Hosted Spam Filtering
30 day trial FREE!
Help for Users
Help for Sysadmins
Help for Marketers
Link to Us
Fight Spam with Anti-spam Software for Exchange Server, now try it for 30days for FREE!
Controlling e-mail spam
Email spam blocking techniques fall into one of two broad areas. The first
area, common in small to midsize sites, is to add spam blocking technology
into the Mail Transfer Agent (MTA) - Exchange, Sendmail, Postfix and
Communigate are all examples of MTAs. The second technique is more commonly
used by large sites and sites with dedicated mail administrators, and that is
to put a mail-blocking appliance between the MTA and the Internet. Both
techniques have in common some sort of automatic update mechanism so that the
MTA or appliance is kept up-to-date against the latest spam sites, patterns
and attacks. One of the more popular anti-spam software titles for these
purposes is GFI MailEssentials. GFI
MailEssentials can be installed directly on the mail server or be installed
on a dedicated machine to create a low-cost appliance solution.
Blocking in the MTA has the advantage that no additional hardware is
required. Also, the learning curve can be quite short, as the better packages
just plug right into the mail server and need relatively little configuration.
On the other hand, for the do-it-yourselfers running UNIX and sendmail, the
learning curve can be just as long as you like.
Appliances are more commonly used by large and very large sites because they
can handle extremely high volumes (millions of messages per day) and can be
configured in redundant configurations so that no single failure will disable
spam filtering. The appliances are basically high-quality PCs with custom
mail software and special configuration front-ends. They are complex devices
and generally require expert mail administrators to get the most out of them,
although the vendors will configure and maintain them, for a fee. The very
largest sites (AOL, Yahoo, Google and MSN Hotmail) essentially build their own
custom appliances. Appliances will work in front of any MTA.
any (or many) MTA(s).
Sendmail, the most commonly found UNIX-based mailer, has
information on spam
sendmail MTAs which accept SMTP email from currently active POP clients should
read details of POP before SMTP to avoid spurious
xmission.com have their own
to cause mail from named site to be returned to sender.
[sendmail 8.8.2 and 8.8.3]:
Wolfgang Rupprecht has supplied a routine using
check_compat that can be used to block spam
mail or prevent all third-party relaying.
Pete Ashdown has contributed a procedure for
dropping spam mail. His procedure accepts the SMTP mail and then drops it
during the delivery phase.
[sendmail 8.8.2 and later]:
Claus Aßmann has put together a very
write-up of using the check_* routines.
[sendmail + compatibles]:
Christian Alice Scarborough's perl5 package
[ Used to be called `ignore-spam' ]
[sendmail + compatibles]:
Ian Leicht's PERL5 package the
NAGS Spam Filter
can reject spam mail automatically,
sending a rejection letter with details of how to get past the block.
another example of how to block spam
Dansie Spam Net is a
commercial score-based filtering system for sendmail with perl. It is
web-manageable and so suitable for hosted e-mail environments.
ScanMail is a commercial
general mail filter package, useful for spam and virii.
E-mail Processing Agent is a mail server
software add-in that controls incoming and outgoing, Internet and intranet
e-mail to eliminate 100% of unwanted e-mails (including "spam").
MAPS is now
Trend Micro Message
Milter-greylist is a
sendmail milter that implements "greylisting" - refusing mail from
never-before-seen hosts with a temporary failure. Legitimate mailers requeue
and retry the message, while much spamware does not.
The greylisting paper
discusses greylisting in detail and provides a perl-based sample implementation
of a sendmail milter.
If you can change your mailer from (e.g.) sendmail but need to keep the mailbox format (etc) unchanged,
you may care to look at
which is a ``drop in replacement'' for sendmail,
a `next generation' smail,
which can use the MAPS RBL to block spam domains from version 1.735.
Since 126.96.36.199, smail can restrict which addresses can relay email, e.g.
smtp_remote_allow = 194.64.4.*:194.163.56.*'
If you can completely change the way email is processed, you may care to look at
There is info on how to use rbl.
Mikio Okawa's dynamail is a package
for qmail that allows ordinary users to create temporary, access limited
SPAMbaffle is spam filtering
software which can be set up either by indiviaul users on a Qmail system, or
by the system administrator. It filters based on email headers, the message
body, and the MIME types or filenames of attachments, and can either drop or
bounce messages that it catches, with customized bounce messages.
Postfix, by Wietse Venema, installs with
relaying and volume controls set to sane values by default; is under very
active development to make controls for relaying easy to set correctly if the
default values won't do, and difficult to set in such a way as to allow
unauthorized relaying; and is supported by an extremely active users' mailing
list (including active participation by Venema) that's extremely anti-spam.
E.vanRhee@co.hvu.nl says that to block mail from hotmail.com, you need
to edit the mapping file
PMDF_TABLE:MAPPINGS (for VMS) or /pmdf/table/mapping (for Solaris and
Digital Unix), e.g.
