Spam is unsolicited mass spread message. Text spam itself is not dangerous.
Newer spam in HTML form may contain some return channels to identify
validity of recipient's address. Spams are omnipresent, it is
reported that up to 90% of delivered mail is spam.
E-mail servers on FIT and FEEC use several effective tools to filter
out unsolicited e-mails:
- E-mails are accepted from servers properly registered in DNS
(both direct and reverse record are required).
If you experience a problem please let us know - wrongly registered servers may be added to whitelist.
- Mail server has to identify itself using legal name in SMTP HELO/EHLO
command. Server is rejected if pretends to be in BUT domain,
uses illegal name (e.g. loclahost) or name without domain.
This step is omitted in aces of authenticated connections (submitting messages
- Connection from servers known to be source of spam is rejected based on on-line lists:
- All messages are scanned with Clamav antivirus system. All infected mails are discarded. Clamav also detects phishing attemtps.
- Spam detector SpamAssassin checks
all messages. E-mails with lower spam level is marked with a header and
delivered, spams with high level (over 10) are discarded.
SpamAssassin is installed on servers KAZI, EVA, GUTA, KOS and FEST.
Using SpamAssassin depends on user. If you wish you may configure SpamAssassin and use it.
Detailed documentation is on
Web - just follow
instructions for procmail user settings.
Example .procmailrc for those who do not bother reading documentation:
* ^X-Spam-Status: Yes
Spamassassin adds the X-Spam-Status header to the letter. The
X-Spam-Status header contains the first word 'Yes' if the spam
rating exceeds the default value (default 7.0), otherwise the first
word 'No' is the first word. In addition, this heading lists the
numeric rating and the list of spam flags found.
X-Spam-Status: Yes, hits=20.0 required=7.0
If procmail finds a message with X-Spam-Status header containing 'Yes' the message is moved to special mailbox 'probably-spam' in directory $HOME/mail
(the name of mailbox may be changed but do not discard such messages automatically since even innocent message may be marked as SPAM sometimes).
After editing .procmailrc do check everything works fine (send a message to yourself, verify it is delivered etc.).
Standard rules for evaluating SPAM level of messages
are stored in directory /var/db/spamassassin/.
User setting is read from file
$HOME/.spamassassin/user_prefs (it is created during the first run)
where you can set:
Procmail is a delivery program in use
on all mail server of FIT and FEEC.
Delivery is controlled by $HOME/.procmailrc file.
Procmail can filter messages using any other programs, store them in
different mailboxes or forward to other addresses.
The description can be read in man procmailrc and examples in
man procmailex. When using procmail for forwarding messages do not
forget to include condition
* !^FROM_MAILER to appropriate rule:
- required_hits 5
- Level of point value to mark message as SPAM
- rewrite_subject 1
- Insert string '*******SPAM*********' into Subject header,
if evaluated as SPAM (on by default, should be set to 0 when filtering SPAMs to special mailbox).
* !^FROM_MAILER # do not forward errors
* < 1000 # only small messages to mobile phone
This rule ensures no messages from daemons are forwarded (messages originated
at mail server, from users like postmaster, daemon, mmdf, uucp and many more).
If you omit this rule infinite mail loop may be created: if destination mailbox is full the message is rejected, error message is forwarded again to blocked mailbox and new error message is generated...
How to deal with SPAM
- Do not waste your time reading SPAM. If a message is labeled as a SPAM level 15 by SpamAssassin you may be sure there is no useful information inside and
the message may be deleted immediately.
- Do not be tempted to reply or click on Unsubscribe link.
Hardly any sender will remove your address although obliged by law.
By reply or attempt to unsubscribe you provide precious information
you really read mail sent to your address and you may receive even more SPAM.
- Do not supply your e-mail address when you are not sure it will be treated
properly (special offers like "win just for registration" etc.).