Mason Fights Back As Spammers Get More Creative
Posted: October 17, 2006 at 1:00 am, Last Updated: November 30, -0001 at 12:00 am
By Amy Brener
Have you noticed over the past few months that you are getting more spam e-mails than you used to? As e-mail filter programs, such as the Mail Frontier program Mason installed several years ago, have gotten better at identifying spam, the spammers have gotten more creative at getting their spam through.
You may also have noticed that the vast majority of the spam messages you receive appear in a colored box. In fact, these are images; the spammers paste these “pictures” into the bodies of e-mails. Because these pictures cannot be read for content and because they come from seeming legitimate e-mail addresses, they are not filtered out at first.
Joy Hughes, vice president of information technology and CIO, explains, “Through phishing and other malware, (spammers) hijack innocent machines and use these machines to send their messages. As soon as that machine’s address is identified by the anti-spam vendor as being ‘bad,’ the spammer moves to another hijacked machine.”
Anti-spam vendors are developing methods to “read” these pictures, and Mason is working with the Mail Frontier vendor on this. However, Hughes observes, “Once we can block the spam that use pictures, the spammers will think of some other way to get around the blocks, and the cycle will start again.”
There are several things an individual can do to weed out more of this spam. Tracy Holt, the Information Technology Unit’s (ITU) manager of e-mail systems and accounts, explains that most e-mail client programs, such as Microsoft Outlook and Netscape Navigator, support e-mail filtering and allow you to be more aggressive in your filter procedures.
Information on spam, phishing and related issues is available on the ITU Security Office web page. Prepared by Cathy Hubbs, director of the ITU Security Office, this page explains how spammers get your e-mail address and provides step-by-step instructions on how to set filters in the Netscape e-mail client provided on campus.
Mail Frontier is automatically enabled on all student, faculty and staff e-mail accounts. It screens incoming mail and quarantines messages classified as spam. Users can look at these e-mails in a daily Junk Box Summary and “unjunk” any that are not spam; otherwise, the system automatically deletes these messages after seven days. Of course, users can opt out and can also control how aggressively the system categorizes something as spam.
Recently, Hughes reported that in October 2005, the university received more than 13 million e-mail messages a month, 70 percent of which were blocked by the filter as clearly being malware, such as spam or viruses. Four million messages a month were delivered, some of which were malware that the filter did not detect.
Now, a year later, Mason receives almost 30 million e-mail messages a month, with a higher percentage (77 percent) being blocked. A year ago, just under 10 million messages were blocked each month as “bad,” whereas 23 million are now blocked. However, the great growth in the total volume of messages means that the number classified as “probably good” has also grown, as has the number of bad messages allowed through.
If you want to make changes in how Mail Frontier handles your specific e-mail account, Holt suggests you log in to Mail Frontier at antispam.gmu.edu. The ITU Support Center can also help. Call 703-993-8870 or e-mail firstname.lastname@example.org.
If you receive e-mail that is clearly spam but is not being caught by the e-mail filters, forward those e-mails to email@example.com. These e-mails go directly to the Mail Frontier vendor for analysis and possible inclusion in the database of known spam, allowing the software to block future instances of the same message, Holt explains.
Amy Brener is the ITU communication coordinator.