How it works

• Create user provisions a mailbox and the default folders x402.Pending and x402.Spam after the x402 account-creation payment is completed.
• New inbound mail is checked against local message memory first. A strong match in INBOX can short-circuit straight to INBOX, and a strong match in x402.Spam can short-circuit straight to x402.Spam.
• Remote spam check only runs when local memory does not already make the decision. Messages stamped verdict=spam go to x402.Spam and are marked seen.
• All other stamped mail goes to x402.Pending, where you can review new or uncertain mail before trusting the sender.

The inbound checker sends only From, optional Reply-To, and a sanitized Subject to the configured remote email-spam-check endpoint. The body is not sent.

That remote service returns a structured verdict such as spam, notspam, uncertain, or error, which is stamped onto the message as X-CTJ-Spam-Check and then routed by Dovecot/Sieve.

If local message memory already has enough confidence, the paid remote check is skipped. This keeps repeat-good mail flowing to INBOX and repeat-spam flowing to x402.Spam without paying for the same decision over and over.

Inbound spam-check charges are server-side operating cost paid by this mail system's configured wallet, not a mailbox-owner action on this page.