Information Technology Home
Service Desk Home
Information Technology Service Desk:
MUnet Spam Firewall
1. What is MUnet Spam Firewall?
2. What services does the Spam Firewall offer?
3. How do I access my Spam Firewall quarantine inbox?
4. What is my Spam Firewall username and password?
5. How can I disable my Spam Firewall service?
6. Can you give me some tips for managing my Quarantine Inbox?
Q. What is MUnet Spam Firewall?
A. The MUnet Spam Firewall is a mail security
service which sits between the Internet and the MU campus e-mail servers.
The service is a hardware/software solution provided by
Barracuda Networks and with on-campus user support provided by
University Information Technology Services. Only e-mail arriving from the Internet and
addressed to an @Marshall.edu account is protected by the Spam Firewall.
Q. What services does the Spam Firewall offer?
A. This service provides campus e-mail accounts with individualized and flexible
e-mail filtering. You have the choice of how your e-mail is handled allowing
you to train the system to identify both trusted e-mail senders along with
the option to tag the subject line, quarantine or out-right block messages
which are untrustworthy.
Q. How do I access my Spam Firewall quarantine inbox?
A. To access your Spam Firewall quarantine, go to the URL
and follow the login instructions.
Q. What is my Spam Firewall username and password?
A. Use your full MUnet e-mail address and a user-specified password to logon
to the Spam Firewall quarantine. For instance if your e-mail address is email@example.com,
then enter this as your username. If you do not know - or would like to reset - your Spam Firewall
password, then click on the 'Create New Password' button on the
MUnet Spam Firewall Login page.
Q. How can I disable my Spam Firewall service?
A. Log in to the MUnet Spam Firewall page
so you can view your Quarrantine Inbox, select 'Preferences' and then select
the tab for 'Quarantine Settings', and select 'No' under the section for 'Quarantine Enable/Disable'.
Be sure to click the 'Save Changes' button to confirm your setting.
Q. Can you give me some tips for managing my Quarantine Inbox?
A. Now that you have a Quarantine Inbox on our Barracuda Spam
Firewall, there are a few things you can do to make it much more effective
at fighting spam. Here are a few helpful hints from our more experienced
Limit Use of Blocked E-mail Address List
The one thing you donít want to do is add the 'From:' address of every piece of spam you receive to
your blocked e-mail list. The vast majority of spam contains a forged 'From:' address. It could belong
to an actual user somewhere on the Internet (though in no way associated with the spammer), or it could
be a randomly-generated address. Either way, that address will most likely be used to send only one or two
messages, then dropped. Adding these addresses to your block list wastes resources and does very little to
block spam. There are exceptions, of course. Generally, these will be in the form of advertisements from
legitimate businesses. If you receive a number of unsolicited emails from the same address and are unable to
subscribe from the source, then this would be a good example of when you could add the From address to your
block list. But that shouldnít be the first thing you do in response to any spam.
Fine-tuning Your Quarantine Settings
Spam Statistical Analysis 101 - Managing spam is a game of statistical analysis. Most anti-spam technologies
use a scoring methodology to assign 'spam points' to a given e-mail message. The more points a message receives,
the greater the probability it has of being spam. The fewer the points, the more likely it is a valid e-mail
message from a trusted source. As you continue to read the tips below, keep this in mind: higher scores are 'bad
messages', lower scores are 'good messages'. Your goal in adjusting your preferences is to adjust the settings -
higher or lower - to suit your personal tolerance to unsolicited e-mail (spam).
Initially your Quarantine Inbox is set to use the default settings set by Information Technology. Most users will
find these settings too permissive and will still receive spam in their e-mail inbox. We suggest that you disable
default settings and select your own. Log into your Quarantine Inbox, click on
the Preferences tab, and then click on Spam Settings (just below the tabs). On that page, youíll see a section titled
Spam Scoring. The Use System Defaults option is currently set to Yes. Click the No button then click Save Changes.
Now youíll be able change the settings on the Spam Scoring.
Spam Filtering Actions - Tag, Quarantine, and Block
As an e-mail message is received from the Internet, a spam probability score is assigned to that message. There are
four basic actions which your Quarantine Inbox can perform on the e-mail message: deliver, tag, quarantine, and block.
Remember the scoring principles discussed above, the lower the score, the more likely you want the message, the higher
the score, the more likely you don't.
With the System Default Settings, messages scoring below 5 points are delivered directly to your e-mail inbox, only
messages that score between 5 and 9 get put into your Quarantine Inbox, and only those that score over 9 get blocked.
There are certain types of messages which initially may have spam-like characteristics, but are still legitimate e-mail.
