TweetFollow Us on Twitter

Review: SpamAssassin

Volume Number: 19 (2003)
Issue Number: 6
Column Tag: Reviews

Review: SpamAssassin

Regaining Control of your Inbox

by Vicki Brown

Ready, aim, fire!

Separating the Wheat from the Chaff

The popularity of the Internet, plus increases in connectivity (and email access), has given rise to a corresponding avalanche of spam. We all know what spam is - unsolicited junk email offering goods or services that we don't want, don't need, and often didn't want to know existed! We all agree that we would like less of it. Failing that, how can we wade through it, manage it, and delete it without losing our desirable mail (or our minds) in the process?

Many "solutions" have been proposed to deal with the spam problem. These range from anti-spam filters integrated inside email applications (e.g., the junk mail filters in Apple's Mail) to standalone products of various levels of complexity, ease of use, effectiveness, and cost.

My current solution of choice is SpamAssassin (http://www.spamassassin.org), in combination with procmail (http://www.procmail.org). I post-process the results through my desktop email client, (Eudora), for a very powerful and accurate spam-killing solution.

SpamAssassin provides many features, including:

  • user-configurable spam score threshold

  • ability to re-write Subject lines

  • user-configurable filters, using Perl regular expressions

  • modification of existing Spam scores

  • use of statistical, "Bayesian" analysis

  • "auto-learning"

  • optional use of DNS blacklists (e.g., Real-time Blackhole List)

  • optional use of Network Checksum Tests (services that compare message checksums to known spam)

  • "whitelists" (From addresses that are considered OK)

  • Accepted message languages

Note that SpamAssassin and procmail both run on the server side (where mail is originally delivered), not on the client side (i.e., usually not on the desktop) and neither has a GUI front end or a particularly "user-friendly" configuration mode. If you, or your users, are not technically inclined, I recommend that you choose a different path. However, if you enjoy tinkering, have some understanding of regular expressions (e.g., you've used Perl) and like to work with text-based configuration files, you will find the SpamAssassin/procmail combination to be powerful, flexible and, more important, accurate.

Configuration

SpamAssassin comes pre-configured with a large set of tests that it will perform on all incoming mail. In addition, you can add new tests, skip tests, raise or lower the "score" assigned by a given test or, using procmail, cause some mail to skip SpamAssassin altogether. Goto http://www.spamassassin.org/doc.html to see more detailed documentation. You'll even find a pointer, at that URL to a SpamAssassin configuration generator tool, designed to make it easier to customize an installation of SpamAssassin with some common options.

Much of the power of SpamAssassin comes from its configurability, its use of Perl regular expression pattern matching, and its interaction with procmail.

For example, many spammers have started adding ever-changing sets of numbers to the ends of subject lines, to fool the simpler junk mail filters. One GUI-based anti-spam application I tried had a set of filters designed to try to catch mail of this form. The filters looked like this:

   if Subject ends in 0
or if Subject ends in 1
or if Subject ends in 2
...
or if Subject ends in 9

This is rather cumbersome; worse, it doesn't handle the spammers who throw in a space at the very end. SpamAssassin's approach is both shorter and more flexible. This regular expression matches any digit, followed by 0 or more whitespace characters, at the end of the Subject line.

Subject =~ /\d\s*$/

SpamAssassin's interaction with procmail also allows me to specify whether mail is even sent through the SpamAssassin filters. For example, I can specify that mailing list messages should be delivered directly. This procmail recipe checks the message headers for one that matches the given Reply-to string, sending mail from the SpamAssassin-Talk list to my pre-defined default mailbox, without further processing.

:0 H
* ^Reply-to:.*spamassassin-talk
$DEFAULT

Results

SpamAssassin doesn't actually delete any spam. Instead, it tags each piece of mail it processes with a set of headers, e.g.,

X-Spam-Status: Yes, hits=6.2 required=2.5
tests=AWL,CLICK_BELOW,FREE_TRIAL,HTTP_WITH_EMAIL_IN_URL,
spam_PHRASE_05_08,VLB_spam_OFFER_4,VLB_TO_NOT_NAME,WEB_BUGS
version=2.43
X-Spam-Flag: YES
X-Spam-Level: ******
X-Spam-Checker-Version: SpamAssassin 2.43 (1.115.2.20-2002-10-15-exp)

X-Spam-Flag is a simple Boolean; if a message is considered potential spam, the flag is set (and the value is YES). X-Spam-Level provides more information; one "*" is given for each integer value of the spam score. X-Spam-Status provides full scoring information as well as which tests passed. Note that some tests raise the spam score while others are designed to lower it. After all tests have been run, the resulting score is compared to a (user configurable) threshold. If the score exceeds the threshold, the message is tagged as spam.

