Thursday 31st of July 2014
::

Dspam - Community Driven Antispam Filter

 

DSPAM is a scalable and open-source content-based spam filter designed for multi-user enterprise systems. On a properly configured system, many users experience results between 99.5% - 99.95%, or one error for every 200 to 2000 messages. DSPAM supports many different MTAs and can also be deployed as a stand-alone SMTP appliance. For developers, the DSPAM core engine (libdspam) can be easily incorporated directly into applications for drop-in filtering

DSPAM has been implemented on many large and small scale systems with the largest being reported at about 350,000 mailboxes.

DSPAM is an adaptive filter which means it is capable of learning and adapting to each user's email. Instead of working off of a list of "rules" to identify spam, DSPAM's probabilistic engine examines the content of each message and learns what type of content the user deems as spam (or nonspam). This approach to machine-learning provides much higher levels of accuracy than commercial "hodge-podge" solutions, and with minimal resources. DSPAM's best recorded levels of accuracy have included 99.991% by one avid user (2 errors in 22,786) and 99.987% by the author (1 error in 7000), which could be ten times more accurate than a human being!

Features

 
  • System-wide administratively-maintenance free filtering. The DSPAM agent can integrate into just about any network and can even be implemented as an SMTP gateway.
  • A simple-to-use learning mechanism. DSPAM allows users to simply forward their spam to their "spam email address" for learning, eliminating any learning curve necessary to make it usable by your customers. The information used in every calculation is temporarily stored on the server, enabling DSPAM to relearn the original message by looking for a small signature in the forwarded spam. As a result, users don't have to be trained to 'bounce' messages around, and administrators don't have to worry about incompatible mail clients.
  • Support for a variety of storage implementations. DSPAM's storage driver API allows the administrator to choose how they wish to store data. Currently supported drivers include SQLite, MySQL, PostgreSQL, and a self-contained high-speed hash driver.
  • Written in C for speed, performance, and scalability. Unlike Python or PERL solutions, DSPAM is written in a low-level compiled language, meaning there is very little overhead. DSPAM runs fast, efficient, and doesn't depend on any third-party language interpreters.
  • MTA support. DSPAM works great with Sendmail, Postfix, Qmail, Courier, and Exim, and should work well with many other MTAs. In the event you happen to run something like Exchange, DSPAM can be implemented on your network as an SMTP gateway. Just point your MX at it and configure it to relay to your mail server.

Dspam History

 

Dspam was originally invented by Jonathan Zdziarski roughly between 2003 to May 2007. In May 2007 Jonathan allowed the rights of the dspam to be acquired by Sensory Networks. In December 2008 Dspam was forked as dspam-community and hosted on Sourceforge (this fork has now been closed). In Early Jan 2009 Sensory Networks announced that they could no longer support the project an offered the project to the dspam-community project. On the 12th Jan 2009 Sensory Networks granted the rights to dspam to the community project. This includes:

  • Dspam trademark and logo
  • All copyright upto and including 3.8.0
  • All copyright and content of the nuclearelephant.com site
  • CVS data repository
We kindly thank Mick Johnson (Jam-Code) for all his work on dspam whilst at Sensory Networks and for arranging the handover of dspam to the community. Dspam-community will always be opensource.

2009-2011 The DSPAM Project