Help center

Understanding Mail Blocking Options

Two powerful SMTP-level blocking systems for complete email control and privacy.

← Back to Support Documentation

🛡️ Two Powerful Blocking Systems

CodaMail provides two distinct but complementary blocking systems that work at the SMTP protocol level. This means blocked mail is rejected during the connection handshake with a “User Unknown” error, rather than simply being hidden from view. This approach has significant benefits:

  • 🚫 Effective Spam Prevention: Senders receive a “bounce” notification, encouraging them to remove your address from their lists.
  • 🚫 Reduced Server Load: Rejected mail is never processed or stored on our systems.
  • 🚫 Complete Privacy Control: You determine exactly which addresses can receive mail and which senders can contact you.

Let’s examine how each system works and how to use them effectively.

📭 System 1: Managing Catch-all Settings (Controlling Recipient Addresses)

The first blocking system controls which email addresses can receive mail. This is essential for managing your catch-all functionality, allowing you to enable or disable specific email addresses associated with your account.

How It Works

CodaMail allows you to have unlimited email addresses through account aliases and masked aliases. The Manage Catch-alls feature lets you control which of these addresses should actually receive mail.

When you read a message you’ll see an icon in the toolbar for Kill Alias. This lets you quickly add that address (or its bare alias) to your list. You’ll find the full list under Settings → Manage Catch-alls.

Choosing What You Are Looking At: the View Droplist

At the top of the screen is a View droplist. It sets which of your domains you are looking at:

  • All domains: Shows your complete list at once. Each entry carries a badge, Goldlist or Blocklist, telling you which mode its domain is in. Here you add a bare alias (a name matched at every one of your domains, e.g. newsletter) or a full email address (e.g. newsletter@example.com).
  • A specific domain: The droplist lists each of your account catch-alls, masked aliases and private domains. Pick one to see just its entries, set its mode, and add addresses to it by typing only the local part (the bit before the @).

Each Domain Has Its Own Mode

When you select a single domain, a Goldlist only switch appears. It sets how that one domain works, independently of every other domain:

  • Switch OFF (Default, Blocklist mode): All mail is accepted at this domain except the addresses you list, which are REJECTED. This lets you keep using the domain’s catch-all while shutting off specific addresses that start receiving spam.
  • Switch ON (Goldlist mode): ONLY the addresses you list are accepted at this domain; everything else is rejected. This turns that domain into a strict allow-list where you explicitly define which addresses can receive mail.

Because the mode is per-domain, you might run one masked-alias domain as a wide-open blocklist while locking another down as a goldlist, all from the same screen. The badges in the All domains view show each domain’s mode at a glance.

Warning: If you turn a domain’s Goldlist switch ON but don’t list any addresses for it, you will block ALL incoming mail to that domain. If you do this to your primary domain you will also block helpdesk communications.

🚫 System 2: Block List (Controlling Sender Addresses)

The second blocking system controls which senders can send mail to you, regardless of which of your addresses they’re trying to contact.

How It Works

When viewing a message, you can click the Block icon (skull and crossbones) at the top of the message view. This gives you options to block at different levels:

Block by Sender

  • Block just the email address: Only blocks mail from that specific sender address.
  • Block everything from subdomain.domain.tld: Blocks all mail from the specific domain and subdomain.
  • Block everything from domain.tld: Blocks all mail from that domain and all of its subdomains.
  • Block everything from TLD: Blocks any mail from any domain using that top-level domain (like .xyz, .info, etc.).

Block by Sending Server

Below the sender options, the Block menu also shows the mail server that delivered the message. This lets you block at the infrastructure level, which is useful when spammers change sender addresses but use the same mail servers:

  • Block sending server: Blocks the specific server hostname (e.g., mta-70-53-21.example.com).
  • Block all servers from domain: Blocks all servers under that domain (e.g., blocking example.com catches mta1.example.com, mta2.example.com, etc.).
  • Block all servers with TLD: Blocks all servers ending in that top-level domain.

Note: The sending server section only appears for mail received directly from external servers. It is not shown for mail fetched from other accounts, as the sending server in that case is your own mail server.

