FastWebServer
Fast, Reliable, Affordable Web Hosting
Contact Support F.A.Q.
Home Web Hosting Order Resellers Support News
 
< Previous Chapter  ::  Next Chapter >
  Chapter 42: SpamAssassin
 

In This Chapter:

 

SpamAssassin Overview

SpamAssassin is a powerful tool for eliminating unsolicited email (spam) from your incoming mail. Using a wide range of rules and filtering methods, it scans incoming emails and accurately detects spam. SpamAssassin does not require you to install any software on your computer. Instead, it runs on the server-side, scanning and filtering email before it is delivered to your mailbox.

SpamAssassin subjects every incoming email to three levels of spam tests:

  1. Header Analysis. Spammers often forge return addresses, and add bogus entries to the headers of their emails. This is done both to fool you into thinking that the email is valid, and to make it harder to determine the actual source of the email. Spam Assassin knows what to look for in these headers, and can quickly identify false, invalid, or misleading information.

  2. Text Analysis. Spam emails often have characteristic styles, phrases, and disclaimers in them. SpamAssassin attempts to spot some of these clues. SpamAssassin also scans the body of each email for links to known spammer websites.

  3. Blacklists. SpamAssassin compares each email to the lists maintained on major Real Time Blacklist servers (RBLs). If an email is sent from a domain or server in one of these blacklists, there is a good possibility that it is spam.

Each test uses hundreds of rules that indicate whether an email might be spam. Each rule it finds is assigned a "point" value. When the total points of an email exceed your acceptable limit, the email is considered spam.

When an email is considered spam, SpamAssassin can handle it in a variety of ways depending on your specific preferences.Using the "What to do with Spam" options, you can have spam delivered normally, have it delivered to a special "spam" mailbox, or have it automatically deleted. When you have the mail delivered normally, or to the "spam" mailbox, you can also specify how that email gets delivered:

  1. rewrite_subject: the spam email will have a "*****SPAM*****" flag placed in its subject line.
  2. report_safe: a new spam report email is created containing the full details of the spam filter’s decision. The spam email is attached to this report email in its original state. This option may be used. The original email is attached as a message/rfc822 MIME part which ensures that it is completely preserved, not easily opened, and much easier to recover.
  3. If you disable both the rewrite_subject and report_safe options, then the spam email will have “X-Spam” tags inserted in its message headers, however, the subject line will not be altered in any way, and the email will not be attached to a spam report email.

[top]

 

How to Setup SpamAssassin

Once you have installed the proper SpamAssassin package, you must enable the filter. To do this, go to the "SpamAssassin" section of your Control Panel. From there, select "On" and click the "Apply" button. Your SpamAssassin filter has now been enabled with the following default settings:

  1. SpamAssassin will let spam go to your mailbox, where you will delete manually.

  2. Filter Sensitivity is set to 6

  3. Spam Reports are generated with the original email as an attachment

  4. The text "*****SPAM*****" is added to the subject line of the report email.


Step 1.

Select what you would like SpamAssassin to do with spam emails. If you are just getting started with SpamAssassin, it is recommended that you select one of the first two options. This way, you can ensure that legitimate emails are not getting accidentally caught and deleted by SpamAssassin. As time passes your white-list becomes more extensive, and your SpamAssassin filter gets smarter. At this time, you may want to consider switching this setting to automatically delete spam emails.

Step 2.

Set your filter sensitivity. Sensitivity ranges from 2 to 12. This value refers to the minimum score required for an email to be flagged as spam. Therefore, the lower this number, the more sensitive your filter becomes. Initially, you should select a setting somewhere in the middle (5-8). If you receive a large amount of spam emails, you should make your filter slightly more sensitive (closer to 5), while if you only receive a few spams, you should set your sensitivity closer to 7 or 8. It is a good idea to adjust your filter sensitivity until you find the perfect fit.

Step 3.

By default, SpamAssassin flags all suspected emails as spam by placing a “*****SPAM*****” tag in their subject line. Also by default, SpamAssassin creates a spam report email and attaches the original spam email to this report before sending it to your inbox. If you wish to disable either of these options, select to do so in the “Reporting Customization” section of your SpamAssassin manager.

