Spam filter showdown: SpamAssassin vs MagicSpam
Without a high quality spam filter, your mailbox can quite easily become overrun with hundreds of junk emails in a matter of days. As a solution to this we offer both MagicSpam and SpamAssassin as spam filtering modules within Plesk.
Although MagicSpam and SpamAssassin have similar goals they achieve them in largely different ways. SpamAssassin works by checking the content of each inbound email for certain keywords and phrases that are deemed suspicious. Whereas MagicSpam checks that the email was sent using best practice methods and that the sender isn’t listed on any email blacklist (DNSBL) as a known spammer.
When they’re installed and integrated with Plesk both solutions become incredibly easy to manage allowing them to be enabled, disabled and configured with the click of a button!
SpamAssassin
Overview
- Sophisticated scoring filters check each email for suspicious data.
- Requires some training by marking any incorrectly labelled emails as spam / not spam.
- Email header and body analysis.
- Known to be resource intensive on systems with busy email accounts.
On our Cloud VPS range, SpamAssassin is included as standard but disabled by default. It can be enabled and configured very easily from the ‘Spam Filter Settings’ menu found under the ‘Tools and Settings’ tab.
SpamAssassin helps to prevent spam in a number of ways. Possibly its most valued feature is its ability to apply a spam score to an email based on the contents of the email. This is possible as it scans the email header checking the sending IP address for SPF records and DomainKeys authentication and searching the email body for suspicious keywords. The spam score is determined by the amount of suspicious data found in the email.
The threshold/score at which an email is deemed spam is customisable by you. For example, an email that contains some suspicious keywords may receive a spam score of 5.0. If you have your ‘level at which an email is deemed spam’ set to 6.0 then it won’t be marked as spam.
SpamAssassin is known to be fairly resource intensive and can cause resource shortages when enabled on our lower end Cloud VPS plans along with busy sites. In order to combat this Plesk allows you to customise the maximum number of worker processes allowed to run; setting this too low however can cause delays when processing busy mailboxes.
MagicSpam
Overview
- Performs best practice and DNSBL checks against all incoming mail.
- Filters all mail before it is accepted by the mail server.
- Doesn’t provide content filtering.
- Significantly lower resource usage than SpamAssassin.
MagicSpam differs from SpamAssassin as it works at the SMTP level which allows mail to be scanned before it is accepted by your server, which makes it great at preventing backscatter. It locates spam by performing best practice and DNSBL checks against incoming mail, rather than scanning the mail body for keywords as SpamAssassin does which can reduce resource usage on your server compared to not running MagicSpam as your mail server has less mail to process.
The best practice rules will block any mail that doesn’t follow ‘best practice’ mail rules. For example, if an email is sent from an IP address rather than a domain, or from a misconfigured mailserver, it can be blocked as it’s very likely that message is spam.
One of the benefits of MagicSpam, is that it works out of the box without much configuration at all. By default the following best practice rules are configured:
| Best Practice Rule | Status |
|---|---|
| IP Reputation | Always On |
| Block messages from no IP | Enabled |
| Block Mail Servers on Dynamic/Dial-up Addresses | Enabled |
| Perform reverse lookup check | Enabled |
| Block Mail Servers reported as Spam Source | Disabled |
| Confirm Server Identification Resolves (HELO) | Disabled |
| Strict address parsing | Enabled |
| Sending server must identify itself (HELO) | Enabled |
| Valid FROM domain | Disabled |
| Server Identification must be valid (HELO) | Enabled |
These are all completely customisable from within your control panel. MagicSpam also allows you to add specific sender email addresses or server IP addresses to a whitelist, which is useful to allow mail from mail servers that may not follow best practice rules but are known to be safe. Any mail which is not accepted by your server is returned to the sender with a helpful link to explain the reason for the blocked email and if the sender is genuine they can either fix their misconfiguration or contact you via another method.
Conclusion
Both MagicSpam and SpamAssassin are incredible anti-spam solutions in their own ways. Individually they’ll do a great job of preventing the majority of spam from getting to your inbox but they can also be used together to help ensure that no spam at all reaches your inbox.
In terms of resource usage SpamAssassin tends to use more RAM than MagicSpam but, as mentioned above, the number of worker processes can be lowered in order to combat this.
For more information on pricing or to order SpamAssassin or MagicSpam for your VPS contact our billing department.