This is a bit of an advanced topic, but I thought I'd post it here for those interested.
We use SpamAssassin on our servers, and each pop account has it's own spamassassin configuration file. The default settings for Spamassassin do a reasonably good job of marking out spam, but spammers are adapting and it's not as good as it once was. An important part in improving how well Spamassassin catches spam is to be sure to train the bayesian filter so it recognizes what is and what isn't spam. In order to do a good job, the filter should really be personalized to what type of spam you get, and what type of legitimate mail you get.
In order to do this, you need to train spamassassin. To do this, you need to get together a list of spam email, and a list of good email. The easiest thing to do is export this into a unix mbox file. Most email clients will allow you to export mail to mbox format. Try and get a good size list of both spam and legitimate mail.
Upload the two files spam.mbox and good.mbox to your server, and then run the following command. It should be run as the same user who owns the domain. For instance, for alex at gossamer-threads.com, I would run all on one line:
HOME="/home/gossamer-threads/gossamer-threads.com/mail/alex" sa-learn --spam -p /home/gossamer-threads/gossamer-threads.com/mail/alex/spamrc --mbox --showdots /path/to/spam.mbox
to train my spam filter on what is spam, and then run all on one line:
--ham -p /home/gossamer-threads/gossamer-threads.com/mail/alex/spamrc
--mbox --showdots /path/to/good.mbox
to train it on what isn't spam.
Once you do this, you'll find that spam assassin will do a much better job of recognizing what is and isn't spam, even with spammers who use so called bayesian filter attacks.
Hope this helps, and if you have any questions, don't hesitate to ask.
Gossamer Threads Inc.