Product Description

The annoyance factor for individual users whose email is crammed with pitches for pornography, absurd moneymaking schemes, and dubious health products is fierce. But for organizations, the cost of spam in lost productivity and burned bandwidth is astronomical. While society is grappling with a solution to the burgeoning crisis of spam proliferation, the pressure is on system administrators to find a solution to this massive problem in-house. And fast.

Sys admins can field scores of complaints and spend months testing software suites that turn out to be too aggressive, too passive, or too complicated to setup only to discover that SpamAssassin (SA), the leading open source spam-fighting tool, is free, flexible, powerful, highly-regarded, and remarkably effective. The drawback? SpamAssassin's lack of published documentation.

SpamAssassin by Alan Schwartz, is the only published resource devoted to SpamAssassin and how to integrate it effectively into your networks. This clear, concise guide clarifies the installation, configuration, and use of the SpamAssassin spam-checking system (versions 2.63 and 3.0) for Unix system administrators using the Postfix, Sendmail, Exim, or qmail mail servers, helping administrators make the right integration decision for their particular environments.

It covers concrete advice on how to:
Customize SpamAssassin's rules, and even create new ones
Train SpamAssassin's Bayesian classifier, a statistical engine for detecting spam, to optimize it for the sort of email that you typically receive
Block specific addresses, hosts, and domains using third-party blacklists like the one maintained by Spamcop.net.
Whitelist known good sources of email, so that messages from clients, coworkers, and friends aren't inadvertently lost.
Configure SpamAssassin to work with newer spam-filtering methods such as Hashcash and Sender Policy Framework (SPF).
Sys admins, network administrators, and ISPs pay for spam with hours of experimentation and tedious junk email management, frayed user tempers, and their sanity.
SpamAssassin, together with this essential book, give you the tools you need to take back your organization's inboxes.

Product Details

• Amazon Sales Rank: #445933 in Books
• Published on: 2004-07
• Original language: English
• Number of items: 1
• Binding: Paperback
• 207 pages

Features

• ISBN13: 9780596007072
• Condition: NEW
• Notes: Brand New from Publisher. No Remainder Mark.
• Click here to view our Condition Guide and Shipping Prices

About the Author

Customer Reviews

Doesn't cut down on the confusion
Coming into Spamassassin as a new user is very confusing, especially if you don't admin e-mail systems frequently. The spamassassin wiki and documentation are really confusing as well, it seems that nothing really explains the system as a whole very well. Finally, a real book about Spamassassin (I thought). This book skipped over a lot of topics I want to know more about (logging spamassassin activity, how to install razor and pyzor, more information about the RBLs installation and configuration). I don't think so much time should have been spent on Baysean techniques, I find Baysean to be too labor intensive and not practical at all on a site-wide level (which I think the author mentions in the book). This book was good, but not as complete as I was expecting, but as a reference for Spamassassin I suppose it's ok, but not anything better than is online.

skip the book
Had high hopes when I got this book. Sadly letdown. The book gives a tired old treatment of using a black list to check against the header of a mail message. Now not all spammers forge the header. But many do, as known for years. And they don't just forge the From line. They can also forge the Received lines.

When the author wrote the previous review, he mentioned the Received header lines. But, in general, for an ISP, the only valid header info is what the ISP itself writes. Received lines not written by the ISP can also be forged.

So using a black list on a header can easily be defeated by a spammer. And is being done so by many of them.

But Schwartz goes on to say that SA can now apply the black list against the body links. GREAT! Awesome. This is the key difference between 3.0 and the earlier stuff. Yet, when I went thru the book, I did not see any mention of this. Okay, perhaps I missed it. But if the book actually talks about it, it is in a very obscure fashion.

The new ability in 3.0 is seminal. Because while a spammer can forge headers, if he wants users to click through to his site, he has to write a valid address for himself. When AOL implemented this idea [not using SA] earlier this year, they said it led to the first documented decrease in spam they'd seen.

I repeat- if the book didn't mention the new 3.0 ability, it is grossly deficient. If it did mention it, but scantily, ditto. It certainly deserves at least as much space as was given to Mr Bayes.

Took some thinking about configuration but works great
SpamAssassin is the immensely popular open-source spam solution for the Linux/Unix world. This book covers version 3.0, which, curiously enough, is not included with the book. This is pretty unusual in the open-source world since it costs very little to put a copy of the program onto CD and bind it into the book.

The reasons for SpamAssassin's popularity include its high level of customizability, the ability to change the rules and the weights assigned to those rules, automatically report spam to clearinghouses, ability to interface with other resources on the internet including DNS blacklists, ability to create a whitelist, and the ability to work with a wide variety of mail systems including sendmail, Postfix, qmail, and Exim. One of the really nice features is the ability for the system to automatically add a person to the whitelist if you send an outgoing email to that person.

Of course all of this requires an understanding of how SpamAssassin works and how to configure and tweak it to get it to do what you want. That is where this book comes in. The author has done an excellent job of explaining not only the concepts but also the details of how SpamAssassin works and how to tweak it to work best in your environment. This is easily one of the most clearly written and understandable books on configuring the software that I have read. SpamAssassin is highly recommended for anyone on a Unix-like system who is considering using the program as a spam control solution.

It took some time to figure out how to configure it best for my needs but my spam is down over 90% with no false positives. Don't expect the author to spoon feed you what is best for your system, but he gives you the information to design one that works for you.