May 18, 2011

Stop Spam with Bogofilter on Linux

There are two things in life that are assured: taxes and spam. There is little that can be done about taxes. As for spam, you can find a solution. Ideally, ISPs handle this and spam never makes its way to an end user system. This rarely happens, though, so measures must be taken to prevent the deluge from coming.

There are a number of tools available for Linux to prevent spam. One of those tools, Bogofilter, is an incredibly well done system that seamlessly integrates into both Evolution and Claws-Mail. This tutorial will walk you through the process of getting Bogofilter integrated with two of the more popular Linux email clients as well as helping you train Bogofilter for spam and ham.

Installing Bogofilter And Plugins

Some distributions (such as Ubuntu 11.04) will already have Bogofilter installed, by default. If unsure, open up a terminal window and issue the command which bogofilter. If the command returns /usr/bin/bogofilter, congratulations, Bogofilter is installed. If not, time to install.

The easiest method of installation is to open up your Add/Remove Software tool (such as The Ubuntu Software Center or Synaptic) and search for "bogofilter". The results should come back with the Bogofilter application. If so click to install.

Although Evolution includes everything it needs to integrate with Bogofilter, Claws-Mail needs a little help. With the Add/Remove Software tool open, do a search for "claws" (no quotes.) Within the results there should be a package called claws-mail-plugins. This package must be installed in order for Claws-Mail to be able to integrate with Bogofilter.

That should do it for the installation. Now for the configuration of the mail clients.

Evolution Setup

The first step for Evolution is to ensure the Bogofilter plugin is enabled. To do this fire up Evolution and then click Edit > Plugins. When the new window opens, scroll down until the Bogofilter Junk Filter plugin is visible. Make sure that plugin is checked to be enabled. Once enabled, close the Plugin window. Now it's time to configure Evolution to work with Bogofilter.

With Evolution open, click Edit > Preferences and then click on the Junk tab. In this tab (see Figure 1) there are a few settings to take care of. The first configuration is to make sure Evolution is using Bogofilter. In the Default Junk Plugin drop-down select Bogofilter.

Figure 1
Once Bogofilter is slected as the default junk plugin, Evolution will let you know if everything necessary is installed.

With Bogofilter set as the junk filter, it's time to take care of the other options, including:

  • Check incoming messages for junk: This is set by default and must be set to on in order to have Bogofitler check new mail.
  • Delete junk message on exit: If you want the Junk folder emptied upon exit of Evolution, set this. This option can be set to run upon every exit, once per day, once per week, or once per month.
  • Check custom headers for junk: This option allows the user to configure a custom head to be marked as junk. Some ISPs use spam tools that add extra headers to email (Such as X-Spamscore:). More on this in a moment.
  • Do not mark messages as junk if sender is in my address book: This is helpful if you find Bogofilter catching false-positives thereby marking mail as junk that should not be marked as such.

Let's add a custom header to the Bogofilter configuration. This custom header will assume the ISP tags email with the X-Spamscore header and rates the mail with the standard system (0-10). And ISP might have a lower spam score threshold in order to prevent stopping legitimate email from getting into the inboxes of users. Say the ISP rejects at a level 10 and allows all other mail through (with the new X-spamscore header added). If email marked with 7 or higher is consistently spam, custom headers could be added for 7, 8, and 9 to make sure all email with a spam score of 7 or higher be caught by Bogofilter.

To create the headers click the Add button and then create the filter for a spam score of 7 with the following information:

Name: Spam Score 7

Header value contains: X-Spamscore: 7

Now create headers for spam scores of 8 and 9 and it's complete.

Bogofilter Training

I want to address one last issue before I move on to Claws-Mail. This applies to both Evolution and Claws-Mail. Just because the Bogofilter system is set up, don't assume it will star working perfectly, out of the box. Most spam filters must first be trained before they will work. How is this done? Simple: A collection of both ham (good email) and spam (junk email) must be marked as such to begin the training. To this end, I keep a small archive of spam handy that can be used to train a spam filter. A good collection of 100+ spam emails will be great to help begin the training process. But it's not sufficient to simply open up a large folder of spam and mark it as such. The ham must also be marked as such, so the spam filter knows what is legitimate email as well. For this, simply allow email to begin pouring into the email client, make sure everything in the inbox is ham, select the entire contents of the inbox, and mark all emails as ham.

Your spam filter has now had a great first lesson in what is spam and what is ham.

Claws-Mail Bogofilter Setup/Configuration

To configure Claws-Mail for Bogofilter the plugin must be first loaded. To do this click Configuration > Plugins. With the Plugins window open, click the Load button which will open up an file navigator. Located the bogofilter.so, select it, and click Open. The plugin is now loaded and ready for configuration.

To configure Bogofilter on Claws-Mail click Configuration > Preferences and then scroll down to the Plugins section in the left navigation. Select the Bogofilter entry to reveal the configuration options (see Figure 2.)

Figure 2Claws-Mail offers a very different take on the Bogofilter setup.

There are really two main configurations that need changing here:

  • Save spam in: This is the folder that will hold messages tagged as spam.
  • When unsure, move to: This folder will hold messages that Bogofilter is not 100% sure of.

The Unsure option is not necessary. However, I find using this setup ensures you do not lose false-positives to the ether. When messages are sent to the Unsure folder it is just a matter of opening up the folder, selecting the false-positives, and marking them as ham. When doing this, Bogofilter is getting further training and, over time, fewer messages will wind up in the Unsure folder.

Like Evolution, senders in the Address book can be automatically marked as white listed. To add this check the box associated with Whitelist senders found in address book. When selected, either an individual address book can be selected, or any (all) books can be selected.

Don't forget, it is important to help in the training of Bogofilter for Claws-Mail, just like I described above. The more training Bogofilter gets, the more accurate it will be.

Nothing is Perfect

As with anything, nothing is perfect and stopping spam is one of the best examples of that in the world of computers. As much as we try, spam still gets through. But by doing everything we can, the amount of spam that actually makes it through to the inbox is greatly lessened. Follow the processes outlined above and spam will soon become nothing more than an insignificant bother instead of a menace.

Click Here!