The Spam Landscape at Reed
- What is spam and who sends it?
- What does Reed do about spam?
- Automatic rejection
- SpamAssassin and filtering
- Automatically deleting attachments
- Automatic purging of your spam folder
- Filtering outgoing webmail
- Blocking common paths for spam
- Why doesn't Reed delete all spam?
- Relatives of spam
- More information
Spam accounts for about 80% of all the mail arriving at Reed's servers. In addition to inconveniencing us all, processing spam slows down email and clogs servers. Detecting and eliminating spam is a never-ending challenge, as spammers constantly invent new techniques.
What is spam and who sends it?
Spam is unsolicited bulk email. For a good discussion of what is and isn’t spam, see http://www.spamhaus.org/definition.html.
No ISP will knowingly allow spam to be sent from its network. Spammers thus resort to using privately-owned machines that have been compromised (typically by a virus or worm) and are under the control of a hacker. These machines are known as "bots" and there are hundreds of thousands of them on the Internet. Their operation is highly automated. Most bots are Windows computers in private homes.
What does Reed do about spam?
A lot! The quantity of spam and the cleverness of spammers has increased greatly over the years. Reed takes many steps to decrease the amount of spam that community members receive in their inbox. Reed also takes measures to ensure that computers within our own network are not sending spam.
Part 1: Automatic rejection
On a typical day, about two-thirds of the email arriving at Reed servers is immediately rejected. The vast majority of these rejections are for one of the following reasons:
- the sending server is on a list of compromised or misconfigured computers that should never be the source of legitimate email; or
- the sending server is on a list of suspected spam sources and it also behaves like a “bot” (selective greylisting); or
- the message contents indicate that it is virtually guaranteed to be spam; or
- the message contains a virus or other malware.
Part 2: SpamAssassin and filtering
Before delivery every message is scanned with a program called SpamAssassin. Using a complex rule set, SpamAssassin assigns a score indicating how likely the message is to be spam. Higher scores are given to messages that are more likely to be spam. Mail with a score of over 20 is virtually guaranteed to be spam and is deleted immediately (item 3 above). Remaining email is subject to your personal filters. Reed’s default filters (which you will have unless you changed them yourself) are as follows:
- Email with a score lower than 6 is delivered to your Inbox.
- Email scoring 6 or higher is delivered to your spam mailbox.
You have many choices on how to configure your filters to your own desires. Instructions are available.
Part 3: Automatic deleting of attachments
Viruses and trojans are often distributed through email as attachments. Our scanners check all incoming email, and automatically remove any attached file that ends in .exe, .vbs, .pif, .scr, .bat, .cmd, .com, and .cpl. Our scanners even check for viruses inside of zipped up files. If an attachment sent to you is stripped, the text of the email will still be delivered to your inbox.
You'll know that our scanners have deleted an attachment that was sent to you if you receive the following text in an email.
WARNING: This e-mail has been altered by MIMEDefang. Following this
paragraph are indications of the actual changes made. For more
information about your site's MIMEDefang policy, contact
Reed College Postmaster <firstname.lastname@example.org>. For more information about MIMEDefang, see:
Part 4: Automatic purging of your spam folder
Not all users check their spam folders, and a lot of email winds up there. This can eat up your quota and use up server resources. By default, email in your spam folder will automatically be deleted after 30 days. You can change this behavior (and also set an automatic deletion for your Trash folder, if you so desire) by visiting https://myinfo.reed.edu.
We are currently looking at mail sent from webmail and running it through our spam filters. If the message has a score over 6 then it is discarded and the sender receives an automated reply from CIS. This is to protect us from a hacked webmail account sending out loads of spam.
Part 6: Blocking common paths for spam
Some malicious software is designed to infiltrate computers and send large quantities of spam. A common tactic is to send out this spam using an external mail server such as Gmail or Yahoo. Reed is battling this by blocking outgoing email on port 25 from the wireless and dorm networks. Don't worry, this will not affect your ability to use the web interface for sending and receiving email. Only a client such as Thunderbird or Apple Mail that is configured to send over port 25 will be affected. To help get your mail client configured properly, we've compiled a list of common external email server provider help pages.
Why doesn’t Reed just automatically delete all spam?
Though it can be pretty obvious in extreme cases, there will always be some messages that our computers can’t reliably tag as either legitimate email or spam. Because of this gray area, some spam scores less than 6 and goes to your Inbox, while some legitimate email will score over 6 and go into your spam folder. That’s why we recommend that you look in your spam folder every day or two to check for legitimate mail that wound up there by accident.
Spam Relatives: Phishing, Worms, and Other Malware
Phishing attacks try to get your personal information and passwords. They may look official and contain links to websites (which may look convincingly real) where you are asked to log in or otherwise provide confidential information. They are often crafted to create a sense of urgency. To avoid falling for a phishing scam, you should never click on a link in your email and then enter personal information in the site. Any time you visit a site where you will be entering personal information, you should navigate to it by manually typing in the URL (or using a bookmark you set earlier). If you get an email that looks alarmist or otherwise suspicious, call the institution and ask about it.
Worms and viruses are a bit like spam in that they are bad and typically arrive via email. They are designed to damage or destroy your data, or steal it, or (most frequently these days) to turn your computer into a “bot” to be used later for sending spam. By far the largest fraction of malware is aimed at Windows systems.
To learn more about how to use filters and automatic expiration, visit http://web.reed.edu/cis/help/imap/spam.html.
For instructions on how to report spam you receive, and also to report legitimate mail wrongly identified as spam, please visit http://web.reed.edu/cis/help/report-spam.html.
You can find useful information about spam and anti-spam measures at these sites:Computer User Services.