[weather]

Greenfield Community College

  • Login
  • Directory
GCC Information Security Office

Spam Prevention Techniques

Spam prevention can be accomplished by adhering to the following guidelines:

– Increase your protection level as you need to To obtain the maximum protection possible from using the Junk E-mail Filter and other enhanced privacy features, set the protection level of the Junk E-mail Filter to High or to Safe Lists Only.

– Keep your Junk E-mail Filter updated Updates are available at Downloads on Office Online. Under Office Update, click Check for Updates.

– Block images in HTML messages that spammers use as Web beacons A Web beacon can be a graphic image, linked to an external Web server, that is placed in an HTML-formatted message and can be used to verify that your e-mail address is valid when the message is opened and images downloaded. By default, Outlook is set to block automatic picture downloads. To verify what your automatic download settings are, on the Tools menu, click Options. Click the Security tab, and then click Change Automatic Download Settings. Verify that the Don’t download pictures or other content automatically in HTML e-mail check box is selected.

– Watch out for check boxes that are already selected When you buy things online, companies sometimes add a check box (already selected!) to indicate that it is fine to sell or give your e-mail address to other businesses (third parties). Clear the check box so that your e-mail address won’t be shared.

DO NOT sign up for commercial mailing lists.

DO NOT reply to email or unsubscribe from a mailing list that you did not explicitly sign up for.

– Configure your email client to send and receive email in Text (Plain Text) or Rich Text (plain text plus special commands) Format. For Microsoft Outlook go to:

Tools > Options… and click the Mail Format Tab.

Change your Message format to Text

Click OK.

– Setup a filter or rules depending on your email client. e.g. Eudora and Microsoft Outlook.

– Spam that is fraudulent – offering products that don’t work or don’t exist, pyramid schemes and so on – can be sent to the US Federal Trade Commission at uce@ftc.gov.

– Spam that promotes stocks can be sent to the US Securities and Exchange Commission at enforcement@sec.gov.

 

SPAM FAQ’s (Frequently Asked Questions)

Why am I getting email that wasn’t addressed to me?

Spammers use lists of email addresses. Specialized programs used to send spam, will take an email list and use the BCC (Blind Carbon Copy) feature to send to all the addresses on the list, without any of the recipients seeing the addresses, including their own. It’s important to remember that the To:, From:, and other fields of the email that are usually visible when you read a message DO NOT contain the addressing information that is used to deliver email to your mailbox. The address information is contained in the Envelope of the email that is discarded when it arrives at the mail server which then places the message in your mailbox. If it was in your mailbox, it was addressed to you

Where did the spammer get my email address?

Spammers harvest email addresses in a number of ways:

  • They pull them from subscriber lists (such as AOL’s Member Profile list).
  • They use web-crawling programs that look for email addresses on web pages.
  • They take them out of online directories.
  • Infected computers from the address book or list.
  • They buy databases of addresses.
  • They take them from you without your knowledge when you visit a web site.
  • They collect member names from online “chat” rooms

What do I do when I receive spam?

You have a few options when you receive a spam mail. Most people who don’t receive very much spam just delete it.  If it’s in question you can open a helpdesk ticket for support or ask a co-worker or supervisor.  We are working to create a new email gateway for Spam reporting this summer.

Is there a security problem with our GCC e-mail server?

No. The security problem extends, unfortunately, to the email protocol itself. Mail administrators are required to return as undeliverable any messages addressed to an invalid address on their network. This opens up the possibility for abuse by spammers running software that attempts to send email to as many different addresses as possible.

Do cookies have something to do with this?

Cookies are short pieces of text, stored on your computer, which are placed there by web sites that you have visited so that those web sites can remember who you are (or preferences you may have selected) the next time you visit. Although this is convenient if you make frequent trips to the same site, there are also well-known concerns regarding their use.

Why can’t you filter this stuff?

GCC does filter for spam and viruses when being sent to us. It is very difficult to stay on-top of this issue especially in the academic environment.  Some statistics of our spam blocking system are below.

Are there ways that I can filter this stuff from my mailbox myself?

Yes. In the outlook system you can help yourself with this however it is ever changing.

Can you block all email messages not addressed to me?

We could prevent any email without a legitimate To: header from reaching our customers at all. However, the downside of this plan is the potential for much legitimate email to be lost (for instance, mailing list messages addressed to “mailing list recipients” rather than a specific GCC address used for marketing). Our top priority is to achieve a balance for our customers and limit the loss of legitimate email simply because an automated process considered it to be spam. Unfortunately, this also means that illegitimate email will reach you.

I got spam that says it “complies with federal requirements.” Is spamming illegal?

At this time there is no federal legislation either supporting or prohibiting the sending of unsolicited email messages. However, you may have noticed that some spam includes the following language (or something similar):

This message complies with the proposed United States Federal requirements for commercial email. For additional information see http://www.senate.gov/~murkowski/commercialemail/EMailAmendText.html 
Current information on the status, text, and summary of Title 3 of S. 1618 and H.R. 3888, its companion bill, can be found by using Thomas, the legislative information system run by the Library of Congress.

Although this all sounds rather intimidating, it is also misleading since it implies that the spammer has acted within federal law in sending you their message. The bill to which these spammers refer (commonly called the “Murkowski bill”) would have legalized the sending of unsolicited commercial email provided certain requirements were met. However, although this bill passed the Senate, it died in conference committee and never passed the House. Therefore, it never became law.

Isn’t it illegal to send spam to Washington State residents?

A Washington law passed in 1998 and upheld by the state Supreme Court in 2001 makes it illegal to send unsolicited commercial email that has been addressed in a false or misleading way. This type of spam is especially troubling because it can cheat consumers out of their money, undermine consumer confidence in online commerce and harm legitimate Internet marketers. One example of illegal spam purports to come from reputable business firms and is intended to harass those firms or to elicit personal information from recipients.

In 2003, the federal government also passed an anti-spam law, called the CAN Spam Act. Among other regulations, the CAN Spam Act requires that unsolicited commercial email be clearly identified as such and that consumers be able to opt-out of receiving more emails. The Federal Trade Commission is also charged with investigating the viability of a do-not-spam registry, similar to the do-not-call registry already in place.

In order to take advantage of the law, you must register your email address as a Washington State address at the WAISP Registry Page .

I’ve been spammed, now what?

You have a few different options:

  • Delete the spam and not give any more thought to it.
  • Create email filters in your email client to remove the spam.
  • Find the originating network of the spam and send a complaint to the administrators of that network. If you choose to do this, be sure that the complaint is sent to the proper address.

One thing you should never do is respond to spam, either by replying to the email, sending email to the “Remove” email address since doing so verifies to spammers that your email address is a valid one. You should also refrain from retaliating against such email by flaming, mail-bombing, or using other equally abusive tactics to get back at the spammer.

283 queries in 1.879 seconds.