Marshall University Logo
Computing Services
FULL SEARCH
 
 

Marshall > IT > Service Desk		 Choose Option from Navigation Bar


SEARCH INFORMATION TECHNOLOGY


Information Technology Home
Service Desk Home

Information Technology Service Desk:




MUnet Spam Firewall

1. What is MUnet Spam Firewall?

2. What services does the Spam Firewall offer?

3. How do I access my Spam Firewall quarantine inbox?

4. What is my Spam Firewall username and password?

5. How can I disable my Spam Firewall service?

6. Can you give me some tips for managing my Quarantine Inbox?



Q.  What is MUnet Spam Firewall?

A.  The MUnet Spam Firewall is a mail security service which sits between the Internet and the MU campus e-mail servers. The service is a hardware/software solution provided by Barracuda Networks and with on-campus user support provided by University Information Technology Services. Only e-mail arriving from the Internet and addressed to an @Marshall.edu account is protected by the Spam Firewall.


Q.  What services does the Spam Firewall offer?

A.  This service provides campus e-mail accounts with individualized and flexible e-mail filtering. You have the choice of how your e-mail is handled allowing you to train the system to identify both trusted e-mail senders along with the option to tag the subject line, quarantine or out-right block messages which are untrustworthy.


Q.  How do I access my Spam Firewall quarantine inbox?

A.  To access your Spam Firewall quarantine, go to the URL http://www.marshall.edu/noSpam and follow the login instructions.


Q.  What is my Spam Firewall username and password?

A.  Use your full MUnet e-mail address and a user-specified password to logon to the Spam Firewall quarantine. For instance if your e-mail address is joe.user@marshall.edu, then enter this as your username. If you do not know - or would like to reset - your Spam Firewall password, then click on the 'Create New Password' button on the MUnet Spam Firewall Login page.


Q.  How can I disable my Spam Firewall service?

A.  Log in to the MUnet Spam Firewall page so you can view your Quarrantine Inbox, select 'Preferences' and then select the tab for 'Quarantine Settings', and select 'No' under the section for 'Quarantine Enable/Disable'. Be sure to click the 'Save Changes' button to confirm your setting.


Q.  Can you give me some tips for managing my Quarantine Inbox?

A.  Now that you have a Quarantine Inbox on our Barracuda Spam Firewall, there are a few things you can do to make it much more effective at fighting spam. Here are a few helpful hints from our more experienced customers:

Limit Use of Blocked E-mail Address List
The one thing you don’t want to do is add the 'From:' address of every piece of spam you receive to your blocked e-mail list. The vast majority of spam contains a forged 'From:' address. It could belong to an actual user somewhere on the Internet (though in no way associated with the spammer), or it could be a randomly-generated address. Either way, that address will most likely be used to send only one or two messages, then dropped. Adding these addresses to your block list wastes resources and does very little to block spam. There are exceptions, of course. Generally, these will be in the form of advertisements from legitimate businesses. If you receive a number of unsolicited emails from the same address and are unable to subscribe from the source, then this would be a good example of when you could add the From address to your block list. But that shouldn’t be the first thing you do in response to any spam.

Fine-tuning Your Quarantine Settings
Spam Statistical Analysis 101 - Managing spam is a game of statistical analysis. Most anti-spam technologies use a scoring methodology to assign 'spam points' to a given e-mail message. The more points a message receives, the greater the probability it has of being spam. The fewer the points, the more likely it is a valid e-mail message from a trusted source. As you continue to read the tips below, keep this in mind: higher scores are 'bad messages', lower scores are 'good messages'. Your goal in adjusting your preferences is to adjust the settings - higher or lower - to suit your personal tolerance to unsolicited e-mail (spam).

Initially your Quarantine Inbox is set to use the default settings set by Information Technology. Most users will find these settings too permissive and will still receive spam in their e-mail inbox. We suggest that you disable default settings and select your own. Log into your Quarantine Inbox, click on the Preferences tab, and then click on Spam Settings (just below the tabs). On that page, you’ll see a section titled Spam Scoring. The Use System Defaults option is currently set to Yes. Click the No button then click Save Changes. Now you’ll be able change the settings on the Spam Scoring.

Spam Filtering Actions - Tag, Quarantine, and Block
As an e-mail message is received from the Internet, a spam probability score is assigned to that message. There are four basic actions which your Quarantine Inbox can perform on the e-mail message: deliver, tag, quarantine, and block. Remember the scoring principles discussed above, the lower the score, the more likely you want the message, the higher the score, the more likely you don't.

With the System Default Settings, messages scoring below 5 points are delivered directly to your e-mail inbox, only messages that score between 5 and 9 get put into your Quarantine Inbox, and only those that score over 9 get blocked. There are certain types of messages which initially may have spam-like characteristics, but are still legitimate e-mail. This is where the 'Tag' feature is used. Messages scoring between 3.5 and 5 will have a tag of “****Possible Spam****” inserted into their 'Subject' line. You may find that you'll need to lower these settings.

