Check out its feature on how it works.

–> There are several ways that SpamAssassin makes up its mind about a
message:
–> The message headers can be checked for consistency and adherence to
Internet standards (e.g., is the date formatted properly?).
–> The headers and body can be checked for phrases or message elements
commonly found in spam (e.g., “MAKE MONEY FAST” or instructions on how to be
removed from future mailings)-in several languages.
–> The headers and body can be looked up in several online databases that
track message checksums of verified spam messages.
–> The sending system’s IP address can be looked up in several online lists
of sites that have been used by spammers or are otherwise suspicious.
–> Specific addresses, hosts, or domains can be blacklisted or whitelisted.
A whitelist can be automatically constructed based on the sender’s past
history of messages.
–> SpamAssassin can be trained to recognize the types of spam that you
receive by learning from a set of messages that you consider spam and a set
that you consider non-spam. (SpamAssassin and the spam-filtering community
often refer to non-spam messages as ham. )
–> The sending system’s IP address can be compared to the sender’s domain
name using the Sender Policy Framework (SPF) protocol (http://spf.pobox.com)
to determine if that system is permitted to send messages from users at that
domain. This feature requires SpamAssassin 3.0.
–> SpamAssassin can privilege senders who are willing to expend some extra
computational power in the form of Hashcash (http://www.hashcash.org).
Spammers cannot do these computations and still send out huge amounts of
mail rapidly. This feature requires SpamAssassin 3.0.

Most of SpamAssassin’s behavior is controlled through a systemwide
configuration file and a set of per-user configuration files. The per-user
configuration can also be stored in an SQL database.

How to Configure it ? : -
——————-

You can easily customize how SpamAssassin tags and identifies spam by
creating a spamassassin/user_prefs file. You can customize the number of
“spam points” required to identify a message as spam, create new rules, and
re-weight existing rules. Here is a sample user_prefs file. It raises the
threshold for identifying spam from 5 to 6, disables including spam warnings
in the subject and body, reweights a known rule, and adds several blacklist,
whitelist, and header rules.

Listing 1. A typical user_prefs configuration file

================================================================

#How many hits before a mail is considered spam?
required_hits 6

#Don’t mangle the messages so badly
rewrite_subject 0
use_terse_report 1

#whitelist and blacklist
whitelist_from *@www.webhosting.uk.com
blacklist_from annoying-person@xyz.com

#reweight an existing rule
score BASE64_ENC_TEXT 3

#add some new rules
header KNOWN_LIST List-Id =~ /a-mailing-list-i-like/
score KNOWN_LIST -3

body EVITE /This invitation was sent to you by .* using Evite/
describe EVITE Looks like an eVite
score EVITE -3

================================================================

Enjoy..