How do I Choose the Best Linux® Spam Filter?

Linux® platforms, the result of the open source movement, have a wide variety of spam filters to choose from. In order to pick the best Linux® spam filter, it is important to know a little bit about how the different types work. An aggressive, but almost completely accurate, method of eliminating spam is employing a white-list or verification filters. For users who find the white-list method too inflexible, distributive adaptive blacklists are a versatile and widely available solution. More sophisticated anti-spam techniques employ Bayesian trigram filters or similar word-analyzing algorithms as the primary Linux® spam filter.

White-lists or verification filters work on a very simple, but efficient, principle; they only let mail from designated senders into the customer’s inbox. A popular Linux® spam filter that employs this technique is TDMA. When a user initially configures TDMA, a list of trusted recipients is defined and all subsequent mail is checked against this list. If a recipient is not present on this list, a challenge email is sent to establish whether the sender is a legitimate source. The challenge email is designed to be answerable only by humans, so if a successful response is received, the sender’s email address is added to the white-list.

The problem with the white-list technique as a primary Linux® spam filter is that it places an unnecessary burden on senders, even if they are legitimate. Distributive adaptive blacklists operate on the reverse of this principle, but in a far more flexible manner. In this technique, messages from certain email addresses known to belong to spammers are blocked based on a centralized database. If enough users flag a certain email address as spam, those email addresses are updated to the centralized blacklist. An example of a Linux® spam filter that uses this method of spam protection is Razor.

Both the white-list verification method and the distributive adaptive blacklist method analyze the email address, checking them against databases to determine whether they are potentially unsafe. Bayesian trigram filters are employed by some spam filters, like the popular Linux® spam filter SpamAssassin, to analyze the structure of emails themselves. These filters use sophisticated algorithms to scrutinize the text of emails and determine if they exhibit patterns of sentence construction and word usage that are typically used by spammers. By eliminating the need for user-generated databases, this technique allows for a great deal more adaptability. Quite a few Linux® spam filter developers are implementing this method of spam detection in their programs.