Question 1.1 How do I get a more detailed report
on my spam?
- At the top of the Anti-Spam filter configuration page, there
are two basic options: to Tag the email as spam, or to move
spam email to your spam email folder on the server.
- The second is the default. With this option,
we will send you email messages listing the spam email that you receive,
and giving you the option to have it redelivered to your Inbox, and/or
to automatically whitelist the sender's email address.
- Want more information about the spam status of a particular message?
The anti-spam filter puts information about what spam tests that a message
fails in the message header along with the message's spam score, the higher the
more likely the message is spam. A spam score of 5 is enough for a message to be
marked as spam. There is an example of the full
spam headers of a spam
message in Canned Spam Filters.
Question 1.2 I am suddenly receiving more/less spam in my inbox now than before. Why?
Question 1.3 What if I don't want to receive ACCC's spam summaries at all?
- We don't recommend this, since you may easily lose legitimate email this way by forgetting to check your spam folder. Nonetheless, if you want to take that risk, you can simply create a separate email filter to do so.
- Use the "CUSTOMIZABLE email filter setup" option to create a new filter. Choose Subject: field of the incoming mail starts with this text, and here you type in ACCC Spam Summary. Then below for what action to take, select Delete the message.
Mail from lists I'm subscribe to are being marked as spam. What can I do?
Question 1.5 A legitimate message was filtered out as spam, how do I get it back?
- Messages detected to be spam are moved to your spam
folder, unless you have specifically selected to bypassed
this in your anti-spam settings. The easiest way to move a message back is to use the links in your Spam Report email message.
Beside the email message's Subject: is a (redeliver) link; click it to have the message redelivered to your Inbox.
- You can also use Webmail: Login at
https://webmail.uic.edu and then
click on the spam folder from the left frame. Once you've
found your message in the right frame, click to select it, and then
click the MOVE button at the top to move it your INBOX.
For more information on using Webmail, see the ACCC Webmail Users Guide.
Question 1.6 Can I report spam that came to my Inbox?
You can help us develop spam filters by reporting spam that was not caught by our filters.
To do so, we have created a mailbox named reportspam for you in
your mailserv, tigger, or icarus email
- If you receive spam in your INBOX, move it to this new folder.
We will move messages that you put in your reportspam folder out of the folder a
few times a day and use them to help us create new anti-spam filters.
Note: Your reportspam email folder is on the server, not on your local disk. If you
use an email program such as Eudora or Outlook with POP, you will not have
access to this folder. If you use IMAP, you might have to subscribe to the
reportspam folder before you can use it.
Question 1.7 Too many legitimate messages are being marked as spam. What about them?
Legitimate messages marked as spam are known as "false positives."
There are some general things to check:
- Is it mail that is from a outside of UIC, that looks
like spam and is marked as spam, but it is actually legitimate? If
you receive this sort of email regularly from the same sender, you can just add
the sender to the ANTI-SPAM setup page in the section called
My Whitelist -
Do NOT apply spam filters to
- If you receive too many false positives for a mixture
of reasons, you may want to lower the sensitivity.
- If a note that looks perfectly legitimate was counted
as spam, it may be worth our looking at it. Please send these messages to
Please be sure to include ALL the headers of
the email message. Sometimes we are able to find and fix problems by looking at
false positive messages.
But do not expect a reply to every forwarded message.
That UIC Listserv email is spam but it always comes through anyway. What can I do?
By default, all UIC Listserv lists are exempted from spam
- What you should do in this case is unsubscribe from the list.
- Use the ACCC Listserv Subscriber Utility
unsubscribe, or change the options for your subscriptions to UIC Listserv lists.
Spam appears to be coming from my account! What can I do?
Spammers normally forge the FROM address in an email. Sometimes they forge it so that it's the
same value as the recipient to whom they are sending, hoping to bypass anti-spam filters by doing so.
Most spam filters are not so easily fooled, however, so these are usually caught and filtered with
It can be disconcerting to users, because it appears as though this spammer is actually using your
account to send out these messages. But this is not the case -
the fact that someone can send email using your address does not mean that
they have any access to your account. Forging email is very easy, as easy as writing
whatever you want to write in the return-address part of a physical paper envelope. Mail is
delivered as addressed regardless of what is written in that field. Email works the same way.
In some cases, more rarely, the spammer may choose your address as the FROM address in a large
batch of spam sent out to very many recipients. Again, they are hoping that anti-spam filters
will allow it through since it appears to come from a legitimate UIC address, but this tactic
usually fails as well. Unfortunately this has a nasty side-effect.
Since spammers often send messages to many invalid recipients, all those messages get bounced
back to the sender. But in this case the sender is you. So you may suddenly be deluged with
many bounced messages from all over the place, which are bouncing spam messages back to you
as though they came from you.
