Email, Spam Control, FAQ

This page contains answers to common questions about the Spam Control service.

U of I employs a two tier system to protect you from nefarious email. These systems include: Proofpoint (email relays, spam control, url verification, etc) and Microsoft Outlook/Exchange.

Proofpoint, is the first line of defense for all email entering and leaving our domain (illinois.edu).
Outlook, is the second line of defense for email targeting "users/people."

Both Proofpoint and Exchange provide spam filtering and safe list capabilities.

Warning - Forwarding or redirecting your @illinois.edu email can be hazardous

We encourage all University affiliates to use the campus mail services to ensure all University email is properly delivered. In addition, by law your @illinois.edu business email is subject to audit. If you use your personal email account for @illinois.edu business then that account is also subject to audit.

Forwarding or redirecting breaks DMARC; we cannot control what happens to email when it is forwarded or redirected to another email provider. We've seen cases where email sent to @illinois.edu and redirected to another domain, e.g. @yahoo.com, and was tagged as spam by that domain. We are not responsible for missing mail to your personal email after it has been forwarded.

Controlling Spam and Phishing Attempts

The University employs state of the art technologies to help prevent malicious email from entering our domain. However, there are times when the existing filters do not immediately catch 'new' spam messages. To help us identify new spam, send the message to: report-spam@illinois.edu. Email sent to this address is automatically submitted to Proofpoint for review and if needed the spam filter will be updated.

NOTE:

Only malicious spam will cause a rule update. If an email is a legitimate solicitation with an unsubscribe link, then you should unsubscribe from that source if you no longer want to receive email. These advertisement messages are ‘not’ considered malicious and will not cause a rule update.

Q: What should I expect when I submit email to: report-spam@illinois.edu?

A: Expect Proofpoint to evaluate the email, and if necessary, update the spam engine with new rules and patterns and automatically push them to the email relays. There is not feedback about email submitted to 'report-spam' because of the high volume.

Below are the mail and spam stats: per hour, for one day to give you a sense of volume.

Proofpoint Spam Control Overview

Proofpoint's Spam Control provides each user an account to choose and manage their spam policy, safe sender and block sender lists. The system generates a daily End User Digest email from: "spam-digest@uillinois.edu," which contains a list of suspect messages and unique URL's to each message. Suspect emails are held in quarantine for 10 days before being deleted and are not recoverable by service administrators.

How do I access the Spam Control Digest?

You can access the NEW web interface for all digest and spam policy options at: https://go.illinois.edu/spamdigest.

You will no longer need a link from a digest.

What is the End User Digest?

Users who have email messages addressed to them, that are stored in the Quarantine, will receive an email notification, called an End User Digest (Digest) in their inboxes.

The End User Digest lists all spam messages caught and placed into Quarantine based on your spam policy.

Users can look at the message subject headers to determine their content, and decide which actions they want to apply to the messages.

You can access the digest in the following ways:

Click the 'Manage My Account' link in the End User Digest (via email from: spam-digest@uillinois.edu).
Use the Web Interface by opening a browser and point it to the following URL: https://go.illinois.edu/spamdigest.
- Log in with your Campus NetID and password.

Manage Your Spam Control Settings

Selecting Your Spam Policy

The Web Interface allows you to view your quarantined messages and change your spam policy using a web browser.

You can open a browser and point it to the following URL: https://go.illinois.edu/spamdigest.
Log in with your campus NetID and password.
After the web page opens, Click on the Profile tab in the lower-left corner.
Select a desired policy under "What type of spam detection do you want?" Click Save.
- The different policies are explained below.

All accounts have the "default" spam policy set to "Cautious Plus, No Quarantine" until the user chances it to another spam policy.

The following chart illustrates the email delivery differences in the spam policies:

		Cautious	Cautious Plus	Aggressive	No Quarantine	Cautious Plus, No Quarantine
	Personal Spam Policies
Not Spam (spamscore=0-49)		delivered	delivered	delivered	delivered	delivered
Possible Spam (spamscore=50-79)		quarantined	quarantined	quarantined	delivered	delivered
Likely Spam (spamscore=80-98)		quarantined	quarantined	deleted	deleted	delivered
Certain Spam (spamscore=99-100)		quarantined	deleted	deleted	deleted	deleted
Known Virus		deleted	deleted	deleted	deleted	deleted

Select a policy that best meets your needs. See the KB article: Spam Scoring System for more details about how email is scored.

