Junk email

Dealing with Spam

Levels of spam (unsolicited bulk email) seem to be constantly increasing. Information Services at the University of Birmingham have a number of measures in place that stop a substantial proportion of spam, but nevertheless the overall increase has resulted in many people receiving more spam than ever.

Spam Filtering

School filter

The School employs a spam-filtering mechanism on its mail system that scans messages for phrases or patterns of words which are common in spam. An OCR tool is also applied to the message to look for common spam words. A 'weighting' system is applied to messages - all messages will have a spam "score" set in the message headers. Messages that the system thinks are spam will have the term "[SPAM?]" added to the subject line. Only those messages with extremely high scores will be rejected outright by the system. (You may choose to opt out of the rejection system, but the Support Team do not recommend this).

Note that in addition to the anti-spam system, we also virus scan all email (including that sourced within the department) and perform a number of checks on the sender's email addresses - any mail which does not pass these checks is deferred (it the problem it transient, the mail will be redelivered, after a week, the upstream mail server will give up).

Information Services filter

It is University policy that all email comes onto Campus through the IT Services central mail hubs, where it is passed through virus scanners and SPAM filters.

The messages are processed as follows:

  1. Email is checked against blacklisted sites and rejected if it matches
  2. Email is checked for viruses and similar malicious code in addition to known phishing scams and rejected if any are detected
  3. Email is scanned and a score is assigned depending on how many spam characteristics are present in the email:

    • If the score is very high, showing that spam has been detected with a high degree of certainty, the message is rejected
    • If the score is high, showing that the message is probably spam, the message has SPAM: added to the subject header
    • If the score is significant and may be spam, ?spam? is added to the subject header

Further information may be found by selecting "Knowledge Base -> Email" on the IT Service Desk web pages.

Users who are experiencing issues with the level of SPAM tagging are should contact the IT Services Helpdesk in the first instance who will be able to provide assistance. One possible course of action is for the user to opt out of the subject line rewriting. In these instances mail is still SPAM filtered and a score placed in the header, which may be used by the user's mail client for filtering purposes, however, the subject line will not be rewritten. A consequence of opting out is that the recipient may no longer to be alerted to possible identity theft attempts.

Self Help

There is no way of completely protecting yourself from spam if you use email, and many of the measures that you can implement to reduce spam involve some cost or loss. For example, if your email address is visible on a website, or you use it to email an external mailing list, its more likely to receive spam - so think carefully before publishing your email address on the web, to a mailing list or to a newsgroup etc. However, if you do not use your email address in this way, you may limit the ways that legitimate people can contact you.

Opening certain HTML messages can also increase the amount of spam received (HTML is the main format used for web pages). HTML allows spammers to embed information in their emails that can be passed back to a remote web server - resulting in further spam. If your email client allows it, you can switch off the HTML option, allowing you to more safely review messages as plain text files. Whilst HTML is a poor choice of email format, Information Services are unable to block all HTML messages as too many people use it - even when no formatting is neccesary.

You may wish to try using a anti-spam software on your home computer. There are some free applications including SpamAssassin amongst others.

It is recommended that all messages that are obviously junk are deleted without being opened. However, even previewing a message in a preview pane effectively opens the message. You should also excercise great caution when opening an attachment, even if it appears to come from a legitimate source, as a great many computer viruses and worms are spread in this way. Finally, never click on an "opt-out" link in the body of a spam message - all this is likely to do is confirm to the spammer that they have *your* working email address.