 | This articleneeds additional citations forverification. Please helpimprove this article byadding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Apache SpamAssassin" – news ·newspapers ·books ·scholar ·JSTOR(May 2024) (Learn how and when to remove this message) |
| Apache SpamAssassin | |
|---|---|
 | |
 | |
| Developer | Apache Software Foundation[1] |
| Initial release | April 20, 2001; 24 years ago (2001-04-20) |
| Stable release | |
| Repository | SpamAssassin Repository |
| Written in | Perl,C |
| Operating system | Cross-platform |
| Type | Spam filter |
| License | Apache License 2.0 |
| Website | spamassassin |
Apache SpamAssassin is acomputer program used fore-mail spam filtering. It uses a variety of spam-detection techniques, includingDNS andfuzzy checksum techniques,Bayesian filtering, external programs, blacklists and online databases. It is released under theApache License 2.0 and is a part of theApache Foundation since 2004.
The program can be integrated with themail server to automatically filter all mail for a site. It can also be run by individual users on their own mailbox and integrates with severalmail programs. Apache SpamAssassin is highly configurable; if used as a system-wide filter it can still be configured to support per-user preferences.
Apache SpamAssassin was created byJustin Mason, who had maintained a number of patches against an earlier program namedfilter.plx by Mark Jeftovic, which in turn was begun in August 1997. Mason rewrote all of Jeftovic's code from scratch and uploaded the resulting codebase toSourceForge on April 20, 2001.[4]
In Summer 2004 the project became anApache Software Foundation project and later officially renamed toApache SpamAssassin.[5]
Apache SpamAssassin is aPerl-based application (Mail::SpamAssassin inCPAN) which is usually used to filter all incoming mail for one or several users. It can be run as astandalone application or as a subprogram of another application (such as aMilter,SA-Exim,Exiscan,MailScanner,MIMEDefang,Amavis) or as aclient (spamc) that communicates with adaemon (spamd). The client/server or embedded mode of operation has performance benefits, but under certain circumstances may introduce additional security risks.
Typically either variant of the application is set up in a genericmail filter program, or it is called directly from amail user agent that supports this, whenever new mail arrives. Mail filter programs such asprocmail can be made topipe all incoming mail through Apache SpamAssassin with an adjustment to a user'sprocmailrc file.
Apache SpamAssassin comes with a large set of rules which are applied to determine whether an email is spam or not. Most rules are based onregular expressions that are matched against the body or header fields of the message, but Apache SpamAssassin also employs a number of other spam-fighting techniques. The rules are called "tests" in the SpamAssassin documentation.
Each test has a score value that will be assigned to a message if it matches the test's criteria. The scores can be positive or negative, with positive values indicating "spam" and negative "ham" (non-spam messages). A message is matched against all tests and Apache SpamAssassin combines the results into a global score which is assigned to the message. The higher the score, the higher the probability that the message is spam.
Apache SpamAssassin has an internal (configurable) score threshold to classify a message as spam. Usually a message will only be considered as spam if it matches multiple criteria; matching just a single test will not usually be enough to reach the threshold.
If Apache SpamAssassin considers a message to be spam, it can be further rewritten. In the default configuration, the content of the mail is appended as aMIME attachment, with a brief excerpt in the message body, and a description of the tests which resulted in the mail being classified as spam. If the score is lower than the defined settings, by default the information about the tests passed and total score is still added to the email headers and can be used in post-processing for less severe actions, such as tagging the mail as suspicious.
Apache SpamAssassin allows for a per-user configuration of its behavior, even if installed as system-wide service; the configuration can be read from a file or a database. In their configuration users can specify individuals whose emails are never considered spam, or change the scores for certain rules. The user can also define a list of languages which they want to receive mail in, and Apache SpamAssassin then assigns a higher score to all mails that appear to be written in another language.
Apache SpamAssassin is based on heuristics (pattern recognition), and such software exhibits false positives and false negatives.
Apache SpamAssassin also supports:
More methods can be added reasonably easily by writing a Perl plug-in for Apache SpamAssassin.
Apache SpamAssassin reinforces its rules throughBayesian filtering where a user or administrator "feeds" examples of good (ham) and bad (spam) into the filter in order to learn the difference between the two. For this purpose, Apache SpamAssassin provides the command-line toolsa-learn, which can be instructed to learn a single mail or an entire mailbox as either ham or spam.
Typically, the user will move unrecognized spam to a separate folder, and then runsa-learn on the folder of non-spam and on the folder of spam separately. Alternatively, if the mail user agent supports it,sa-learn can be called for individual emails. Regardless of the method used to perform the learning, SpamAssassin's Bayesian test will help score future e-mails based on this learning to improve the accuracy.
Apache SpamAssassin isfree/open source software, licensed under theApache License 2.0. Versions prior to 3.0 are dual-licensed under theArtistic License and theGNU General Public License.
Many commercially available anti-spam packages integrate SpamAssassin as part of their products, such as SpamKiller byMcAfee andKerio MailServer by Kerio.[6]
sa-compile is a utility distributed with Apache SpamAssassin that compiles a SpamAssassin ruleset into adeterministic finite automaton that allows Apache SpamAssassin to use processor power more efficiently.
Apache SpamAssassin is designed to trigger on theGTUBE, a 68-byte string similar to the antivirusEICAR test file. If this string is inserted in an RFC 5322 formatted message and passed through the Apache SpamAssassin engine, Apache SpamAssassin will trigger with a weight of 1000.
{{cite web}}:Missing or empty|title= (help){{cite web}}:Missing or empty|title= (help)