Simon's Rock CMS

Spam and Email Filtering:

The following is a supplementary document to the AUP. Please direct all comments about this policy to action.

General:

  • Use of Simon's Rock email accounts and/or network resources for the sending of unsolicited bulk email (spam) will not be tolerated and will result in loss of email and/or network privileges.
  • We try to prevent as much spam as possible from reaching you. To do this we employ a number of different methods including using DNSBLs (blacklists of IP addresses of known-spammers), rejecting email based on particular content using the capabilities of Postfix, and using a variety of additional methods to tag email as spam.
  • Only you can prevent spam. Please report all spam with full headers to spam@simons-rock.edu. Your spam reports will help us block spam from reaching you.
  • We try not to block legitimate email. If you believe legitimate email is being blocked, please email spam and we will make sure that future such emails are delivered.
  • We do not read your email without permission. We are dedicated to treating all data stored on our servers as private.

Blocking by IP:

  • We block mail from misconfigured or RFC non-compliant mail/spamware servers, including those without valid DNS.
  • We believe that DNSBLs (sometimes referred to as RBLs), when used responsibly, provide an effective means of preventing spam from open mail relays, open proxies, and known spammers.
  • When choosing DNSBLs, we try to use the following guidelines: clear policy associated with the DNSBL; favorable reviews from DNSBL subscribers; DNSBL does not block on random user submissions without testing; DNSBL describes or points to a procedure for blocked admins to secure their sites and be unlisted; DNSBL unlists secured sites in a timely fashion; DNSBL has been tested against a random sampling of our email.
  • DNSBLs we are currently using include sbl.spamhaus.org, cbl.abuseat.org, proxies.blackholes.easynet.nl, relays.ordb.org, and opm.blitzed.org. (Sadly, spews.relays.osirusoft.com and proxies.relays.monkeys.com are no longer operational.) To check to see if an IP address is listed on these and other lists, see http://openrbl.org/.
  • We will block single IP addresses from which spam is reported to us.
  • We will block single IP addresses or, in some cases, ranges of IPs upon noticing unauthorzied traffic (such as dictionary attacks) originating from those IPs.
  • Upon reasonable request, we will whitelist IPs.

Blocking by Content:

  • Upon spam reports from users or from information gleaned from mail logs, we will block email addresses associated with spam.
  • Upon spam reports from users, we will block email containing particular subject lines.
  • Upon spam reports from users, we will block email containing particular phrases in the message body (for example "HUMAN GROWTH HORMONE" and "Please select the email list you would like to purchase"). We will try to make all phrases unique enough that they will not catch any legitimate email.
  • By writing custom rules we will block email with known virus characteristics (Klez, Snowhite, etc), including a number of different types of attachments.
  • We use a commercial antivirus product, RAV, to block nearly all (if not all) viruses that get through our custom filters.

Tagging:

  • In addition to blocking email, we use spamassassin to tag (not block) email as likely-spam (by modifying the headers). You may configure your email client to ignore, filter on, or delete emails that have been tagged as likely-spam. For instructions, see the FAQ.
  • We encourage you to use any spam filtering techniques supported by your mail client. In particular, Mac OS X Mail.app users should use the available statistical Junk Mail filtering capabilities.