Email: Spam and Virus Filtering
About Spam and Virus Filtering
Columbia University's mail server columbia.edu began filtering against viruses and junk mail system-wide in 1999. In 2003 we started using Spamassassin software to identify and reject junk mail.
CUIT uses several methods to filter mail that arrives on our mail system to remove as many unwanted messages as possible. Below is an outline of what is being done.
Email viruses spread by mailing themselves as file attachments. Some mail-reading software executes or offers to execute attached files, making it extremely easy for the virus to spread. Viruses may claim to be mail from someone you know, or mail you sent that could not be delivered, or even anti-virus software, whatever it takes to entice you to open the attachment.
Windows uses the three-letter extensions on files to determine the type of file. Many of the standard file types are executable files, meaning that Windows will automatically start running them as a program as soon as they are 'clicked' on. Following Microsoft's recommendations, we have blocked the transmission of the following standard file extensions through our email system:
ade adp app bas bat chm cmd com cpl crt csh dll exe fxp hlp hta ini ins isp js jse ksh lib lnk mda mdb mde mdt mdw msc msi msp mst ocx ops pcd pif prg rar reg scr sct shb shs sys vb vbe vbs wsc wsf wsh xsl
We accept zip files from outside of our own email systems, as long as the zip file does not contain any executable code.
We allow files with certain other extensions such as doc, txt, xls, rtf and others. These may still contain malicious code, but it will not automatically run when you click on them.
We are taking several steps to identify and reject as much spam as possible without interfering with legitimate messaging. Messages are scored by software called SpamAssassin for spam-like characteristics. Messages scoring above the threshold score (8.0) are rejected. Other messages are delivered with the score indicated in an X-Spam-Score header.
By rejected we mean that as the message is being sent to our mail server, our mail server sends back an error code stating that we do not accept the message. This causes a "bounce notice" to go back to the sender.
Delivery of legitimate mail could be affected by the filters. Our goal is to make this as rare as possible. If it happens, we will study what factors caused filtering and work with the sender to solve the problem. For fast resolution of such problems, we need as much detail as possible about when the message was sent and the sender and recipient addresses. A copy of the bounce notice is ideal: send it to firstname.lastname@example.org.