iXhash.pm is a plugin for SpamAssassin 3.1.0 and up.

Basically the plugin provides a network-based test, just as razor2, pyzor and DCC do. Working solely on the body of an email, it removes parts of it and computes a hash value from the rest. These values will then be looked up via DNS using the domains given in the config file(s). You need Net::DNS and Digest::MD5 installed.

Please note that, while this plugin realises some sort of 'fuzzy checksum', the fuzzyness is realised by reducing the body text of an email to its (characteristic) minumum. The MD5 hashing algorithm used is not fuzzy. Accordingly there are no 'confidence levels' or things of that sort. It's hit or no hit.

There are likely to be FPs, especially with relatively short emails. You can somewhat tune the plugin by editing the RE with the code - see comments for that.

For those more deeply interested: This plugin is based on parts of the procmail-based project 'NiX Spam', developed by Bert Ungerer.(un@ix.de) If you can read German, read up at http://www.heise.de/ix/nixspam/. The procmail code producing the hashes only can be found here: ftp://ftp.ix.de/pub/ix/ix_listings/2004/05/checksums


  1. Please see the unofficial optimized and maintained version at http://mailfud.org/iXhash2/  (old official version: https://sourceforge.net/projects/ixhash/)
  2. Copy 'iXhash2.pm' and 'iXhash2.cf' somewhere where SpamAssassin can access it - like /etc/mail/spamassassin
  3. Edit the first line of iXhash2.cf (loadplugin) to reflect where iXhash2.pm is (if not in same directory)
  4. Adjust scores. You might want to decrease the scores given in the .cf file first to see if there are too many FPs.
  5. Run 'spamassassin -D < /some/mail/message 2>&1 | grep -i ixhash', where '/some/mail/message' is a file containing an email. This should contain some occurences of 'IXHASH', showing you the plugin is being used.
  6. Restart spamd/amavisd/whateverDaemonUsesSpamAssassin
  • No labels