Faster 'block list' updates will curtail spam to campus email accounts

A recent improvement to part of the UC Davis email system should significantly reduce the volume of spam sent to campus email accounts.

The Jan. 18 upgrade of the RBL, or real-time block list, enables it to quickly block computer addresses (also known as Internet Protocol addresses, or IPs) that are sending spam. Before the upgrade, the RBL was updated once a day.

Most email sent to UC Davis addresses is spam, and a key goal of the campus email system is to block that spam while not impeding legitimate email. Statistics collected by Information and Educational Technology (IET) for the last two months of 2010 show the extent of the challenge:

  • 4.59 million IPs sent email to UC Davis accounts
  • 4.39 million of those IPs sent spam, and nothing else

In other words, 95.6 percent of the IPs that sent email messages to UC Davis email accounts sent only spam.

The RBL identifies offending IPs by measuring their output against thresholds that detect spam.

"The offenders are added to the RBL as their messages reach the pre-set thresholds. Offenders will then get removed from the list a short time later," said Jatinder Singh, a manager in IET's Data Center and Client Services, which runs the central campus email service. "This will discourage the average spammer that typically attacks using hit-and-run techniques."

First-time offenders are automatically added to the RBL for a short period. Repeat offenders are added for longer stretches.

The improved RBL is only one of many tools IET employs in its fight against spam, viruses, phishing, and other email vermin. Most incoming email is also assigned a spam score that detects elements in a message that indicate it is likely to be spam.

Messages that score 15 or above are spam and not delivered. Messages that score from 5 to 14.9 are probably spam--in fact, anything th at scores higher than around 7 is almost certainly spam. Depending on how individuals set their accounts, messages that score between 5 and 15 will still be delivered, often to a \034"junk suspects"\035 folder.

Read more in the "Email Security and Abuse" section at email.ucdavis.edu, or check "10 Things Everybody Should Know about How the Email World Works."

Please direct any other questions about campus email to the IT Express Computing Services Help Desk at 530-754-HELP (4357).