You are previewing SpamAssassin.
O'Reilly logo
SpamAssassin

Book Description

Overview of SpamAssassin: A practical guide to integration and configuration

  • Implement the right antispam solution for your network and your business requirements

  • Learn how to detect and prevent spam

  • Optimize SpamAssassin for all major mail servers and clients

  • Discover how to use SpamAssassin as a service

  • In Detail

    As a busy administrator, you know Spam is a major distraction in todays network. The effects range from inappropriate content arriving in the mailboxes up to contact email addresses placed on a website being deluged with unsolicited mail, causing valid enquiries and sales leads to be lost and wasting employee time. The perception of the problem of spam is as big as the reality. In response to the growing problem of spam, a number of free and commercial applications and services have been developed to help network administrators and email users combat spam. Its up to you to choose and then get the most out of an antispam solution. Free to use, flexible, and effective, SpamAssassin has become the most popular open source antispam application. Its unique combination of power and flexibility make it the right choice. This book will now help you set up and optimize SpamAssassin for your network.

    Spam has become a serious problem for businesses, wasting employees time and costing millions of dollars. To combat this growing problem, a number of applications and services have been developed, and SpamAssassin is one of the most effective and popular open source solutions. Free to use, flexible, and effective, SpamAssassin has become the most popular open source antispam application. Its unique combination of power and flexibility make it the right choice. This book will now help you set up and optimize SpamAssassin for your network. As a system administrator, its down to you to implement, configure, and adapt SpamAssassin to fight the Spam War. Fortunately, in SpamAssassin you chose well. Its power and flexibility make it a potent tool. However you also know that any flexible application is only as good as how its set up and configured. This book is a comprehensive guide to the features, options, and implementation strategies you need to get the most of out SpamAssassin.

