[Qmail-scanner-general]A better alternative to spam prevention compared to what I'm using currently?

[Martinez, Michael - CSREES/ISTM]

Currently, the way I prevent spam is three-fold:   I use qmail's "badmailfrom" to block unwanted "From:" addresses I use rules in tcp.smtp (tcpserver) to block ip addresses of hosts that appear to be such things as mass-mailing entities I use qmail-scanner's quarantine-attachments to block unwanted headers (mostly Subject lines)   In each of these cases, the decision to add an entry to be blocked, is made by myself, and comes about as a result of one of my users forwarding me some spam they received and asking me to block it. In such a case, I will do some investigation, look at the email headers, determine where the email came from, and decide upon which of the above three methods I will use.   For example, in some cases, the email obviously comes from some host or domain whose sole purpose is mass marketing, and in this case I will block the whole darn domain using tcp rules.   In other cases, the email is a "virus" type of email that gets sent by a legitimate host, such as a university. I cannot block their ip address because I don't want to block legitimate emails. So, if possible I will block the "Subject" line using quarantine-attachments, if indeed the subject line is classifiable as pernicious, lewd, or something of that nature.   In other cases, the spam comes from someone who is using a legitimate domain (eg. Hotmail.com) and who does not appear to be spoofing his "from" or envelope sender line. In this case, I will block the [EMAIL PROTECTED] using qmail's "badmailfrom."   The above method works pretty well. But I cannot compare because I don't have experience with any other spam-blocking methods.   So, I was wondering, could someone provide a brief explanation of how one of these other methods differs, and why something like spamassassin would be better?   Thanks,   Michael Martinez