2

I just set up a Postfix/Procmail/SpamAssassin server but I am not convinced that it is really doing much filtering. I have gotten it to recognize the SpamAssassin special Spam code that produces a really high spam metric, but I've also tried sending it sketchy emails with lots of words like "Nigeria" and "viagra cialis" in the body to no avail. Even an email with no subject and no body seems to get through. Clearly either my tactics are not sufficient to raise SpamAssassin's attention or the service is not working.

Is there any way I can send realistic Spam to my server WITHOUT actually trying to sign up for sketchy websites that will send me real Spam? I would like to do it in a controlled way, not by signing up for "free ipad" or anything of the like.

Edit: I've already used the GTUBE with success - it triggered a spam score slightly > 1000. I'm looking to see "real world efficacy" or as close to it as possible w/o compromising security or creating massive headaches.

tacos_tacos_tacos
  • 3,250
  • 18
  • 63
  • 100
  • Remember, a lot of spam filtering is based on things like blacklists an IP is on, SPF records, etc. You won't get a real-world result without real-world spam. – ceejayoz Apr 19 '12 at 21:04
  • @ceejayoz I am familiar with setting up SPF records but I thought IP blacklists had gone out of style in this regard, given the nature of dynamic IP assignment and the fact that some public networks today in developing countries are behind NAT even... And I am interested in the packet inspection that SA offers... – tacos_tacos_tacos Apr 19 '12 at 21:06
  • 1
    IP blacklists are far from out of style. – Wesley Apr 19 '12 at 21:15
  • Dynamic IP addresses belong on blacklists, as they are not suitable for mail servers. Dynamic addresses generally don't have the appropriate rDNS records. They are also the source of most of the spam I block. On most server, the majority of delivery attempts will be Spam. – BillThor Apr 20 '12 at 00:38

1 Answers1

5

Use the GTUBE.

The GTUBE (Generic Test for Unsolicited Bulk Email) is a 68-byte test string used to test anti-spam systems, in particular those based on SpamAssassin. In SpamAssassin, it carries an antispam score of 1000 by default, which would be sufficient to trigger any installation.

I'd replicate the string here, but... well, I'd rather not.

It's basically the email SPAM version of the EICAR Test File that is used to test anti-virus systems without actually using live viruses.

EDIT

Since you've already done that, you could try using http://emailsecuritycheck.net/ that offers a free service to send you some spam-like messages as a way to test your system.

In the end, I think your easiest way is to simply create a sample / test mailbox on your domain and then scatter the email address in comments on guestbooks here and there. Another option is to go find examples of the latest spam scams and then copy/paste the text and send it to yourself from another domain.

In short, there is no service that I've ever heard of that will send you spam intentionally with the intent to test a spam filter. The liability is probably far too high.

Community
  • 1
Wesley
  • 32,690
  • 9
  • 82
  • 117
  • Yes, I did that, I referred to this in my question incorrectly as "the SpamAssassin special code" and it worked (triggered a super high SPAM score). However, I would like to see the effectiveness for actual SPAM so I can compare to my existing service (OnlyMyEmail) and see if it is comparable. – tacos_tacos_tacos Apr 19 '12 at 21:02
  • @jshin47 Ahh, okay. I updated my answer. – Wesley Apr 19 '12 at 21:15