As well as rejecting e-mail (at the SMTP or TCP level) from rogue sites, pmdf
(from Process Software, available for
VMS, Digital UNIX and Solaris) can be told only to allow a certain percentage
of incoming calls from specified sites, providing some protection from mail
Ed Hew's write-up on refusing email
[PP AKA Isode Internet/X.400 Message Switch]:
Details of how to block spam and relaying can be fond in
IC-1103 Administrator's Guide: Message Handling Services
It has been reported that CommuniGate and Stalker Internet Mail Server from
Mill Valley, Calif.-based Stalker Software Inc. and the newly shipping Eudora
Internet Mail Server 2.0 from San Diego-based Qualcomm Inc. can prevent spam
GFI MailEssentials is a server-based
anti-spam & email management solution for Microsoft Exchange Server and other
Open Relay Filter is a tool that prevents
relaying through Microsoft Exchange servers.
MSExchange.org is a site with
anti-spam information for MS Exchange administrators.
Megaphat Philter is a
Windows server-based product which uses DNSBL technology to block blacklisted
Solution is a Mail Server for Windows XP/2K that can determine the spam
originator and send a mail to the organization that have been abused by the
The Spamhaus Project runs the SBL and
ROKSO, a DNS-based blocklist that can be integrated into virtually any modern
mailer, and a listing of repeat/unrepentant spammers.
can be used if your MTA
cannot be made to filter -- it sits between your MTA and the outside world.
[Any]: MailShield is a commercial program which
blocks spam and relaying,
and works with your current mail server.
Declude JunkMail offers spam control
for mail servers, including heuristic spam detection, and can be configured
separately for each domain or user.
Postini is an Application Service
Provider (ASP) with a range of high-reliability e-mail services, including
spam and virus filtering.
blq is a tool
for querying DNS blocklists (BLs) from the UNIX command line, useful for
figuring out why mail is bouncing.
Relay is a dedicated mail server appliance with anti-relay and
SpamFilter is a proxy with
simple DNS blocklist functionality that works with your existing mailserver.
Extensible Messaging Platform
is a commercial SPAM filtering firewall server application. Protects SMTP mail
servers from Internet SPAM, e-mail-borne viruses (including dangerous
auto-launch viruses) and other objectionable content. Filters mail using
complex contextual signatures (not simple keyword lists).
Mirapoint provides email security
through intelligent anti-spam and anti-virus filtering with end user controls
as to how to handle spam.
Symantec Brightmail Anti-Spam blocks
spam for corporate customers and service providers, using accurate, effective
and patented spam fighting technology.
CleanMessage can safely remove up
to 98% of incoming spam so that it never reaches your inbox. Their SpamCheck
Module protects against corporate productivity loss, infrastructure
consumption, and liability resulting from unsolicited commercial email
SpamRejection.com provides a
comprehensive money back guaranteed spam filtering service for domains. With
no hardware, software or maintenance required, this service is for
organizations that prefer to outsource spam filtering for their domains.
Sender Policy Framework (SPF) is a
mechanism for identifying authorized outgoing mailhosts for a domain. It
doesn't really address spam directly; it is an attempt to stop domain forgery.
ITA Secure Messaging Server
is a multi-pronged spam detection and filtering system for
enterprises and ISPs.
ASSP is a mail proxy system for
multiple mail servers on multiple platforms.
SublimeMail is a domain level spam
filter preventing spam from reaching end-users mail boxes. There is no
software or hardware to install. Simply point MX records to their server and
their filters will eliminate up to 97% of all inbound spam.
SpamAssassin can be installed by
administrators on a site wide basis; it works with SendMail, qmail, Postfix,
MIMEDefang and other tools.
Hexamail Guard is
a server side filtering tool that works with various Windows and Linux mail
CanIt is a UNIX mail server filtering tool
which traps suspected spam for review.
Scanmail for UNIX is a program
that blocks spam by keywords, phrases, addresses, IP addresses and networks.
Singlefin comprehensive message
management is an external filtering solution.
Project UCEPROTECT is a
spamtrap-driven blacklist and commercial (UNIX) blocking software.
Trimmail network appliance filters
spam, dangerous content, and protects your e-mail server from being used as an
open relay by junk mailers.
TMDA is an open source software application
designed to significantly reduce the amount of spam (Internet junk-mail) you
receive. It is a UNIX-based Message Delivery Agent; it does not work with
ClearMX filters, stops and eliminates
99.9% of unwanted email and viruses before before they reach your network.
Free 15 Day Trial. Free Setup.
VircoM's Modus3 anti-spam solution
catches 98.2% of spam and delivers 99.99% protection against false positives.
SpamCannibal is a perl-based
tarpitting tool for Linux users.
OpenRBL is site to lookup IP addresses
against multiple DNSBLs at once. It is not a DNSBL itself.
MailScanner is a spam and virus
scanner for various UNIX mailers.
Scott Hazen Mueller / E-mail me