iXhash.pm is a plugin for SpamAssassin 3.1.0 and up (including 3.2, as far as I can tell). A version compatible with SpamAssassin 3.0 is provided as well.

Basically the plugin provides a network-based test, just as razor2, pyzor and DCC do. Working solely on the body of an email, it removes parts of it and computes a hash value from the rest. These values will then be looked up via DNS using the domains given in the config file(s). You need Net::DNS and Digest::MD5 installed.

Please note that, while this plugin realises some sort of 'fuzzy checksum', the fuzzyness is realised by reducing the body text of an email to its (characteristic) minumum. The MD5 hashing algorithm used is not fuzzy. Accordingly there are no 'confidence levels' or things of that sort. It's hit or no hit.

There are likely to be FPs, especially with relatively short emails. You can somewhat tune the plugin by editing the RE with the code - see comments for that.

For those more deeply interested: This plugin is based on parts of the procmail-based project 'NiX Spam', developed by Bert Ungerer.(un@ix.de) If you can read German, read up at http://www.heise.de/ix/nixspam/. The procmail code producing the hashes only can be found here: ftp://ftp.ix.de/pub/ix/ix_listings/2004/05/checksums


  1. Go to http://ixhash.sf.net and download the current code. Within the archive you find a folder named 'iXhash', there again you find two folders '3.0.x' and '3.1.x'. Unless you still use SpamAssassin 3.0.something go for 3.1.x, which contains the code for current versions of SpamAssassin

  2. Copy 'iXhash.pm' and 'iXhash.cf' somewhere where SpamAssassin can access it - like /etc/mail/spamassassin.

  3. Edit the first line of ixhash.cf (loadplugin) to reflect where ixhash.pm is.
  4. Adjust scores. You might want to decrease the scores given in the .cf file first to see if there are too many FPs. You might even want to do some mass checking...if you do, let me know the results
  5. if you have to use the ixhash.pm version for SpamAssassin 3.0.x, make sure there's no 'ixhash_timeout' line in your *.cf file. This feature is not available with your version

  6. run 'spamassassin -D < /some/mail/message', where '/some/mail/message' is a file containing an email. The copious output (on STDERR) should contain some occurences of 'IXHASH', showing you the plugin is being used.

  7. restart spamd/amavisd/whateverDaemonUsesSpamAssassin

iXhash (last edited 2009-09-20 23:17:01 by localhost)