print friendly version

Questions and answers

983
What is IT Services doing to reduce the amount of unwanted, unsolicited, 'spam' email?


IT Services currently have several mechanisms to reduce the amount of unsolicited mail on the campus mail system:

  1. We make use of blacklist and whitelist services provided by third parties, often through JA.NET.  Mail from any blacklisted source is rejected.  We keep these lists under review to make sure that we only use high quality lists with zero false positives.  See also the note below about the Janet anti-spam DNS block listing service, launched in October 2007.

  2. We maintain a local blacklist of spammer addresses. Sources of spam are added to this list by members of the IT Services Systems team, mainly when large amounts of spam show up in the mail queues.

  3. We use a spam blocking system called SpamAssassin, which assigns 'scores' to each email according to any detected spam-like features, and with which we can refuse to accept messages with a high spam score.  High scores are assigned to emails where (for example) the sending servers are not correctly registered in the Domain Name Service (DNS): without such registration, it is impossible for us to verify that the sender's server is the one it's claiming to be, and not one acting as an imposter.   Genuine email erroneously identified as spam will be sent back to the sender, who can then choose to use another contact method.

  4. We verify message senders by 'calling' their claimed email address, whenever a positive SpamAssassin score is detected on the incoming email.  Only if the sender's claimed email address is valid, according to their own email system, and no other issues are detected by SpamAssassin, will the message be accepted. Sender verification, and our reasons for using it, is discussed in detail in FAQ 1101.

  5. We don't accept messages purporting to be from our own email domains, unless they're submitted directly to our servers with a username and password, or they've already been handled by our servers.  The effect of this policy is that "internal" email is almost completely spam-free.

  6. In an academic setting, it's hard to create strict rules about email content which would permit legitimate discussion of a wide range of academic interests. For that reason, we're investigating the possibility of using personal filtering rules - but these can only be applied to emails with single recipients.

  7. We don't filter internal email for spam (though we do check outbound email for viruses), and we're looking at extending this exemption to some other important domains (like brighton.ac.uk, for example), where we can be certain that the sender addresses aren't forged.

The only measure we could take to stop our students receiving spam altogether is to stop them receiving any email from off campus (including preventing them from using off campus mail facilities, such as Hotmail and Gmail).  We are sure, however, that the majority of our staff and students would not consider this to be in their best interests.

Nothing that we do will reliably stop spam from entering the university's email system, and the more aggressively we try to block spam, the more likely legitimate mail will be prevented from getting to Sussex recipients.  In many cases, identification of spam is requires human judgement.

Help us to improve this answer

Please suggest an improvement
(login needed, link opens in new window)

Your views are welcome and will help other readers of this page.

Categories

This is question number 983, which appears in the following categories:

Created by Andy Clews on 28 October 2002 and last updated by Alexander Butler on 9 January 2018