I just set up a Postfix/Procmail/SpamAssassin server but I am not convinced that it is really doing much filtering. I have gotten it to recognize the SpamAssassin special Spam code that produces a really high spam metric, but I've also tried sending it sketchy emails with lots of words like "Nigeria" and "viagra cialis" in the body to no avail. Even an email with no subject and no body seems to get through. Clearly either my tactics are not sufficient to raise SpamAssassin's attention or the service is not working.
Is there any way I can send realistic Spam to my server WITHOUT actually trying to sign up for sketchy websites that will send me real Spam? I would like to do it in a controlled way, not by signing up for "free ipad" or anything of the like.
Edit: I've already used the GTUBE with success – it triggered a spam score slightly > 1000. I'm looking to see "real world efficacy" or as close to it as possible w/o compromising security or creating massive headaches.
Best Answer
Use the GTUBE.
I'd replicate the string here, but... well, I'd rather not.
It's basically the email SPAM version of the EICAR Test File that is used to test anti-virus systems without actually using live viruses.
EDIT
Since you've already done that, you could try using http://emailsecuritycheck.net/ that offers a free service to send you some spam-like messages as a way to test your system.
In the end, I think your easiest way is to simply create a sample / test mailbox on your domain and then scatter the email address in comments on guestbooks here and there. Another option is to go find examples of the latest spam scams and then copy/paste the text and send it to yourself from another domain.
In short, there is no service that I've ever heard of that will send you spam intentionally with the intent to test a spam filter. The liability is probably far too high.