Oregon State University

Blocking E-mail Spam

Network Engineering uses several tools to help keep spam from reaching your mailbox. Read on for more information about what we are doing to prevent spam, what you can do, and how to keep your address off of spammers' lists.

What is Spam?

Spam is defined as unsolicited, bulk e-mail.  Typically spam comes from strangers - people who have obtained your e-mail address without your permission.  If you signed up for the mailing (intentionally or accidentally), it may be undesirable e-mail, but it is not technically spam.  Likewise, if you have some sort of business relationship with the sender, it is not spam.  So, an e-mail sent to you from your bank, an online service you signed up for, or your department at OSU would not be considered spam. 

Note: Using OSU's e-mail system to send unauthorized bulk mailings is against the Acceptable Use Policy.  For information about how to do a bulk mailing at OSU correctly, please see the Guidelines for Release of E-mail Addresses.

Blocking Spam

Step 1 - Using Filtering On Your Account

Step 2 - Reporting Spam

If Step 1 doesn't stop the spam from coming through, you can report the spam to OSU Network Engineering:

Greylisting

Greylisting works by sending a temporary failure message on the first attempt of a unique combination of sender IP, sender and recipient. Legitimate, properly-configured mail servers deal with a temporary failure by queuing the message and resending later (typically within 15 to 30 minutes). On subsequent attempts to send a message, the greylisting server allows the message to be delivered.

Greylisting works as an effective method to prevent spam because spammers typically do not bother to queue mail. Rather they blast the spam out once and ignore delivery failures.

The downside of greylisting is that it may cause a legitimate message to be delayed. Messages may also appear to arrive out of order, as subsequent messages from the same sender are not delayed. Also some sites do not queue and redeliver messages properly.

OSU addresses these issues by building up a comprehensive whitelist of allowed senders. If there are sites that you are concerned about, please send us a list at net (at) oregonstate.edu, and we will add them to the whitelist.

NOTE: Greylisting does not apply to e-mail sent within OSU.

Real-Time Black Hole Lists (RBLs)

A RBL is a list of hosts that are known untrustworthy e-mail senders. When we receive email from one of these sites, we bounce the message back to the site with an explanation that they are in an RBL and a link with directions on how to get unlisted from it. In addition to RBLs, we have an access list of domain names and email addresses of known spammers that we reject mail from. We also block mail from dynamic IP ranges, because mail servers should never have a dynamic IP. Finally, we block mail from dialup users and cable modem users - these users must relay through their ISP's mail server (or they can relay through OSU with ONID authentication).

We use the following RBLs at OSU

If you are having trouble receiving mail from another site because they are listed in one of our RBLs, please tell the person at the remote location to contact their e-mail administrator or ISP and give them the information in the bounce message that they received from OSU. Contact us at net(at)oregonstate.edu if the sending site is unable or unwilling to get unlisted - we may be able to help them get unlisted, or whitelist the site here.

Phish Detection

For more information about phishing, please see the Phishing helpdoc page.

OSU blocks e-mail messages that contain a reply-to address that goes to a known phisher.  If practical, we will also "poison DNS" for links included in phishing e-mails, so that clicking the link will redirect you to a safe page instead. 

If you respond in any way to a phishing e-mail that asks for your username and password, we will disable your account and ask you to reset your password.  OSU has had several accounts become hacked in the past and these hacked accounts have been used to send hundreds of thousands of spam e-mails to OSU and to the world, causing serious e-mail disruption.

NEVER respond to phishing e-mails!

Content-Based Filtering & SpamAssassin

Content-based filtering refers to sorting or deleting mail based on the content of the message itself. We do content-based tagging at the mail relays using SpamAssassin, and these tags can be used to filter spam in your e-mail client.

Many e-mail clients now come with "Junk Mail" filters built-in, which you can turn on to help sort out the messages you don't want to see. When you use a junk mail filter, make sure that you set it to sort the unwanted mail into a junk folder, rather than your deleted items. That way, you can check the junk folder once in a while to make sure that no innocent e-mails have ended up there.

SpamAssassin headers that you can filter on:

X-Spam-Flag: YES  (indicates that this message has a score of 5 or more)

X-Spam-Level: ******** (the number of stars indicates the spam score)

For example, to filter all messages with a score of 3 or higher, you could create a rule in your email client to match on "X-Spam-Level: ***". 

Instructions on how to set this up can be found here.

How to Keep Your E-mail Address Off Spam Lists

The best way to avoid being spammed is to be careful how you share your e-mail address.  Every time that you sign up for something online and provide your e-mail address to do so, you are potentially sharing your contact information with not only that site, but with third parties as well.

The following are things you can do to keep your address off spammers' lists:

  • Don't sign up for work-at-home or other too-good-to-be-true offers; they are typically scams and your contact information will definitely go to spammers.
  • NEVER reply to spam or phishing emails.  If you do, it verifies to the spammer that your address is a real working address and that makes it even more valuable to them (and makes it more likely that you will get more spam).
  • If you post your e-mail address on a publicly accesible website, try to obscure it in some way (e.g. bob(at)oregonstate.edu).
  • When signing up for various accounts online, uncheck the boxes that ask about putting you on their mailing list.  Typically these will be checked by default.

OSU Email Statistics

Where does spam come from?

In the past, most spam came from misconfigured mail servers or proxy servers. But today most spam comes from virus-infected personal computers, hacked e-mail accounts and free e-mail providers.  See the Wikipedia article on Spam for more information about how spammers operate.

One very important thing that you can do in the fight against spam is to keep your computer up-to-date on software patches and anti-virus software. It's also a good idea to run a personal firewall. Use caution when opening e-mails from addresses you don't recognize, and always scan email attachments for viruses. If your computer has become noticeably slower, it's a good idea to run virus-detection software.

Finally: NEVER share your password!

Contact Info

Copyright ©  2014 Oregon State University
Disclaimer