Spam consists of identical messages that are sent to numerous recipients by e-mail (that is unsolicited bulk e-mail). Spam e-mails may contain commercial advertisements or links to dangerous sites (that is phishing sites, or sites that include malware).
Anti-spam programs run many tests against the message, and each test will have a score based on the message criteria. The overall score determines if the message is a spam message or not. The different tests include:
DNS Black Listing (DNSBL): This contains bad-behavior IPs that were automatically collected using spam detection tools or manually reported. A famous example of a blacklist provider is Spamhaus.
Heuristic/Signature-based content filtering: This checks for certain known phrases, patterns, and so on; for example, if the message contains dear client, instead of the user's real name, or if the message was sent with a high priority.