Department of Engineering

Junk Email

"Junk email" (also known as Spam) is on the increase. It is a loose term which can cover unsolicited advertising material, offensive messages, chain letters and off topic messages on mailing lists.

Junk email may not be sent from Engineering Department systems; any user of departmental systems who generates junk mail will be subject to the normal disciplinary rules.

If junk mail comes from other educational sites, especially those within the UK, action can normally be taken to prevent any recurrence of abuse. Commercial sites vary greatly in their response to junk mailers, ranging from those who will terminate accounts for such abuse to those set up specifically for junk mailing.

Can junk email be dangerous?

Yes. There are various ways in which junkmail can be dangerous:

  • It can trick you into giving away passwords to bank accounts etc - Phishing
  • It can trick you into giving away money, in the hope of getting more - Advance-fee fraud
  • It can encourage to you click on a link to a webpage which contains a virus, even though the email itself is not a virus - Trojans

If you believe you may have clicked on a link in a suspicious email, given away a password or opened a possibly viral file, then please contact helpdesk immediately for advice.

Phishing

Phishing is the name given to the practice of trying to trick you into giving away your login details, perhaps to a bank account or to something like paypal. The emails will often look official, and might tell you that your account will be cancelled unless you log in and verify your details. They usually give a link which looks like it goes to your bank, but which is really a fake. You should always be suspicious of any mail which asks you to click a link and fill in your details. If you think it might be a genuine request you should type in your bank's usual address into your web-browser, or use your usual bookmark, and log in as normal there, rather than following the link in the email.

More information on how to spot phishing emails can be found here: http://www.banksafeonline.org.uk/

Please note we will never ask you to tell us your username and password either by email or via a webpage. If you see mail which appears to do so please report it to postmaster

Advance-fee fraud

The are various different sorts of advance free fraud. You will sometimes see them referred to as 419 scams, after the relevant section of the Criminal Code of Nigeria, or just as Nigerian scams since this is where they first originated. They usually all take a very similar form: you are asked to help someone recover a large sum of money from a foreign country, and in return you are offered a portion of the profits. At the heart of the scam is the advanced fee aspect: just when the money is about to be transferred some unforeseen difficulty suddenly occurs and fees from the victim are necessary to overcome the problem. There are similar scams telling you that you have won a large sum on a lottery, and asking for a fee in order to claim in. Remember: "If it sounds too good to be true, then it is!"

More information on this type of scam can be found here: http://www.met.police.uk/fraudalert/419.htm

Viruses/Trojans

Just as you should never run un-solicited attachments, even if they appear to from from someone you know, you should also be wary of clicking on links in emails. Some of the advice on phishing may help you to identify which links are more likely to be fake. In general you should make sure that both your mail client and your web browser are kept up to date with any security patches, and that you are running anti-virus software which is also kept updated, on at least a weekly basis.

What can be done about junk email?

There is very little that can be done about one-off incidents, and many of the perpetrators move their operations from site to site, making it hard to block mail in any reasonable way. The addresses in the headers are often faked, and while it is sometimes possible for postmaster to track down the source, they are often "throw-away" accounts which are no longer in existence.

Spam filtering on hermes

Hermes has some reasonably sophisticated spam filtering available. It has reasonable defaults which remove a lot of junk email, but you can also tune it to your own requirements. If you are receiving a lot of junk you should check that this filtering is turned on, and that it is set to a threshold of 5 or lower.

The UIS provide other useful pages on junk mail: Malicious and junk email.

Spam filtering in the department

As staff time permits, the departmental email system is being enhanced to provide some defence against junk mailers, but in general it is hard for the mail system to tell the difference between junk email and legitimate conversations, so any such improvements are likely to be imperfect, and may also make it difficult for some legitimate email to get through.

The departmental system has some simple mail filters in place. These will reject mail that appears to come from sources which have previously tried to send junk email to the department. In addition, we are using the following lists to reject mail from suspect sources:

  • ZEN, since December 2007 (this replaces the SBL and the XBL, and also incorporates the SBLCSS, XBL and PBL blacklists.)

If you believe that the blocks are preventing legitimate mail from reaching you, please contact postmaster giving the details of the errors and of the correspondents involved.

Forwarding to Postmaster

With most junk mail, the most sensible thing to do is simply to stay calm and delete it. Postmaster does not have time to investigate all the junk mail coming into the department from outside, but if you are being overwhelmed by the volume of messages, or if you see a large number of very similar ones, or need advice as to whether a message in genuine then you can forward it to postmaster.

If you do not require a reply, and simply wish to send us an example to help us improve our filters, then please can you forward to: postmaster-spam

If you do require a reply then please send to: postmaster-query

Please can you indicate whether:

  • you wish us to confirm whether it is a genuine email or not
  • you are getting a lot of similar messages and would like help to block them
  • you think it is a very convincing scam and would like us to warn others

Please include full headers when forwarding junk messages, see the UIS page on Full Headers

Please note that messages which came to you via your @cam.ac.uk address do not show up in our logs, and will not be affected by Engineering mail filters.

Do not send junk mail on to anyone else.

What not to do

  • Do not reply directly to junk emails.
  • Do not send junk mail on to anyone else.
  • Don't click on "REMOVE" links - they rarely work.
  • Don't click on links in emails at all if you're unsure they're safe.
  • Don't open files which arrive in unsolicited emails without checking with the sender.
  • Don't encourage bulk advertisers by buying anything!
  • Beware of hoaxes - don't forward chain letters.
  • Don't list your full email address on webpages

How should people advertise on the Internet?

Users of systems in the Engineering Department should only be "advertising" things of relevance to the department, in accordance with our local rules.

Work related items can be advertised via the admin-all mailing list, and things of possible interest to colleagues which are not directly work related (eg cake sales, sponsorship requests) may be advertised via the admin-social mailing list or other social lists relevant to your group.

In general the best way to advertise on the Internet is via sites like Gumtree or Freecycle, or via an an advertisement to a Facebook group (but make sure the group is both appropriate to the topic, and is one where advertisements are acceptable) or web forum. Basically bulk email is seldom an appropriate means of advertising things.

Unsolicited email from eng.cam.ac.uk

If you have received unwanted email which appears to have been sent from an address within the Cambridge University Engineering Department (eng.cam.ac.uk), please see our policy on network misuse for information on what you can do.

Users within the Engineering Department should be aware that the University discourages unsolicited or inappropriate bulk email and has guidelines on approriate use of lists.