SpamAssassin – What It Is & How Commtouch’s Plug Works With It

by

SpamAssassin™ was first introduced by Justin Mason in the Open Source software site SourceForge.net in April 2001. Since then, it has been adopted by many small-medium sized businesses, service providers and integrated by value-added resellers (VARs) to be used as their core infrastructure.

The beauty of SpamAssassin is in its infrastructure rather than in the technology it uses to catch spam. SpamAssassin can be looked at as an open platform for anti-spam applications similarly to the way that Facebook is an open platform for social networking applications. Basically, SpamAssassin allows anyone to write his or her own add-on to the system as long as it applies to the SpamAssassin scoring mechanism.  SpamAssassin by itself does nothing to the mail other than generate a score of “how spammy” a message is, based on a series of rules that analyze certain parameters of the message. It does not take any action, such as blocking or quarantining. That must be done by the MTA or whatever server/device is relaying mail and checking the SpamAssassin scores. The default spam score is 5.0 which is considered aggressive, while ISPs are recommended to set spam messages as scoring between 8.0 and 10.0. Scoring is entirely configurable by the user.

What’s so great about SpamAssassin is that it’s highly customizable, but unfortunately, that can also be its downside. The truth is that the key to SpamAssassin’s ongoing success is a smart IT person installing and maintaining it. SpamAssassin requires a significant amount of integration work to make an enterprise-class or carrier-class installation succeed.

But having a SpamAssassin expert constantly tweaking and updating the system is not always enough anymore. Spam and malware levels around the world are continuously rising, recently reaching a peak of 96% of all email at one point last quarter. Spammers and malware writers are also progressing in their sophistication, improving in their ability to evade security solutions. The complexity and velocity of today’s outbreaks are overpowering many SpamAssassin implementations, which often cannot maintain high detection rates without incurring too many false positives. To cope, IT managers are investing more and more time in tuning SpamAssassin rules, with diminishing results.

As spammers are getting more sophisticated in their tactics, SpamAssassin-based commercial solutions are facing a great challenge to keep up a high detection level and low false positives in a profitable manner.

This is where the new Commtouch Plug-in for SpamAssassin comes into the picture. Commtouch, with its patented Recurrent Pattern Detection™ (RPD) technology, allows SpamAssassin-based email filtering solutions (and ISPs using SpamAssassin) to benefit from the SpamAssassin infrastructure along with an advanced and leading technology to block spam and zero-hour virus outbreaks.

Basically, the Commtouch plug-in receives a message from SpamAssassin in order to produce a score. Commtouch extracts patterns from the message to match it with known spam patterns identified around the world. According to the result, the Commtouch plug-in return a SpamAssassin score that will be used to determined if the message is spam or not.  The whole process is very fast, and highly accurate.
Once Commtouch plug-in is in place, it raises the detection levels up to 98% with near zero false positive, blocks viruses within seconds of any new outbreak and it’s all automated with no administration or maintenance required.

It is very efficient and so easy to integrate, that by the time that you finish reading this post, you could have already evaluated the plug-in (well, slight exaggeration, but you see what I mean…).  I encourage you to visit our web site and download an evaluation version now to see for yourself how it can turn around your existing solution.

Go back