Olds College Information Technology

skip to content

• Prospective Students
• Current Students
• Community & Alumni
• Staff & Faculty

• Olds College Home
• IT Home
• Library Home
• Help Files
  • Outlook
  • How-to Files
• Computer Labs
  • DMP Lab Schedule
  • Software Load
• IT Contacts

SPAM Quarantine Notifications The new appliance will send you a notice that it has held mail for you.  You can then click on the included links to retrieve the held messages IF this is really a legitimate email. There is also a second link at the bottom of the message that will take you directly to the appliance  - where you can then set preferences, etc., not just retrieve individual messages. (If you leave the settings as they are by default it will work just great. You do not need to make changes to the preferences.) The point of the quarantine is to make the system self managing. Each user can manage their suspicious items.  We tried hard to make the new system as similar to what we were used to from our previous system.  We also did not want all the crap simply being tagged as *SPAM* and landing in your inbox – for each user to create their own rules, own folders to automatically file it away out of site, but still available in case they were looking for something.  This would be far too much work for each user. It is much more efficient to do this with a common mechanism. I also expect that most users will only seldom need to go through the process of re-delivering these quarantined messages. As you whitelist these items, the filter will become customized to your specific emails. It becomes more and more accurate. Security message What should you do about the warning message that is presented by Internet Explorer when you do go to this site? Click “continue to this website (not recommended).”

Why does this message appear?

Internet Explorer does not recognize the certificate (the certificate is what is used to encrypt the traffic – as one is passing password over the Internet).  If the certificate is not a commercial certificate from the big boys like Verisign, etc. Internet Explorer does not recognize it as legitimate. – it could be suspicious. It is not! It is OK to continue to this website!! A self-signed certificate – as in this case – is not good enough for Internet Explorer. We would have to pay hundreds of dollars per year for a commercial vendor’s certificate for this message to go away.

“2 nd” Password confusion

Most of you will have received a message like this:

So what is this all about???

This gives you a second method of logging into the Barracuda Spam Filter to access your account – your quarantined messages, your quarantine preferences. This is a one time message when the account is first created.

The easiest way is to just use the included links – as per the example above in "SPAM Quarantine Notifications".  So I suspect you really will seldom need the username and password as shown above. You will notice that the links already include the password – built in with a fancy algorithm – real easy to use.

SPAM that is getting through

Many of you have noticed spam that has gotten through the filter.   These are known as false negatives.  The filter wrongly thinks this is NOT spam.  During the first week of this new filter we had lots of false positives – messages that the filter thought were spam, but were legitimate desirable emails. This was easy to deal with, as we simply whitelisted those messages or senders.  Usually these were very html rich newsletters or bulk messages.  The false negatives are much harder to deal with.  The filtering process to recognize this is extremely complex.  It is the hardest spam to recognize.  Thus, these messages get through.  By the way, I have also seen this kind of problem with my home Telus account. Their huge, mega-expensive system is also struggling with these false negatives.

I have been following some of these messages in the barracuda log – they score extremely low on the spam scale, and thus they come through.  We cannot set our threshold that low, or thousands of legitimate emails would be quarantined or blocked.  This is the lesser of the evils.

Solution :  – just hit “delete”

Optional : you can forward these messages as an attachment to spam@barracuda.com    (Sending the whole mail as an attachment also includes the mail headers – which are the most valuable piece for the folks who build these filters.) These messages are then fed to the complex Bayesian filter at Barracuda. Barracuda then sends out a new spam signature update. (They send out updates about every 10 to 20 minutes. Our appliance updates itself every ½ hour.) These updates are then used by our filter to make decisions as to what is good and what is not good.

 

= = = = = = = =  start of sample spam message = = = = = = = = = =

From: Gloria Lucas [mailto:harwich6@mariababy.com]
Sent: Tuesday, April 07, 2009 9:44 AM
To: xxxxxxxxxx@oldscollege.ca
Subject: cllnique en ligne et non une farmacie

Votre farmacie en ligne vend des méicaments tels que, Via S-Active, Cia, ..

Nous vous offrons une façon sécure, agréable et discrète afin d'acheter des mdicaments en ligne.
L'achat d'un méicament est simple et rapide.

Pourquoi choisir speedreal.com <http://speedreal.com/> ?

- Envoi discret et confidentiel
- Méicaments de marque originaux
- Pas de frais caches

Votre sécurité, bien-être et satisfaction sont nos priorités principales. Notre équipe du service clients sera heureuse de répondre à vos questions concernant tout aspect de votre traitement ainsi que de vous assister si vous avez des problèmes techniques lorsque vous commandez.

Via 30 Pilo - 80.40 Euro - Vos économies: 22.58 Euro
Via 60 Pilo - 127.23 Euro - Vos économies: 7836 Euro

Cia 20 Pilo - 68.29 Euro - Vos économies: 2.66 Euro
Cia 30 Pilo - 91.78 Euro - Vos économies: 14.17 Euro

Ne souffrez pas d'un problème que vous pouvez surmonter! <http://speedreal.com/>

= = = = = = = =  end of sample spam message = = = = = = = = = =

 

The message is simple text, it has a single recipient, it is not sent from a blacklisted domain or IP address (likely sent from a home computer that has been victimized by malicious ware) that would set off the IP reputation filter, it is not html rich, it is sensitive in the words it uses  …. But explicit enough we think we know what they want to sell us – and make our lives sensationally rich!!! ;-)

WHY did we switch to the Barracuda appliance?

We used to pay for a service – AppRiver.com – on a per user basis.   (We now realize that the AppRiver spam engine was a very effective solution. They are very good at what they do. They obviously do excellent research.) 

We now collaborate with Chinook’s Edge School Division.  We did not actually purchase this appliance. CESD has graciously allowed us to use their box. (OK, we let them use the extra capacity of our VoIP telephone system and our Aruba wireless system.) The barracuda is licensed per appliance.  Their appliance had sufficient capacity to handle our mail too. 

To have continued with AppRiver for all our staff and student users, would have cost us well over $20,000 / year. This solution costs us the effort to collaborate with the good folks at CESD.

This project is another one of the real tangible benefits of the collaboration with Chinook’s Edge School Division!

Related Links

 

• Legal
• Questions or Comments?
• Website Questions?
• Search Olds College