Fermilab Computing Division
Search

SPAM Tagging at Fermilab

 
Home   Email Help    Search   Email/Telephone Directory   ListServ
 

On March 3rd, 2004 a spam tagging solution is scheduled to be implemented on the Fermilab email gateways. This solution will scan all mail coming into the Fermilab network and mark it as spam based on predefined rules in the spam tagging software. The solution is based on the open source application SpamAssassin

What does all of this mean? If the mail is determined to be spam extra headers will be added to the message. The subject and the body of the message will not be modified in any way

These headers will have the X-Spam prefix and be similar to the following example: 

X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 
	2.61 (1.212.2.1-2003-12-09-exp) 
	on hepa1.fnal.gov
X-Spam-Level: *******
X-Spam-Status: Yes, hits=7.5 required=5.0 
	tests=BIZ_TLD,[...]
X-Spam-Report: *  0.0 HTML_MESSAGE BODY: HTML 
	included in message [...]

The header of most interest to the end user is X-Spam-Flag. If this is set to YES as shown in the example above then SpamAssassin has determined it to be spam. The current configuration requires a score of 5 to be labeled as spam. The X-Spam-Status and X-Spam-Report headers will have detailed information on why the message was labeled as spam.

Most modern email clients will not display anything different. This type of header is hidden from the users view unless the client is set to display all headers.

If you have a email client that is capable of filtering messages based on header content then you can potentially reduce the amount of spam that appears in your inbox by filtering messages based on this header.

It is highly recommended that you not automatically delete mail tagged as spam. False positives, while rare, do occur.

Netscape, Mozilla, Pine, and Outlook are all capable of filtering on headers.

Client Configuration

Mozilla/Netscape

A custom filter has to be created. Click on Tools, Message Filters

Click on New to create a new filter

We have to add a header. Put X-Spam-Flag in the box and click Add.

Now click on OK. The header will be available for use in a filter

Now we can create a rule that takes any mail with X-Spam-Flag having the word YES in it and moves it to the _spam folder on the IMAP server. You may have to create this folder.

Click ok, make sure the filter is enabled and at the top of your list and any mail with this header set should get folders. Be sure to check the folder on occassion and clean it up.

Pine

  1. Go to the "ADD A FILTERING RULE" menu:

    - Go to the MAIN MENU.

    - From the MAIN MENU, type S (SETUP) to go to the SETUP menu.

    - From the SETUP MENU, type R (Rules). You will be prompted as follows:

    Type of rule setup :

    Type f (filter).

    - You should now be at the "SETUP FILTERING RULES" menu.

    - Type A (Add) to go to the "ADD A FILTERING RULE" menu.

  2. Give the rule a name.

    - When you enter the "ADD A FILTERING RULE" menu, you should see the following line highlighted:

    Nickname = <No Value Set: using "Filter Rule">

    When this line is highlighted, press enter. You will see the following prompt at the bottom of the screen:

    Enter the replacement text : Filter Rule

    Using the backspace key, backspace over any existing text to the start of the prompt.

    Type the name you wish to give the filter and press enter. You should now see the

    Nickname line highlighted with the new name that you just typed.

  3. Add the spam header to search on.

    - While the Nickname line is still highlighted, type O (OTHER CMDS). It is important that the Nickname line is highlighted when you type the O. If not, you will not see the correct list of other commands.

    - Provided the Nickname line was highlighted, you should now see an option for X (eXtraHdr). Type X, and you will be see the following prompt.

    Enter the name of the header field to be added:

    Type "X-Spam-Level" here.

    After you type this and hit enter, you should return to the "ADD A FILTERING RULE" menu with a new line under the Nickname line as follows:

    X-Spam-Level pa = <No Value Set>

    - You have added the correct header, now you need to tell pine what search string to search on in this header. Mail is scanned and scored by the anti-Spam software, the higher the score the more likely it is to be spam. A spam score of 5 or higher is a safe starting point when filtering spam. The anti-Spam software will be one asterisk in the X-Spam-Level header for each spam point. Therefore, to filter out mail with a spam score of 5 or higher, the pattern that needs to be matched is five asterisks. With the X-Spam_Level line highlighted, press enter. You will be prompted to enter the pattern:

    Enter the text to be added :

    At this point, type "*****". This can be modified at a later time if you wish to dial up or dial down the spam filtering.

  4. Tell the filter what to do with messages that are filtered.

    - Using the arrow keys, travers down to the line "Filter Action". It is recommended that spam be Moved to it's own folder. To do this, make sure the Move item under "Filter Action" has an asterisk next to it. If it does not, highlight the "Move" entry and press enter.

    - After the Move item has been selected, arrown down one item to the "Folder List" item and press enter. You will be prompted as follows:

    Enter the text to be added :

    Enter the name of the folder you wish to move spam to here.

  5. Save and commit your changes.

    Press E (Exit Setup). You will be prompted as follows:

    Commit changes ("Yes" replaces settings, "No" abandons changes)?

    Press "Y" to commit your changes.

    If the mail folder you created in Step 4 does not exist, you will be prompted as follows:

    Folder "Spam" in <Mail on imap...al.gov/notls> doesn't exist. Create?

    Type "Y" to create this folder.

    From the "SETUP FILTERING RULES" menu, press E (Exit Setup). You will be prompted as follows:

    Commit changes ("Yes" replaces settings, "No" abandons changes)?

    Type "Y" to commit the changes.

  6. Verify

    The process is complete. Make sure you didn't make any obvious errors. Go to your INBOX and verify that you still have messages there.

Outlook 2003

Start Outlook 2003 and click on Tools, Rules and Alerts

Click on New Rule to start

Start with a blank rule and click on Next

The X-SPAM-Flag is in the header so have Outlook watch for specific words in the header. Click on the highlighted text specific words.

Put X-Spam-Flag: YES in the top box and click on Add

Click on OK

Now click on Next

Lets move the mail to a specific folder. In this example I've already created one that is named _spam. Select the option and then click on the highlighted text specified

Browse to the folder, select it and click on OK

Click on Next

If you want to define any exceptions here is the place to do it. Otherwise click on Next

You can give the rule a name if you want. Be sure to turn on the rule. Click on Finish

Click on Apply to put the new rule in place

And click on OK to exit the Rules and Alerts editor

Now mail that has been tagged as spam will be moved to the _spam folder when received.
   email helpdesk@fnal.gov