Increased anti-spam measures confuse UW users

Unsolicited commercial e-mail -- commonly referred to as spam -- has become a serious problem for Internet users in recent years, and the UW's computer network is feeling the strain.

UW's anti-spam measures have been dramatically increased in recent months, but these solutions have led to a new set of problems for users.

"It is a never-ending battle," said Terry Gray, chair of the Computing & Communications (C&C) department's Networks and Distributed Systems division. "We probably have $150,000 invested in hardware and software [to prevent spam], plus $30,000 a year in annual software support, but the biggest cost is in staff time. We have one nearly full-time engineer keeping the anti-spam and anti-virus systems running and working with the vendor to resolve problems and improve the filtering."

A program called PureMessage is the backbone of the UW's spam prevention system. Produced by a Vancouver company called ActiveState, PureMessage analyzes every message that arrives at the UW's e-mail server and assigns it a "spam rating" from 0 to 100 percent. This number is meant to represent the likelihood that the message is spam. A piece of e-mail with a rating of 50 percent, for instance, is 50 percent likely to be spam, according to PureMessage.

Spam ratings are assigned using a complex set of criteria. These include the presence of phrases such as "Special Offer" and "You Have Won" in e-mails' subject lines, the presence of all-capitalized text or fake return addresses, and many other factors.

The University's e-mail system uses these ratings in a number of ways. Every user of UW e-mail has the ability to set a threshold for e-mail spam ratings; mail with a rating above the threshold will be automatically forwarded to a junk-mail folder. Once a week, all mail in the folder is deleted.

This spam control system has been present since last spring quarter, but only 10,000 people have implemented it. Gray worries that many e-mail users are unaware of the tools the University provides for spam control.

"In the month of November, I received over 5,800 spam messages, just shy of 200 a day," he recalled. "All but about 500 were automatically filtered to my junk-mail folder. So that's not perfect, but it's a huge improvement."

While allowing users to filter their mail individually has helped curb problems with spam, the UW recently put more drastic measures in place because of spam's drain on network resources. Beginning in late October, UW's e-mail servers have begun blocking all mail from 30 domain names recognized as major sources of spam.

The criteria for blockage are conservative: more than 95 percent of all mail received from a domain must receive a spam rating of 50 percent or higher for that domain to be blocked. Of more than 19 million e-mails received by the UW's server during the month of November, about 1 million were blocked outright and about 7 million received a spam rating above 50 percent.

Anti-spam precautions have been fairly successful so far, but C&C's solutions have given rise to new problems.

"The PureMessage product is pretty good, but it's not perfect," Gray said. "There can definitely be false positives where a legitimate message is classified as spam. That's why we urge everyone to check their junk mail folders regularly to make sure nothing important got thrown out by mistake."

Gray had only one false positive during the month of November, he said, but other users have complained that many legitimate messages have been marked as junk mail.

"We used to take Internet e-mail for granted, because it almost always worked," he said. "Now if we don't get a response from someone, we have no way of knowing whether they received the message and are ignoring us, or if the message was erroneously filtered into their junk folder as spam."

Nonetheless, users of the UW's computer network have been happy overall with the anti-spam measures, according to Gray.

"My understanding," said Gray, "is that our client services organization has received many very positive and appreciative comments."