    Table of Contents

    1. SpamAssassin
      1. SpamAssassin
      2. Credits
      3. About the Author
      4. About the Reviewers
      5. Introduction
        1. What This Book Covers
        2. What You Need for Using This Book
        3. Conventions
        4. Reader Feedback
        5. Customer Support
        6. Downloading the Example Code for the Book
        7. Errata
        8. Questions
      6. 1. Introducing Spam
        1. Defining Spam
          1. Definitions
          2. The History of Spam
          3. Spammers
        2. The Costs of Spam
          1. Costs to the Spammer
          2. Costs to the Recipient
        3. Spam and the Law
        4. Summary
      7. 2. Spam and Anti-Spam Techniques
        1. Spamming Techniques
          1. Open Relay Exploitation
          2. Collecting Email Addresses
          3. Hiding Content
          4. Statistical Filter Poisoning
          5. Unique Email Generation
          6. Trojanned Machines
        2. Anti-Spam Techniques
          1. Keyword Filters
          2. Open Relay Blacklists (ORBLs)
          3. ISP Complaints
          4. Statistical Filters
          5. Email Header Analysis
          6. Non-Spam Content Tests
          7. Whitelists
          8. Email Content Databases
          9. Sender Validation Systems
          10. Sender Policy Framework (SPF)
        3. Spam Filtering Services
          1. Collect and Forward
          2. Collect and Return
          3. Send and Forward
          4. Choosing an Anti-Spam Service Provider
          5. ISP-Provided Services
        4. Anti-Spam Tools
          1. SpamAssassin
            1. How SpamAssassin Works
            2. Easy to Use
            3. Techniques Used by SpamAssassin
        5. Summary
      8. 3. Open Relays
        1. Email Delivery
        2. Open Relay Tests
          1. Automated Open Relay Testers
          2. Manual Open Relay Testing
        3. MTA Configuration
          1. Sendmail
            1. Sendmail Versions 8.9 and Above
            2. Sendmail Versions Below 8.9
          2. Postfix
            1. The mynetworks Configuration Directive
            2. The relay_domains Configuration Directive
          3. Exim
            1. Exim Configuration Parameters
          4. qmail
        4. Summary
      9. 4. Protecting Email Addresses
        1. Websites
          1. Alternative Character Representations
          2. JavaScript
        2. Usenet
        3. Trojan Software
        4. Mailing Lists and Archives
        5. Registration for Websites
          1. Tracking Email Address Usage
            1. Sendmail Plus Technique
          2. Rogue Employees
        6. Employees
        7. Business Cards and Promotional Material
        8. How Spammers Verify Email Addresses
          1. Web Bugs
        9. Summary
      10. 5. Detecting Spam
        1. Content Tests
        2. Header Tests
        3. DNS-Based Blacklists
        4. Statistical Tests
        5. Message Recognition
        6. URL Recognition
        7. Examining Headers
          1. Faked Headers
        8. Reporting Spammers
        9. Valid Bulk Email Delivery
        10. Summary
      11. 6. Installing SpamAssassin
        1. Building from Source
          1. Prerequisites
            1. Checking Current Configuration
            2. Installing Perl
            3. Installing CPAN
          2. Testing for a C Compiler
        2. Using CPAN
        3. Installing by Hand
        4. Resolving Build Failures
        5. Packaged Distributions
          1. RPM
          2. Debian
          3. Gentoo
          4. Other Formats
          5. Windows
        6. Verifying the Installation
        7. Upgrading
        8. Uninstalling
          1. Uninstalling from Source
            1. Using CPANPLUS
          2. Other Packages
          3. Uninstalling on Windows
        9. SpamAssassin Components
          1. Executables
          2. Perl Modules
          3. Documentation
        10. Summary
      12. 7. Configuration Files
        1. Configuration Files
          1. Standard Configuration
          2. Site-Wide Configuration
          3. User-Specific Configuration
        2. Rule Files
          1. Rules
          2. Scores
        3. Summary
      13. 8. Using SpamAssassin
        1. SpamAssassin as a Daemon
          1. Creating a User Account
        2. SpamAssassin and Procmail
          1. Testing for Procmail
          2. Obtaining and Installing Procmail
          3. Configuring Procmail
          4. MTA Configuration
            1. sendmail
            2. Postfix
            3. Exim
            4. qmail
          5. Configuring User Accounts
          6. Site-Wide Procmail Usage
        3. Integrating SpamAssassin into the MTA
          1. Sendmail
            1. Sendmail Milter Support
          2. MIMEDefang
          3. Postfix
          4. Exim
          5. qmail
        4. Testing and Troubleshooting
          1. Check the MTA
            1. Further Diagnosis
        5. Rejecting Spam
        6. Summary
      14. 9. Bayesian Filtering
        1. Scoring
        2. Training
        3. Confirming Operation
        4. Filter Training
          1. User Involvement
          2. Local Users
          3. Unlearning
          4. Auto-learn Thresholds
          5. Bayesian Database Files
