Security

Tech Tip: Eliminate spam with bogofilter

Learn how to eliminate spam with bogofilter.

A number of antispam products exist with various degrees of success. As spammers become more clever, new programs emerge, and old programs adapt. Many programs use a database of various rules to determine if something is spam, but Bayesian spam filters learn to identify spam based on a number of different algorithms, all of which analyze a message's contents.

One such tool is bogofilter, and it uses a few different methods to determine if a message is spam. Bogofilter is a command-line tool that you can use in conjunction with programs, such as procmail, that already sort and filter mail based on other criteria, such as if a message belongs to a mailing list.

Bogofilter is very easy to use. If you're using procmail, plug it into your .procmailrc file near the top so it analyzes every piece of mail that comes in.

# filter through bogofilter
:0fw
| bogofilter -u -e -p

:0:
* ^X-Bogosity: Yes, tests=bogofilter
spam

This executes bogofilter using the message as standard input. Bogofilter then analyzes the message, adds a header to it, and prints it to standard output for procmail to pass on.

The next rule tests for this header: X-Bogosity. If bogofilter determines that the message is spam, it files it in a mailbox called spam.

Because you need to train bogofilter to recognize spam, you may initially receive some unwanted e-mail in your inbox that it didn't determine as actual spam. You can update the bogofilter database by giving bogofilter the message in question and explicitly labeling it as spam.

For example, if you use mutt as your e-mail client, you may create some new macros that tell bogofilter whether the current message is spam by using the following:

folder-hook . 'macro pager <f8> \
        "|bogofilter -Ns\ns=spam\n" \
        "Relearn a spam and store it to spam folder" '
folder-hook spam 'macro pager <f8> \
        "|bogofilter -Sn\ns=inbox\n" \
        "Relearn good message and store it in inbox" '

This takes the message and provides it as standard input to bogofilter with certain command-line arguments that tell bogofilter to relearn this message as spam (or not spam). The macros may be different, but you can use the commands to do the same with any other e-mail client that lets you execute an external program on the current message.

For more information, check out the bogofilter home page.

Editor's Picks

Free Newsletters, In your Inbox