There are many antispam tools
- Real time blacklists (RBL) allow to block connections from addresses, that are registered as open proxies, open relays, compromised hosts, dialup/broadband hosts and other type of machines that are used to send unsolicitated email messages or should not send email messages to third party email servers. They provide first level of defense against spam. If admin selects RBL servers correctly, blocks can be very accurate. RBL blocks provide first level of defense and block known spam sources without wasting your server's space and bandwidth.
- Greylisting is a special email server feature. It checks sender's address, recipient's address and server's address. If server haven't seen same sender, recipient and address combination, connection is rejected with a temporally error message. Normal email servers will follow email delivery protocol and deliver message later. If first connection is rejected, spammers usually don't come back. In order to deliver delayed emails spammers have to maintain message spool on own machines and handle all bounces and failed deliveries. Such features would waste their resources.
- Please note, that greylisting might be very effective, but it delays legitimate emails.
3. Content analysis
- SpamAssassin, CRM114, dspam software can be used to analyze email and assign points for certain email signatures. If email collects some number of points, it is flagged as spam. Content filtering software has lots of rules. It is difficult to bypass those rules.
- Bayes is statistical content analysis tool. There are no precompiled rules and it must be trained to detect legit and illegit emails.
- TMDA is a special setup, which requires confirmation from email sender before delivering email. It can stop spammers, but it can also be very annoying to normal users.
Things that don't work
1. Email blacklists
- It is very easy to create email address blacklists, but they are ineffective. Spammers can change email addresses and most of spam emails don't depend on correct return address. Spam information is already delivered to end user or user could be redirected to different email address or webserver.