The CS department mail servers are using a product called
PureMessage that
tries to identify email as spam. When it finds a message that
it thinks is spam (based on an extensive set of rules and tests)
it adds "[SPAM: #" to the Subject: line of the message
and also encodes this information into the X-Perlmx-Spam: header. This
makes it easy for user mail filters (such as procmail and those
built into many mail programs like pine and netscape) to filter
this spam. Please see the
Spam Filtering FAQ Entry
and the
Email Virus and Spam Filtering Policy Page
for more information about spam and virus protection measures in place.
Some spam and virus email will pass through the filters undetected. When this
happens here is some information about what you can do with such emails.
First, if this is a suspected virus you believe the scanners have missed, please
save the message to a file and then post a note to the
CSG Help Desk
letting us know the location of the file. Note that we sometimes see
email that looks like a virus missed by the scanner because the virus
payload in the email has been corrupted or truncated. While it may
look like a virus, and it may be annoying, it isn't dangerous.
If this is a missed spam email, you have a couple options. You may elect
to just delete and ignore it. It is inevitable that some spam will get
through undetected and it may be easiest to just ignore it. However, if
you want to add this message to the spam database used in the detection
algorithm or you are getting a high volume of such messages, here are
your options:
- We are using the Sophos PureMessage
software to do the spam detection. They maintain a database of sample
spam messages that are used to train the system so you may want to add
your spam to this database. To do this, you will need to forward the
complete email to is-spam@sophos.com. You will need to include the
entire headers of the message (including the Received: header lines)
when you forward it to this address. If you are not sure how to do this with your mail
program, please
ask for assistance.
- We also manage a set of local rules that we can customize to
detect spam. If you are getting a high volume of similar spam
messages, please save a few of them to a file and then
let us know.
We can examine the messages and try to determine common markers in the
emails that we can key on. This approach is really not feasible for
a small number of different spam emails that come through but effective
when you are getting a lot of similar spam emails.
- We are only adding the SPAM tag to the Subject line of messages that
are in the 60-99% confidence level of being spam (we reject those over
99%). However, you may find that all messages over 50%, or even 40%, are spam.
In this case, you have the option of filtering messages using the
X-Perlmx-Spam: header as described in the
Spam Filtering FAQ Entry.
