How To Filter Out Spam

From ECE Information Technology Services
Jump to navigationJump to search

Why doesn't the mail server filter out spam?

No filtering mechanism, algorithm or tool is perfect. A global solution to the spam problem will, invariably, cause some users' legitimate email to be deleted. Therefore, we leave the decision as to whether to filter email to each individual user. To help users filter their email, we have deployed Spam Assassin.

What is Spam Assassin?

Spam Assassin is a classifier. Its only purpose is to classify email as potential spam. It does NOT filter in and of itself. You need to use procmail to do the actual filtering.

Spam Assassin uses a combination of heuristics, realtime black-hole list (RBL) lookups, and a per-user Bayesian filters to classify email. Each rule that is matched adds to the points of a particular email. The default threshold is 5.0: emails with a score of more than 5.0 points are classified as spam.

How do I filter my email?

First, you need to read and understand How Received Email Is Processed. Second, you need need to add the following procmail recipes to your .procmailrc file (see How To Sort Email Using Procmail). These recipes will cause your received email to be (stage 1) classified by Spam Assassin and (stage 2) filtered.

Stage 1 - Classification

  ### Stage 1: classification
  # send the email to Spam Assassin for classification
* < 256000
  | spamc -f

  # handle errors from Spam Assassin gracefully

The above procmail recipe pipes your received email to Spam Assassin for classification. Spam Assassin will add headers containing the results of the classification to the email. For example,

  X-Spam-Flag: YES
  X-Spam-Status: Yes, hits=6.1 required=5.0
  X-Spam-Level: ******

Stage 2 - Filtering

  ### Stage 2: filtering (IMAP)
  # example: put spam email into a subfolder named 'spam'
* ^X-Spam-Flag: YES

The above procmail recipe is useful for IMAP (Maildir) users. It filters based on the X-Spam-Flag header. Email classified as spam is placed into the Maildir-format mail folder: ~/Maildir/.spam/.

Mail that is not caught by the Spam Assassin processing is stored in the default location, ~/Maildir/.

Remember that your ~/.forward file gets processed before ~/.procmailrc (see How Received Email Is Processed); therefore, if you fail to delete your ~/.forward file, then your mail will simply be forwarded, bypassing the procmail and Spam Assassin processing.

Important Note:

Some Windows text editors automatically append DOS EOL=characters to lines in text files. If your .procmailrc file contains DOS EOL characters (^M), then spamc will fail and you will lose mail!

I use IMAP. Is there a complete example .procmailrc file for IMAP users?

Yes. See this example procmailrc-imap.txt file.

Please note the extensive comments describing various options for filtering the email classified as spam by Spam Assassin

Please note the additional directives to handle going on 'vacation'.

Please note the additional directives to handle sorting email sent to address extensions into separate folders.

If you choose to use this example procmailrc-imap.txt file, be sure to copy it to ~/.procmailrc and to change its mode to 644 or 600.

Important Note:

Some Windows browsers automatically append DOS EOL=characters to lines in text files. This is a *bad thing*. Ensure that the procmailrc-imap.txt file is saved with Unix EOL!! To convert from DOS to Unix EOL, use the dos2unix command on the Solaris or Linux departmental workstations. If the procmailrc-imap.txt file contains DOS EOL characters (^M), then spamc will fail and you will lose mail!