The Bottom Line
- SpamAssassin has a high spam detection rate
- Uses sophisticated scoring filters, Bayesian statistics, blacklists and SPF for authentication
- SpamAssassin works seamlessly in just about every environment
- Default SpamAssassin setup is a tad too aggressive
- Ongoing training of SpamAssassin's Bayesian filtering is a bit cumbersome
- SpamAssassin is a mail filter using a number of scoring heuristics to identify spam.
- Employs header and mail body analysis as well as blacklists and collaborative spam databases.
- Marks spam for later filtering (via procmail, the mail transfer agent, an email client,...).
- SpamAssassin gives a detailed report of its scoring process for every identified spam message.
- Defangs HTML messages to eliminate the risk of spammers exploiting your privacy with remote images.
- Further advanced HTML parsing helps detect hidden text and other obfuscation tricks.
- SpamAssassin can report detected spam automatically to community spam databases like Vipul's Razor.
- When trained, SpamAssassin makes great use of Bayesian statistics to classify mail, too.
- SpamAssassin supports SPF and DomainKeys sender authentication as well as Hashcash.
Guide Review - SpamAssassin 3.2.0 - Spam Filter
SpamAssassin tries to look at every email the way it will be displayed to the user to prevent spammers from circumventing the filter. Good senders (or spammers aiming to be easily identifiable) are detected using the SPF authentication scheme.
Unfortunately, even SpamAssassin's filter set is not perfect and can produce one or the other false positive. So you will probably want to heighten the spam threshold a bit to make SpamAssassin a little less aggressive and train the Bayesian filtering with good mail as well as spam.