Step 4.

Immediately create your White List, Black List (if necessary) and any other message rules you desire. Use the “Add Rules” section to do this. To create a new rule, select the “Action”, place the email address, domain name, or pattern into the rule and click “Add Rule”.


Once you have completed these steps, SpamAssassin will effectively filter at least 95% of the spam emails sent to your domain. Other settings in the Control Panel allow you to customize where SpamAssassin places its reports, enable and disable HTML conversion, and create rules for your White and Black Lists.

[top]

 

Control Panel Configuration Options

The SpamAssassin Control Panel allows you to customize the functionality of your SpamAssassin filter. These options give SpamAssassin increased flexibility and allows it to adapt to your specific needs.

The following is a detailed description of each option available to you through this control panel.

Spam Filtering

Once your SpamAssassin filter has been enabled, this is the first option you will see in the Control Panel. If you wish to disable the SpamAssassin filter completely, select "Off" and click the "Apply" button. This will effectively turn spam filtering off on your account.

What to do with Spam

In this section, you can specify the action that SpamAssassin takes when it determines that an email is spam. There are three options:

  1. Do Nothing - this will deliver the email to your regular inbox with whatever Report Customization preferences you have selected.
  2. Move - this will deliver the email to a special "spam" mailbox. Mail is automatically deleted from the "spam" mailbox after 30 days. This gives you the chance to login to webmail, or download the "spam" mailbox to your computer to occasionally check its contents.
  3. Delete - this will immediately delete any email identified as spam. This option is only recommended for users who have a thorough White-list, and have been using SpamAssassin for a while.

Filter Sensitivity

The sensitivity of your filter is the minimum score that you would like an email to have in order for it to be labeled spam. For example, if you want any email scoring 6 or greater to be labeled as spam, set your filter sensitivity to 6. To make your filter more sensitive, decrease your filter sensitivity level. This way, a lower score is required for an email to be flagged as spam. If you wish to make your filter less sensitive, simply increase its filter sensitivity number.

It is suggested that you keep your filter sensitivity level somewhere in the middle range. This way the majority of spams will be caught while few legitimate emails will be mistaken for spam. Adjust your filter sensitivity level according to the amount of spam you receive. For large volumes of spam, a more sensitive filter may be needed, while if you receive few spams, you can keep your sensitivity relatively low.

Reporting Customization

This option has two sections. The first "rewrite_subject" allows you to enable and disable the "*****SPAM*****" subject line flagging. The second "report_safe" enables and disables the generation of a Spam Report email with the original email as an attachement.

  • rewrite_subject
    • Off: the subject line will remain intact
    • On (default): the subject line of suspected spam will include the "*****SPAM*****" text

  • report_safe
    • Off: no spam report email is generated, instead, the original email is delivered with some additional "X-SPAM' headers. No changes are made to the body of the email.
    • On (default): A full Spam Report email is generated with the scanning details with the original email as an attachment.

Add Rule

The "Add Rule" section allows you to create and administer to your own White and Black Lists. The instructions found in this section make it self explanatory.

To add an address, domain, or sub-domain to your White List, select the "Accept Mail From" rule, enter the address, and click "Add Rule".

Conversely, to add someone to your Black List, select the "Reject Mail From" rule, enter the address, domain, or sub-domain, and click "Add Rule".

To Disable SpamAssassin Filtering for a specific email address in your account, use the "Accept Mail Sent to" rule.

The "Current Rules" section displays all of the rules currently stored in your filter. You can use the "Delete Rule" link to remove any of these. This screenshot displays an example of each rule:

[top]

Home :: Webhosting :: Order :: Resellers :: Support :: FAQ :: Privacy Statement :: Terms and Conditions
© Copyright 2004 FastWebServer.com 5863 Leslie St. Suite 307, Toronto, ON  M2H 1J8
All prices in US Dollars if not stated otherwise. If you have comments or questions regarding this web page Contact Us