1 / 21

Mail Filtering Update in WiscMail – Report on Current Status and Future Plans

Mail Filtering Update in WiscMail – Report on Current Status and Future Plans ITC Briefing Friday January 16 th , 2004 WiscMail Quick Summary WiscMail Currently Serves 67,500 Users WiscMail has 1.8 TB of Storage Allocated Over 6,000 Viruses Daily Over 400,000 Pieces of SPAM Daily

Solomon
Télécharger la présentation

Mail Filtering Update in WiscMail – Report on Current Status and Future Plans

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mail Filtering Update in WiscMail – Report on Current Status and Future Plans ITC Briefing Friday January 16th, 2004

  2. WiscMail Quick Summary • WiscMail Currently Serves 67,500 Users • WiscMail has 1.8 TB of Storage Allocated • Over 6,000 Viruses Daily • Over 400,000 Pieces of SPAM Daily • SPAM Filtering Introduced, July, 2003

  3. Message Composition July, 2003

  4. Message Composition January 2004

  5. The Goals & Requirements of the Filtering Project Have Been Met • Reduce SPAM by 80% or More • Anecdotal user evidence as well as vendor evidence show over 90% accuracy • Comply with legal mandates that prevent system wide SPAM filtering – filters must be applied using an individual Opt-In basis • All users can opt-in to have their mail filtered. • Other users’ mail is not interfered with

  6. The Goals & Requirements of the Filtering Project Have Been Met • Provide an option to select levels of filtering • The provided user interface allows 7 levels of sensitivity • System must perform well and be scalable as message volumes increase • The spam scanners add less than 1 second delay to message delivery • Provide a Web Interface to system • A custom interface has been built to allow users to filter their mail

  7. The Goals & Requirements of the Filtering Project Have Been Met • Compatible with WiscMail SunOne message system • Filters are based on the Sieve mail filtering language, which is a feature of SunOne • Vendor supported system • The Spam scanners are running PureMessage, a product of Sophos

  8. How WiscMail Anti-Spam Works • Scan the messages • All potentially unsafe messages are scanned • Messages are marked with a spam “score” and then delivered as intended

  9. How WiscMail Anti-Spam Works • Filter the messages • Users can choose (opt-in) and Control • Whether or not to filter spam messages • What threshold (based on spam score) to filter spam • To use their local email client to filter spam instead of the provide server filters. (e.g. POP users)

  10. Message SPAM Ratings – Jan 2004

  11. Front Line Filters • Site-wide filters can be created to block specific messages from entering the system • Hundreds of thousands of SoBig messages stopped using this method. • Commonly used in stopping large virus outbreaks. • Saves load on spam and virus scanners.

  12. User Filters • Users can configure their own filters • Filters are executed by the server, not the local email client • Over 13,000 users participating • Filter SPAM into “Junk Mail” folder

  13. User Filters • Users can configure their own filters • Create filters to bypass the spam filter • White List – mail from senders always stay in Inbox • Black List – mail from senders always go to Junk Mail • Mailing Lists – mail to list addresses always stay in Inbox • Custom Filters • Create custom criteria for filtering messages into specific folders

  14. How Mail is Treated

  15. WiscMail Message Flow Anti-Spam Message Store Internet MTA Junk Mail Anti- Virus Filters INBOX Any Folder UW

  16. The War on Spam • The Good • Anti-Spam companies are out-spending and out-smarting spammers • New spamming techniques provide only short term gains for the spammers before the anti-spam companies thwart them • Legislation may help prevent US based spam

  17. The War on Spam • The Bad • Spammers learn how to get past filters • Requires constant monitoring and research by vendors • Legislation has no effect on foreign spam • A Do-Not-Spam List may be exploited by these spammers • Spam volumes are increasing • Now around 50% of total mail volumes

  18. The War on Spam • The Ugly • The SMTP protocol is inadequate • It allows spammers to lie • Spammers are teaming up with virus writers • Virus-infected computers DoS attack Anti-Spam services (RBLs) • Virus-infected computers send spam • SoBig is an example of this

  19. Problems we are having • User Participation and Knowledge • Advertisements have only enticed 13,000 users to participate in the filtering service • We do not know who is using the service with client filters (e.g. POP users) • Some users do not understand that they have to opt-in • Many users do not understand that SPAM detection is not an exact science

  20. Future Plans for the Anti-Spam Project • Further integrate anti-spam and anti-virus • Increase performance by combining virus and spam detection into a single operation • Develop a process to automatically tag viruses as spam • Possible use of quarantining • Keep spam on spam servers instead of Junk Mail folder • Users can choose what to do with the messages that are quarantined

  21. Question and Answer

More Related