          6. Removing a Bayesian Database
          7. Sharing a Bayesian Database
        5. Disabling Bayesian Filtering
        6. Summary
      15. 10. Look and Feel
        1. Headers
          1. Changing Headers
          2. Creating Headers
          3. Removing Headers
        2. Reports
          1. Enabling and Disabling Reports
          2. Changing Reports
        3. Subject Rewriting
        4. Summary
      16. 11. Network Tests
        1. RBLs
        2. SURBLs
          1. SpamAssassin 2.63
        3. Vipul's Razor
          1. Installing Razor
          2. Configuring Razor
          3. Configuring SpamAssassin
          4. Testing Razor
        4. Pyzor
          1. Installing Pyzor
          2. Configuring Pyzor
          3. Configuring SpamAssassin
          4. Testing Pyzor
          5. Pyzor Headers
        5. DCC
          1. Installing DCC
          2. Configuring SpamAssassin
          3. Testing DCC
          4. DCC Headers
        6. Spamtraps
          1. Choosing a Spamtrap Address
          2. Baiting the Spamtrap
          3. Configuring the Email Account
        7. Summary
      17. 12. Rules
        1. Writing Rules
          1. Rules Performance
          2. Meta Rules
          3. Writing Positive Rules
            1. Examples of Positive Rules
          4. Rawbody Rules
            1. Using a Corpus to Test Rules and Scoring
            2. Corpus Development
            3. The Public Corpus
            4. Testing SpamAssassin on a Corpus
            5. Examining Hit Frequencies
        2. Using Other Rulesets
        3. Summary
      18. 13. Improving Filtering
        1. Whitelists and Blacklists
          1. Manual Whitelisting and Blacklisting
          2. Whitelisting Domains
        2. The Auto-Whitelist
        3. Resolving Incorrect Classifications
          1. Examining Messages
          2. Changing the Spam Threshold
          3. Re-weighting Test Scores
            1. Increasing the Score of Spam Emails
            2. Coping with False Positives
          4. Bayesian Unlearning and Relearning
        4. Character Sets and Languages
          1. Disallowing Languages
          2. Disallowing Character Sets
        5. Summary
      19. 14. Performance
        1. Bottlenecks
          1. Memory
            1. CPUs
          2. Disk I/O
            1. Network I/O
          3. Determining Bottlenecks
        2. Performance Improvement Methodology
          1. Using the SpamAssassin Daemon
          2. Integrating SpamAssassin into the MTA
          3. Omitting Messages
            1. Large Messages
          4. Disabling Tests
          5. Running Network-Based Tests First
            1. Razor, Pyzor, and DCC
          6. Using Additional Machines
          7. Faster File Locking
        3. Using SQL
          1. Requirements
          2. MySQL
            1. Configuration
          3. Spamd with SQL
          4. SQL for User Preferences
            1. Adding New User Preferences
            2. Displaying User Preferences
            3. Altering User Preferences
            4. Deleting User Preferences
            5. Testing if SQL User Preferences Are Being Used
            6. Preference Precedence
          5. SQL for Bayesian Databases
            1. Testing if the SQL Bayesian Database Is Being Used
          6. The Auto-Whitelist Database
            1. Testing if the SQL Auto-Whitelist Database Is Being Used
        4. Summary
      20. 15. Housekeeping and Reporting
        1. Separating Levels of Spam
        2. Detecting When SpamAssassin Fails
        3. Spam and Ham Reports
          1. Spam Counter
            1. Keeping Statistics Over a Period of Time
          2. Determining SpamAssassin Processing Time
        4. Summary
      21. 16. Building an Anti-Spam Gateway
        1. Choosing a PC Platform
        2. Choosing a Linux Distribution
          1. Installing Linux
        3. Configuring Postfix
          1. Accepting Email for the Domain
          2. Mail for the root User
          3. Basic Spam Filtering with Postfix
          4. Forwarding Email to the Original Email Server
          5. Reloading Postfix
          6. Testing Postfix
        4. Installing Amavisd-new
          1. Installation from Package
          2. Installing Prerequisites
          3. Installing from Source
          4. Creating a User Account for Amavisd-new
        5. Configuring Amavisd-new
        6. Configuring Postfix to Run Amavisd-new
        7. Configuring External Services
        8. Firewall Configuration
        9. Backups
        10. Testing
        11. Going Live
        12. Summary
      22. 17. Email Clients
        1. General Configuration Rules
        2. Microsoft Outlook
        3. Microsoft Outlook Express
        4. Mozilla Thunderbird
        5. Qualcomm Eudora
        6. Summary
      23. 18. Choosing Other Spam Tools
        1. Spam Policies
        2. Evaluating Spam Filters
        3. Configuring the Second Filter
          1. Using a Single Machine
          2. Using Separate Machines
            1. Sendmail
            2. Postfix
            3. Exim
            4. qmail
        4. Other Techniques
          1. Greylisting
          2. SPF
          3. Sender Validation
        5. Summary
      24. A. Glossary