This is where the 'Tag' feature is used. Messages scoring between 3.5 and 5 will have a tag of
ď****Possible Spam****Ē inserted into their 'Subject' line. You may find that you'll need to lower these
The suggested way to do this is as follows. First, let it go a few days with the current settings. If you find that
everything that ever gets put into your Quarantine Inbox is spam, you can lower the Block Score to match the
Quarantine Score (currently 5), lower the Quarantine Score to match the Tag Score, and lower the Tag Score. If
there are one or two legitimate messages in your Quarantine Inbox, or if youíre getting some legitimate email thatís
tagged, you might want to white list those particular senders.
Leave those scores alone for at least a few days, maybe a week, and see what shows up in your Quarantine Inbox.
If itís all spam, repeat the procedure Ė lower the Block Score to match the Quarantine Score, and lower the Quarantine
Score and Tag Score. Repeat until either you start finding a substantial amount of legitimate email in your Quarantine
Inbox (at which time youíd raise the scores back to their previous settings) or until youíre comfortable with the
amount of spam that still arrives in your inbox. Spammers are always trying new methods to evade e-mail filters.
So don't be disappointed if you cannot block all spam with the basic tag/quarantine/block tools, so donít expect to
completely eliminate it in this way. Weíve received spam with a score of 0.
Using an e-mail whitelist
Most anti-spam product let you maintain a list of trusted e-mail addresses which should never be subjected to spam
scoring. This list of trusted addresses is called a 'whitelist'. Early on you might need to add
individual addresses to this whitelist, particularly for newsletters or other mass email that could look like spam even if it isnít.
The Quarantine Inbox web interface makes adding addressees to this a matter of point and click simplicity.
Eventually, youíll arrive at a combination of spam score settings and whitelists that give YOU the best protection against
spam without accidently blocking (or inadvertently tagging or quarantining) legitimate email. But remember thwarting
spam will be an ongoing battle for the foreseeable future.
Suggested score settings
System Default Tag=2 Quarantine=3.5 Block=5
Permissive User Tag=2.5 Quarantine=4 Block=6
Conservative User Tag=1 Quarantine=2 Block=5
Agressive User Tag=0 Quarantine=0 Block=4
Bayesian Training Tag=0 Quarantine=0 Block=*5
* be sure to reset score settings back after you complete training your Bayesian database.
Advanced tools and techniques
Another thing you can do with the Barracuda is to use the
Bayesian spam filter, which you'll find referenced on the
same page as above. The Bayesian filter scores individual words in each email as to its likelihood of being an
indicator of spam. To make this filter effective, you have to train your Quarantine Inbox by teaching it what YOU
consider spam and what isn't. Please note that until you have marked at least 200 messages as 'Spam' AND marked at
least 200 messages 'Not Spam', the Bayesian filter is not going to be effective. But after you complete this training
process you will notice a significant improvement in the ability of the Quarantine to filter your e-mail . This can be
handled in one of two methods: 1) using an plug-in for the Microsoft Outlook e-mail client; or 2) lowering your
tag/quarantine scores to 0.
Method 1 - Outlook Plug-in. If you use Microsoft Outlookģ as your e-mail client, then you could download and install the Outlook Plug-in. The
plug-in software will add a simple 'spam'/'not spam' scoring classification from your Outlook inbox. Please
use the link on the the
MU Spam Firewall webpage to ensure
you have the latest release of the plug-in.
Method 2 - Reset Spam Scores. If you do not use the Outlook e-mail client, then the other method of quickly
training your Bayesian scoring database is by resetting your Spam Scores to Tag=0, Quarantine=0, and Block=10. This
would result in most everything you receive initially getting 'caught' by your Quarantine Inbox. Then you would
then check monitor the Quarantine web interface throughout the day and classify each message as 'Spam' or 'Not
Spam'. Those you classify as Spam would be immediately deleted and those you classify as Not Spam would then be
delivered to your e-mail inbox. Once you've classified at least 200 messages each as Spam and Not Spam, you can
reset your Tag, Quarantine, and Block scores back to suggested levels. Legitimate email ends up where it belongs,
and as much spam as possible is blocked based the YOUR new Bayesian rules built during this training period.
One thing to be aware of in classifying email as Spam. Sometimes spammers include whatís called "word salad"
in their messages, specifically to confuse Bayesian filters. This can be anywhere from a couple of lines to
several paragraphs of words that have nothing at all to do with their spam. Sometimes itís a portion of a book
or magazine article, sometimes itís just random words. If you classify those as Spam, it will cause the Bayesian
filter to give those words a higher spam score than it should. So you need to look at every message before
classifying it as Spam. Those that contain word salads should just be deleted.
More information on managing your Quarantine Inbox can be found in the online
Barracuda Spam Firewall Users Guide.
If you would like additional assistance or information, would like to offer additional spam fighting tips,
or have suggestions/comments for these instructions, then please contact the
Information Technology Service Desk.
Be Herd: Your feedback is welcome and appreciated.