Content Filtering
Content filtering is the part of spam detection that analyses the actual content of a message, its subject line, body text, links, images, and HTML, to judge whether it looks like spam. It is one input into a larger spam filter that also weighs reputation and authentication. Content filtering scores patterns spammers tend to use, from phishing links to obfuscated HTML, and adds that risk to the overall verdict.
- Analyses the message itself: subject, body, links, images, and HTML
- One signal within a broader spam filter, not the whole decision
- Flags phishing links, deceptive wording, and obfuscated HTML
- A clean reputation does not excuse content a filter distrusts
What content filtering examines
Where reputation filtering asks “who sent this?”, content filtering asks “what is in it?” It parses the message and scores the parts spammers most often abuse:
- Links. URLs are checked against reputation and phishing blocklists; a link to a known-bad domain is one of the heaviest single penalties a message can carry.
- Wording. Subject lines and body text are scored for deceptive or high-pressure phrasing and patterns statistically associated with spam, rather than any one banned word.
- HTML and structure. Obfuscation tricks (hidden text, mismatched colours, broken or disguised markup) and a very low text-to-image ratio all raise the score, because they mirror techniques used to slip past filters.
- Attachments. File types and contents are inspected for malware and risky formats.
How it fits the bigger filter
Content filtering rarely decides a message’s fate on its own. It is one contributor to a combined score inside the spam filter, sitting alongside IP reputation, domain reputation, authentication results, and, at the big providers, recipient engagement. A scoring engine such as SpamAssassin assigns points to content rules (a low text-to-image ratio, a link on a phishing list) and totals them with everything else.
That interplay cuts both ways. Excellent content cannot rescue a message from a sender with a terrible reputation, and a trusted sender still gets penalised for genuinely abusive content. Modern providers increasingly use learned classifiers rather than fixed keyword lists, so content filtering reacts to overall structure and intent more than to individual words.
Writing mail that clears content filters
The goal is to avoid resembling the spam the filter is trained on:
- Keep a healthy text-to-image ratio. An all-image email with almost no real text is a classic spam pattern; balance images with genuine copy.
- Use clean, honest links. Link to domains with a good reputation, avoid link shorteners that hide the destination, and never point at anything on a phishing list.
- Write a straight subject line. Skip the all-caps, the wall of exclamation marks, and the bait-and-switch between subject and body.
- Send valid HTML. Broken markup, hidden text, and mismatched colours read as obfuscation. Keep the HTML clean and include a plain-text alternative.
None of this substitutes for the bigger levers. Content is the smaller part of the verdict, so pair good content with strong authentication and a clean reputation; the improving email deliverability guide covers how the pieces combine.
Content filtering vs reputation filtering
| Content filtering | Reputation filtering | |
|---|---|---|
| Question it asks | What is in the message? | Who is sending it? |
| Looks at | Subject, body, links, HTML | IP and domain history, blocklists |
| Changes per message | Yes | No, it tracks the sender |
| Fixable by editing copy | Often | No |
| Weight in modern filters | Secondary | Primary |