Disclaimer
Custom or third-party plugins described here are not part of the official SpamAssassin distribution. They may have a different license and are not from the Apache Software Foundation.
Custom Plugins
Please add links to third-party SA plugins here. Note that only SpamAssassin 3.0.0 or later can use these. To use these, just place the file(s) in /etc/mail/spamassassin (if you use spamd, be sure to restart); SpamAssassin will need at least 1 rule file (ending in .cf) to load the plugin, and that will typically use a loadplugin line to load a .pm file containing the plugin's perl code.
FYI: The .pm file can be kept in /etc/mail/spamassassin, too.
Before running these plugins please do the following:
Read any extra info available with the plugins, including the comments in the .cf files, or the POD documentation in the .pm file.
Check to make sure that the default scores fit your installation. You might want to modify scores.
Make sure to --lint the rules after loading them.
Test the new plugin. Keep an eye on hits from the new rules to determine if the scoring is right for you.
Use at your own risk.
Status Information
Active: Plugin is actively updated and maintained
Locked: Plugin is not actively updated, but is fine to run and considered "stable"
Defunct: Plugin is no longer maintained, may be out of date or have problems
Please respect the wishes of the authors and/or the site hosts.
The Plugins
Cloudmark Authority
8 different fingerprinting algorithms for spam, phishing, and virus. Authority offers significant performance and accuracy improvements with automatic rules and configuration updates every minute. Brought to you by the makers of Razor.
Created by: Cloudmark
Contact: satrial -at- cloudmark -dot- com
License Type: Commercial annual subscription
Status: active
Available at: ![[WWW]](/wiki/modern/img/moin-www.png){kind=small}
http://www.cloudmark.com/spamassassin
Note: Razor plug-in with local signature cache
PDFassassin
A plugin which scans PDF attachments, exports text from PDF files and uses OCR to extract image spam embeded in PDF files. Helpful to catch Spam messages been sent as PDF files, uses the gocr and pdftotext utilities as a dependency
Created by: Ben Duncan
Contact: info -at- calacode -dot- com
License Type: Same as SpamAssassin
Status: active
Available at: http://blog.atmail.com/?p=61
Note: First release, proof of concept
DumpText
A demo plugin that simply dumps the rendered text to stderr.
Created by: Justin Mason
Contact: jm -at- jmason -dot- org
License Type: public domain (it's tiny!)
Status: active
Available at: DumpTextPlugin
ClamAV
This plugin submits the entire email to a locally running Clam AntiVirus server for virus detection.
Created by: Troels Walsted Hansen
Contact: troels -at- thule -dot- no
License Type: Public Domain
Status: Active
Available at: ClamAVPlugin
Note: Requires the File::Scan::ClamAV perl module.
WrongMX
A plugin that determines if an email was sent to a lower preference MX when a higher preference MX was probably available.
Created by: Daryl C. W. O'Shea
Contact: spamassassin -at- dostech -dot- ca
License Type: public domain
Status: active
Available at: WrongMXPlugin
AuthzUser
A example plugin using the services_allowed_for_username hook (available in 3.1 dev tree) that determines if a username is authorized to use a particular service.
Created by: Michael Parker
Contact: parkerm -at- pobox -dot- com
License Type: public domain
Status: active
Available at: AuthzUserPlugin
ReplaceTags
A plugin to create character classes, which can be used in your rules to increases the chance of matching.
Created by: Felix Bauer
Contact: dev - at - doph -dot- com
License Type: Public Domain
Status: active
Available at: ReplaceTags
Note: Please read the POD
PublicCheckTo
A plugin that tests for email sent to public addresses, (such as mailing lists) it can optionally allow "If the email is to this address, its probably spam UNLESS it is a reply." It does this by checking the In-Reply-To header against known message IDs.
Created by: Jamie Hoglund
Contact: http://www.geniegate.com/contact.php
License Type: Free
Status: beta
Available at: http://geniegate.com/other/spamref/index.php
Note: For the In-Reply-To to work, it needs a storage implementation. (Included are SQL and flat file)
CustomLearner
This plugin implements a different bayes learning algorithm: every message marked as spam is learned as spam and every other message is learned as ham.
Please read the source and http://bugzilla.spamassassin.org/show_bug.cgi?id=2094 for details.
