Spam Blocking & Management

Summary

SVSU uses dynamic SPAM filtering software to block and remove incoming e-mail detected as SPAM.  In addition, suspect emails are tagged as "Probable Spam" and delivered to the customer's Junk Folder within Vmail.

Detail

 

  1. SVSU treats incoming SPAM just like an incoming e-mail with a virus; we block it before it gets on campus. Blocked messages are automatically deleted by the SPAM filter. The SPAM filter software is dynamically updated by the vendor, just like our anti-virus software.
  2. SVSU records a log of the sender ("to"), the recipient ("from"), and the subject line. We do NOT record the message itself.
  3. The current SPAM filter does not have a quarantine.  Suspect emails that are not deleted, are tagged as "Probable Spam" and delivered to the customer's Junk Folder within Vmail.
  4. Faculty and staff may justify globally "trusting" an e-mail source. Please e-mail your justification to support (at) svsu.edu. The ITS staff will work with you to ensure the narrowest trust listing possible.
  5. Faculty and staff may request a personal "trusted" e-mail source. Please e-mail your request to support (at) svsu.edu. Shortly we will have a Vmail Zimlet that will allow you to directly maintain your trust list.
  6. Faculty, staff, and students may attempt to block more SPAM by writing filters within Vmail. See:  "Mail Filters". 
  7. Email that contain the keywords "password", "mailbox" and "webmail" are always regarded as suspicious due to their high use in phishing attacks.  If you receive an email with one of those words in it, it will automatically be tagged as "Possible Spam" and delivered to your Junk Folder.
  • Faculty and Staff: To learn more about spam & your options, contact the ITD lab for a training session.
  • Students: To learn more about spam & your options, contact the STC for a training session.

 

Background

Fiscal Year

2005-2006

Daily Incoming E-mail From External Source (does not include internal or SVSU to SVSU e-mail)

180,000

Incoming E-mail Blocked as SPAM

75% (consistent with national average)

   

Fiscal Year

2006-2007

Daily Incoming E-mail From External Source

1,400,000

Incoming E-mail Blocked as SPAM

92-95% (SVSU expanded SPAM filter to include Bayesian inference logic)

 

 

Fiscal Year

2007-2008

Many members of the SVSU campus community received a number of "phishing" e-mails. Such messages requested users to "validate" or "verify" their account information by replying with an e-mail containing their User ID, password, date of birth, and country. Despite multiple attempts to educate and warn SVSU users, several members of the campus community replied to those messages with the requested information. In addition to providing personal data (leading to potential identity theft), those user's accounts were used to send more SPAM. As a result of the influx of SPAM sent from SVSU e-mail accounts, many outgoing SVSU e-mail were blocked and discarded by many ISP's. The Internet effectively "blacklisted" SVSU accounts.

   

Fiscal Year

2007-2008

Daily Incoming E-mail From External Source

2,500,000

Incoming E-mail Blocked as SPAM

97.50%

History

  • August 12, 2006 - SVSU began blocking and discarding "verified" SPAM.
  • September 1, 2006 - SVSU began blocking "probable" SPAM.
  • June 18, 2007 - SVSU adopted a policy to mask faculty and staff e-mail addresses from off-campus queries. This stops SPAM bots and individuals from harvesting e-mail addresses for SPAM usage. This policy affects both departmental web pages and the web-based directory lookup. The masking allows an off-campus user to send an e-mail to an employee without viewing the employees e-mail address.
  • May 29, 2008 - SVSU adopted a policy to block the auto-forwarding of e-mail from SVSU accounts to outside accounts. This significantly reduces the chance of SVSU e-mail becoming blacklisted by the Internet.
  • May 29, 2008 - SVSU adopted a policy to quarantine any e-mail with the word "password" in the body of the message. This significantly reduces the chance of an SVSU e-mail account being hacked by a customer responding to a phishing e-mail.
  • May 29, 2008 - SVSU adopted a policy to block any external e-mail with one of a number of User IDs from the "@svsu.edu" domain. This significantly reduces the chance of an SVSU e-mail account being hacked by a customer responding to a phishing e-mail.
  • November 5, 2009 - SVSU adopted a policy to quarantine any e-mail with the words "mailbox" or "webmail" in the body of the message. This significantly reduces the chance of an SVSU e-mail account being hacked by a customer responding to a phishing e-mail.
  • January 18, 2011 - SVSU learned that all quarantining of email based on SVSU defined keywords has been unilaterally removed by the vendor.  SVSU intends to resume such quarantining as soon as the spam filtering software permits.