The suggested way to do this is as follows. First, let it go a few days with the current settings. If you find that everything that ever gets put into your Quarantine Inbox is spam, you can lower the Block Score to match the Quarantine Score (currently 5), lower the Quarantine Score to match the Tag Score, and lower the Tag Score. If there are one or two legitimate messages in your Quarantine Inbox, or if you’re getting some legitimate email that’s tagged, you might want to white list those particular senders.

Leave those scores alone for at least a few days, maybe a week, and see what shows up in your Quarantine Inbox. If it’s all spam, repeat the procedure – lower the Block Score to match the Quarantine Score, and lower the Quarantine Score and Tag Score. Repeat until either you start finding a substantial amount of legitimate email in your Quarantine Inbox (at which time you’d raise the scores back to their previous settings) or until you’re comfortable with the amount of spam that still arrives in your inbox. Spammers are always trying new methods to evade e-mail filters. So don't be disappointed if you cannot block all spam with the basic tag/quarantine/block tools, so don’t expect to completely eliminate it in this way. We’ve received spam with a score of 0.

Using an e-mail whitelist
Most anti-spam product let you maintain a list of trusted e-mail addresses which should never be subjected to spam scoring. This list of trusted addresses is called a 'whitelist'. Early on you might need to add individual addresses to this whitelist, particularly for newsletters or other mass email that could look like spam even if it isn’t. The Quarantine Inbox web interface makes adding addressees to this a matter of point and click simplicity.

Eventually, you’ll arrive at a combination of spam score settings and whitelists that give YOU the best protection against spam without accidently blocking (or inadvertently tagging or quarantining) legitimate email. But remember thwarting spam will be an ongoing battle for the foreseeable future.

Suggested score settings
System Default     Tag=2 Quarantine=3.5 Block=5
Permissive User    Tag=2.5 Quarantine=4 Block=6
Conservative User Tag=1 Quarantine=2 Block=5
Agressive User     Tag=0 Quarantine=0 Block=4
Bayesian Training  Tag=0 Quarantine=0 Block=*5
* be sure to reset score settings back after you complete training your Bayesian database.

Advanced tools and techniques
Another thing you can do with the Barracuda is to use the Bayesian spam filter, which you'll find referenced on the same page as above. The Bayesian filter scores individual words in each email as to its likelihood of being an indicator of spam. To make this filter effective, you have to train your Quarantine Inbox by teaching it what YOU consider spam and what isn't. Please note that until you have marked at least 200 messages as 'Spam' AND marked at least 200 messages 'Not Spam', the Bayesian filter is not going to be effective. But after you complete this training process you will notice a significant improvement in the ability of the Quarantine to filter your e-mail . This can be handled in one of two methods: 1) using an plug-in for the Microsoft Outlook e-mail client; or 2) lowering your tag/quarantine scores to 0.

Method 1 - Outlook Plug-in. If you use Microsoft Outlook® as your e-mail client, then you could download and install the Outlook Plug-in. The plug-in software will add a simple 'spam'/'not spam' scoring classification from your Outlook inbox. Please use the link on the the MU Spam Firewall webpage to ensure you have the latest release of the plug-in.

Method 2 - Reset Spam Scores. If you do not use the Outlook e-mail client, then the other method of quickly training your Bayesian scoring database is by resetting your Spam Scores to Tag=0, Quarantine=0, and Block=10. This would result in most everything you receive initially getting 'caught' by your Quarantine Inbox. Then you would then check monitor the Quarantine web interface throughout the day and classify each message as 'Spam' or 'Not Spam'. Those you classify as Spam would be immediately deleted and those you classify as Not Spam would then be delivered to your e-mail inbox. Once you've classified at least 200 messages each as Spam and Not Spam, you can reset your Tag, Quarantine, and Block scores back to suggested levels. Legitimate email ends up where it belongs, and as much spam as possible is blocked based the YOUR new Bayesian rules built during this training period.

One thing to be aware of in classifying email as Spam. Sometimes spammers include what’s called "word salad" in their messages, specifically to confuse Bayesian filters. This can be anywhere from a couple of lines to several paragraphs of words that have nothing at all to do with their spam. Sometimes it’s a portion of a book or magazine article, sometimes it’s just random words. If you classify those as Spam, it will cause the Bayesian filter to give those words a higher spam score than it should. So you need to look at every message before classifying it as Spam. Those that contain word salads should just be deleted.

More information on managing your Quarantine Inbox can be found in the online Barracuda Spam Firewall Users Guide.

If you would like additional assistance or information, would like to offer additional spam fighting tips, or have suggestions/comments for these instructions, then please contact the Information Technology Service Desk.

Be Herd: Your feedback is welcome and appreciated.
Link to Electronic Directory Link to Contact Information Link to Campus Map Link to Site Index