Submitted by Brian Doherty (bdoherty@sas.upenn.edu)
* Product
spamassassin - open source located at spamassassin.org
* Vendor
open source located at spamassassin.org - distributed under the Perl artistic
license
* Platform (Wintel, *nix, both)
Can run on a variety of platforms, with a variety of mail server configurations.
From spamassassin.org:
==
SpamAssassin encapsulates its logic in a well-designed, abstract API. As
a
result, it's not limited to the traditional local-delivery-to-spool case;
using the Mail::SpamAssassin classes, it can be used in a wide variety of
setups. This means that SpamAssassin support is available for a variety
of
mail systems -- traditional procmail, a Mail::Audit plugin, qmail,
MIMEDefang, Postfix, and many others.
==
* Freeware/shareware/paid product
open source project - distributed under the Perl aritistic license
* How does it function? (Does it rely on external blacklists a la ORDB,
manually-created
black/grey/whitelists, MTA blocking, keyword filtering, etc.)
spamassassin incorporates a large number of approaches to identifying SPAM,
including: pattern matching, spam definitions, real time blackhole
lists, whitelists, and heuristic analysis.
From spamassassin.org:
==
The spam-identification tactics used include:
header analysis: spammers use a number of tricks to mask their identities,
fool you into thinking they've sent a valid mail, or fool you into
thinking you must have subscribed at some stage. SpamAssassin tries to spot
these.
text analysis: again, spam mails often have a characteristic style (to
put it politely), and some characteristic disclaimers and CYA text.
SpamAssassin can spot these, too.
blacklists: SpamAssassin supports many useful existing blacklists, such
as
mail-abuse.org, ordb.org or others.
Razor: Vipul's Razor is a collaborative spam-tracking database, which
works by taking a signature of spam messages. Since spam typically
operates by sending an identical message to hundreds of people, Razor
short-circuits this by allowing the first person to receive a spam to add
it to the database -- at which point everyone else will automatically
block it.
==
Version 2.5 incorporates some "Bayesian" filtering functionality.
Above identification techniques can be used in whatever combinations are
desired, and many offer much more specific control over what score is
assigned to a given filter/characteristic.
* What is its administrative model? (Centrally administered with
Opt-in/Opt-out functionality, fully end-user-administered, etc.)
Can be used in a number of different ways. Can be used to process mail
prior to delivery to user, in which case users can't opt out, or can route
mail to spamassassin via procmail or similar for specific users.
spammassassin can be run as a daemon to which messages for individual
users can be passsed, to improve performance with large numbers of users.
Users can be opted in/out of system. In some configurations, users can
have their own prefs file to control how spamassassin applies rules to
their mail, can also "teach" it.
Most admin functions use command line interface, some gui tools available.
Spam definitions are updated with new product releases - apparently no
other way to update built-in filters etc (apart from whatever
customization a user of site does).
* What options does it provide for disposition of SPAM, once it's been
identified? (Deletion, pre-pending "SPAM!" to the subject line,
generating
an NDR, etc.)
Since typically used via a method such as procmail - post-identification
actions can be specified per user and can include any function that
procmail can perform. Most often, messages identified as spam should be
placed in a special mail folder to later review. Can use procmail or
similar for this, or have mail client filter messages.
* Ease of administration, server-side. (Installation, sysadmin
maintenance, system resources required, etc.)
Reviewer has no direct experience to date with installation/configuration.
Reports from others,and popularity of this package, indicate it is
relatively easy to configure and administer.
* Ease of use, end-user-side. (Ease of configuration, "learning"
to
recognize SPAM, etc.)
Currently, user need not really interact with the system to configure or
"teach" it, but advaned users could do so via command line tools,
scripts,
or mail client macros etc if system is configured to allow this.
* Effectiveness (false positives, misses, etc.) - use this section to
provide any quantitative data you may have, IE, flagged 85 out of 100 SPAM
messages in the course of a week with 5 fase positives, etc.
No direct data. Available information show a good hit rate overall, but
would really depend on how much customization a site/user does.
* Vendor-provided documentation, tutorials and technical support
spamassassin.org provides linkes to docs. mailing list also exists.
* Community support available: "Billy-Bob's Procmail Page", etc.
Provide
URL's where applicable.
Package is actively maintained and supported. See spamassassin.org
* Overall impressions & notes
Project seems to be well maintained. Overall hite rate seems quite good.
Has been incorporated into numerous other programs - see:
http://news.spamassassin.org/
In use on mail.sas for almost a year. Relatively few users have opted in,
but those who have seem to find it to be quite effective.
 |
Please note: This material is no longer current and appears
online for archival purposes only.
Use the search and navigation tools above to locate more up-to-date materials, if they exist. |
