Today's attacks against Bayesian spam filters attempt to keep the content of spam emails visible to humans, but obscured to filters, or they attempt to fool the filters with additional good words appended to the spam. Attacks of this kind have characteristics that are detectable by spam filters, but there is another conceivable approach: one could substitute suspicious words in spam emails with innocent words to make the spam emails appear as legitimate emails (i.e., ham emails). In this book, first, Bayesian spam filtering, including its mathematical foundation, is described. Then, other anti-spam approaches are presented to highlight specific strengths and weaknesses of Bayesian spam filters. Existing attacks against Bayesian spam filters are shown, after which substitution attacks are analyzed: the preconditions of this new kind of attack are examined, and the effectiveness of substitution attacks is measured for three different spam filters. "Penetrating Bayesian Spam Filters" is aimed at computer security specialists, developers of Bayesian spam filters, and anyone interested in the limits of currently used spam filtering technology.