IT journalists receive more mail about spam than almost any other subject. Having been on the receiving end of an extremely disruptive spam-storm recently, I can understand why.

The question is, how on earth do spammers get hold of our email addresses? For example, I registered two domains with a company about five years ago. At the time I also paid a service provider to forward emails addressed to a particular user at each domain to other email accounts.

A couple of years later, I began running the DNS and mail servers for one of the domains myself, and left the other with the original service provider.

I used a basic Sendmail configuration to do this forwarding, so there was no antivirus or spam filtering on my systems. However, I didn't receive spam because incorrectly addressed messages were dropped by my mail servers.

Needless to say, both email forwarding systems worked very well for some time, and until recently I hadn't received spam via either account. Then one day in July bucketloads of spam started to appear in one of the accounts.

All this spam was addressed to a small number of non-existent users. The spam was coming via the domain that was hosted by the service provider. It seems that the configuration of the service provider's mail server had changed and now all messages addressed to the domain were being routed to my personal mailbox.

A temporary solution was to host both domains on my own servers. However, in the interim, one of my mail accounts was down for several weeks, and although the spam messages were originally addressed to bogus users such as "sales" and "admin", they soon began using my real user-name. Consequently I have now installed an open-source spam filtering tool called ASSP. Unlike open-source projects such as Apache or Sendmail, which have earned their place as best-of-breed applications, ASSP is still a fledgling project with only a few hundred users.

ASSP works as a proxy mail server implemented using the Perl scripting language, so it works with just about any operating system and email server I can think of.

The tool includes the facility to download several popular lists of known spam servers. It also features whitelists, for originators that you know don't send spam; and a spam address list for those bogus accounts that spammers like to use.

ASSP also includes Bayesian filtering, which gradually learns about the content of your messages and so becomes increasingly effective at filtering out the bad stuff. This last feature sounds the most interesting, but depending on the volume of messages it can take a few days to become familiar with the nature of the mail you receive. Yet even after handling one day's traffic for me, ASSP dropped 174 messages because they were addressed to bogus users, 60 because they fell foul of the Bayesian filter, and 12 because they originated from a blacklisted mail server. During the same period it correctly forwarded 20 non-spam messages to their destination.

As is often the case, it's refreshing to see how effective open-source tools can be. The story also serves as a reminder of how small changes to third-parties' server configurations can wreak havoc with otherwise stable applications.

Have your say: reply to IT Week