How is your school currently filtering spam? What mail server (if known)? Is this district wide email system or something privy only to your school?
One of the things I'm thinking of is DomainKeys, by Yahoo!.
DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain. Today, the sender of a spam message can spoof the originating address so that recipients will think it came from someone else and thus open it as legitimate mail. Yahoo's software would enable the receiving end of e-mail to easily filter out notes in which the sender's stated address could not be authenticated as the actual address. Yahoo plans to make its software freely available to open-source developers, hoping that it will be adopted, installed, and implemented throughout the Internet. In a Reuters interview Brad Garlinghouse, Yahoo's VP of communications products, described the scope of the DomainKeys initiative: "What we're proposing here is to re-engineer the way the Internet works with regard to the authentication of e-mail."
In the Yahoo anti-spam system, an e-mail message would have the originating domain's private key securely embedded in its header. When the message arrives at its destination, the key can be compared to the stated domain's public key in the domain name system (DNS) listings to verify that it actually comes from where it says it comes from. Messages that originate from known sources of spam or from domains other than the one they claim to be from could be rejected by the recipient's server.
The Internet community is divided on whether or not the Yahoo effort is likely to work. For one thing, the software would have to be widely accepted to be successful. Furthermore, some critics believe if DomainKeys was broadly implemented it would lead to an unacceptable slowing of transmission due to the extra handling of each message. Another concern is that spammers could carry out replay attacks, in which the attacker intercepts messages, steals legitimate digital signatures, and then forges messages using them. However, such problems are not insuperable. Proponents argue that Yahoo has a potential solution to the spam problem in DomainKeys and that, with the ever-increasing glut of spam on the Internet, we should give even possible solutions a good trial before dismissing them.
Currently, DomainKeys is implemented in current versions of Sendmail.
If you are not currently running Sendmail, and willing to update it, I would suggest putting an SMTP proxy in front of the mail server itself to weed out unwanted emails and viruses. Using amavisd, clamav, spamassassin, pyzor and razor, this is possible, and works damn well. Also, if you did something like this, you could have a script run every night to update ldap information (if you're using LDAP) and only accept mail to current accounts. This would be nice since every year the school unloads a class and gains a new one.
I have only setup this smtp proxy on debian sarge, so, there may be a few changes.
If you want a step by step guide, go to
www.floabie.com/spam