The user gets to decide how to handle the mail after it's been processed and tagged. One possibility is to continue processing with procmail. For example, the SpamAssassin docs assert that mail with a score of 15 or higher is almost certainly spam (with 0.05% false positives, according to SpamAssassin's rules/STATISTICS.txt file). After some use, I decided to lower this cutoff even more. I have configured procmail to delete any mail tagged with a Spam score of 10 or higher, using the following recipe:

:0:
    * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*
    /dev/null

Other than that, all remaining mail is delivered. I have occasionally found false positives in mail with scores of less than 10; I want to check that mail by eye.

Here's where my third tool comes in. I use Eudora as my mail application and make extensive use of Eudora's filter mechanism to post-process my potential spam. I separate potential spam by mailboxes and labeling, based on certain criteria such as whether the message contains my full name (or only my email address), how high the spam score is, and any other interesting criteria. I scan the "Junk" mailboxes a few times a day, pull out false positives (setting new filters to catch those the next time!), and trash the real junk.


Installation

This is only a review, not a tutorial, so the installation section will hand wave a lot. You'll need a server machine running some variant of *nix (e.g., FreeBSD, Linux, or Mac OS X). If your server runs Mac OS X, you'll need to make sure it has been configured to deliver mail locally (e.g., using sendmail or qmail). How to set up a server is beyond the scope of this review.

You should also note that, although SpamAssassin can be run without procmail, its flexibility (and power) increases when it is used in conjunction with procmail. SpamAssassin does not include code to handle local mail delivery; it relies on procmail (or something else) for delivery. Unless you know that a reliable "something else" is available, use procmail.

Procmail may already be on your server; it is pre-installed on most *nix systems these days (use whereis procmail or locate procmail to check, then read the documentation to determine how to configure procmail for your server situation). If it's not pre-installed, download and build procmail from the procmail.org web site.

SpamAssassin is probably not pre-installed on your system; however, installation is simple. In fact, you'll probably be able to install it without first downloading the archive. SpamAssassin is written as a Perl module; the easiest way to install it is by using Perl's CPAN shell (from the command line, as root):

perl -MCPAN -e shell 
o conf prerequisites_policy ask
install Mail::SpamAssassin
quit

Alternatively, you can always download the latest archive from spamassassin.org, then build and install SpamAssassin according to the documentation. If you have any problems, be sure to read the Installation notes on the SpamAssassin site. Check the documentation for more information on configuration, as well as useful options.

Summary

If you're looking for a powerful, flexible, and accurate solution to the spam problem, I recommend that you consider the team of SpamAssassin and procmail. Both programs are free and come with example recipes and suggestions for how to use them to your best advantage. Each has a support community that you can draw upon for assistance and ideas, as well as mailing lists to keep you informed. If you have a server on which to install it (note that SpamAssassin can be installed server-wide or on a per-user basis) and know (or are willing to learn about), regular expressions, SpamAssassin may be the spam-killing tool you've been looking for. Give it a try.

References


Vicki Brown

 

Community Search:
MacTech Search:

Software Updates via MacUpdate

Shadow Blade: Reload guide - How to hack...
Shadow Blade: Reload is the kind of action-platformer that would have happily sucked up hours of your time on a console a few years back.Now, you can take it with you wherever you go, and its mobile conversion is not too shabby at all. To help you... | Read more »
Tomb of the Mask guide - How to increase...
Tomb of the Mask is a great endless arcade game from Happymagenta in which quick reflexes and a persistent attitude can go a long way toward earning a top score. Check out these tips to see if you can give yourself an edge on the leaderboards. [... | Read more »
Smooth Operator! (Games)
Smooth Operator! 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: Smooth Operator is a weird, weird two-player kissing game. Squeeze in for 2 player fun on a single iPad, creating awkward... | Read more »
Sinless: Remastered (Games)
Sinless: Remastered 1.0 Device: iOS Universal Category: Games Price: $1.99, Version: 1.0 (iTunes) Description: | Read more »
_PRISM Guide - How to solve those puzzle...
_PRISM is a rather delightful puzzle game that’s been tailor made for touch screens. While part of the fun is figuring things out as you go along, we thought we’d offer you a helping hand at getting in the right mindset. Don’t worry about messing... | Read more »
Fractal Space (Games)
Fractal Space 1.3.1 Device: iOS Universal Category: Games Price: $.99, Version: 1.3.1 (iTunes) Description: Live the memorable experience of Fractal Space, a unique first person adventure & puzzle game by Haze Games! Will you... | Read more »
Set off on an adventure through the Cand...
Like match three puzzlers? If so, Jelly Blast, the innovative iOS and Android game which launched last year, is worth a look. Jelly Blast sees you head off on an epic adventure through the Candy Kingdom with your friends Lily, Mr. Hare, and Mr.... | Read more »
Ellipsis - Touch. Explore. Survive. (...
Ellipsis - Touch. Explore. Survive. 1.0 Device: iOS Universal Category: Games Price: $2.99, Version: 1.0 (iTunes) Description: | Read more »
Abzorb (Games)
Abzorb 1 Device: iOS Universal Category: Games Price: $2.99, Version: 1 (iTunes) Description: Abzorb is a tilt game about consuming orbs by getting as close as you can to them without touching. By tilting your mobile device, collect... | Read more »
A Short Tale (Games)
A Short Tale 1.0 Device: iOS Universal Category: Games Price: $3.99, Version: 1.0 (iTunes) Description: It’s been years since I lost Ben, so long yet it doesn’t seem long enough. I never thought I’d return here, to where everything... | Read more »

