 |
An InfoHelp How To...? Guide |
|
What is Spam? | JCU MailScanner and Attachments | Guidelines for Naming Attachments | Opening Attachments Safely
What is Spam?
Spam is unsolicited email. From the sender's point-of-view, it's a form of bulk mail, often to a list culled from subscribers to a discussion group or obtained by companies that specialize in creating email distribution lists. To the receiver, it usually seems like junk email. In general, it's not considered good netiquette to send spam. It's generally equivalent to unsolicited phone marketing calls except that the user pays for part of the message since everyone shares the cost of maintaining the Internet.
JCU email aliases are provided to ease dissemination of information to all students and staff but their use should fall within acceptable use policy. See JCU policies on Guidelines for Communicating with the University Community and Unsolicited or Spam Email for further information.
If you believe you have received spam email as a result of an inappropriate use of JCU email servers or aliases, forward the complete message as an attachment (ie including all mail headers) to InfoHelp.
JCU MailScanner and Attachments
James Cook University MailScanner uses a virus protection program called Sophos, which scans all incoming and outgoing email message attachments for potential virus threats.
Not only does MailScanner scan for known viruses, but it also protects against possible unknown viruses or threatening files hidden inside email attachments whose filenames match any given pattern. This can include generic patterns that trap filenames attempting to hide the true filename extension (eg. ".txb.vbs").
The reason is that this is standard hacking practice and is a possible attempt to embed potentially threatening files eg. vbs scripts under the guise of documents eg. .vbs.doc or .doc.vbs
To pass through the MailScanner filenames must consist of three components
<name>.<extension>;<version> and extensions have defined
types:
.doc Word document
.rtf Rich Text Format
.xls Excel spreadsheet
This is a defacto industry standard.
If the MailScanner detects a virus or suspicious attachment it will replace the infected file with a "Virus Warning.txt" file to prevent the recipient's computer from becoming infected. Both the sender and recipient are notified via email.
Certain attachment types are highly suspectible to containing viruses or malicious code. Best practice dictates that these are NOT delivered (this includes both incoming and outgoing mail). NO notification is provided to the sender or recipient given the sheer volume of these sent by hackers, trojans and MalWare.
The list of file types are as follows:
| .Trojan | .cmd | .hta | .mov | .reg | .shs | .wsc |
| .avi | .cnf | .ins | .mp3 | .scf | .vbe | .wsf |
| .bas | .com | .lnk | .mpeg | .scr | .vbs | .wsh |
| .bat | .cpl | .mhtml | .mpg | .sct | .vsf | .xnk |
| .chm | .exe | .mng | .pif | .shb | .wmv | document.com |
If you wish to send files of one of the above types you can do so by zipping them up first and sending the zip file as an attachment. Zip files are accepted for incoming and outgoing delivery unless they contain viruses in which case a notification is provided.
Guidelines for Naming Attachments
Follow these guidelines to reduce the number of emails rejected by the MailScanner:
- Use short filenames
- Use all small letters in filename
- Do not use spaces in a filename
- Do not use special characters (?, *, @, #, $, %, etc)
- Use hyphens or underscores
- Do not use double or multiple file extensions (eg. filename.vbs.doc)
The maximum size for email attachments at JCU is 20Mb (including the message body). If you are using IMP Mail the maximum size of each attachment is 2Mb.
Opening Attachments Safely
Regard anything that meets the following criteria with particular suspicion:
- Always be careful of email that has been identified as Spam by the MailScanner. While automated Spam identification is not perfect and cannot be relied on to automatically Trash, it currently provides a fairly high hit rate for identification of unsolicited email.
- If they come from someone you don't know, who has no legitimate reason to send them to you.
- If an attachment arrives with an empty message.
- If there is some text in the message, but it doesn't mention the attachment.
- If there is a message, but it doesn't seem to make sense.
- If there is a message, but it seems uncharacteristic of the sender (either in its content or in the way it's expressed).
- If it concerns unusual material like pornographic websites, erotic pictures and so on.
- If the message doesn't include any personal references at all, (for instance a short message that just says something like "You must take a look at this", or "I'm sending you this because I need your advice").
- If the attachment has a filename extension that indicates a program file.
- If it has a filename with a double extension, like FILENAME.JPG.vbs or FILENAME.TXT.scr, that may be extremely suspicious. As far as Windows is concerned, it's the last part of the name that counts, so check that to find out whether it's a program masquerading as a data file, such as a text file or jpeg (graphics) file.
In all the above instances, it is recommended that you check with the sender that they knowingly sent the mail/attachment in question.
See InfoHelp's Computer Viruses Guide for more information about email viruses and how to avoid a nasty infection.
If this information is inadequate, incorrect, or can be improved in any way, please let us know