Created by: Nikolaus Rath
Contact: ![[MAILTO]](/wiki/modern/img/moin-email.png){kind=small}
Nikolaus@rath.org
License Type: Same as SpamAssassin itself
Status: Quick hack
Available at: http://bugzilla.spamassassin.org/show_bug.cgi?id=2094
Note: This plugin should really use the new plugin interface. I intend to implement it as soon as SA 3.1.0 is ready.
!UIUC
Mail::SpamAssassin::UIUC is a project to connecting the CITES Spam Control (CSC) project, which runs on all mails sent to @uiuc.edu addreses (plus internal CITES mail servers like express.cites.uiuc.edu), and SpamAssassin, which is used at many smaller sites for all incoming mail. The goals were to a) make sure that the work from CITES' servers is not removed by SpamAssassin and b) hopefully use the information received from those servers as well.
Created by: Tim Skirvin
Contact: tskirvin@ks.uiuc.edu
License Type: Same as SpamAssassin
Status: It works, and will probably be maintained to match the campus setup.
Available at: http://www.ks.uiuc.edu/Development/MDTools/spamassassin-uiuc/
Note: This distribution is actually released as a full patch to SpamAssassin, for ease of use by the UIUC community. More information on modified files is available at the main website.
Mail::SpamAssassin::Plugin::LDAPfilter
Mail::SpamAssassin::Plugin::LDAPfilter provides LDAP-based blacklist and whitelist filtering capabilities to SpamAssassin 3.x installs. Specific resources from the SMTP session and the RFC822 message are parsed out and searches are submitted to an LDAP server, with the resultant attribute values being assigned individual score values.
Created by: Eric A. Hall
Contact: ehall@ntrg.com
License Type: Same as SpamAssassin
Status: currently stable and also undergoing ongoing development
Available at: http://www.ntrg.com/misc/ldapfilter/
Note: see http://www.ntrg.com/misc/ldapfilter/ldapfilter.html first
Mail::SpamAssassin::Plugin::iXhash
Mail::SpamAssassin::Plugin::iXhash is based on the procmail-based project 'NiXSpam', created and maintained by Bert Ungerer, editor with the German IT-magazin 'iX' ( http://www.heise.de/ix/). Basically redundant information is removed from the body of a mail, then a MD5 hash is computed from the rest and compared to a given database of known spam. The actual comparison is realised via DNS. See code for more info. Read up at http://www.heise.de/ix/nixspam/ for even more. .
Created by: Dirk Bonengel
Contact: dirk.bonengel@login-solutions.de
License Type: Same as SpamAssassin
Status: works-for-me-but-needs-more-perl-know-how release
Available at: iXhash
Note: Please read the POD too
URICountry
This plugin provides meta data for scoring URIs based on the country in which they are hosted enabling easy creation of rules for any country
Created by: Derek Harding
Contact: derek_sa -at- atuin -dot- net
License Type: Same as SpamAssassin
Status: active
Available at: URICountryPlugin
SAGrey
SAGrey is two-phased, in that it first looks to see if the current score of the current message exceeds the user-defined threshold value (as set in one of the cf files), and then looks to see if the message sender's email and IP address tuple are already known to the auto-whitelist (AWL) repository. If the message is spam and the sender is unknown, SAGrey assumes that this is one-time spam from a throwaway or zombie account, and fires accordingly.
Created by: Eric A. Hall
License Type: Same as SpamAssassin
Status: seemingly-functional initial release; ongoing development
Available at: http://www.ntrg.com/misc/sagrey/
POPAuth
Utilizes an access.db style hash file to extend the SpamAssassin trusted_networks to 'POPAuth' or 'POP-before-SMTP' hosts by dynamically adding and removing the hosts or networks found in the specified database to SpamAssassin's trusted_networks configuration.
Created by: Daryl C. W. O'Shea
Contact: spamassassin -at- dostech -dot- ca
License Type: Apache License, Version 2.0
Status: active
Available at: POPAuthPlugin
CustomDeleteTag
This SpamAssassin plugin module allows users to specify a value that will be added to the message header, for all messages, specifying what value/score it is safe to delete the message. Obviously, you need some other process that looks at this header and performs the action, since SpamAssassin only filters and does not delete.
