Book review: Slamming Spam

• By Mike Gunderloy
• January 17, 2005

Slamming Spam
by Rpbert Haskins and Dale Nielsen
Addison-Wesley, 2005
396 pages, $44.99
ISBN 0-13-146716-6

The subtitle "A Guide for System Administrators" might suggest that this is not a book for developers. That might be so in a perfect world, but in this world, I know a lot of developers who run their own mail servers. If you're responsible for handling e-mail for yourself or others, you can almost certainly benefit from reading this book.

The authors don't waste any space discussing the magnitude of the spam problem or the estimates of lost productivity and wasted bandwidth. Instead, they go right into discussing the various anti-spam techniques that are implemented in software. This section of the book is excellent, and if you haven't kept up with the field you'll learn things here.

The bulk of the book is concerned with installing and configuring various solutions. The packages covered include procmail, SpamAssassin, Razor, and so on. They also discuss configuring the built-in anti-spam featrues of Sendmail, Postfix, and qmail.

There's an excellent section on both the theory and practice of Bayesian filtering. If you want to, you can understand the math behind this quite effective means of killing spam, or you can just jump to how to set it up on your server. As with the other configuration sections, this chapter is detailed, offering plenty of advice to get the administrator through the process.

Filtering in e-mail clients gets a chapter, and Exchange and Domino get one chapter each. The latter two are probably the weakest in the book; the authors are obviously open-source users, and though they get the highlights for the closed-source products, they miss some of the depth. Their discussion of add-ons for Exchange, for example, barely scratches the surface of what's on the market (and their list of Outlook add-ins skips the popular SpamBayes). They suggest that those running one of these servers put up a gateway server using an open-source MTA and then refer to the rest of the book, but this may be a hard sell with many organizations trying to reduce box count these days.

The book closes with a chapter on sender verification and then a number of useful appendixes, including a good guide to Sender Policy Framework (SPF) and a guide on reading e-mail headers and reporting spam. Overall, if you're the one tasked with fighting spam in your own organization, this is one you'll want to have on the shelf. If you want to see the style and depth of the writing, you can also check out the sample chapter on the book's companion Web site.