This site depends heavily on Cascading Style Sheets (CSS). While it will work without CSS, it does look much better if you enable CSS.

-----
Mail Filtering Explained
New
Users		 Department
Contacts		 CLASnet
Users		 About
CLASnet		   CLASnet
Home

While EMail (electronic mail) is a powerful tool for our daily work, the explosion of "malware" (viruses, trojans, worms, etc) and UCE (unsolicited commercial email, aka "spam") threatens to overflow our inboxes. CLAS employs a number of electronic countermeasures to handle the more egregious unwelcome messages. However, there's a large grey area -- one person's spam may be another person's mailing list. Thus, in many cases, it is up to the individual to decide what is and isn't appropriate. This document explains what and how we filter, and how you can further filter what messages you will and won't accept.

Frequently Asked Questions

Can't you stop all the spam from showing up in my mail?
We try. However, the spammers keep finding new tricks to get around the filters. In many cases, the mail server will tag such messages as [SPAM] and let you filter them in your mail client.
What's a mail client?
A mail client is a software program that connects to the mail server, displays email messages, and allows you to write new email messages. Common email clients are Mozilla, Thunderbird, and Eudora.
I'm getting a lot of spam. Is the gateway broken?
The gateway is working. There's just a lot of spam out there.
How much spam is there, really? Why do we need a filter?
As of January 2005, the gateway processes about 85,000 messages per day on average. Of that, the gateway blocks or tags 84% of the total traffic as spam and computer viruses, which leaves about 16% as apparently legitimate mail. Of those messages intercepted, virtually none are false positives. If we didn't have any filters, all that spam and viruses would show up in your mailbox.
Why am I getting emails labeled "BLOCKED ATTACHMENT IN MAIL TO YOU" from "Barracuda Spam Firewall <>"?
Those are from our email gateway, letting you know someone tried to send you a dangerous attachment. Because no system is perfect, we send those messages to the intended recipient, which allows you to determine if any expected, legitimate message(s) were blocked incorrectly.
Why don't you block Korea from emailing us?
While it seems that a lot of spam comes from various Asian mail servers, a number of our users receive legitimate messages from many of those mail servers, both from academic colleagues and personal acquaintances. Thus, we cannot outright block an entire nation from emailing us. However, our mail server uses a "blacklist" to refuse email connections from known spammer-controlled computers.
There's an "unsubscribe" address on the email. Should I send them a note?
That's not recommended. Most bulk advertisers have purchased your email address, so even if you can get one to remove you from their list(s), you're still on hundreds of other lists. In addition, some spammers actually harvest email addresses sent to their supposed "unsubscribe" address, then turn around and resell them as "known good" addresses. You just can't win.
What about these dirty picture messages?
Those are harder to filter, since the entire spam message is a URL (pointing to the picture), there's no text to examine. We recommend disabling the preview pane or automatic image displays in your mail client, so they won't open automatically. This also defeats "web bugs" -- invisible embedded images that confirm your email address validity to the spammers.
Why can't I receive an attachment?
Many types of malware send attachments with executable code. At this time, we block BAT, COM, CPL, EXE, PIF, and VBS, as there is no reason for these executables to be sent via email. According to Microsoft, the following extensions are dangerous, and should be filtered:
ade adp bas bat chm cmd com cpl crt exe hlp hta inf ins isp js jse lnk mdb mde msc msi msp mst pcd pif reg scr sct shs url vb vbe vbs wsc wsf wsh
If we see any of these other extensions being used in virus attacks, we may block them as well. Note that ZIP archives are not blocked, though ZIP files are examined for known viruses, and rejected if infected.
Why does CLASnet score a spam message differently than Gatorlink?
We're using a different anti-spam engine than Gatorlink. Our engine generates both positive and negative scores, based on the the likelihood it is spam (or not spam). Thus, a spam message that Gatorlink scores as a "7" may be a "4" with the CLASnet system.
What are all these extra headers?
The server filtering adds a number of additional headers denoting the message score, how it determined the score, and some additional diagnostic information for the mail administrators. For more information please take a look at the server filtering page.

[CLASnet main page] Last updated: Jan 21, 2005 (01:46:41 PM EST)
URL: http://www.clasnet.ufl.edu/howto/mail-filtering/

College of Liberal Arts & Sciences
CLASnet
100 Rolfs Hall
PO Box 117300
Gainesville FL 32611
 
Contact: CLASnet
Phone: (352) 846.1990
FAX: (352) 846.1995

Printer-Friendly Page

Search CLASnet