filter \
       -H "Accept: application/json" \
       -H "Content-Type: application/json" \
       -v \
       -d '{"email":"%", "options":"long"}' \
      <message
    

It seems contents of my email message file are processed one line at a time,
instead of the entire message passed in place of %

I'm using GNU bash, version 4.1.5(1)-release (x86_64-pc-linux-gnu)

EDIT: added indentation to fix display

~~~
jimktrains2
Please, man xargs if you aren't joking.

EDIT: Sorry if that came off harsh.

~~~
brdrak
No, I'm not joking. I guess I'm just really dense. I've also tried passing -L
100 in addition to -I, but the result is the same.

~~~
jimktrains2
Why are you using xargs to read to an entire entry? Why not set it as a var
and place it in the comment or take it as stdin?

~~~
brdrak
I've also tried this:

    
    
       msg=$(cat message)
       curl -X POST "http://sa-api.postmarkapp.com/filter" \
        -H "Accept: application/json" \
        -H "Content-Type: application/json" \
        -v \
        -d '{"email":"'"$msg"'", "options":"long"}'
    

But sa-api.postmarkapp.com returns "error"... :-(

~~~
orenmazor
oh no. I'm sorry! that's the previous url which we moved last minute.

I'm going to go through the doc again to make sure there's nothing else out of
place :/

~~~
brdrak
So I see you've updated the doc with a new hostname, but I still get an error,
so there's something obviously wrong with my method:

    
    
      msg=$(cat message)
      curl -X POST "http://spamcheck.postmarkapp.com/filter" \
        -H "Accept: application/json" \
        -H "Content-Type: application/json" \
        -v \
        -d '{"email":"'"$msg"'", "options":"long"}'
    
      * About to connect() to spamcheck.postmarkapp.com port 80 (#0)
      *   Trying 184.73.163.218... connected
      * Connected to spamcheck.postmarkapp.com (184.73.163.218) port 80 (#0)
      > POST /filter HTTP/1.1
      > User-Agent: curl/7.21.7 (x86_64-pc-linux-gnu) libcurl/7.21.7 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 libssh2/1.2.8 librtmp/2.3
      > Host: spamcheck.postmarkapp.com
      > Accept: application/json
      > Content-Type: application/json
      > Content-Length: 5229
      > Expect: 100-continue
      > 
      < HTTP/1.1 100 Continue
      < HTTP/1.1 500 Internal Server Error
      < X-Powered-By: Express
      < Content-Type: application/json
       < Connection: keep-alive
      < Transfer-Encoding: chunked
      < 
      * Connection #0 to host spamcheck.postmarkapp.com left intact
      * Closing connection #0
      {"error":{}}
    

Wonder if you've got any pointers on how to do this at the shell...

------
noinput
nice work. would be a great add-on to have a permalink to the score + results.
for example, client asks me to make his HTML newsletter, i cringe, create it,
test it and have a link to send him the score when he insists we use SA
negative words, and so on.

~~~
orenmazor
oh, I like this.

edit: would you want to see the _same_ results, or have it re-run every time
the link is loaded? because you could technically just copy paste the report
into pastebin…

~~~
noinput
Probably the results at the time of processing, mainly for the purpose of
sharing. Any further processing makes sense to re-run with a new email. That
also holds true to the fact you dont store the email contents. Agreed with
pastebin, just as easy to email the results as well, however might be a nice
feature that comes with some value to the site's purpose.

Enjoying the api, I may work on a little tool using it similar to the feature
request. thanks for sharing this with us.

------
ppadron
Nice! I have created something similar, called Konstati
(<http://konstati.co>), focusing on email marketers. So far it only tests
emails against Spamassassin, providing useful tips about each SA rule (still
only in portuguese, though).

I'm currently working on it to support W3C validation, link and image checkers
and email previews.

------
duck
Another tool to use for figuring out spam rules is always helpful. I actually
got hit by the Gmail spam filter with my Hacker Newsletter
(<http://www.hackernewsletter.com>) project last week. Checking that specific
email in the tool however shows it scored a -0.1. :) So, as with anything...
use this resource with care and make sure you do a lot of other testing as
well.

------
ido50
My Perl module WWW::Postmark now supports this API. The new version (0.3)
should be up on CPAN within a few short hours, as the CPAN servers sync.

------
manuscreationis
Would you consider putting some kind of resource on the site for explaining
some of the common results? For example, why the Text to Image ratio matters.

Also, I've tried a few emails: 1 of them ranked a 1.0, 2 of them a 0.4, but
all three times the little white dot was in the same position (at about 2:50,
if it were the face of a clock). Not sure if thats a bug or not.

~~~
efedorenko
SpamAssassin score could be in range from -1 (best) to 25 (worst). 0.4 and 1.0
is almost the same, so it's normal for white pointer to stay on the same
position.

~~~
manuscreationis
Oh, no kidding.

Thanks for that update

------
dmk23
The tool is nice but unfortunately it would miss the key spam score components
tied to IP reputation.

AWL (auto-white-list) is the most obvious rule, but many actual Spam Assassin
installs include plugins that rely on all kinds of 3rd party service.

Is the IP you are checking against the same as IP used to send your
transactional emails?

------
rkalla
Very cool guys, thanks for providing this. Would love to see some stats along
with the service over time.

~~~
orenmazor
what kind of stats would you be interested in seeing? how often people's tests
result in spam vs ham scores?

because while I can't see what people are testing, given that it's friday
afternoon, I'm betting there's a lot of "asdfasdf" going on :)

~~~
rkalla
I'd be curious of stats via the API as well as stats you guys are processing
on postmark as well. Not so much to change my life, but an impressive view
into the life of a processing system.

Starting with the type of stats you mentions is great... rates at which the
API is being called throughout the day overlapped with rates at which that
volume is spam.

I could envision a nice looking bar chart (green) for every hour showing the
standard volume bell curve ramping up at 6 am and back down around 4pm and
then overlayed on that is another set of bars (red) that show how much of that
mail was spam, and how much was (orange) ham or something like that.

Would just give a nice pizzaz to the service and by extension postmark I
imagine.

I suppose if you throw what I'm saying into a pot and boil it down, I want you
guys to become like Akismet. Every WordPress user knows what it is, everyone
uses it and when you find yourself in a non-wordpress environment you reach
for the Akismet APIs to help you out anyway.

I figure you guys can popularize postmark via a similar route.

------
magicalhobo
I find this API to be "0.0 excellent"

Cool idea, but what do the scores mean?

~~~
smokestack
<http://wiki.apache.org/spamassassin/HowScoresAreAssigned>

------
mattbillenstein
Hmm, cool -- compared my setup to this and figured out I was missing razor --
apt-get install razor and I should be rejecting more spam as we speak ;)

------
guyht
Anyone else have trouble reading the API? There is no contrast between the
text and the background.

~~~
efedorenko
Thanks for feedback! I already fixed this and it would be deployed soon.

------
mike-cardwell
Alternatively:

    
    
      apt-get install spamassassin
      cat email.txt|spamc -R