Spammers won't keep using the same address, they will change with each batch, so this
problem normally goes away by itself after a week or two of bounces.
But we can, on request, setup a special filter for such bounced
messages for you if it persists.
Can anything be done about this? We do try to catch these with anti-spam filters, but spammers
know about these filters too, and the cat-and-mouse game continues, so we will not probably
never reach 100%. Can anything be done about forging email FROM fields? Yes, for secure
mail there are "PGP" signatures and other encryption techniques. It requires the sender
and the recipient to be aware of these methods, so most users have not found
the complexity and effort necessary to use it worth their while. At least not yet.
Question 2.1 Can I change the subject line of all messages marked as spam?
Question 2.2 Can I make sure that I don't accidentally run any auto-execute viruses or
Web bugs if I open a spam email message?
I'm still getting too much spam! What can I do?
This is also changing as we move more incoming email to be processed by our
new Barracuda antispam and antivirus appliances. See
Upcoming Changes to Spam Filtering for details.
You can try setting the Spam Filter Sensitivity
threshold lower on the ANTI-SPAM Settings/Filter
- The default setting is
Normal. You can lower this to Aggressive, but this makes it
the MORE likely that legitimate mail will be
filtered out as spam.
You can go further than this, also, though we don't recommend this because it will mean more legitimate messages are accidentally filtered out. But if you are vigilant about checking your spam folder for legitimate messages, you may want to do this:
Use the CUSTOMIZABLE email filter setup option to create a new filter. Create the filter to say:
If any header line of the incoming email starts with this text: X-Spam-Level: ***
Then below for what action to take, select that you want it filed into your "spam" folder (if that's where you want it).
- Note the number of stars (*) in the filter text. The above example has three -- that means that it scored 3 on the SpamAssassin tests -- but you could make it more aggressive yet by using only two, and even more so by using only one. Be sure to have at least one, however, or else it will catch ALL of your messages.
Or, you can also enter specific custom rules against specific spammers who
repeatedly send you similar messages, using their FROM addresses or
SUBJECT lines to recognize them. Just use the normal CUSTOMIZABLE
filter for this purpose.
And -- this is perhaps the best option --
you can turn on greylisting, a new tool in the war against
spam that really seems to work. For a description, see
Greylisting in Canned Spam Filters.
I have the sensitivity set to Normal and greylisting on, and I what spam I still
get the Junk email filtering features of my email program (Thunderbird) generally
takes care of.
- There are two problems with greylisting: (1) it can delay the delivery
of some incoming email a bit, and (2) greylisted email is never delivered, and cannot
be recovered. See the discussion of greylisting to see whether you want to use it.
I don't know of any email that I wanted to see that I've lost to greylisting, but,
of course, that might not be the case for you. See also the
Greylisting FAQ below.
See How can I personalize my anti-spam filter to make it more accurate? for a more radical suggestion.
How can I automatically delete all my spam?
- We strongly discourage this option, since it is very likely that you will loose legitimate email at some point by doing so.
- Nonetheless, you can do this simply by creating another filter in the same manner described above. Use any header line, contains, and then type in X-UICClass: UICClass Spam for the text. Then for the action you can select delete the message. See Creating Local Filters for Spam Headers.
Question 3.1 I have greylisting turned on, but I'm worried
that email that I want is being rejected. How do I get a more detailed report
on my greylisting?
- There is a Web page in the Email Filters Utility that lists
all recent email address that have gone through greylisting.
- Go to the
Email Filters utility page
and login with your UIC netid and ACCC common password.
Click ANTI-SPAM Settings/Filter, and scroll down to the bottom
of the the blue boxes; click on view my greylisting statistics.
I think you will find that the rejected email is all spam.
Question 3.2 I see that a legitimate piece of email has been rejected, can I
get it back?
There isn't anything that YOU can do, but if the message really is legitimate,
then you shouldn't have to do anything. The remote server will re-send it to you shortly, at
which time it will not be rejected again.
Question 3.3 How long will the delay be for rejected messages?
- That really depends on the remote server from which the message
- Normally legitimate email servers try to re-send messages within
a few minutes after receiving such rejections. Nonetheless, it is rare but
possible that the remote server in question is using a larger delay period.
Question 3.4 I've "whitelisted' the address, so why doesn't the mail
- Whitelisting an address will only affect all FUTURE delivery
attempts; it can't undo the rejection that we've already given to a particular
- However, it is true that after you whitelist an address, it won't be
subjected to greylisting rejections or any other type of spam filter rejections.
Need Additional Help?
Consider our Troubleshooting Guide.
If you need additional assistance,
please call the Client Services Office
at (312) 413-0003.
You can file a problem report
or email us at email@example.com.