Created by: Michael Parker
Contact: parkerm -at- pobox -dot- com
License Type: Apache License, Version 2.0
Status: active
Available at: CustomDeleteTag
Persistent Database Plugin
This plugin module provides persistent database connections. It uses the DBI interface in much the same way that Apache::DBI does, in fact a large portion of the inspiration comes from that module.
To use, all you need to do is load the plugin module, via loadplugin, and it will automatically step in and handle your database connections.
Requires SpamAssassin 3.1+
Created by: Michael Parker
Contact: parkerm -at- pobox -dot- com
License Type: Artistic License
Status: active
Available at: DBIPlugin
WebRedirect
Fetches web pages linked to in messages and provides their contents in a pseudo-header that can be used in custom header rules.
Two eval tests are also provided to report links that return an HTTP status of either 403 (Forbidden) or 404 (Not Found).
Limited decoding of data contained in pages is also attempted. The decoded data is provided in an additional pseudo-header that is made available to custom header rules.
Created by: Daryl C. W. O'Shea
Contact: spamassassin -at- dostech -dot- ca
License Type: Apache License, Version 2.0
Status: active
Available at: WebRedirectPlugin
Stats Plugin
Keeps real-time statistics inside of a MySQL database. Statistics are rotated on a daily basis and contain user totals for that day; including total ham, spam, and messages processed. A "$TOTALS" field provides the complete summary of messages processed by the system for the day.
Created by: James Keating
Contact: jamesk -at- okeating -dot- net
License Type: Apache License, Version 2.0
Status: active
Available at: StatsPlugin
OCR Plugin
Checks for specific keywords in image/gif attachments, using gocr. This can be used to detect spam that puts all the real contect in an attached image, accompanied with random text and html (no URL's, etc).
Created by: Maarten de Boer
Contact: mdeboer -at- iua -dot- upf -dot- edu
License Type: Same as SpamAssassin
Status: active
Available at: OcrPlugin
Note: this is my first SA plugin, so any feedback is welcome. Please test and send reports.
OCR scanner and image validator SA-plugin
Checks for specific keywords in gif/jpg/png attachments, using gocr. This can be used to detect spam that puts all the real contect in an attached image, accompanied with random text and html (no URL's, etc). There are also various rules to validate attached images and detect forged content types or broken images. This plugin needs SpamAssassin 3.1.1 or later. The version 2.0 is able to defeat recent gif animations which use gif tricks to avoid OCR.
Created by: Martin Blapp
Contact: mb -at- imp -dot- ch
License Type: BSD
Status: active
Available at: http://antispam.imp.ch/patches/ocrtext-3.2.tgz
Note: Feedback and new sample images are welcome. Please test and send reports.
Fuzzy OCR Plugin
Derived from OcrPlugin (see above), but has many feature enhancements, including an approximate matching algorithm to compensate recognition errors and obfuscation, support for broken gifs, jpeg and png, dynamic scoring, automatic content-type independant format detection and many more.
Created by: Christian Holler
Contact: decoder_at_own-hero_dot_net
License Type: Same as SpamAssassin
Status: active
Available at: FuzzyOcrPlugin
Note: Feedback and new sample images are welcome. Please test and send reports.
DSPAM
When using dspam in conjuction with SpamAssassin and amavisd-new, amavisd-new automatically has dspam calculate the probabability of a message being HAM/SPAM and then insert headers. If you have SA installed, the dspam information goes to waste. That is unless you take advantage of this plugin.
Created by: Eric Lubow
Contact: eric -at- lubow -dot- org
License Type: Same as SpamAssassin
Status: active
Available at: http://eric.lubow.org/projects/index.cgi?project=dspam
Note: Using dspam's results, this module adds a tag/token to the message that SA picks up and based on the score you assign it in the ruleset configuration file, it adds/subtracts that score. Read the homepage link for more information.
Relayed By Dialup
This plugin tries to find out if the delivering host has its IP coded in the DNS-record. it doesn't lookup the IPs itself, but takes the data from the Received-Headers.
