U declares war on spam e-mail; filters to debut

Dylan Thomas

Inboxes crammed with messages reading, “Get rich quick” or “Lose weight fast” have become more than just an annoyance. The University will soon take steps to filter the glut of junk e-mail clogging its server.

Ken Hanna, director of security and assurance with the Office of Information Technology, said the amount of spam on the University server – which processes approximately one million e-mails on a typical weekday – is increasing.

“It’s affecting the ability of the e-mail system to keep up with the volume at times. It really has reached a critical point,” Hanna said. In August, a month which typically sees low server use, 60 percent of e-mail was coming from bulk mailers, he said.

The University will offer several filtering options starting Sept. 30. University account users will have three options: to not use a filtering system, to receive e-mail from only “well-behaved” servers or to only receive messages sent from within the University server.

Receiving mail from only well-behaved servers will become the default setting for all University accounts, although there might be some confusion as to what that really means. Hanna said the definition of a well-behaved server is based on basic e-mail standards.

If an e-mail server hides its location on the Web, or does not accept returned, undeliverable mail – tricks commonly used by spammers – it is violating those standards.

“The idea is, if they don’t comply with the e-mail standards on the Internet, then they’re not playing by the rules and that’s a valid way to deny e-mail access to the University,” Hanna said.

Frank Grewe, assistant director of Internet Services, stressed filters have nothing to do with the content of e-mails, just the server sending them.

Grewe said people with University accounts will not notice an immediate change. Spam will be filtered out gradually as the University determines which servers are misbehaving, a several-months-long process.

The University’s new filtering procedures also allow students, faculty and staff to use a program called SpamAssassin, which marks the header of suspected spam for filtering, Hanna said. However, the University does not recommend using the program’s filtering options until it sends out a notification.

Hanna said setting up the new filtering program has been fairly inexpensive. While a certain amount of working hours will go into establishing the system, no money will be spent on new software because SpamAssassin is free.

Grewe said the number of resources freed up by limiting spam may even save money.

Spammer tactics

Joseph Konstan, a University computer science and engineering professor, said the public nature of universities makes them easy targets for spammers. Unlike corporate networks that are often guarded about employee information, college networks often include a student, faculty and staff directory that spammers can download, he said.

Konstan said services that collect addresses use tools to scan the Web and automatically collect individual addresses or whole directories from Web sites and discussion groups. Some tools even randomly generate addresses, recording which accounts are active for future spammings.

Once that information is in the hands of spammers, its effect on University servers can be dramatic.

During the first two weeks of class, one spammer was “pounding” the University server with e-mails, Hanna said. If the bulk mailings had happened during peak server hours, it could have considerably slowed or stopped the e-mail system.

Filters such as SpamAssassin work by identifying the telltale signs of spam, such as carbon-copy e-mails simultaneously sent to hundreds of recipients, or messages that contain common spam phrases such as “make money fast,” Konstan said.

Still, he warned, “No one should expect that anything the University or any other university can do will stop spam from coming through.

“The best we can do is cut down on how severe the problem is,” he said.