Spam
no tasty treat for Rice e-mail account holders
…………………………………………………………………
BY B.J. ALMOND
Rice News Staff
Did you know
that you have been approved for a cash grant in the amount
of $10,000 to $5,000,000?
Or that a former
bank manager in Nigeria has a very confidential business
proposition for you?
Or that you could
enlarge a certain part of your anatomy by purchasing a special
product online?
If you’ve
read these spiels before, you most likely have been receiving
unsolicited bulk commercial or pornographic e-mail, also
known as “spam.”
Just how much
spam mail is sent to the more than 5,000 e-mail accounts
on the Rice campus is unknown. Sometimes more than 1,000
e-mails per minute are received through the server known
as the “mail cluster,” which handles e-mail for
students (OWLNET) and for Rice faculty and staff (Rice Unix
Facility, or RUF).
Although the
university’s Educational Technology and Networking
Infrastructure (ET/NI) filters incoming e-mails for viruses
to prevent them from reaching their destination and crashing
computers, the system does not screen for content, such
as spam.
“Our philosophy
is that we should not censor e-mail at all. We are, however,
in a unique position to be able to see trends and collect
message characteristics ,” said William Deigaard, director
of ET/NI. “Last September, in addition to anti-virus
software, we installed software on the mail cluster that
can tag e-mails that might be spam so that students, faculty
and staff can create filters on the mail server or on their
individual computers.”
This software
checks each incoming e-mail and keeps a tally of how many
exact copies of that e-mail are received by users of the
mail cluster as well as departmental servers that make use
of the “checksum” clearinghouse on the mail cluster.
The software
then adds a unique header toward the top of each message.
The header line begins with “X-DCC—Metrics:”
and ends with three codes, each of which is accompanied
by a number: Body, Fuz1 and Fuz2. “Body” indicates
the number of exact copies of that e-mail received by users
of the mail cluster. “Fuz1” and “Fuz2”
indicate how many messages nearly match each other.
Some spam e-mails
are “disguised” so they don’t appear to be
identical, sometimes with just a line added to each e-mail
to make it different, such as the user’s name, in hope
of getting past spam filters. Fuz1 and Fuz2 look for such
tricks.
If the number
assigned to Body, Fuz1 or Fuz2 is greater than 20, the header
is flagged with a “bulk” tag.
Here’s an
example: “X-DCC—Metrics: handler6.mail.rice.edu
1066; bulk Body=17 Fuz1=28 Fuz2=21.”
The bulk tag
is a signal that the e-mail went to a lot of users and might
be spam.
You can create
a filter on your e-mail software to screen for the bulk
tag in the header and automatically send those e-mails to
a special folder or the trash. If you need help making a
filter on your computer, contact your divisional computer
representative or send a request to <problem@rice.edu>,
including a note about which e-mail software you use, such
as Eudora or Outlook Express.
In addition,
you can configure an anti-spam filter on the mail cluster
itself by using the tool at <www.mail.rice.edu>.
Some other tools
at that site can help manage your e-mail, including one
that will display a color-coded version of the messages
in your mailbox, indicating which are tagged as bulk.
Deigaard noted
that some spam-like e-mails might be legitimate, such as
newsletters and conference invitations, but they will still
be tagged as bulk because they are sent to so many recipients.
He recommends
taking a glance at the sender or subject of messages tagged
as bulk before emptying them from the trash.
The screening
is performed on all e-mails from within Rice, but a whitelist
makes certain exceptions possible, such as ALLDEPTS announcements,
so they will not have an X-DCC—Metrics header.
The reason the
volume of spam mail seems to be increasing is that marketers
have gotten really savvy about obtaining lists of e-mail
addresses, Deigaard said.
“If you
post something to a news group or buy something online,
your e-mail address is likely to be collected by a program
that compiles lists that can be bought and sold to commercial
businesses. In addition, if your e-mail address is displayed
on a Web page, the address will be found by an e-mail-collecting
robot,” he said.
Marketers have
also become savvy about customizing messages to outsmart
the filters.
“It’s
an arms race,” Deigaard said, “because we’ll
come up with a solution and then they’ll change their
techniques or tactics. We don’t have infinite resources
to wage this battle.”
Deigaard recommends
ignoring most spam e-mails rather than trying to reply with
a request that the sender remove your name from the list.
Such a reply will either go to everyone on the list, or
it will simply confirm to the spam sender that you received
the e-mail.
HTML mail messages
are also a problem because the simple act of reading them
or simply clicking on them typically causes your mail reader
to download content from a spam Web site and “acknowledges”
that you received the content, Deigaard said.
Either way, your
e-mail address is then associated with a live person. Because
of this latter problem, Deigaard recommends against sending
HTML-rich e-mail.
If your e-mail
browser supports it, you should also disable the displaying
of images and embedded objects in HTML messages.
![NATIONAL/INTERNATIONAL What happened to Texas’ tilt from red to blue? That’s a gray area Mark Jones, the Joseph D. Jamail Chair in Latin American Studies, […]](https://news2.rice.edu/files/2015/08/DATELINE5-36x36.jpg "Dateline Rice for Oct. 4, 2021 (Weekend Edition)"){kind=small}
Leave a Reply