Safe Sender and Blocked Sender Lists

Add email addresses or domains to your Safe or Block lists.

After you log into the Web Interface, follow these steps to add senders to your personal Safe or Blocked Senders Lists.

Use the Web Interface by opening a browser and pointing it to the following URL: https://go.illinois.edu/spamdigest.
Log in with your Campus NetID and password.
Click the "Lists" tab on the left side of the window to add, edit or delete addresses in your Safe and Block lists.
- Safe Senders List - will allow email from this sender will be delivered to your mailbox.
- Blocked Senders List - email from these addresses or domains is sent to the bit bucket and deleted.

Common Questions and Answers

Q: Will Spam Control change my email messages?

A: Spam Control will not change the content of your email messages, but it will add information to the email headers. Headers contain information about the sender and how the message was routed to your email client. Headers usually aren't visible to you unless you changed your email client's preferences to display them.

Q: What information is added to the headers?

A: Spam Control adds the following tags to the headers of all messages:

X-Spam-Score: A score from 0 to 100 based on increasing likelihood message is spam

X-Spam-Details: Information about which spam policy your account is using

X-Spam-OrigSender: The sender's address, in case the visible address in the From: field was spoofed or faked

X-Spam-Bar (on messages scoring 1 to 100): The X-Spam-Score represented as 1 to 10 asterisks (*) for Procmail recipes to filter

X-Spam-Flag (on messages scoring 80 to 100): Set to YES for email clients to filter

Q: I signed up for Spam Control. Why am I still getting spam?

A: The spam filters work really well once a new pattern is added to the filter, however, with email running at millisecond intervals, a few hundred can make it through the relay before it's recognized as a new spam campaign. It's a constant cat/mouse game. There are multiple spam storms daily that use the old uiuc.edu domain and a lot of zero hour spam (spam that makes through the relay before it's classified as spam). Sadly, your email address may be one of the lucky/unlucky ones.

An Exchange/Outlook filter would be the best choice catch the spam that makes it through the filters and keeps it out of your inbox. You can filter all *.uiuc.edu > trash. If you're concerned about legitimate legacy contacts then a new uiuc.edu folder may work best.

We also recommend you send suspect email to report-spam@illinois.edu so it gets reviewed and scored by our vendor. The vendor updates our spam filters about every 5 -10 minutes.

Q: I have a departmental email account. Can I use Spam Control?

A: All email entering our domains (e.g. @illinois.edu) inherits the default spam policy, Cautious Plus No Quarantine. Some departmental admins have requested specific departmental email addresses get added to their spam policy account so they inherit a more aggressive spam policy. (e.g. Aggressive). If you are an IT Pro and want to add departmental email addresses to your policy, please send an email to consult@illinois.edu with details.

Q: What is the "Default" policy?

A: All accounts start with the spam control policy set to "Cautious Plus, No Quarantine."

Q: Is there protection for Google Apps @ Illinois

A: Spam Control is working behind the scenes to reduce spam for those who have a Google Apps @ Illinois account. With the 'Cautious Plus, No Quarantine' spam control policy in a Google Apps @ Illinois account, for example, the account's worst spam is deleted, as well as any viruses. The remaining email will be sent to the Google account, and any leftover spam will be quarantined by Google and placed in a spam folder. Spam Control therefore weeds out the most offensive spam before it even reaches the Google Apps @ Illinois account.

Q: How can network administrators use Spam Control with their department mail server?

A: Network administrators who run Procmail as the local delivery agent on departmental mail servers can use recipes to automatically filter their users' email based on Spam Control's X-Spam-Bar header. Please see Using Spam Control with Procmail for more information.

Questions:

For general support please contact the Technology Services Help Desk.

Keywords:	email, spam, spam control, x-spam, procmail, blocking, departmental email, spam filter, antivirus, quarantine, Outlook, Thunderbird, Eudora, apple mail, digest, blocked sender, antispam, report Suggest keywords	Doc ID:	49744
Owner:	Email Relays E.	Group:	University of Illinois Technology Services
Created:	2015-03-30 14:06 CDT	Updated:	2021-06-25 16:13 CDT
Sites:	University of Illinois Technology Services
Feedback:	2 1 Comment Suggest a new document Subscribe to changes