I'm sure there are other free ones out there but you need to ask the question, how good are they ? Some of the client based ones are really good (i use SpamFighter at home
) but generally you need to pay to get good server based filtering.
There are two places to stop spam: at the server level and at the client level. Of course, more ideal is the first one, but you must have administrative access to the mail server.
Likewise, there are two ways to distinguish spam: based on available blacklists or based on some intelligent (or not so) detection engine, that probably draws data from a ruleset.
There are many blacklists that you can incorporate to your antispam software, most of them available online (try searching the web for "spam blacklist") and others maintained in a closed fussion from proprietary products.
Smurf mentioned some good commercial solutions for windows environments.
Some of the most powerful antispamming solutions exist for unix-like operating systems and -unlike their windows counterparts- are completelly free. Notice however that they are not plug and play solutions, depending on how well you configure them they can be better than any commercial solution or practically useless.
There are literally hundreds of noteworthy free applications that can assist antispam filtering, many of which you can find at
. According to the Mail Transfer Agent software of the server, there are also some specific solutions (i.e. Sendmail offers many costomizable
There are however two very powerful systems that you should check, Spamassasin and Procmail.
is a system that uses rule-based capabilities and also a learning engine that can be adjusted to learn from messages manually marked as spam. It has a very active development community and there are many precomposed rulesets, most of which are mentioned at the official site.
on the other hand, is a more general application that allows complete flexibility over the processing that will be applied. On top of it there are many higher-level tools available and, of course, following the traditional unix logic, it can be configured to communicate with any other piece of software (including spamassasin)
An other highly recommended method is setting
records in your nameservers, and configuring your mailserver to be aware of SPF records. SPF records are special TXT records that your nameservers return when answered, that define which mailservers are considered legitimate for a domain. If a message is send from a server other than those servers, it should be considered a spam and thus discarded. This way mass message forgery becomes much more difficult.
Everyone should use SPF in their domains, however for the time being not everyone does, and so you probably don't want to configure your mailservers to discard messages from domains with no SPF record. However you can configure them to take advantage of SPF records wherever they do exist
approach/method or tools to stop this activities and how to detect a server that hav an open relay.
Here's a nice
I use for that purpose, there are many more as well as public services (if your mail server is available through the internet). You can find them by making a search at the web. An example of such service: