SpamAssassin

Search knowledge

Browse topics written especially to help answer common question.

Table of Contents

What is SpamAssassin?

SpamAssassin is an open-source spam filter developed by Apache. It is typically installed and enabled on mail servers to help identify and filter spam messages.

https://spamassassin.apache.org/

How does SpamAssassin work?

SpamAssassin uses a robust scoring system and plug-ins to analyze your email. It runs several tests to calculate an aggregate score to determine whether or not your message is likely to be spam.

By default anything with a score of 5 or more is classified as spam. However mail administrators can define and tweak what they classify as “spam” based on their criteria.

Your scores can be positive or negative. Positive values represent “spam” while negative values represent “ham” or non-spam messages.

Your overall SpamAssassin score is outputted in your email header and will show you how your email performed against their tests.

Why is SpamAssassin important?

SpamAssassin is important because it looks at a variety of factors to determine the likelihood of your message being classified as spam.

It uses a wide range of heuristic and statistical analysis tests on email headers and body text. This includes text analysis, bayesian filters, DNS blocklists and collaborative filtering databases.

Here’s a breakdown of some (but not nearly all) major aspects of what SpamAssassin looks at:

  • Sending IP (Blacklists)
  • Email Authentication (SPF/DKIM/DMARC/rDNS etc.)
  • Email Headers
  • Subject Line
  • HTML Body & Formatting
  • Markup / Character sets
  • Message Encoding
  • Collaborative filtering databases

What does MailGenius cover with regards to SpamAssassin?

MailGenius runs the email through a SpamAssassin filter with ‘average’  or generally accepted point settings developed by the community. We are not creating or tweaking our own SpamAssassin scores, but rather taking a hard to digest SpamAssassin output and organize it in a way that gives the sender a better opportunity to use what SpamAssassin has flagged to improve deliverability.

The output shows the test identifier (e.g. DKIM_VALID), the short description provided by SpamAssassin and the community (e.g. Message has at least one valid DKIM or DK signature), the score associated with the flagged test, and the flagged spam % which is described by SpamAssassin as ratio of spam hits to overall hits.

To better understand what these numbers represent you must understand that SpamAssassin parses emails and assigns it a score starting from 0.0. This means scores above 0.0 are more like a spam message and scores below 0.0 are less so. As for the flagged spam %, this is looking at the ratio of all emails that were classified as spam and how many of those emails also returned true for the specific test. For example if the test sample that the SpamAssassin score setting are based on has 10,000 emails that return true for HTML_MESSAGE, and 6,040 of these emails are classified as spam, then the flagged spam % is 60.4%. In this case the score assigned to HTML_MESSAGE is 0.0 because it is not correlated with spam messages, but still 60.4% of the emails returning true for HTML_MESSAGE were flagged as spam. It can also be thought of as: the probability that, when the rule fires, it hits on a spam message.

Example MailGenius Output:
Test: HTML_MESSAGE
Description: HTML included in message
Spam Score: 0.00
Flagged Spam % (ratio of spam hits to overall hits): 60.4%