Electronic Mail @ CSUN

Coping With Email Spam

• Overview
• "Screening" Mail Sent Using an Email Link on a Web Page
• Filtering Messages to Segregate or Delete Unwanted Mail
• Reporting Abuse
• How to Learn More

Overview

Email spam is unsolicited, unwanted, "junk" mail sent to multiple recipients. The people who send out such mailings often create their spam lists by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. Some direct their spam attacks to existing email lists.

The University, through ITR, is constantly working to do what it can to reduce spam email; however, like the mail you receive at your home, virtual junk mail is hard to get rid of. It is also difficult to identify. Email that one person classifies as unwanted may be email that another is happy to receive.

Over time, ITR has taken steps to incorporate several anti-spam filtering and tagging procedures designed to reduce the amount of junk E-mail we all receive and to make it easier for us to identify spam E-mail. These procedures include:

• Refusing delivery of all E-mail messages which originate from E-mail systems that are listed on a series of conservative block lists   Note: “block list” is a term used to describe a list of E-mail addresses or “IP” addresses that originate from known spammers.
• Refusing delivery of E-mail messages with improperly configured (i.e. potentially forged) Internet message transport headers.
• Refusing delivery of E-mail messages that originate from the Internet and don't have a '@' in the 'To:', 'Cc':', or 'From:' fields that are intended for delivery to one or more CSUN e-mail recipients.
• Refusing delivery of all E-mail messages which have been marked by CSUN’s mail system as having a spam scale rating of 150 or greater (a rating that is three times greater than the conservative spam scale rating of 50).
• Refusing delivery of all E-mail messages which have been marked by CSUN’s mail system as having a spam scale rating of 100 or greater and that are intended for delivery to non-CSUN E-mail recipients.
• For those users who have enabled the “Junk Mail’ filter option via Webmail, all E-mail messages with a spam scale rating of greater than 50 will be moved into the respective user’s “Junk Mail” folder.
• Adding information (X-Junkmail, X-SPAM-Flag, X-SPAM-Level) to the message headers of all E-mail messages sent to campus mail users to make it possible for those users to eliminate even more spam by creating effective message filters via campus WebMail.

For your traditional mail, your can eliminate some mail that comes to your home by notifying the Post Office that you do not wish to receive mail of a certain nature. However, there always seems to be other junk mail to replace it.

Most unwanted email is merely a nuisance, and the best way to get rid of it is to delete it. It is generally not a good idea to respond to messages from unknown sources — not even to unsubscribe from a mailing list — as it will just let the person who sent the message know that your email address is active. If you recognize a legitimate source, however, by all means unsubscribe if you do not wish to receive any more messages.

"Screening" Mail Sent Using an Email Link on a Web Page

Many spammers use automatic "spambot" (spam robot) programs to gather email addresses. The spambot follows links and saves any email addresses it finds as it goes along — and then sends automatically generated messages to those addresses.

You can identify legitimate mail from your site by adding a subject attribute to the "mailto:" tag as follows:

<a href="mailto:email.alias@csun.edu?subject=Subject Text">linked text</a>

When someone clicks on the email link to send a message, the subject line will automatically be filled in. Unless the sender goes to the trouble to change it, you'll see the subject line you specified whenever you receive mail from that site. Spam will typically not contain the specified subject line; thus, you'll be able to recognize legitimate mail from visitors to your site. You might also filter messages based on the subject line to separate legitimate messages from spam (see below).

Filtering Messages to Isolate or Delete Unwanted Mail

If you continue to get unwanted email from identifiable sources, you can use your email client's filtering capability to delete all mail from those sources. Unfortunately, as with traditional mail, there always seems to be other junk mail to replace it.

Another method of filtering enables you to organize messages in folders and to isolate potential junk mail in its own folder. The filtering may be as simple as sending all non-CSUN mail to a separate folder or as intricate as setting up folders for various categories of mail and directing incoming mail to the appropriate folders. Using this method, you can easily see those messages you know you want to look at. Then, at your leisure, you can peruse the folder containing what may be junk mail — and you can delete all unwanted messages. If you find legitimate messages in the folder, you may want to refine your filters, so that subsequent messages from the same source won't be filed in the "potentially-junk folder".

Filtering instructions for Webmail Direct, Netscape Mail, Outlook, and Macintosh OS X Mail are available as follows:

• Filtering/Deleting Unwanted Messages in Netscape Mail:
  • Version 7
  • Version 4 or 6
• Filtering/Deleting Unwanted Messages in Outlook
• Filtering/Deleting Unwanted Messages in Macintosh OS X
• Using Webmail Direct to Filter/Delete Unwanted Messages

Reporting Abuse

Spamming is not an authorized use of campus resources. Therefore, if email spam appears to be coming from another CSUN user — and you're not comfortable discussing the problem with that user, it is appropriate to report it to ITR via email to abuse@csun.edu.

Some spam may be malicious or even illegal. In such instances, there are a number of options to choose from, including the following.

• Report the problem to the University Help Desk at campus extension 1400.
• Locate the originating site of the email spam and report the problem to abuse@sitename (where sitename is the originating site).
• Report the problem to the Network Abuse Clearinghouse at http://www.abuse.net (note that you'll have to register with the clearinghouse first).

How to Learn More

Several excellent sources of information about email spamming are linked below.

• Newbie Guide to SPAM and Other Such Unpleasantries on the Web
• Network Abuse Clearinghouse
• Promote Responsible Net Commerce: Help Stamp Out Spam

Top

December 8, 2006

Page maintained by User Support Services

ITR's technology training guides are the property of California State University, Northridge. They are intended for non-profit educational use only. Please do not use this material without citing the source.