Recent Changes to Aurora's Mail Policy

 

Recent Changes to Aurora’s Mail Policy

Submitted by Division of Computing and Communications
Phone: (907) 474-6564

07/16/02

Most of us are well aware that the amount of Spam we’re receiving has increased by leaps and bounds in the last couple of months. Many people complain that they get more junk mail than real mail, and wonder if there’s anything that can be done about it.

There are things which can be done, but not always without unwanted side-effects. We can configure mail servers to stop accepting mail from users who have sent us Spam in the past. This was only of limited use in the distant past, as almost all Spam arrives today with a forged return address (sometimes a real return address of someone having nothing to do with the Spam!)

We can configure mail servers to not accept mail with a specific subject, such as (recent examples):

  • "Free 100 minute phone card delivered Instantly by e-mail"
  • "Want to boost your sales with Internet Marketing? Try HiMailer."
  • "Animal kingdom"
  • "Grow biologically younger in 30 days or less ... Guaranteed!"

The most significant problem with this method of screening is that the Spammers change their Subjects almost daily; some spamming software even changes the subject automatically, for every message. So after a little time, the mail server has a number of subjects that it’s screening for that it’ll never see! Incidentally, this is still the easiest way to screen for email viruses which always use the same subject, such as the "ILoveYou" and "Homepage" viruses....

We can configure mail servers to stop accepting mail from other servers which have been used by spammers to send from. This is much more effective, but is more problematic, also, since spammers often use legitimate services to broadcast their spam (until they’re caught and booted off). The problem here is the risk of denying legitimate mail coming from the same server.

Aurora has recently been configured to stop accepting mail from "open relay" mail hosts (hosts which will accept and relay mail from anyone to anywhere). We are using outside services for this; see their web pages at:

http://www.ordb.org/

http://www.mail-abuse.org/

This will very likely result in some legitimate mail being rejected. Please let us know when this occurs (you’ll generally hear about this by a phone call!) The rejection message will say something like:

550 Mail from remote.site.address refused - see http://ordb.org/ E-mail: fxhelp@uaf.edu or call the Help Desk at 474-6564; let us know the address of the person who’s trying to send you mail, and we’ll work to get any blockage resolved!

The System Management Rasmuson Division of Computing and Communications