CIS Home > Security > News & Services > SpamAssassin

SpamAssassin

SpamAssassin is a spam advisory system that CIS runs on the mail servers. It uses statistical methods to detect messages that are likely to be spam, applying hundreds of patterns and functions to each message that passes into WHOI's email system. When it detects a potential spam message, it marks up the message's headers so that your mail client software can filter it.

SpamAssassin does not delete or reject any messages. Because it is less predictable than the spam blocking methods we use, we leave it up to you, the email user, whether to make use of its information or not. By configuring your mail software to filter based on the headers SpamAssassin adds, you can reduce the amount of spam you have to see.

Each pattern that SpamAssassin checks for has a weight associated with it -- a small number which indicates how likely it is that a message matching that pattern is spam. For instance, messages containing the word "VIAGRA" might get 2 points, whereas messages sent using software commonly used to send spam might get 0.5 points. Weights can also be negative, meaning that a message is likely not to be spam; mail sent using legitimate mailing-list software such as Mailman and Majordomo gets negative points. If the total number of points for a message meets or exceeds 5.0, the message is marked as spam.

Using SpamAssassin in Thunderbird or Mozilla

SpamAssassin adds several headers to messages it determines resemble spam. By using your email client's Message Filters facility, you can sort these messages into a separate folder from your inbox automatically. (We do not recommend deleting these messages outright, because SpamAssassin is not perfect.) The headers that SpamAssassin adds include the following:

  1. X-Spam-Flag: Yes
  2. X-Spam-Level: ***** (The number of stars is equal to the number of points the message got.)

Here's how to sort spammy messages into a separate folder. The process is a little long, but you only have to do it once.

  1. Open your email client.
  2. Create the new folder. Right-click (or Control-click, on Macintosh) on the Inbox folder. A menu will pop up; select the option New Subfolder... Name the folder "filtered-spam" or some such.
  3. Open Message Filters. From the Tools menu, select Message Filters... A window will pop up. If you already have some filters, they will be displayed.
  4. Create a filter. Click the New... button, located on the right-hand side of the window. A new window will appear. Here's what to do in this window:
    1. In the Filter Name text box, give the filter a name like "Spam Filtering".
    2. In the Filter Criteria section, pull down the menu that says "sender", and select Customize Headers. In the box that pops up, click New, and type X-Spam-Flag. Press Enter, then click OK.
    3. On the right-hand side of the Filter Criteria, there is a text box. Type Yes in this box.
    4. In the Filter Action section, pull down the menu that says "Inbox" and change it to the name of your new folder (such as "filtered-spam".)
    5. Click OK.

As you receive new messages in your inbox, your email client will automatically test them for SpamAssassin's X-Spam-Flag header. If the value of this header is Yes on a given message, the message will be automatically shunted into the "filtered-spam" folder. Check this folder at least once a week to make sure nothing legitimate has been accidentally filed as spam.