You can also manage your block list directly by going to Settings → Block List, where you can view your current blocks and add new ones manually.

Entry Format

You can add entries in several formats:

  • Email address: e.g., spammer@example.com, blocks a specific sender.
  • Domain: e.g., example.com, blocks all senders from that domain and its subdomains.
  • Top-level domain: e.g., xyz, blocks all senders from any domain ending in .xyz.
  • Server hostname: e.g., server:mail.spammer.com, blocks mail delivered by that server.
  • Server domain: e.g., server:spammer.com, blocks mail from any server under that domain.
  • Server TLD: e.g., server:ru, blocks mail from any server with that top-level domain.

TLD blocking is particularly powerful for blocking entire countries or categories of domains that are frequently sources of spam. A bare TLD entry (e.g., ru) blocks both senders and servers with that TLD. A server: prefixed TLD entry (e.g., server:ru) blocks only servers.

Note: When blocking a TLD, do not include the dot (e.g., use info not .info).

Wildcard Patterns

For more advanced blocking, you can use wildcard characters to match patterns across sender addresses:

  • * matches any number of characters (including none).
  • ? matches exactly one character.

This is useful for blocking categories of senders that the standard email, domain, and TLD formats cannot express. Wildcards match against the full sender address, so patterns can span both the name and domain parts.

Examples

  • spam*@example.com: Blocks any sender starting with “spam” at example.com (spam1, spambot, spammy, etc.).
  • *-newsletter@*: Blocks any sender ending in “-newsletter” at any domain.
  • *noreply*@*: Blocks any sender containing “noreply” anywhere in the address.
  • mta????-asia*@*.example.com: Blocks automated senders matching a specific naming pattern across subdomains.
  • user?@example.com: Blocks user1, user2, etc. but not user10 (since ? matches exactly one character).

Wildcards also work with server: entries for blocking mail servers that follow naming patterns:

  • server:mta-??-??-??.*.sparkpostmail.com: Blocks servers matching a numbered pattern across subdomains.
  • server:*.outbound.example.com: Blocks all outbound relay servers under a domain.

⚖️ Comparing the Two Systems

What They Control

  • Catch-all Settings: Controls which of YOUR addresses can receive mail.
  • Block List: Controls which senders and sending servers can deliver mail to you.

Primary Use

  • Catch-all Settings: Managing your many email identities.
  • Block List: Blocking spam sources, unwanted senders, and their mail servers.

Default Mode

  • Catch-all Settings: Each domain accepts all addresses except those you list (Goldlist switch OFF).
  • Block List: Always operates as a blocklist.

Where to Find

  • Catch-all Settings: Settings → Manage Catch-alls.
  • Block List: Message view Block icon or Settings → Block List.

🎯 Recommended Strategies

For Account Organization

Use the Catch-all Settings in the default Blocklist mode (Goldlist switch OFF) to disable specific addresses that start receiving spam. This allows you to continue using our powerful catch-all features while blocking problematic addresses.

For Spam Prevention

Use the Block List feature to aggressively block domains and TLDs that are frequent spam sources. For automated senders that use rotating addresses with predictable patterns, use wildcard entries to block them all at once. This can dramatically reduce spam volume while maintaining your ability to use many different email addresses.

For Maximum Privacy

Combine both systems: use masked aliases for different purposes, and if one starts receiving unwanted mail, block the specific senders with the Block List. If an alias becomes completely compromised, disable it through the Catch-all Settings.

🔒 Protocol-Level Blocking

What makes CodaMail’s blocking approach unique is that both systems operate at the SMTP protocol level, not just in your inbox. When a blocked sender attempts to contact you or when someone tries to email a disabled address, our server responds with a “User Unknown” error during the connection handshake.

This has several advantages over simply filtering messages:

  • Senders receive immediate feedback that the address is invalid, encouraging them to remove it from their lists.
  • Blocked messages never enter our system, reducing server load and storage usage.
  • No trace of blocked messages appears in your account, keeping your inbox clean.
  • More effective at stopping persistent spam because it breaks the sender’s delivery feedback loop.

This protocol-level approach reflects our commitment to giving you complete control over your email experience, not just hiding unwanted messages from view.