Bayesian Filtering
Machine learning-based spam detection
SPF/DKIM/DMARC
Complete email authentication suite
RBL/DNSBL
Realtime blackhole list checking
Greylisting
Temporary rejection for unknown senders
Custom Filters
Extensible with custom spam checkers
Statistics
Detailed metrics and reporting
Quick Start
Basic Anti-Spam Setup
using Zetian.Server;
using Zetian.AntiSpam.Extensions;
// Create SMTP server
var server = new SmtpServerBuilder()
.Port(25)
.ServerName("My SMTP Server")
.Build();
// Add anti-spam with default settings
server.AddAntiSpam();
await server.StartAsync();Custom Configuration
// Configure anti-spam features
server.AddAntiSpam(builder => builder
.EnableSpf(failScore: 50)
.EnableRbl("zen.spamhaus.org", "bl.spamcop.net")
.EnableBayesian(spamThreshold: 0.85)
.EnableGreylisting(initialDelay: TimeSpan.FromMinutes(5))
.WithOptions(options =>
{
options.RejectThreshold = 60;
options.TempFailThreshold = 40;
options.RunChecksInParallel = true;
}));Lenient Protection
// For trusted environments
server.AddAntiSpam(builder =>
builder.UseLenient());Aggressive Protection
// Maximum spam protection
server.AddAntiSpam(builder =>
builder.UseAggressive());Email Authentication (SPF, DKIM, DMARC)
SPF (Sender Policy Framework)
Verifies that the sending server is authorized to send email for the domain:
// Add SPF checking
server.AddSpfCheck(failScore: 50);SPF Results & Scores
Pass0 points
None5 points
Neutral10 points
SoftFail30 points
Fail50 points
DKIM (DomainKeys Identified Mail)
Verifies email authenticity using digital signatures:
// Add DKIM checking with strict mode
server.AddDkimCheck(
failScore: 40,
strictMode: true // Require all essential headers to be signed
);DMARC (Domain-based Message Authentication)
Enforces policies based on SPF and DKIM results:
// Add DMARC checking with policy enforcement
server.AddDmarcCheck(
failScore: 70, // Score for reject policy
quarantineScore: 50, // Score for quarantine policy
enforcePolicy: true // Enforce DMARC policies
);Complete Email Authentication
// Add all three authentication methods in one call
server.AddEmailAuthentication(
strictMode: true, // Strict DKIM validation
enforcePolicy: true // Enforce DMARC policies
);RBL/DNSBL Checking
// Add RBL checking with popular lists
server.AddRblCheck(
"zen.spamhaus.org", // Spamhaus ZEN
"bl.spamcop.net", // SpamCop
"b.barracudacentral.org" // Barracuda
);Bayesian Filtering
Machine Learning Spam Detection
// Option 1: Add Bayesian to server
server.AddBayesianFilter(spamThreshold: 0.9);
// Option 2: Work with Bayesian directly for training
var bayesianFilter = new BayesianSpamFilter(spamThreshold: 0.9);
await bayesianFilter.TrainSpamAsync("spam content");
await bayesianFilter.TrainHamAsync("legitimate content");
// Then add trained filter to server
server.AddSpamChecker(bayesianFilter);Training the Filter
// Create and train Bayesian filter
var bayesianFilter = new BayesianSpamFilter();
// Load training data from files
var spamEmails = Directory.GetFiles("spam/", "*.eml")
.Select(File.ReadAllText);
var hamEmails = Directory.GetFiles("ham/", "*.eml")
.Select(File.ReadAllText);
// Train the filter
foreach (var spam in spamEmails)
{
await bayesianFilter.TrainSpamAsync(spam);
}
foreach (var ham in hamEmails)
{
await bayesianFilter.TrainHamAsync(ham);
}
// Add trained filter to server
server.AddSpamChecker(bayesianFilter);Greylisting
// Add greylisting
server.AddGreylisting(initialDelay: TimeSpan.FromMinutes(5));
// With domain whitelisting
var greylistingChecker = new GreylistingChecker(
initialDelay: TimeSpan.FromMinutes(5));
greylistingChecker.Whitelist("trusted.com");
server.AddSpamChecker(greylistingChecker);How It Works
- 1. First email attempt is temporarily rejected
- 2. Legitimate servers retry after a delay
- 3. Retry is accepted and sender is whitelisted
- 4. Spam bots rarely retry, filtering them out
Custom Spam Checker
using Zetian.AntiSpam.Abstractions;
public class CustomSpamChecker : ISpamChecker
{
public string Name => "Custom";
public bool IsEnabled { get; set; } = true;
public async Task<SpamCheckResult> CheckAsync(
ISmtpMessage message,
ISmtpSession session,
CancellationToken cancellationToken)
{
// Custom logic here
if (IsSpam(message))
{
return SpamCheckResult.Spam(75, "Custom rule triggered");
}
return SpamCheckResult.Clean(0);
}
private bool IsSpam(ISmtpMessage message)
{
// Check for suspicious patterns
var subject = message.Subject?.ToLower() ?? "";
// Example: Check for common spam keywords
var spamKeywords = new[] { "viagra", "lottery", "winner", "prize" };
if (spamKeywords.Any(keyword => subject.Contains(keyword)))
return true;
// Example: Check for excessive caps
if (subject.Count(char.IsUpper) > subject.Length * 0.8)
return true;
return false;
}
}
// Add custom checker
server.AddSpamChecker(new CustomSpamChecker());Score Interpretation
| Score | Action | Description |
|---|---|---|
| 0-30 | Accept | Clean message |
| 30-50 | Accept with caution | Possible spam |
| 50-70 | Greylist/Temp Reject | Likely spam |
| 70-90 | Reject | High confidence spam |
| 90-100 | Hard Reject | Definite spam |
Best Practices
- Start with lenient settings and adjust
- Train Bayesian filters with balanced data
- Whitelist trusted partners
- Monitor block rates regularly
- Combine multiple detection methods
- Keep RBL lists updated