How Do Spam Filters Work

They are a useful tool for people who use email on a daily basis, as they can quickly sort through irrelevant messages. For their optimum utilization, it is important to have a basic understanding of how these programs work. Improper settings of a spam filter can result in the inbox flooded with junk mails.

By using it, the users can see all the emails that were filtered and can mark them as 'not spam', if they consider them as useful and want to retain them. Most email service providers are configured to have inbuilt spam filters.

Depending upon their functionality and uses, they are classified into different types. Some of them are as follows.

• User defined filters
• Header filters
• Language filters
• Content filters
• Permission filters

Spam filters follow a point system which enables them to filter out unnecessary emails. They generally tag mails as spam, if certain words or phrases that are most common are found in the content.

Generally, spammers try to make their mails appear attractive by tagging them as 'exciting news' or with the use of different word combinations. However, this makes the spam mails predictable and recognizable, and because of that, filters can look for certain regular keywords and phrases which are often repeated.

Some of the most common words used are 'millionaire', 'Viagra' and 'sex'. Phrases that urge the users with tempting prizes are also flagged. Content with excessive exclamation marks, loud words (all caps), etc., can turn an email into spam.

Besides the keyword search, these programs follow three more tests to ensure the authenticity and reliability of emails.

• Format of the Mail: The spam filters check the format and design of the mail to ensure that there are no excessive external links or hidden text. This enables them to make a choice between a normal mail and a spam.

• Black Lists: The filters utilize black lists which are a collection of IP addresses and domain names that have sent out spam in the past. Spam filters check the sender of the email and look out to see if his domain or mail server's IP address is on a black list. If found, the email is refused or put into the spam folder.

• Scanning the Attachments: It is important for the filters to check the files which are attached to the email. This enables them to catch viruses and spyware before they get into the receiver's system.

The points allotted to all these tests add up to a certain number, which in turn is considered for tagging the email as spam. Suppose a spam filter comes across an email sent by an IP address which is not in the black list, then the points are calculated based on all the tests.

If the attachment with the email is not too big or too small, it is given 1 point and in case the formatting looks bad, another 2 points are given. As the sender's IP address is not present in the black list, zero points are given for this test. The total comes out to be 3 points.

Now, if the spam filter is configured to block things that add up to 6 points or more, the mail goes into the inbox. But, in case it is allowed to block things which get 3 or more points, the mail gets filtered.

Spam filters block all the emails that do not come from an approved source or show properties of regular spam. However, no software is ever perfect, as spammers keep on coming up with new ideas trying to find ways to target a customer's inbox.