The Spam Filters work in conjunction with the e-mail servers.
The SPAM Filter runs a variety of tests on every incoming message. If the message fails one or more tests, is blocked.

These are some of the tests:

IP Based:
These tests work by taking the IP address of the sending mail server and runing a DNS lookup on the domain. The domain and IP address are then run through a number of databases containing information on spammers. If there is a match the e-mail is blocked.

Some of the databases used:

DSBL - Distributed Sender Boycott List. it accepts submissions of open relays and any other unsecure servers that spammers can use to send spam.

ORDB - Open Relay Database. Lists open relays. Has 200,000 entries.

OSSRC - Osirusoft's Confirmed Spam Source list. These are sites that continually spam and have been manually added, after multiple nominations.

SPAMCOP - Lists mail servers that have a high spam-to-legitimate-mail ratio. Catches about the most spam of all tests.

Other tests:

MAILFROM - This test checks the "Mail From:" address (which should be the sender of the E-mail) and makes sure that the domain name it is coming from is valid. This way, if mail is sent from "user@$$$success$$$.com", it will get caught (since "$$$success$$$.com" is not a valid domain).

BADHEADERS - This test checks the E-mail for illegal headers that are common in spam, but not common in legitimate E-mail. This test can catch about 50% of all spam.

SPAMHEADERS - This test checks the E-mail for headers that are common in spam, but not common in legitimate E-mail.

ROUTING - This test will analyze the route that an E-mail takes, and look for highly inefficient routing that is very common in spam.

Should you have any queries please contact us