NACS Implements New System To Guard Against Spam
UC Irvine’s Network and Academic Computing Services will implement a new system designed to combat an increase in the amount of spam in UCInetID e-mail accounts. Students can expect a decrease in unsolicited e-mails that flood inboxes and may lead to identity theft.
‘We’ve been planning [the program’s] deployment since last year, when we determined that commercial solutions could not provide substantially better results than we could achieve on our own, using commonly available, open-resource software,’ said E. Scott Menter, assistant director of NACS.
The new system, consisting of three parts, will be in effect on April 26.
The first part rejects spam by using a remote block list that contains addresses of known spammers. NACS pays a nominal fee to a nonprofit organization, Spamhaus, for maintaining and updating this list. If a message from one of the known spammers arrives, the UCI server automatically rejects that e-mail. During a trial test, the UCI server rejected over 75,000 e-mails from known spammers in one day.
The second component of the new system, ‘delayed greeting,’ blocks spam by taking advantage of spammers’ desire to send as many messages as possible in a short amount of time. Instead of accepting all e-mails, the UCI server pauses before accepting e-mails from systems that wish to deliver e-mails to it. If the other system does not wait, which is very likely if the e-mail comes from a spammer, the UCI server will automatically reject the e-mail.
In addition, the new system also enlists the help of ‘greylisting.’
Greylisting works similarly to delayed greeting in that it causes senders to delay their messages in a manner compliant with accepted e-mail standards. Spammers, however, are generally unable to comply with the standards, and will not be able to send their e-mails to the UCI server.
Due to this new system, students may experience difficulties receiving e-mails from some correspondents whose servers belong to the remote block list.
‘Spam’ is the term used for unsolicited commercial e-mails sent to a mass amount of recipients mostly for the purpose of advertisement. It has been an increasing problem for schools and companies. As long as spam remains a cheap, legal and effective way to advertise, the problem will persist.
‘Until now, we have accepted nearly all e-mails that anybody wants to send to us,’ Menter said. ‘We then electronically scanned the content of each message, and assigned a score indicating how ‘spam-like’ it appeared to be. This mechanism identified and marked about 50 percent of all our incoming e-mail as spam.’
Spammers obtain people’s e-mail addresses through various ways. Some of them send spam out to common names, search through online directories, observe mailing list subscribers or steal the addresses of people’s computers that they have already infiltrated.
Marco Alvarez, a third-year English major, finds that spam is a constant problem.
‘Honestly, I think the current system is quite flawed. The timing and arrangement of the page is juvenile and deserves further attention,’ Alvarez said. ‘I check my e-mail every day and I get a plethora of illegal material, such as the one they call the ‘milfhunter,’ and, frankly, it disgusts me. I definitely think the new antispam system will be a small comfort that might go a long way for students.’
NACS is also concerned about students’ safety.
‘Although NACS remains concerned about generic, run-of-the-mill, lower-your-mortgage [or] fire-your-boss-type spam, we are especially concerned about ‘phishing,” Menter said.
Phishing is a technique that criminals use to trick people into sharing their confidential personal information, such as Social Security number, bank account number, and credit card numbers. It is one of the factors that facilitate the growth of identity theft around the world.
‘Legitimate banks and other financial institutions will never send you e-mail asking you to verify or otherwise disclose your personal information by clicking on a link contained in the message,’ Menter said.
NACS plans to deploy anti-phishing software as a part of its antispam efforts. Suspicious Web links contained within e-mails will be identified so that users can avoid clicking on them.
Menter also urges students to take advantage of the ‘My E-mail Options’ page at www.nacs.uci.edu.email/options, which enables students to automatically file spam in a separate folder, allowing more space for regular e-mails and less chance for spammer infiltration.