Computing & Communications Center
Helpdesk

Junk (SPAM) Email Frequently Asked Questions (FAQ)

What is "SPAM"?

In short, SPAM is any unsolicited email that a user receives. Intent of the SPAM messages varies from advertisement to virus-spreading. Often times SPAM email includes material that is offensive.

Return To Top

What are the different types of SPAM?

Scams
This type of junk e-mail is geared towards getting you to give money or data (such as your credit card information or important passwords) away to an illegitimate cause.
Hoaxes
In general, hoaxes attempt to convince you that something untrue is true. These often go hand in hand with the other types of SPAM.
Malicious Code Warnings
These SPAM e-mails attempt to trick you into removing standard and potentially important applications from your computer, falsely claiming that the applications in question are viruses.
Chain Letters
Much like the pen-and-paper chain letters of the past, e-mail chain letters promise something good will happen if you forward them to enough people, and that something bad will happen if you do not.
Urban Legends
These e-mails are intended to scare you. Often, they detail gruesome things that have supposedly happened, and aim to make you feel disgust or horror about totally fabricated events.

Return To Top

Where does SPAM email come from?

Generally, SPAM comes from giving out your email address somewhere on the internet. E-mail addresses can be harvested from chat rooms, newsgroup posts, signup forms, and any webpage that they are posted on (such as personal homepages). SPAM can also be generated by computers infected with viruses, and sent out to people whose addresses are stored on those computers in address books or other places.

Return To Top

How can I tell if an email is SPAM or not?

First and foremost, use common sense. If it is not from someone you know, and has an illegitimate looking subject, it is probably spam.

For potential hoaxes and scams, check online to see if other people have reported the scam. Two useful sites to do this on are McAfee's Hoax page and Hoaxbusters. Both of these sites list hoaxes and explain how they work.

Check the WPI IT News page for reports of recent scams.

Call or email the Helpdesk to ask about it. You can also forward the email to the Helpdesk with the full headers. (An explanation of how to send full headers can be found here.)

Also note that virus generated junk emails have very specific subject lines, such as:

Return To Top

How do virus generated emails work?

Propagation of virus generated emails can be broken down into three steps. First, a computer on the internet becomes infected with a virus. This virus harvests addresses off of the infected computer, from address books, internet histories, saved files, and other sources. After the email addresses are stolen, the virus uses them to send out emails with spoofed "from" fields. Other computers whose addresses the virus has stored receive a message that appears to come from the spoofed address, and reject the message. Then, the person whose address was stolen gets a message saying that their email has been returned, when in fact, they never sent an email at all.

Here is an illustration of how this works:

Return To Top

What does WPI do to protect users from malicious email?

WPI protects users by scanning all e-mail that enters and exits the WPI network. All mail is scanned for viruses before it is delivered, including messages sent between computers inside of the network. Infected messages are not discarded, however. The offending file is replaced with a file called warning.txt, which alerts the user to the fact that someone sent them an infected email. (If the virus e-mail comes from a legitimate source, such as someone you know, this can be very useful, as then you can let them know that they're infected!)

Also, the WPI mail servers block attachments that tend to be used to communicate viruses. A full list of these can be found in this IT News Article.

Return To Top

What tools does WPI offer for SPAM management?

WPI offers spam filtering via the UNIX Spam Management page. From this page, you can decide to whitelist or blacklist messages. Whitelisting sets up filtering so that messages from certain senders or with certain subjects are always delivered. Blacklisting works the same way, except that the specified messages are never delivered. This page can also be used to set up a Procmail filter.

We also offer PureMessage, a spam filtering system that is explained on our Puremessage page.

Return To Top

Maintained by itweb.
Last modified: Jan 31, 2006, 18:32 EST
[WPI] [Home] [Back]