Created by: Lars Uffmann, converted to a Module: Cord Beermann
Contact: lu -at- cachescrubber.org, cord@Wunder-Nett.org
License Type: same as Spamassassin
Status: active
Available at: RelayedByDialup
Sample Results: on my setup hits of this test are 97% spam, the rest is ham
Addressbook
This provides a way to automatically give a negative score to all addresses in an addressbook, which may be updated dynamically. It's not the same as whitelisting all addresses because spammers may know about some of them, so we don't want to whitelist, only give a small negative score. It's not the same as autowhitelist (AWL), which is an unlabeled learner, i.e. it just smooths scores per sender over time, but doesn't help senders who have consistently high scores.
Created by: Karl Chen
Contact: < quarl@nospam.quarl.org>
License Type: Public domain
Status: active
Available at: http://svn.cubewano.org/repos/spamassassin-addons/trunk/plugins/addressbook.pm
Mail::SpamAssassin::Plugin::OpenPGP
Validates OpenPGP-signed emails; requires Mail::GPG
Created by: Dave Brondsema
Contact: konfidi-devel -at- lists.sourceforge.net
License Type: Apache License, Version 2.0
Status: Active
Available at: http://search.cpan.org/perldoc?Mail::SpamAssassin::Plugin::OpenPGP
SVN: http://konfidi.org/wiki/SVN/ (in clients/spamassassin-openpgp/trunk)
crm114
Plugin to use CRM114
Created by: MartinSchuette
Contact: info -at- mschuette.name
License Type: Apache License, Version 2.0
Status: Active
Available at: http://mschuette.name/files/crm114.pm and http://mschuette.name/files/crm114.cf
Bayes OCR Plugin
Bayes OCR Plugin performs a Bayesian content analysis of the OCR extracted text to help Spamassassin catch spam messages with attached images.
Created by: PRA Group, DIEE, University of Cagliari (Italy)
Contact: see Bayes OCR Plugin - Project page
License Type: Apache License, Version 2.0
Status: Active (beta test)
Available at: Bayes OCR Plugin - Project page
Note: (Please remind Bayes OCR Plugin is still beta!)
sa2dnsbl
If you want to build your own rbldns System and reuse the Filtering results of Spamassassin this package could be the sollution. It is a UDP based client-server application which reports all spamming IP's to one Server. A worker thread (cronjob) creates the IP list to block. This sollution take use of the rbldns server included in the djbdns distribution.
The package includes three components. The sa2dnsblc Plugin for Spamassassin, the sa2dnsbld Server and finally the sa2dnsblw Worker. Installation instructions are included in sa2dnsbld.pl
Created by: Frank Blechschmitt, FBIS
Contact: http://www.fbis.ch
License Type: Apache License, Version 2.0
Status: Active
Available at: http://www.fbis.ch/download.php?id=17
Log Scanned Messages
This plugin will write a copy of every mail scanned to the C</tmp/spamassassin_scanned_msgs> directory (creating that dir if it doesn't already exist). This may be very useful when attempting to debug certain error conditions that only manifest with certain input messages.
Created by: Justin Mason
Contact: http://jmason.org
License Type: Apache License, Version 2.0
Status: Active
Available at: http://taint.org/x/2007/LogScannedMessages.pm
Mail::SpamAssassin::Plugin::Konfidi
For authenticated messages, queries the Konfidi ( http://konfidi.org) trust network for a computed inferred trust value of the sender.
Note: as of Jan '08 only Mail::SpamAssassin::Plugin::OpenPGP is supported for auth; SPF and DKIM are planned. Created by: Dave Brondsema
Contact: konfidi-devel -at- lists.sourceforge.net
License Type: Apache License, Version 2.0
Status: Active
Available at: http://search.cpan.org/perldoc?Mail::SpamAssassin::Plugin::Konfidi
SVN: http://konfidi.org/wiki/SVN/ (in clients/spamassassin/trunk)
Freemail
Checks if message is sent from a "freemail" account. Also checks a specific spam sign, if a message has Reply-To or email mentioned in body pointing to a different freemail account.
Created by: Henrik Krohns
Contact: sa -at- hege.li
License Type: WTFPL
Status: Active
Available at: http://sa.hege.li/FreeMail.pm
Format for new entries
Suggested format (a la CustomRulesets format):
name-of-plugin
(brief description goes here)
Created by: (name)
Contact: (contact addr)
License Type: (license)
Status: (status)
Available at: (url)
Mirror: (if applicable)
Note: (any extra notes)
Sample Results: (mass-check results if available)