FAQ - Email: ACCC Anti-Spam Filter FAQ

If you have not already read the general information on our Anti-spam filters, please read that first.

The ACCC Anti-spam filters are applied to all email sent to uic.edu addresses (regardless of whether it is delivered to an ACCC email account) and to all email delivered to an ACCC email account.

To configure your anti-spam filters, visit our Email Filters utility page and login with your UIC netid and ACCC common password. To work on your anti-spam filters, click ANTI-SPAM Settings/Filter.

Question 1.1 How do I get a more detailed report on my spam?

• At the top of the Anti-Spam filter configuration page, there are two basic options: to Tag the email as spam, or to move spam email to your spam email folder on the server.
• The second is the default. With this option, we will send you email messages listing the spam email that you receive, and giving you the option to have it redelivered to your Inbox, and/or to automatically whitelist the sender's email address.
• Want more information about the spam status of a particular message? The anti-spam filter puts information about what spam tests that a message fails in the message header along with the message's spam score, the higher the more likely the message is spam. A spam score of 5 is enough for a message to be marked as spam. There is an example of the full spam headers of a spam message in Canned Spam Filters.

Question 1.2 I am suddenly receiving more/less spam in my inbox now than before. Why?

• Spam fighting is an ongoing war. How much spam you get in a day depends on who is winning the current battle, and that depends on many factors.
• Spammers continually come up with new tricks, so we write filters for them, they come up more tricks, we write more filters, and so on. Sometimes they get ahead, and sometimes we make progress. Sometimes, especially when they deluge us with huge amounts of spam at once, the time it takes to respond is too slow, so more spam gets through.
• Another factor is how much your email address has been spread through the Internet and in spammer databases. A new account will not receive much spam, but the longer you have it the more spam you can expect.
• The best way to avoid spam is preventative -- think carefully before entering your email address into any web forms.
• Also look out for tricks they use to gather addresses, such as "mail this news story to a friend", "send a greeting card to your sibling", etc. Many addresses are on spam lists because some well-intentioned friend fell for one of these tricks.

  We are continually seeking out new software solutions to make this better, but there fluctuating amounts of missed spam are inevitable. Please bear with us.

Question 1.3 What if I don't want to receive ACCC's spam summaries at all?

• We don't recommend this, since you may easily lose legitimate email this way by forgetting to check your spam folder. Nonetheless, if you want to take that risk, you can simply create a separate email filter to do so.
• Use the "CUSTOMIZABLE email filter setup" option to create a new filter. Choose Subject: field of the incoming mail starts with this text, and here you type in ACCC Spam Summary. Then below for what action to take, select Delete the message.

Question 1.4 Mail from lists I'm subscribe to are being marked as spam. What can I do?

• Is the mail coming from a list that is OUTSIDE of UIC? If so, make sure the name of the list is added to the section of the ANTI-SPAM setup page called My Whitelist - Do NOT apply spam filters to certain senders.

Question 1.5 A legitimate message was filtered out as spam, how do I get it back?

• Messages detected to be spam are moved to your spam folder, unless you have specifically selected to bypassed this in your anti-spam settings. The easiest way to move a message back is to use the links in your Spam Report email message. Beside the email message's Subject: is a (redeliver) link; click it to have the message redelivered to your Inbox.
• You can also use Webmail: Login at https://webmail.uic.edu and then click on the spam folder from the left frame. Once you've found your message in the right frame, click to select it, and then click the MOVE button at the top to move it your INBOX.
• For more information on using Webmail, see the ACCC Webmail Users Guide.

Question 1.6 Can I report spam that came to my Inbox?

• You can help us develop spam filters by reporting spam that was not caught by our filters. To do so, we have created a mailbox named reportspam for you in your mailserv, tigger, or icarus email account.
• If you receive spam in your INBOX, move it to this new folder. We will move messages that you put in your reportspam folder out of the folder a few times a day and use them to help us create new anti-spam filters.
• Note: Your reportspam email folder is on the server, not on your local disk. If you use an email program such as Eudora or Outlook with POP, you will not have access to this folder. If you use IMAP, you might have to subscribe to the reportspam folder before you can use it.

Question 1.7 Too many legitimate messages are being marked as spam. What about them?

• Legitimate messages marked as spam are known as "false positives." There are some general things to check:
  • Is it mail that is from a outside of UIC, that looks like spam and is marked as spam, but it is actually legitimate? If you receive this sort of email regularly from the same sender, you can just add the sender to the ANTI-SPAM setup page in the section called My Whitelist - Do NOT apply spam filters to certain senders.

  • If you receive too many false positives for a mixture of reasons, you may want to lower the sensitivity.

