Make Your INBOX Smaller TODAY!!!
If headings like this one are a familiar sight in your e-mail inbox, then you may be familiar with unsolicited e-mails. Such messages can take many forms, from relatively harmless but irritating spam to destructive viruses. A Sept. 16 addition to the Office of Information Technology's central filtering system, however, now makes it easier to keep spam out.
The improvement permits each e-mail user to specify individual preferences for the handling of spam e-mails. Depending on a user's settings, the University's e-mail servers can sort or delete messages tagged as spam by filters. Although the option is available on Webmail, user-friendly controls will not arrive for several weeks, and OIT does not plan to disseminate information widely until it releases the October issue of its newsletter.
Filters already check every message arriving at the University's incoming mail server, whether the e-mail originated from Azerbaijan or the Allen Building. Although distinguishing between an important message and the advertisements that often flood inboxes is easy for e-mail users, for a computer, the task is more difficult.
"There's no real cut-and-dried way to define spam, and there's no real cut-and-dried way to detect spam," said Robert Carter, director of systems architecture for OIT. Instead, the filters use hundreds of pre-defined rules to predict the probability that a message is so-called "unsolicited commercial e-mail."
At Duke, the threshold for spam classification is high--the filter must consider it 80 percent probable--and the servers do not simply delete such e-mails without the recipients' permission.
Filters are used for identifying viruses as well as spam. If the filter detects a recognized virus, it either cleans the infected e-mail, quarantines the virus-containing part of the message or deletes the message entirely. Deletion occurs only if the e-mail contains no data apart from the virus itself.
Despite these security measures, harmful programs can infect computers in other ways, and the Duke filters might not immediately recognize a new virus.
"Even though we do virus testing on every inbound message... everybody needs to be running virus checking on their own machines," said Carter.
The heavily publicized attacks of Sobig.F, the most recent and most deadly of a series of related "Sobig viruses," coincided with students' return to campus this fall and served as a reminder of the problems viruses can cause. Despite the threat, the University's filters, which had been recently upgraded by OIT's Systems and Core Services division, kept most campus computers safe.
"We have full-time people whose jobs are to pay attention to security issues, and they do a fantastic job of making sure we're well protected," said Vice President for Information Technology Tracy Futhey. "I actually was very pleased with the level of service we were able to provide."
Information Technology Security Officer Chris Cramer said University filters blocked roughly 2.5 million copies of the virus in just the first week after its appearance. Only about 20 of around 20,000 computers on campus became infected.
Not every university had as much success. The increase in e-mail traffic caused by Sobig.F resulted in a mess at the University of North Carolina-Chapel Hill.
"We had mail very backed up for a while," lamented Jean Smythe, director for computing policy at UNC. "Other people with other mail couldn't connect [to the e-mail servers].... The backup actually went on for several days."
Karen Hauptman contributed to this story.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.