Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

SpamAssassin Scoring

SpamAssassin's main strength is its ability to score messages for their likelihood to be spam. The set of rules distributed with SpamAssassin is located by default in /usr/local/share/spamassassin. The rules are covered here to give you a taste of how the scoring engine works. SpamAssassin rules should be changed only after fully understanding the ramifications of modifying them.


A rule is a test that determines the spam score of a message. Rules can act on various parts of the message, including the full message and headers, headers only, body only, etc. Rules can be positive (definitely spam) or negative (definitely legitimate email) and can be fractional. An example rule is given in the "Privileged Parameters" section later. An explanation of the default ruleset as shipped with SpamAssassin 2.63 is contained in Appendix C, "Default SpamAssassin Ruleset."

There are a number of rules that incorporate features of SpamAssassin or that make administration easer. One test is called GTUBE. This test forces a message to be considered spam by assigning a high score, in the case of GTUBE, 1000. GTUBE is useful for the administrator when testing a setup. There are also a number of tests associated whitelisting/blacklisting, which implement the whitelisting/blacklisting features of SpamAssassin.

  • + Share This
  • 🔖 Save To Your Account