A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of false positives.
A spam cocktail puts each e-mail message through a series of tests that provides a numeric score showing how likely the message is to be spam. Scores are computed and the message is assigned a probability rating. For example, it may be determined that a message has 85% probability that it is spam. E-mail administrators can create rules that govern how the messages are handled based on their scores; the highest scores may be deleted, medium scores may quarantined, and lower scores may be delivered but marked with a spam warning.
A spam cocktail commonly includes several of the following identification methods, which may be weighted differently for message scoring:
- Machine learning: Implementing sophisticated computer algorithms that improve over time to analyze the subject line and contents of a message and predict the probability that it is spam based on past results. The Bayesian filter is a type of machine learning.
- Blacklisting: Subscribing to a blacklist or blackhole list of known spammers and blocking messages from those sources
- Content filtering: Using programs that look for specific words or criteria in the subject line of body of a message
- Spam signatures: Using programs that compare the patterns in new messages to patterns of known spam
- Heuristics: Using heuristic programs that look for known sources, words or phrases, and transmission or content patterns
- Reverse DNS lookup: Checking whether the IP address matches the domain name from which a message is coming.