Information about spam defence
What is spam?
Spam is described as "unsolicited bulk messages sent by Email or similar means". In addition to obvious spam, there are also messages that are unwanted to one group of users but of interest to another. The filtering of such messages poses a challenge because the different and sometimes conflicting needs of different users must be taken into account.
What methods are used to reduce spam?
In principle, all mails received and sent on our central mail servers are checked for viruses and spam. This is done using appropriate software from Sophos. This works on the basis of signatures that are updated every 5 minutes. However, the detection of a spam message depends on the quality of the signatures provided by Sophos.
As a second measure, incoming mail is checked to see if the sending server is already known as a spam propagator. If this is the case, the OVGU refuses to accept all mails from this server for a certain period of time.
What happens if a spam message is detected?
If a message is recognized as spam, the header X-PMX-consideredAsspam: yes is inserted in the headers of the Email.
I received a spam message that wasn't marked as spam?
The quality of spam detection depends on the signatures provided. If you have received a spam message that is not marked as spam, you can send this mail to the manufacturer of our Anti-spam software. There these "samples" will be analyzed and if necessary the signatures will be extended. The OVGU does not carry out any further elaborate checks of the content or maintains further lists which additionally mark messages as spam.
How you can send a spam mail not marked as spam to the manufacturer of our Anti-spam software is described here: https://community.sophos.com/kb/en-us/23113
How should I react as a user to messages recognized as spam?
Since a message marked as spam can be relevant for certain user groups in case of doubt, the URZ has not implemented a general procedure for handling such mails. As a user, however, you can configure a basic procedure with these mails yourself in order to facilitate the organization of your mail traffic.
For example, it is conceivable that you can move all marked messages to a specific folder or have them automatically removed. You can define these automatisms yourself via rules for your mailbox.
Please make sure that you do not send automatic replies (e.g. out of office notifications) to spam messages. On the one hand you legitimize your address to the spam senders and on the other hand there is the danger that the servers of the OVGU themselves end up on so-called black lists.
Depending on your mailbox type, proceed as follows to automatically process spam messages:
- Cyrus: Move spam to folder on cyrus accounts
- Exchange: Move spam to folder on Exchange 2016 accounts
Furthermore, the central virus/spam check shows the probability with which a mail is malicious in the headers of the mail. After the check, an additional header (X-PMX-spam:) is inserted, which contains the probability that the mail is malicious.