.
For some, SPAM is just one of the inconveniences of the Internet. For others, it’s just something really annoying. Some see it as a necessary evil. Whatever your opinion about it, if you had a very efficient tool to combat electronic waste, would you use it?
If your answer is yes, then take 5 minutes to learn everything you need to know about SpamAssassin, a simple yet powerful tool available to many cPanel users and a few other hosting environments.
Why worry about SPAM?
Not everyone thinks it’s terrible to receive SPAM. There are those who just delete everything that doesn’t interest them and that’s it!
But this is a problem that goes beyond just receiving a few unsolicited messages every day that take up disk space in the mailbox.
Numbers vary, but on average, it’s estimated that about half of all email-related data traffic across the Web comes from SPAM. In other words, if it weren’t like that, the Internet’s infrastructure could work much better and be even more accessible from a financial point of view, since a significant part of it is destined to the traffic of e-waste.
In addition to this reason, which is already sufficiently justifiable, there are others:
- Performance / speed is affected by the large amount of data flowing;
- Those who are not in the habit of removing SPAM are paying to host junk mail;
- Estimates indicate that on average an employee spends more than two days at work – more than 19 hours! – per year just removing SPAM from your mailbox;
- Many of the main digital threats (spoofing, phishing, etc.) related to email are disseminated through SPAM;
- E-mail account administration problems as a result of junk mail can lead to the loss of legitimate and important messages;
- Fake news, hate speech and other Internet problems are often also associated with SPAM;
- When SPAM is used to disseminate malware, the user is susceptible to a series of consequences such as data leakage, invasions of their websites and even blocking the IP address of their website / domain.
Therefore, identifying and blocking SPAM is much more than simply getting rid of a daily “little annoyance” and in this task, Apache SpamAssassin is an important ally.
What is Apache SpamAssassin?
Its “first and last name” is Apache SpamAssassin, but which most people know and call just SpamAssassin (SPAM killer, in literal translation) and which, as you might imagine, is an anti-spam tool.
SpamAssassin is one of many open source projects run by Apache Software Foundation (ASF), whose development communities are oriented towards the common good, the public good.
Many consider it the main initiative of its kind in the world, since it is one of the oldest tools, having been originally conceived by justin mason from spam filters designed and written by Mark Jeftovicstill in 1997, that is, when the commercial Internet was still in its infancy.
But it was only in 2004 that the project became part of the developments supported by the Apache Foundation.
Since then, it has evolved a lot, and is now considered a mature and widely adopted solution, serving as a powerful email filter to identify and block unsolicited bulk email – the famous SPAM.
It can be used as an independent service or integrated with e-mail services, such as Exim, for example, or even as a daemon (spamd) of the operating system, in the case of Linux distributions.
How does SpamAssassin work?
Simply put, Apache SpamAssassin is nothing more than an email filter, whose purpose is to identify and block email messages that are considered junk mail.
But unlike the filters that you can create and configure in your hosting control panel, it uses much more sophisticated mechanisms that also evaluate the header, subject field and body of email messages.
The set of resources used in the analysis of each message, includes bayesian filteringDNS blocklists and collaborative filtering databases, plus plugins to integrate a wide range of heuristic analysis (detection method to find suspicious snippets) and advanced statistics.
As an application integrated to the Exim e-mail service, which is the case of HostMídia, it is installed on the server in parallel with the e-mail service, so that every message delivered by an external server goes through the process of filtering before the message reaches your account’s inbox.
This filtering consists of submitting each message to the mentioned mechanisms, so that each evaluated criterion – of which dozens are analyzed – receives a score and which are related to the probability of sending SPAM or not. The scores for each evaluated aspect can be decimals and, therefore, the final sum can also be a decimal (eg: 3.90).
A score is given at the end of the check, which basically consists of the sum of the scores for all criteria, indicating the probability that the e-mail is or is not junk mail, as follows:
- Negative numbers are great as they indicate that the email is unlikely to be spam and will keep your overall score low;
- “0” is neutral, meaning that receiving the message has little impact;
- Positive numbers suggest possible spam;
The advance of the score, which in maximum terms reaches 10, is directly linked to the probability of being SPAM, if it is positive (above zero) and of not being SPAM, if it is negative (below zero).
Therefore, the higher and more positive the score (note) assigned by the tool, the greater the probability that it is an unwanted submission.
How to use Apache SpamAssassin?
By default, Apache SpamAssassin considers a message as SPAM, those that obtain a final score (called the Spam Threshold Score, in English versions of cPanel) equal to or greater than 5.
In your hosting control panel, it should appear grouped together with the other email resources and you can change some settings.
Enable SpamAssassin
The first option is precisely whether or not to enable the tool, given that due to the high circulating volume of electronic waste, many hosts have configured it to be active by default.
In the descriptive text of this first option, there is a link associated with the “Spam Threshold Score”, which leads to changing the score. There are some options and the last one is “custom”, which allows you to change the default value for notes other than those available above.
Bear in mind that the higher this value is, it means that the filtering needs to find more evidence of probable junk mail, in order to stop the message. In other words, you make filtering more permissive and values above 5 should result in more SPAM being received.
On the other hand, the smaller and below 5, it means that the confirmation of a few criteria will be enough to be marked as undesirable content. That is, the closer to zero it is, the less tolerant the filter will be and, consequently, it is possible that some legitimate messages are marked and not delivered.
Enable the Spam Box
Going back to the homepage, it is possible to enable the Spam Box, which is nothing more than a folder that is created in parallel with the other folders that you have in your webmail and to which all the emails that reach or exceed the score 5 or the one you set earlier.
It is particularly advisable to enable the Spam Box in cases where the tool has not yet been tested and especially when the score is set below 5 (more rigorous).
That’s because it will always be possible to access the folder and confirm that in fact everything there is junk mail.
It is also possible to remove all your content, with just one click.
Enable Auto-Delete
It is not recommended to activate this option, unless the filter has already been extensively tested and confirmed and that the defined score effectively bars only junk mail.
This precaution is due to the fact that every message that has a score equal to or greater than the defined value will be automatically deleted. It will not appear in any folder or in the account’s trash.
However, when clicking on “Configure Auto-Delete Settings”, it is possible to define a different score for automatic removal.
For example, if the “Spam Threshold Score” is 4 (more restrictive), but the “Auto-Delete Threshold Score” is 6, it means that all messages between 4 and below 6 will be sent to the Spam Box and only those that are equal to or greater than 6, they will be automatically removed.
additional settings
Finally, there are additional settings that basically consist of creating whitelists (whitelist), blacklists (blacklist) and additional filtering criteria.
We do not recommend using such settings, as their adjustment requires more advanced knowledge.
For example, the inclusion of certain values in the whitelist (Edit Spam Whitelist Settings), means that messages that comply with the included values will automatically be received. Those that meet the blacklist criteria (Edit Spam Blacklist Settings) will always be rejected and if Auto-Delete is active, they will be summarily discarded.
As the syntax used to include the values must be based on the PERL language, those who are not familiar with it can make mistakes that compromise the tool and message reception.
We suggest that you consult the technical support of your hosting to assist you in this procedure, if you wish.
Conclusion
SpamAssassin is one of the oldest and most efficient tools in the fight against SPAM and understanding how it does this job can be extremely useful.
.
