Will all my heart I recommend DSpam. It's more "aggressive" than SpamAssassin, that means false-positives do happen when you start to train it, but I'd rather have to deal with couple of false-positives than a load of spam that did go by unnoticed.
When I was training the filter for the first time, I had to feed it with about 30 spam messsages. After that, each and every unsolicited messages had been recognized properly for more than a year now.
PS. I'd also recommend to use some greylisting software.
an Open Source, Perl based,
platform-independent transparent SMTP
proxy server available at
SourceForge.net that leverages
numerous methodologies and
technologies to both rigidly and
adaptively identify e-mail spam.
As of now (June '09) it appears to be under active development.
I usually don't recommend server side spam filtering. By using server side filtering, you're still allowing all the spam to flow to your site, consuming your bandwidth. Look at external services like Purity or Postini which keeps the spam off your network and can often do as good or better job filtering it.
All things come around to their origins. The hottest thing in anti-spam these, at least among the commercial software products, days is IP reputation. Kind of like an RBL, but with more return codes. We're running Symantec Brightmail and I recommend it highly. Of the bad messages it processes, right now 97% of those messages are terminated with IP Reputation faults of the incoming connection's IP address, the remaining 3% are actually scanned for content. This is a fairly recent change, and has seriously reduced the CPU loading on our appliances.
IP reputation is something that can only be done at the receiving MTA, not the local client.
Will all my heart I recommend DSpam. It's more "aggressive" than SpamAssassin, that means false-positives do happen when you start to train it, but I'd rather have to deal with couple of false-positives than a load of spam that did go by unnoticed.
When I was training the filter for the first time, I had to feed it with about 30 spam messsages. After that, each and every unsolicited messages had been recognized properly for more than a year now.
PS. I'd also recommend to use some greylisting software.
ASSP (Anti-Spam SMTP Proxy) is
As of now (June '09) it appears to be under active development.
Uh, yeah, there's a couple things.
I usually don't recommend server side spam filtering. By using server side filtering, you're still allowing all the spam to flow to your site, consuming your bandwidth. Look at external services like Purity or Postini which keeps the spam off your network and can often do as good or better job filtering it.
All things come around to their origins. The hottest thing in anti-spam these, at least among the commercial software products, days is IP reputation. Kind of like an RBL, but with more return codes. We're running Symantec Brightmail and I recommend it highly. Of the bad messages it processes, right now 97% of those messages are terminated with IP Reputation faults of the incoming connection's IP address, the remaining 3% are actually scanned for content. This is a fairly recent change, and has seriously reduced the CPU loading on our appliances.
IP reputation is something that can only be done at the receiving MTA, not the local client.
We used Postini and the service has been very good.
We use a Barracuda Spam & Virus Firewall. It works great at blocking spam and has the bonus of scanning attachments for viruses and spyware.