Handling SPAM, Dangerous and Junk Email

Contents

Introduction

The UC Merced email system automatically:

  • Moves SPAM into a special folder named SPAM
  • Tags email believed to be junk
  • Deletes attachments containing known or suspected viruses and worms

Phishing

Phishing refers to email that directs users to illicit web sites that mimic those of real companies, often banks or other financial institutions, that request users to enter personal and financial information under the pretext of protecting themselves from fraudulent use. Typical messages may refer to attempted unauthorized access to your account, security audits, updates of account information, etc. NEVER click on any of these links, even if the message appears to come from a business you have an account with (unless there is personalized information in the email such as your account number, order number, balance due, etc., that refers to a specific transaction that you are aware of). Instead, go to the web site you would normally go to for the specified institution, whether you have it in a bookmark file or enter it by hand.
Click Here for more information about identifying phishing email messages and examples of phishing email messages.

SPAM

SPAM is email that contains unwanted content and/or solicitations of a nature that is considered vulgar and/or offensive by most people, and may also be fraudulent and/or dangerous because it comes with attachments containing viruses or worms, direct you to web sites that may have viruses or worms, or are phishing ploys (see above).
Although our SPAM filter has proven to be nearly 100% accurate, it is always possible that a legitimate email is incorrectly identified as SPAM. Because of this, SPAM is not simply deleted, but is instead placed in a special folder on the mail server named SPAM. You should periodically examine the mail in the SPAM folder for legitimate email and then delete the rest (the email in the SPAM folder count towards your email space quota).

Junk Mail

Junk email is legitimate but potentially unwanted email, analogous to advertisements and solicitations that arrive at your home via the US Mail. Facilities are incorporated into the UC Merced email system to manage both categories of email; some filtering is automatic, and some must be configured by the user.
As what constitutes unsolicited email is somewhat in the eye of the beholder, handling of it cannot be completely automated. Also, as it is much harder to detect, there is much more risk of normal email being tagged as junk (especially that from some subscription email lists). There are two primary ways of handling junk mail: setting up a filter in your email client application to examine a special tag created by the central SPAM filter to identify junk mail, and take whatever action is desired, or using the junk mail handling features that are part of many email client applications today. We recommend using both methods.
If you create a filter using the tag, it should be placed last, after any other filters you may have, so as to minimize the risk of incorrectly handling wanted email as junk. The central SPAM filter can be "trained" to not tag email that is legitimate. To do so, forward the incorrectly marked email to notjunk@ucmerced.edu as an attachment. Specific instructions are included in the various client guides below; changes usually take effect within 48 hours.
If you configure your email client to use its built-in junk filter, then you may want to set your own filter to move junk mail to the same folder that the client uses, or you may want to move it into a different folder.

Email Attachments

The UCM Mail server will allow a maximum file size attachment of 25 MB when sending through an IMAP4 mail client, such as, Thunderbird, Outlook or Mac Mail, and a maximum file size of 15 MB attachment when sending through webmail.

Dangerous Attachments

Attachments containing known and suspected viruses and worms are stripped from email, and comments indicating so are placed into the email text. Most executable file types are assumed to be dangerous, and they are stripped, as are ZIP, RAR, and other compressed files that contain any of them. If there is a failure to strip those files due to a digital signature presence or any other reason, the message will be quarantined and the recipient will be notified of the quarantine action.
To send executable files, use password protected ZIP, RAR, or other compressed file formats, as they are not inspected for dangerous files. Do use extreme caution in processing any of these that you may receive; only open those that emanate from a trusted source.
This is a list of all file types that will be stripped from email:

*.ade *.adp
*.bas *.bat
*.chm *.cmd
*.com *.cpl
*.dll *.exe
*.hta *.inf
*.js *.jse
*.lnk *.msc
*.msi *.msp
*.mst *.ocx
*.pif *.pl
*.reg *.scr
*.sct *.shs
*.sys *.vb
*.vbe *.vbs
*.wsc *.wsf
*.wsh

 

Looking for help?

We offer a number of tutorials and FAQs available in the Guides & FAQs section.
If you have any questions, problems, or comments, please contact the IT Help Desk via email at helpdesk@ucmerced.edu, via phone at 209.228.HELP (4357), or visit them in the Classroom and Office Building room 132A.