Man, spam is getting to be such a problem.

Today I got word that two of our clients are getting seriously frustrated with the number of unmarked messages getting past SpamAssassin — the filter we have installed on some of our NetGateways.

SpamAssassin isn’t a bad product. It’s just as good as it used to be. 95% accuracy sounds great when you’re only getting 20-30 spam messages per day. When only one or two messages slip through the cracks, that’s alright. But when you’re getting hundreds or thousands of messages being lobbed at your inbox every day, that’s a big number of messages slipping through.

So, I’ve been doing some research on methods I can use to improve SpamAssassin or software that I can replace SpamAssassin with. I’ve found a few things, but mostly I’ve discovered this is going to take some work to find the right solution.

I did a search on google for the term “better than spamassassin” just to see what would come up. There were a few interesting hits, but the one that probably caught my eye more than any other was this one: http://crm114.sourceforge.net/.

CRM114 is basically a text filter, but one that was designed from the ground up to be proficient at isolating patterns in spam.

Here is a very interesting presentation (in PDF format) describing the need for a very accurate (i.e. 99.9% or better) mail filter in order to cripple the business model of most commercial spammers.

I’ve played around with dspam a little as well, but it scares the bejeebers out of me because of how complex the installation/configuration is. Maybe I just need to spend more time with it because the author of dspam also claims very high accuracy and it would seem there’s less hassle for end-users than with SpamAssassin.

Another project I’m currently investigating is this Sender Policy Framework (SPF) stuff. This is bigger than a server-side mail filter. This is a way for servers to identify themselves so that when e-mail comes in saying “I came from blahblahblah.com,” the server can look up the SPF record for blahblahblah.com and determine if the information in the message is authentic.

The biggest hurdle in implementing SPF is that it’s a modification to (a hack on top of, really) SMTP. You have to get all your users on-board to make a full switchover.

Meanwhile, the next version of SpamAssassin (2.70) will support SPF.

The answer to my problems right now might be that I just need to work a little harder on helping SpamAssassin do its job better.