Anti-Spam Tools

There are many anti-spam tools available. Some are available for free, and others are commercial products. Most anti-spam tools use more than one of the anti-spam techniques. SpamAssassin is the acknowledged leader of the free anti-spam tools and can perform as well as the commercial solutions.

SpamAssassin

SpamAssassin is a popular anti-spam tool that is now a top level project at the Apache Software Foundation.

How SpamAssassin Works

SpamAssassin is based on rules and uses a score-based system. There are a number of rules; each rule performs a test on the email, and each rule has a score. When an email is processed by SpamAssassin, it is tested against each rule. For each rule found to be 'true' for an email, the score associated with the rule is added to the overall score for that email. Once all the rules have been used, the total score for the email is compared to a threshold value. If the score exceeds the threshold, then the email is marked as spam.

SpamAssassin does not filter email, it only marks or 'tags' it. Another part of the email delivery system needs to be configured to examine the tags that SpamAssassin associates with email messages and react accordingly.

SpamAssassin rules are flexible. For example, a simple rule could search for the word 'Viagra' within an email, while a complex rule may involve comparing an email against an online database of spam. Each rule adds to the overall score, so an email that triggers only one rule due to the use of the word 'Viagra' will not necessarily mark an email as spam. However, if an email triggers several rules, it will have a combined score that could be over the threshold and the mail could be marked as spam.

Easy to Use

SpamAssassin is highly configurable. The system administrator or the individual user can have a large degree of control over how SpamAssassin filters spam from ham. If the user is willing to get involved, then nearly all configuration changes can be customized for each user. Additionally, the system administrator can alter settings on a system-wide basis.

Firstly, the overall threshold value that is used to determine whether an email is spam can easily be changed. This allows a great degree of control over how SpamAssassin differentiates between spam and ham.

In addition, the score for each rule can be changed. Each user and company receives different spam. SpamAssassin allows the user to tune SpamAssassin to detect spam more accurately. SpamAssassin is often fine-tuned by examining spam emails that get falsely marked as non-spam, and increasing the scores for the rules that these emails did trigger.

More powerfully, SpamAssassin allows the use of external anti-spam tools, such as open relay blacklists and spam content databases. These allow users of SpamAssassin to effectively collaborate in a large anti-spam network. Once an open relay has been detected, reported, and verified, SpamAssassin can use this information to mark spam.

Techniques Used by SpamAssassin

SpamAssassin uses the following anti-spam techniques:

• Keyword filters
• Open relay blacklists
• A statistical filter
• Email header analysis
• Negative rules
• Internal or local whitelists and blacklists
• Email content databases
• The Sender Policy Framework (SPF)

Finally, SpamAssassin allows system administrators and users to write their own rules. These rules are usually quite portable—they can be shared on websites and collaboratively developed on Internet newsgroups. Some rules developed by users are included in subsequent releases of SpamAssassin.