Document Actions

Spam

last modified 2007-10-15 10:47

Spam is unsolicited email, usually commercial in nature and offering products or dubious "deals".

Spam has become a pervasive problem on the Internet with many variations -- the Joe job, phishing, advance fee fraud and more.

If a user receives spam:
- filter further spam
- report the spam
- educate users about email and other computer hoaxes and about spamin general
- advise the user on dealing with online stalking and harassment
If your host is sending spam, identify the source.
- secure any open mail relays or open proxies
- check the possibility of an intrusion
- educate users about mailing lists and email policies

Spam reporting sites can be used for spam from within RUNet as well as spam originating from outside of RUNet. However, spam is best handled by preventing it from reaching your email INBOX. Spam filtering software is available on Rutgers University OIT central servers.

Spam filtering

Reporting Spam

Spamcop Site for reporting spam using an automated process. Messages less than 3 days old are accepted for submission.

Application Note: Guidelines for reporting email abuse Describes the procedure for reporting spam manually.

General spam and country-specific reporting addresses Spam reporting addresses. The site contains reporting addresses for specialized spam and various types of fraud.

Email Headers

How do I get my email program to reveal the full, unmodified email? Instructions for revealing full email headers for the most commonly used mail readers
Reading Email Headers Introductory tutorial on the meaning of email headers and mail transfer on the Internet

Hoaxes

Urban Legends Reference Pages Provides a section devoted to Internet hoaxes and viruses, both often spread through spam email. Entertaining reading!

Links for End Users

FTC Spam Home Page Information geared to end users

Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks Advice to end users from Microsoft

Tips and help for regular users

Mailing Lists and Email Policies

Application Note: Guidelines for proper mailing list management
Requesting Mailing Lists Describes Rutgers guidelines for mailing list creation and use.
Guidelines for the Use of Email for Official Purposes provide additional details on business use of email in the University

Phishing

Phishing is an attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by pretending to be a known and trustworthy person or business. Phishing is most commonly carried out using email or an instant messaging. Should one of your hosts be used for a phishing attack, follow the recommendations for handling spam. The Anti-Phishing Working Group (APWG) provides consumer advice that can be shared with end users.

OIT sometimes receives requests for university wide email notifications when a new phishing attack is distributed within RUNet. The Office of Student Affairs approves email notices to students and University Human Resources approves notices to faculty and staff. Approval requires extraordinary circumstances.

Blacklists

Various sites provide lists of hosts that purportedly are sending spam. The listings are known collectively as blacklists. In an effort to curb spam, a remarkable number of Internet Service Providers make use of such lists; they will not accept email originating from the listed hosts. This can be difficult for users who regularly communicate with those hosts. Careful maintenance of your mail servers to avoid problems and prompt follow up on reported spam is important.

Here is a collection of major blacklists, along with information about removal of hosts from blacklists.

AOL maintains a private blacklist internally. and Should your host be blocked by AOL, contact AOL via telephone to clarify issues with one of the AOL postmasters. Be prepared to hold for a long time. The AOL postmaster site provides background on their email policies. Their internal procedures are not public.

Distributed Sender Blackhole List (DSBL)

Retrieve Listing Data After checking in DSBL, you can check almost 300 other blacklisting services. Click on "Check your status in other DNS Based blackhole lists". This option is displayed as part of the results of your initial query. Links to the reporting blacklists are available so you can follow up with the various blacklist sites to get the host removed.
Request removal

MAPS (now owned by Trend Micro)

Open Relay Database (ORDB)

Lookup
Removal
Spam and Open Relay Blocking System (SORBS)

SORBS Database Lookup
SORBS Support System (used for requesting removal from SORBS databases)
Spamcop
- SpamCop blocking list
- If there are no ongoing reports, Spamcop unlists the host automatically in approximately 15 hours. Reports from SpamCop also provide a URL which can be used to reply

RUSecure

Sections

Personal tools