Configuring Spam Filtering at Rutgers

Setting up or disabling spam-filtering on OIT systems

Determining what is spam

There are various ways that a message can be classified as spam. The webtool allows three methods of spam filtering: 1. user address2. domain name and 3. filter level. The spam filter can be set to work with those three types of filtering, depending upon needs and preferences.

1. Spam filtering by user address
Filtering spam by user address requires the e-mail address of spam senders be specified in the appropriate fields of Section 1 of the Webtool spam Filter (Note: use of this filter will catch all mail from an address, even legitimate messages.)

This is the least effective of the three options for general spam control, as the user must continually add new addresses to filter out new messages. However, if you are beset with messages from a particular correspondent which you no longer wish to see, this is the option to use. 

 

2. Spam filtering by domain
The spam filter can also be set to detect spam by domain, which is the name of the organization in an e-mail address. For example, in an e-mail address of NetID@rci.rutgers.edu the domain is rci.rutgers.edu. Examples of some other well-known domains can include aol.com and Amazon.com, to name just two (Note: use of this filter will catch all mail from a domain, even legitimate messages.) Filtering messages based on domain, or e-mail address is called a Black List 

Enter the domain names from which spam is to be detected into the fields in the middle portion of Section 1 of the Webtool spam Filter

This is somewhat more effective than the previous option, as it catches all messages coming from a particular domain, rather than just those of a particular account at that domain. However, as a general spam-prevention method, it is not much of an improvement, as you continually need to add new domains. 

Also, it must be noted that spammers frequently fake e-mail addresses, including entire domains. If you attempt to put in a domain that does not actually exist, a warning message will be shown and your changes will not be saved. Remove the invalid domain and resubmit the changes. 

 

Exempting domains and e-mail addresses
If legitimate e-mail addresses or domains are consistently being filtered by the spam filtering software, exceptions can be made with the tool to allow these messages to go through. This method is referred to as setting up a White List 

Enter the domain name or e-mail address on which the exceptions should be made by filling out the bottom half of Section 1 of the Webtool spam Filter

NOTEBlack Lists take precedence over White Lists. This means that if the domain aol.com is listed in the Black List, and user@aol.com is listed in the White Lists, the user@aol.com e-mail's will still be treated as spam. 

3. Spam filtering by a filter level
The filter level establishes a very important criterion: messages above a chosen value will trigger a response from the filter and route those messages accordingly. Messages labeled as spam can be handled in three different ways:

  • Login to Rutgers Webmail.
  • Click on the Webtools option on the top of the webmail screen.
  • Select the "spam filtering" option under Setup.
  • Choose the "Setup spam filtering" or "Disable spam filtering" option, depending on what you want to do.
  • Delete the spam
  • Store the spam in a folder named AUTO-DELETED-SPAM
  • Store the spam in a folder designated by the user
  • Rutgers sets a default trigger value of each account's filter at 5 on a 1-to-30 scale, with 1 a strict setting and 30 a very lenient setting. The former will filter almost all e-mail messages, while the latter will filter very little. If you put purported spam into AUTO-DELETED-SPAM, OIT recommends the median level of 5. However, if you are directing the filter to delete spam immediately, we recommend the safer level of 10. There is no way to recover a legitimate message which the spam filter has automatically deleted upon arrival.

    Deciding what to do with spam messages

    Once a message has been flagged as spam, you next need to decide what should be done with that message. You have several options. 

     

    There is no 100% fool proof way to stop spam entirely. There are ways to cut down on the amount of spam an account receives.

