|SLAC Home | Computing Home | Computing Outages | Help|
Sophos PureMessage (SPAM-Tagger) at SLAC
As of May 11, 2003 all emails coming into SLAC will be scanned for SPAM phrases and words and then given a SPAM "rating" by Sophos PureMessage software. When the rating is <20% then the message is not modified at all. If the rating is 20-50% then a new header (X-Perlmx-Spam:) is added to the email (but this would not be visible unless you expanded the headers). If the rating is 50% or higher then a new header is added and the Subject: of the message is modified to begin with "[SPAM:" and a number of #-signs are added depending on how sure the software is that this is spam. One (#) for 50-59%; Two (##) for 60-69%, etc.
You need to be aware that there are going to be false-positives on the messages tagged as SPAM. You need to inspect the folder where you are putting the spam periodically to look for valid email. Don't just use a filter or rule to delete them! You should also update the rule, if possible, to keep these "good" messages from getting filed away in your "spam" folder. Each person's email is unique and a rule which is correct for one person will not necessary be appropriate for another.
Also, this software will certainly miss some spam. If you get a message which is SPAM and which does not have [SPAM: added to the Subject: then you can expand the headers and forward to firstname.lastname@example.org. We will report the problem to the vendor. This way they can "tune" their heuristics to be more accurate. The heuristics are updated by the vendor and downloaded to our servers automatically, on a regular basis.
If e-mails get tagged as SPAM when they aren't, then please let us know that too. We can add off-site domains or e-mail addresses to a "white list" when appropriate.
If you want to opt-out of the spam-tagging then please email your request to email@example.com.
General Notes for SLAC Email Software:
Exchange Mail Users: Please note that if you create a rule via Outlook 2000/2002 then it is created on the server so the emails are actually filtered before you even look at your email. Then, if you later use something other than Outlook 2000/2002 to read your email then it will still be filtered. In other words, there is no need to create rules for other mail clients you use. Below you'll find instructions for various clients: Outlook 2003; Outlook Express; and Pine.
Unix Mail Users: To have the Unix mail server filter your email into a separate folder for you you'll use a Procmail script. Note, if you use Procmail script to filter your email then there is no reason to create rules in Pine or whatever Unix email client you are using.
Outlook 2003 (server rule):
- Tools; Rules & Alerts; New Rule; Select the bullet at the top to "Start from a blank rule"; and press Next.
- Put a checkmark in the box in front of the line which says "with specific words in the subject" and then click on "specific words" in the lower window. Type this in the upper box: [SPAM:### (Note: we are suggesting you put 3 #-signs so that only the higher rated spam is moved to another folder. It will help reduce the chance of valid email getting moved to your spam folder)
- Press Add button. Then press OK. Click Next and then put a checkmark in the box in front of the line which says "move it to the specified folder". Click on "specified" in the lower window and select the "Junk E-mail" folder and press OK.
- To keep other rules from getting run on this email you should scroll down in the same window where you selected "move it to the specified folder" until you find "stop processing more rules" and put a checkmark here. Click Next.
- This next window is the "exceptions" window and you may use this later to modify your rule so that certain emails are left in your Inbox. But, for now, just press Next.
- Press Finish and then OK.
Outlook Express Filters (client-only rule):
- Tools; Message Rules; Mail. In Section 1 click on "Where the Subject line contains specific words". Then click on "contains specific words" in Section 3. Type this in the upper box: [SPAM:### (Note: we are suggesting you put 3 #-signs so that only the higher rated spam is moved to another folder. It will help reduce the chance of valid email getting moved to your spam folder)
- Press the OK button. Click on the line which says "move it to the specified folder" in Section 2. Click on the word "specified" in Section 3.
- Since Outlook Express can only run on the client (not the server) then your rule is forced to copy the file to Local Folders. Click on New button and type the name of the folder where you want the spam moved to.
- Press OK and the folder is created for you. Click OK again and the rule is updated to reference this folder name.
- To keep other rules from getting run on this email you should scroll down in the Section 2 list of choices until you find "stop processing more rules" and put a checkmark here.
- Type a name for your rule in Section 4. Then click OK twice.
At this time we do not know of a way to "tweak" these Outlook Express rules to add exceptions to the spam filtering. Certainly, creating the rules via Outlook 2000 or Outlook 2002 is the best option. Then you'd be able to add "exceptions" to the rule.
Pine Filters (client-only rule):
(Please let me know if you find errors)
- Start Pine and press S (for Setup); then R (for Rules); and F (for Filters). Press A (for Add).
- We need to name the rule first so wipe out the text currently listed for "replacement text" and type what you want to name this rule and press return. Select Email in the Current Folder Type section.
- Move the cursor down to the line which begins with "Subject pattern" and press return. Type this on the line: [SPAM:### (Note: we are suggesting you put 3 #-signs so that only the higher rated spam is moved to another folder. It will help reduce the chance of valid email getting moved to your spam folder)
- Press return. Move your cursor down to the Filter Action section to highlight the words Folder List under Move; and press return. Type the name of the folder where you want the spam moved to and press return.
- Press E to exit this setup and type Yes to commit these changes.
- If the folder did not exist already then it will prompt you and you can type Yes to create it. However, we don't need to add this folder to Incoming-folders list because the rule is already applied to all our incoming email so type No at this prompt.
Pine has lots of options for tweaking rules so you could add exceptions later if/when you find that things are getting file in spam folder which should not be.
Procmail Script (server rule):
You will need to give the mail server rights to your mail directory so that it can create items in your spam folder. Use the fs setacl command to give host-mailbox the "rlidwk" privileges on the directory your mail folders are (in the example below we use 'mail'). For more information on AFS please try fs setacl -help command or see http://www.slac.stanford.edu/comp/unix/afs/afs.html.
Put the following in a file called .forward in your Unix home directory (replacing youruserid with your userid, of course):
"|IFS=' '&&exec /usr/local/bin/procmail ||exit 75 #youruserid"
Then, create a file called .procmailrc and put the following lines in it. You can name the spam folder anything you want. In this example I called it 'spamtagged' (Note: we are suggesting you put 3 #-signs so that only the higher rated spam is moved to another folder. It will help reduce the chance of valid email getting moved to your spam folder):
# generic procmail for filtering SPAM: tagged emails
# file the spam messages into a folder called spamtagged
# Everything else is put in the default system mailbox.
Both the .forward and the .procmailrc files should be owned by your userid and have permissions set to 644 (e.g. -rw-r--r--)
Lastly, make sure your Unix home directory is not set world-writable. Permissions for your top-level directory should normally be set to 755: (e.g. drwxr-xr-x)
For more information on procmail please see the Man pages on Unix.
Last Updated: 07/22/2010 Send Us Feedback Mail Admin Team