Customer Reviews

SpamAssassin

5 star:		(1)
4 star:		(2)
3 star:		(2)
2 star:		(1)
1 star:		(2)

 

 

Coming into Spamassassin as a new user is very confusing, especially if you don't admin e-mail systems frequently. The spamassassin wiki and documentation are really confusing as well, it seems that nothing really explains the system as a whole very well. Finally, a real book about Spamassassin (I thought). This book skipped over a lot of topics I want to know more about (logging spamassassin activity, how to install razor and pyzor, more information about the RBLs installation and configuration). I don't think so much time should have been spent on Baysean techniques, I find Baysean to be too labor intensive and not practical at all on a site-wide level (which I think the author mentions in the book). This book was good, but not as complete as I was expecting, but as a reference for Spamassassin I suppose it's ok, but not anything better than is online.

Had high hopes when I got this book. Sadly letdown. The book gives a tired old treatment of using a black list to check against the header of a mail message. Now not all spammers forge the header. But many do, as known for years. And they don't just forge the From line. They can also forge the Received lines.

When the author wrote the previous review, he mentioned the Received header lines. But, in general, for an ISP, the only valid header info is what the ISP itself writes. Received lines not written by the ISP can also be forged.

So using a black list on a header can easily be defeated by a spammer. And is being done so by many of them.

But Schwartz goes on to say that SA can now apply the black list against the body links. GREAT! Awesome. This is the key difference between 3.0 and the earlier stuff. Yet, when I went thru the book, I did not see any mention of this. Okay, perhaps I missed it. But if the book actually talks about it, it is in a very obscure fashion.

The new ability in 3.0 is seminal. Because while a spammer can forge headers, if he wants users to click through to his site, he has to write a valid address for himself. When AOL implemented this idea [not using SA] earlier this year, they said it led to the first documented decrease in spam they'd seen.

I repeat- if the book didn't mention the new 3.0 ability, it is grossly deficient. If it did mention it, but scantily, ditto. It certainly deserves at least as much space as was given to Mr Bayes.

SpamAssassin is the immensely popular open-source spam solution for the Linux/Unix world. This book covers version 3.0, which, curiously enough, is not included with the book. This is pretty unusual in the open-source world since it costs very little to put a copy of the program onto CD and bind it into the book.

The reasons for SpamAssassin's popularity include its high level of customizability, the ability to change the rules and the weights assigned to those rules, automatically report spam to clearinghouses, ability to interface with other resources on the internet including DNS blacklists, ability to create a whitelist, and the ability to work with a wide variety of mail systems including sendmail, Postfix, qmail, and Exim. One of the really nice features is the ability for the system to automatically add a person to the whitelist if you send an outgoing email to that person.

Of course all of this requires an understanding of how SpamAssassin works and how to configure and tweak it to get it to do what you want. That is where this book comes in. The author has done an excellent job of explaining not only the concepts but also the details of how SpamAssassin works and how to tweak it to work best in your environment. This is easily one of the most clearly written and understandable books on configuring the software that I have read. SpamAssassin is highly recommended for anyone on a Unix-like system who is considering using the program as a spam control solution.

It took some time to figure out how to configure it best for my needs but my spam is down over 90% with no false positives. Don't expect the author to spoon feed you what is best for your system, but he gives you the information to design one that works for you.

This is a book for anyone who wants to know what is under the hood. This books details what is behind the engine, its architecture and its learning system. While it is leaning more heavily in the mail transfer agent (MTA) side, it still offers a lot of tips to readers as to how one can use SpamAssassin to combat junk mail. The Autowhitelisting and Bayesian Filtering are a must for those who really want to know how to use the tool. This is what makes it different from other keyword based filtering. This would be a great book for those who run and maintain their own mailing server, because it has lots of details for sendmail, postfix, exim and qmail.
Although the author has a section on pop mail configuration, I would like to see more client configuration examples such as outlook express or Novell's evolution/Ximian, or kmail. This is because not everybody runs email server at home. Nonetheless, this is a great book for those who want to set up their own spam mail filters and get rid of those annoying junk mail. Additionally, the author provides a very detailed list of resources.

A comprehensive description of the many features of SpamAssassin [SA] and how it can be integrated with the major mailing programs sendmail, postfix, qmail and Exim. Certainly, the free and open source nature of SA will appeal to some.

But the problem with the book is that it never seriously analyses the many flaws of SA. The most glaring is how it used blacklists. It only applies these against various header fields. Yet it is well known that spammers forge arbitrary sender addresses. Which greatly reduces the efficacy of the blacklist.

Also, the book devotes attention to how SA uses Bayesians. It says how you need a corpus of spam and one of non-spam, to train the Bayesian. Yet this has proved to be a severe constraint on actual usage. The book never says how these corpuses are to be found. In practice, this is done manually. Even worse, the book does not point out that spammers can and are poisoning Bayesians, with innocuous non-sequitur words in their messages. This means that a Bayesian must be continually retrained on new corpuses, that have been manually gathered. Very labour intensive. Few users are willing and able to do so.

I'm sure that the Spamassassin developers are doing the best they can, but the sad fact is that the spammers are winning the war.

I don't think there really is a good solution for spam right now. Blacklists don't work, Bayesian filters don't work - nothing works well enough to stop spam entirely.

Still, Spamassassin is useful, and because it is configurable (and open source), you at least have complete control. That assumes, of course, that you understand how it works. That's the reason to buy a book like this, but I was a bit disappointed in that area. I'm not sure yet whether the fault is Spamassassin - maybe it's just not as configurable as it should be - or this book just not explaining things very well.

For example, I note that an awful lot of the spam I get is from certain IP blocks. I don't want to block out large ranges arbitrarily, but I thought it might be interesting to increase the Spamassassin score if the sender was in one of those ranges.

Well, if there is a way to do that, I still haven't figured it out. It could be me - maybe I just haven't read things carefully enough - but I didn't feel that I understood Spamassassin after reading this. Maybe this needs to be a bigger book - only about 100 pages are devoted to configuration and modifying rules, the rest is installation advice.

On the other hand, there's nothing else out there, and this isn't totally without value. If you are using Spamassassin, you may want to pick this up - it could be a long wait for anything better.

Thanks for the review. You are correct that the book focuses on getting the most out of SA, and not on criticizing SA per se (although other approaches are mentioned briefly).

Blacklists applying to header fields is not a flaw - particularly when the Received header is considered, and when you consider that spammers have no incentive to forge blacklisted addresses. Moreover, SA 3.0 can apply URI blacklists to URIs in message bodies, not just to headers.

The book does discuss how you'd acquired a corpus for training, and the research to date (see, e.g., Paul Graham's plan for spam FAQ and presentations) suggests that non-sequitor words included by spammers are not, in fact, effective at poisoning Bayesian classifiers, except under uncommon circumstances. My own experiences are similar - innocuous words do not ruin filter efficacy.

Unless you're a PERL weenie and just love all the technical jargon and obscure set up code in this book -- forget it. This is just the book for such geeks, and not a book for your average PHP or Java programmer.

If you want to stop spam, rather than go back for an advanced degree in geekiness, (by which time all the spam techniques will have changed anyway) just let your ISP provider do their best. You won't be able to do much better with this book, even if you COULD implement it. Which the average reader never will.