CleanMail accepts incoming emails via SMTP or POP3
and scans them, using the award-winning SpamAssassin? engine.
SpamAssassin combines the most effective and advanced anti spam technologies into one powerful solution that accurately determines if a message is or is not spam. It uses a comprehensive list of heuristic rules and checks to score messages. This filtering is completely automated, and spam-scoring thresholds are customizable.
It also includes Bayesian spam filtering and offers many additional features, such as complete spam message reporting, header reporting and much more.
SpamAssassin uses the following tests and techniques to identify spam:
Email Header Analysis:
The mail headers are scanned for some small inconsistencies that can give
away forgeries: A mail date in the past or in the future, forged message IDs,
and the like.
Keyword Checking and Text Analysis:
The mail body is scanned for typical spam mail content, such as spam keywords,
capitalized letters, or invitations to buy or click something.
Bayesian Spam Filtering: Bayes filtering statistically calculates the probability that an inbound message is spam.
Spam mails can be learned, so that similar mails are more likely to be identified as spam in the future.
Realtime DNS Blacklist (DNSBL, RBL) Checking:
Queries to DNSBL servers are used, e.g. to see if a mail has been submitted
from a known open mail relay or notorious spam sender.
Multiple SURBL (Spam URI Realtime Blocklist) Checking:
Spammers want you to click on hyperlinks referring to their sites, so a lookup in a database of known spam-advertised sites has proven to be highly effective in identifying spam mails.
Similar to Realtime DNS Blacklists, SURBL (Spam URI Realtime Block Lists) checks will block messages that contain URIs in the message body that link to known spam hosts.
SPF (Sender Policy Framework) Support:
SPF is an emerging standard to detect forged "From" addresses in emails.
Automatic Whitelist Management: SpamAssassin's Auto-Whitelist (AWL) tracks scores of regular correspondents
to automatically identify legitimate sender addresses.
White and Black Lists:
Whitelists and blacklists can be used to configure which email addresses are permitted or denied.
The result of all these tests is added up to form a spam score. A message is considered spam if the score exceeds a configurable threshold.
In the typical configuration, the subject of mail identified as spam is modified to flag it as spam mail, and a SpamAssassin? report is added to the message. Now it is up to your mail server (or client) software to decide what to do. You can delete spam mails, or move spam mails to a spam folder, or leave the decision what to do with spam mails to your users.