    • Storing spam in the AUTO-DELETED-SPAM Folder
      OIT RECOMMENDS THIS SETTING. To set the filter to send mail into the AUTO-DELETED-SPAM folder, click the button next to the Store the spam in a folder named AUTO-DELETED-SPAM option:
    • If this setting is selected, messages designated as spam will be placed into a special folder called AUTO-DELETED-SPAM. It is wise to regularly review this folder in case any legitimate e-mail messages were accidentally placed inside of it. All messages placed in this folder will be deleted after 14 days, by default. OIT recommends a "filter level" of 5 or lower. However, if a large number of legitimate messages end up in the folder, increasing the filter level (making it more lenient) may be necessary. If you plan to review messages placed into this folder, you will want to make sure your e-mail software is subscribed to this folder. 

      You can control how frequently the messages in AUTO-DELETED-SPAM are deleted. Click on the pull down menu in the "Keep messages around in this folder" line and select the number of days, between 1 and 30, then click the "Submit" button. 

      NOTE: Those who use the POP server for incoming mail will be unable to view the contents of an AUTO-DELETED-SPAM folder, and risk missing legitimate messages that may be placed there. OIT recommends the IMAP protocol to send and receive mail. 

    • Store the spam in a user-designated folder
      Messages marked as spam can be placed into a designated folder in the Rutgers e-mail account. A new folder for that purpose will be created when the button is selected and a name entered into the "Supply the folder name:" text field. Messages stored in that folder will need to be deleted manually. OIT highly recommends the custom folder be monitored regularly. Deleting unwanted stored messages on a regular basis will help prevent exceeding the account disk quota, which is the maximum amount of space allowed to store files in Rutgers e-mail accounts.
       
    • Deleting the spam
      With this setting, all messages below the set trigger level will be deleted immediately. This means that if, for some reason, a legitimate e-mail message is flagged as being spam, it will be deleted, and there will be no way to get the message back. For that reason, OIT strongly recommends using the filter cautiously, and to set the spam level to 10.

What else can users do to stop spam?

  • Do not put a personal e-mail address on a publicly accessible web page 
    Many times companies who send out spam get e-mail address by using programs that search web pages for e-mail addresses and use those addresses for their spam lists. So if an e-mail address is listed on a webpage it is more likely to get spam.

    A second solution is to write the e-mail address on the webpage in a format that is not easily detectable as being an e-mail address. For example the e-mail address fakeuser@rci.rutgers.edu can be rewritten as fakeuser at rci.rutgers.edu. While easier to implement, the second solution is not as effective in curtailing the amount of spam being delivered to an account.

    Another solution is to not include a personal work address on a public webpage, and instead use a departmental e-mail address as a contact. Departmental e-mail addresses are accounts on the central server system that multiple people can be given access to. These people can log into that account and read any e-mail that has been sent to that account. While the departmental account will still receive spam, because it is listed on a public website, the personal accounts will receive much less spam then if they were listed publicly.

    To request a departmental account please fill out the following form: https://www.nbcs.rutgers.edu/webtools/become/

  • Do not use your e-mail address on online forms 
    Many websites require that you register your e-mail address with them before using their service. Some of these sites sell their e-mail lists to other organizations. If a service requires an e-mail address to use their service, it is best to use a secondary account rather than a primary or work e-mail account. This secondary account should only be used for registration purposes, ensuring that, if the secondary account is sent spam, it will not interfere with legitimate e-mails on the primary account.
  • Do not follow the removal instructions in unsolicited e-mails 
    Spam messages often provide a link that users can click on to take themselves off of the mailing list. This is often a trick that spam companies use to see if they have reached a working e-mail account. Once a user clicks on this link, spammers know that they have a working address and can continue to send e-mail messages to that account, so the amount of spam increases.
  • Enabling Junk Mail Controls 
    Although Rutgers systems automatically filter spam, you may wish to set up additional filters in your desktop e-mail program. 
  • Report the spam 
    Another way to try to decrease the amount of spam going to an account is to report the spam. One company that is very good as a spam reporting site is spamcop.net. The spamCop website does require that a user register for their reporting service, but this will only need to be done the first time spam is reported by the user. When spam is reported to spamcop.net they determine where the spam is coming from and report it to the proper people.