ACCC Home Page ACADEMIC COMPUTING and COMMUNICATIONS CENTER
Accounts / Passwords Email Labs / Classrooms Telecom Network Security Software Computing and Network Services Education / Teaching Getting Help
 

FAQ - Email: Mailserv Anti-Spam Filter FAQ

 

If you have not already read the general information on our Antispam filters, you should read that first.

This page addresses advanced Antispam filtering issues and solutions for the new Antispam filters running on our Mailserv machine (not tigger or icarus).

Below are instructions on carrying out common tasks. If you would like more information on all the options and exactly how they work, you should visit the SpamAssassin web site, and in particular their page describing all of the configuration options.

 

Table of Contents

  1. Mailserv ANTI-SPAM Filter
    1. I'm still getting too much spam! What can I do?
    2. Mail from lists I'm subscribe to are being marked as spam. What can I do?
    3. Too many legitimate messages are being marked as spam (false positives). What about them?
    4. My BCC: email keeps getting marked as spam. What can I do?
    5. That UIC listserv is spam but it always comes through anyway. What can I do?
    6. Can I change the subject line of all messages marked as spam?
    7. How do I get a more detailed report on why certain messages are marked as spam?
 
     
Mailserv ANTI-SPAM Filter
 

Question 1.1 I'm still getting too much spam! What can I do?

  • You can try setting the threshold lower. The default setting is 5 - meaning you need five points worth of spam indicators for it to be counted as spam. You can lower this to whatever number you like, but the lower the number, the MORE likely that legitimate mail will be filtered out as spam.
  • To do so, in the ADVANCED Antispam settings page, create a new preference of type required_hits. For the value, enter whatever number you would like, remembering that 5 is the default, and that you are more likely to miss non-spam by lowering the value.
  • Or, you can also enter specific rules against specific spammers who repeatedly send you similar messages, using their FROM addresses or SUBJECT lines to recognize them. Just use the normal CUSTOMIZABLE filter for this purpose.
  • Or, if you would always count email from a certain domain or address as spam, you can "blacklist: it. To do so, in the ADVANCED Antispam settings page, create a new preference of type blacklist_from. For the value, enter the domain or address you'd like to always be counted as spam

Question 1.2 Mail from lists I'm subscribe to are being marked as spam. What can I do?

  • Is the mail coming from a list that is OUTSIDE of UIC? If so, make sure the name of the list is added to the section of the ANTI-SPAM setup page called "2) Off-campus Lists and other exemptions".

Question 1.3 Too many legitimate messages are being marked as spam (false positives). What about them?
Legitimate messages marked as spam are known as 'False Positives'. There are some general things to check:

  • Is the mail addressed to your netid@uic.edu address? If it is NOT mail from a list, and it is also NOT addressed to your UIC address, then it is more likely to be counted as spam. To prevent this, add any alternative addresses you may have in the section of the ANTI-SPAM setup page called "1) Alternate Email Addresses".

  • What about mail that is from a non-UIC entity, which looks like spam and is thus so marked, but it is actually legitimate? If you receive them regularly from the same sender, you can just add them to the ANTI-SPAM setup page in the section called "2) Off-campus Lists and other exemptions".

  • In general, if you receive too many false positives for a mix of reasons, you may want to increase the threshold score. The default setting is 5 - meaning you need five points worth of spam indicators for it to be counted as spam. You can raise this to whatever number you like, but the higher the number, the more spam will slip through undetected.

    To do so, in the ADVANCED Antispam settings page, create a new preference of type required_hits. For the value, enter whatever number you would like, remembering that 5 is the default.

  • Finally, if a note that looks perfectly legitimate was counted as spam, it may be worth our looking at it such that we fix errors introduced with changes. Please feel free to send such messages to spamfiltering@uic.edu. Please be sure to include ALL the headers of the email message.

Question 1.4 My BCC: email keeps getting marked as spam. What can I do?

  • Some people send mail using BCC (blind carbon copy). It means that none of your address appear in any of the email headers. Since messages like this are usually spam, when the spam filters see messages such as these, it weights them as spam if they are coming from outside of UIC.

  • If you receive legitimate email from outside of uic that is sent this way, you may want to disable this check. You can do so from the ADVANCED Antispam settings page. Add a new preference called score and for the value of the preference put in

    UIC_BAD_TO 0


Question 1.5 That UIC listserv is spam but it always comes through anyway. What can I do?

  • By default, all UIC listserv lists are exempted from spam filtering. If you would like to override this setting for any particular listserv, such that it is sent through the spamfilter anyway, you may do so in the ADVANCED Antispam settings page, in the section called "UIC Listserv Lists".
  • However, what you really should do is unsubscribe from the list:

Question 1.6 Can I change the subject line of all messages marked as spam?

  • By default we do not changing the subject line. But you can have all your spam messages have their subject lines rewritten to indicate that it is spam.
  • To enable this, in the ADVANCED Antispam settings page, create a new preference called rewrite_subject, and for the value put in the number 1.
  • That will keep the original subject line the same, but put an indicator before it, such that a note with this subject line,

    Subject: Buy our new CD with a million addresses!!

    would come out as ....

    Subject: *****SPAM***** Buy our new CD with a million addresses!!

  • Instead of using *****SPAM*****, you can also change what that string is by creating a preference called subject_tag with whatever you would like as the value. If you'd like it to display the score, include the string _HITS_.

Question 1.7 How do I get a more detailed report on why certain messages are marked as spam?

  • By default we put a short report of the scoring into the email headers.
  • If you would like the report of the scoring placed into the body of the note, you can do so in the ADVANCED Antispam settings page.
  • Create a new preference called report_header and for the value enter the number 0.
  • You can also choose how detailed the report should be. By default the report is terse. For all the details and explanations create a new preference called use_terse_report and for the value enter the number 0.

Need Additional Help?

Consider our Troubleshooting Guide. If you need additional assistance, please call the Client Services Office at (312) 413-0003. You can file a problem report or email us at consult@uic.edu. 		 

2007-5-23  cso@uic.edu
UIC Home Page Search UIC Pages Contact UIC