Scanning of email

From ITSwiki
Jump to: navigation, search

Spamfilter - Scanning of email at DTU


email-spam.jpg


Emails are scanned for spam, viruses and unwanted attachments.

For @dtu.dk, @imm.dtu.dk and @mat.dtu.dk email addresses filtered with the DTUs new filter

About 90% of all mail sent to DTU is removed as spam without being forwarded to the user. The mails where the filter is in doubt are moved to the users quarantine mailbox. The filter uses greylisting, blacklists of IP addresses and domains, lists of unwanted file extensions and it scans the headers and content of the mail for patterns that indicate spam or virus. Scanned emails are either forwarded to the end-user to the "Inbox" folder, forwarded to the end-user and placed the the "Junk E-mail" folder, placed in the users quarantine box or rejected (in which the sender will get an notification). Once per day all quarantine mailboxes a checked for new emails and if there is any new email an email is send to the owner of the mailbox (a quarantine report).

See the general descriptions on Inside under Spamfilter

Known Problems - tips and Tricks

Some local suggestions to limit the problems many users are experiencing with the spam filter.

If you experience problems with the spam filter, please contact itsupport@compute.dtu.dk. We want to keep an overview of the problems and we will forward problems to AIT (central DTU IT), who is sometimes able to solve the problems by changing the spam filer settings.

Many users have problems with proper mail ending up in the quarantine. It is not possible to avoid the quarantine, but here are a few suggestions to limit the problems.

Quarantine messages:

These are sent once a day. You can choose to turn them off completely, but you can not change to frequency to e.g. once per day.

Check the quarantine regularly, especially if you are expecting important mail. Check your quarantine box on https://protection.office.com (username is <logon name>, password the same as to Inside). Look under "Threat Management" -> Review -> Quarantine.

Mails in the quarantine mailbox are removed after 60 days, hence there is no need to remove mails from the quarantine mailbox.

Whitelist and false positives

You can add addresses to your white list via the webmail interface (see the description at Inside). Note that a white list does NOT guarantee that mail is not filtered as some rules in the spam filter overrule the white list.

Email addresses of senders, being quarantined and released, are not being placed on a whitelist (like it was on the spamfilter in place until November 2018).


Scanning inside Outlook Best practice hint concerning Outlook and Junk-Email filtering: while Outlooks junk filter does catch a number spam mails DTU Compute experience shows that it does produce a number of false positives. make sure to check the "Junk E-mail" folder regularly.

Retrieved from "https://itswiki.compute.dtu.dk/index.php?title=Scanning_of_email&oldid=3441"