 |
Wikipedia defines spam as...
"the abuse of electronic messaging systems to send unsolicited,
undesired bulk messages."
- read more at Wikipedia |
|
OCIS currently provides a few levels of defense, Server level, User level,
and Commercial level
that help to combat the amount of unwanted mail that is being sent to customer mailboxes.
By default, the OCIS setup is fairly 'loose'. To gain full protection,
users must set up the levels appropriately. The Server levels of defense can be set up
and further explained by visiting via the "Check Mailbox Spam Protection" button in the OCIS User Zone. The User levels of defense
are available and set up on our SquirrelMail Webmail
enabled servers via the "Spam Filters" menu option. The Commercial level of
defense can be enabled by contacting our office and requesting the service be added to
your mailbox.
Please read on for a more detailed
explanation...
Overview of OCIS Protection |
Server Level Protection More info
Configured via User Zone
Realtime Black Lists (RBL)
Reverse DNS checks (rDNS)
Loose SpamAssassin
|
User Level Protection More info
Configured via SquirrelMail
Always-From Whitelists
Only-to-CC Whitelists
Tight SpamAssassin
|
Commercial Level Protection More info
Subscription Service by request
SecureLinks Filtering
|
Additional Protection More info
Outlook Express Rules
|
Server Level Protection Top
Server Level Protection is filtering performed as inbound messages reach the OCIS mailservers. Messages are run
through a number of different protection methods which help to determine whether a message should be sent on to
the intended recipient. Mail that does not pass the tests is not accepted by the mailserver and legitimate senders
of messages should receive a message indicating that their message was rejected. Following are the current methods
of Server Level Protection:
| Realtime Black Lists (RBL) |
| |
RBL are lists of mailserver addresses that have been deemed to be the source of
unwanted mail. There are many different RBL available and OCIS picks from the lists which are
known to be most effective. OCIS immediately rejects
mail that originates from relays.ordb.org,
dul.dnsbl.sorbs.net, sbl.spamhaus.org and
list.dsbl.org. OCIS allows clients to opt in to supplemental RBLs and have mail rejected
if it originates from a server listed on
multihop.dsbl.org, bl.spamcop.net or
xbl.spamhaus.org. If not rejected, OCIS always tags messages from any of
the listed RBL as well as unconfirmed.dsbl.org. These tags can be used to
filter mail with Additional Protection methods.
|
| Reverse DNS checks (rDNS) |
| |
rDNS is a test that "checks" to ensure that a mailservers' address is properly setup. All valid
mailservers should have correct addresses, thus, mailservers that fail this test are likely
not real and could be a source of spam. OCIS customers can opt in to this protection
via the User Zone.
|
Loose SpamAssassin (level 10) |
| |
SpamAssassin is a program that runs inbound messages through a set of rules and
adds a score for any rule that does not pass. The more rules that fail, the higher the score for the message
and if it reaches a certain level, the message is deemed to be spam and is rejected. At the Server Level
Protection, a message must total to a score of 10 before it is rejected.
|
User Level Protection Top
User Level Protection occurs after the mail has been accepted by the OCIS mailserver but before it
is delivered to the customer Inbox. OCIS has set up some spam reduced mailservers to provide
customers with extra protection that is automatically implemented or easy to implement. Any messages
that are deemed to be spam are moved into a separate (xspam) folder.
Users can check the xspam folder as necessary for any "false-positives" or legitimate mail that has
been deemed to be spam. Customers can signup to use these freely available mailservers at
http://qmail.ocis.net and clicking on the link entitled "Register".
Instructions for enabling and
setting up the available filters in SquirrelMail Webmail can be found by
clicking here. An overview of the filters are:
| Configurable sender (always-from) whitelists |
| |
The always-from filter is part of the Strict option or could be selected as part of the Custom option.
If you have a list of email addresses that you always want to ensure reach you, you can add them
to your list of Allowed Senders. The only danger to this is if a spammer spoofs or fakes the From
address of a message to be from one of your Allowed Senders, it will still get to you. It is not
likely this will happen however and training your Allowed Senders can ensure you will always receive
mail, regardless of what additional User Level filters are in place.
|
| Configurable recipient (only-to-cc) whitelists |
| |
The only-to-cc filter is part of the Strict option or could be selected as part of the Custom option.
A large percentage of unwanted mail reaches your mailbox even though you are not listed as a
recipient of the message. This is due to a legitimate feature of email called Blind Carbon Copy (BCC)
that spammers often exploit to get their junk to you. The only-to-cc filter allows you to set up
a list of allowed recipient addresses also known as aliases. If the inbound message does not include
one of the configured aliases you allowed, the message will be moved to the xspam folder. This filter can take a bit
of time to train to be sure all aliases are listed, however is likely the most effective filter and
should be enabled to ensure maximum protection. If you often receive legitimate messages via the BCC
function of email, it is important to list any senders in your Allowed Senders to ensure the message
makes it to your inbox.
|
| Tight SpamAssassin (level 5) |
| |
SpamAssassin is part of the Careful and Strict options or could be selected as part of the Custom option.
As described above, SpamAssassin is a program that determines if a messages is spam based on a number of rules
that the message passes through. By default, OCIS runs SpamAssassin both at the Server Level and at the User
Level Protection but runs it much tighter during the User Level. A 'score' of 5 deems a message to be spam at
the User Level Protection which could result in more 'false-positives', however, it does not discard the
message. Instead the message is moved to the xspam folder. If clients feel they are missing messages, they
have 7 days to look for them in the xspam folder and retreive them before they are removed.
|
Commercial Level Protection Top
Protecting mailboxes from spam can be a full time job. Some mailboxes receive more junk than complimentary
protection can provide. The longer the address has existed, the less unique an address
is, if the address appears on webpages, blogs or web based forums or if the address has been submit to many
web forms are reasons an address might find its way onto spam lists. If an address still gets more junk than
acceptable after enabling all OCIS protection, clients can subscribe to a commercial service who specializes
in protecting mailboxes.
SecureLinks Filtering |
| |
OCIS has partnered with SecureLinks to offer a cost effective spam filtering solution. For $2.00 a month
added onto your existing OCIS plan cost, you can have your mailbox protected by SecureLinks anti-spam
and anti-virus protection. Contact us to request a subscription to the service. It is an quick and easy addition
with no need for any configuration changes on your end.
|
Additional Protection Top
Spammers are constantly finding new ways to get around the protections provided by mailservers and get their
unwanted mail into your Inboxes. OCIS provides as much protection as possible with minimal risk of rejecting
legitimate mail. If the protection provided by OCIS does not seem to be effective enough, there are other
methods clients can implement to help keep their mailboxes free of junk. The following methods can
help clients enable their own additional protection:
Outlook Express Rules |
| |
Outlook express allows you to create your own local rules that will filter your mail as you
download it to your account. We have developed some instructions to give an overview of
basic rule creation that allow you to filter based on content in the body of the message.
|
|