Price Scanner via MacPrices.net

cb Hardcase – Handmade and Premium Protective...
Baden-Baden, Germany based company cb innovations has introduced the new cb Hardcase for iPhone. Featuring fine Italian Premium leather that makes for a unique look and feel, the cb Hardcase... Read more
Sale! B&H Photo offers 12-inch Retina Mac...
B&H Photo has 12″ Retina MacBooks on sale for $300 off MSRP for a limited time. Shipping is free, and B&H charges NY tax only: - 12″ 1.1GHz Gray Retina MacBook: $999 $300 off MSRP - 12″ 1.... Read more
App Annie Reveals Future of the App Economy:...
App Annie, a San Francisco based mobile app data and insights platform, has launched its first comprehensive app economy forecast. This new offering will provide brands, agencies, investors and app... Read more
Apple restocks Certified Refurbished Mac mini...
Apple has restocked Certified Refurbished 2014 Mac minis, with models available starting at $419. Apple’s one-year warranty is included with each mini, and shipping is free: - 1.4GHz Mac mini: $419 $... Read more
What iPad Pro Still Needs To Make It Truly Pr...
I love my iPad Air 2. So much that I’m grudgingly willing to put up with its compromises and limitations as a production tool in order to take advantage of its virtues. However, since a computer for... Read more
21-inch 3.1GHz 4K on sale for $1399, $100 off...
B&H Photo has the 21″ 3.1GHz 4K iMac on sale $1399 for a limited time. Shipping is free, and B&H charges NY sales tax only. Their price is $100 off MSRP: - 21″ 3.1GHz 4K iMac (MK452LL/A): $... Read more
Apple price trackers, updated continuously
Scan our Apple Price Trackers for the latest information on sales, bundles, and availability on systems from Apple’s authorized internet/catalog resellers. We update the trackers continuously: - 15″... Read more
Save up to $240 with Apple Certified Refurbis...
Apple is now offering Certified Refurbished 12″ Retina MacBooks for up to $240 off the cost of new models. Apple will include a standard one-year warranty with each MacBook, and shipping is free. The... Read more
Apple refurbished 13-inch Retina MacBook Pros...
Apple has Certified Refurbished 13″ Retina MacBook Pros available for up to $270 off the cost of new models. An Apple one-year warranty is included with each model, and shipping is free: - 13″ 2.7GHz... Read more
Apple refurbished Time Capsules available for...
Apple has certified refurbished Time Capsules available for $120 off MSRP. Apple’s one-year warranty is included with each Time Capsule, and shipping is free: - 2TB Time Capsule: $179, $120 off - 3TB... Read more

Jobs Board

Infrastructure Engineer - *Apple* /Mac - Rem...
…part of a team Requires proven problem solving skills Preferred Additional: Apple Certified System Administrator (ACSA) Apple Certified Technical Coordinator (ACTC) Read more
Lead Engineer *Apple* OSX & Hardware -...
Lead Engineer Apple OSX & Hardware **Job ID:** 3125919 **Full/Part\-Time:** Full\-time **Regular/Temporary:** Regular **Listed:** 2016\-02\-10 **Location:** Cary, Read more
*Apple* Mobile Master - Best Buy (United Sta...
Job Title Apple Mobile Master **Brand** Best Buy **Job Description** **What does a Best Buy Apple Mobile Master do?** At Best Buy, our mission is to leverage the Read more
Infrastructure Engineer - *Apple* /Mac - Rem...
…part of a team Requires proven problem solving skills Preferred Additional: Apple Certified System Administrator (ACSA) Apple Certified Technical Coordinator (ACTC) Read more
Lead Engineer - *Apple* OSX & Hardware...
Lead Engineer - Apple OSX & Hardware **Job ID:** 3125919 **Full/Part\-Time:** Full\-time **Regular/Temporary:** Regular **Listed:** 2016\-02\-10 **Location:** Cary, Read more
All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.