  • If a note that looks perfectly legitimate was counted as spam, it may be worth our looking at it. Please send these messages to spamfiltering@uic.edu. Please be sure to include ALL the headers of the email message. Sometimes we are able to find and fix problems by looking at false positive messages. But do not expect a reply to every forwarded message.

Question 1.8 That UIC Listserv email is spam but it always comes through anyway. What can I do?

• By default, all UIC Listserv lists are exempted from spam filtering.
• What you should do in this case is unsubscribe from the list.
• Use the ACCC Listserv Subscriber Utility to subscribe, unsubscribe, or change the options for your subscriptions to UIC Listserv lists.

Question 2.1 Can I change the subject line of all messages marked as spam?

• Yes, using the default option in Message Modifications to add ***SPAM*** before the Subject: in spam email messages.
• This will keep the original subject line the same, but put an indicator before it. So, for example, a note with this subject line,

  Subject: Buy our new CD with a million addresses!!

  would come out as ....

  Subject: ***SPAM*** Buy our new CD with a million addresses!!

Question 2.2 Can I make sure that I don't accidentally run any auto-execute viruses or Web bugs if I open a spam email message?

• Yes, using the default option in Message Modifications to change the original spam message into an attachment.

Question 2.3 I'm still getting too much spam! What can I do?

• You can try setting the Spam Filter Sensitivity threshold lower on the ANTI-SPAM Settings/Filter page.
• The default setting is Normal. You can lower this to Aggressive, but this makes it the MORE likely that legitimate mail will be filtered out as spam.
• You can go further than this, also, though we don't recommend this because it will mean more legitimate messages are accidentally filtered out. But if you are vigilant about checking your spam folder for legitimate messages, you may want to do this:
  • Use the CUSTOMIZABLE email filter setup option to create a new filter. Create the filter to say:
    If any header line of the incoming email starts with this text: X-Spam-Level: ***
  • Then below for what action to take, select that you want it filed into your "spam" folder (if that's where you want it).
  • Note the number of stars (*) in the filter text. The above example has three -- that means that it scored 3 on the SpamAssassin tests -- but you could make it more aggressive yet by using only two, and even more so by using only one. Be sure to have at least one, however, or else it will catch ALL of your messages.
• Or, you can also enter specific custom rules against specific spammers who repeatedly send you similar messages, using their FROM addresses or SUBJECT lines to recognize them. Just use the normal CUSTOMIZABLE filter for this purpose.
• And -- this is perhaps the best option -- you can turn on greylisting, a new tool in the war against spam that really seems to work. For a description, see Greylisting in Canned Spam Filters. I have the sensitivity set to Normal and greylisting on, and I what spam I still get the Junk email filtering features of my email program (Thunderbird) generally takes care of.
• There are two problems with greylisting: (1) it can delay the delivery of some incoming email a bit, and (2) greylisted email is never delivered, and cannot be recovered. See the discussion of greylisting to see whether you want to use it. I don't know of any email that I wanted to see that I've lost to greylisting, but, of course, that might not be the case for you. See also the Greylisting FAQ below.
• See How can I personalize my anti-spam filter to make it more accurate? for a more radical suggestion.

Question 2.4 How can I automatically delete all my spam?

• We strongly discourage this option, since it is very likely that you will loose legitimate email at some point by doing so.
• Nonetheless, you can do this simply by creating another filter in the same manner described above. Use any header line, contains, and then type in X-UICClass: UICClass Spam for the text. Then for the action you can select delete the message. See Creating Local Filters for Spam Headers.

Question 3.1 I have greylisting turned on, but I'm worried that email that I want is being rejected. How do I get a more detailed report on my greylisting?

• There is a Web page in the Email Filters Utility that lists all recent email address that have gone through greylisting.
• Go to the Email Filters utility page and login with your UIC netid and ACCC common password. Click ANTI-SPAM Settings/Filter, and scroll down to the bottom of the the blue boxes; click on view my greylisting statistics.
• I think you will find that the rejected email is all spam.

Question 3.2 I see that a legitimate piece of email has been rejected, can I get it back?

• There isn't anything that YOU can do, but if the message really is legitimate, then you shouldn't have to do anything. The remote server will re-send it to you shortly, at which time it will not be rejected again.

Question 3.3 How long will the delay be for rejected messages?

• That really depends on the remote server from which the message is coming.
• Normally legitimate email servers try to re-send messages within a few minutes after receiving such rejections. Nonetheless, it is rare but possible that the remote server in question is using a larger delay period.

Question 3.4 I've "whitelisted' the address, so why doesn't the mail come back?

• Whitelisting an address will only affect all FUTURE delivery attempts; it can't undo the rejection that we've already given to a particular message.
• However, it is true that after you whitelist an address, it won't be subjected to greylisting rejections or any other type of spam filter rejections.

Need Additional Help?