P A G E    5

Winter 2007  

Technical Department News

  Migration and Spam Filtering

To provide enhanced mail and program service for all of CCIL community, the IT department and LinuxForce started server upgrades in November and December 2006. By upgrades we mean software migration moving the software that runs various functions, program by program, from old equipment to new.

  Since the software migration now isn’t going to be finished until the end of January and SPAM is/was such a problem a stopgap measure was devised. Incoming emails are now temporarily redirected to pass through the new server named Earth before going back to the Mercury server. Some level of spam filtering has always been done on the old server named Mercury.  Earth is more powerful and able to run more powerful SPAM filters.

On a typical day last year the old method identified & rejected about 50% of the email volume, or 8000 to 9000 emails, as SPAM. On a recent day the new method identified & rejected almost 20,000 (19398) spam/virus laden mails, which is about 86% of all our incoming email traffic.  So we are killing about 36% more spam with the addition of Earth.

  Scanning of spam/virus mails runs through about 12 processes on Earth. Each process can recognize a known attack parameter and when found is discarded. A parameter can be a false domain name, content scanning for known words, a blacklisted IP address, invalid sender, badly written spam bots, invalid sender or recipients, MIME errors, long file names, or known extension and file types from spam/virus attacks. The new server configuration is able to scan html code and script files in any browser; attachments and dummy viruses; java and java script; vb script; activex; cookies; and open proxy checks and port scans to name a few. Like your PC, there are always updates of software and hardware to keep up with the attacks.

  We were getting messages with unrecognized words because the messages seem to be of Russian origin. Contacting a Russia citizen proved to be not Russian, but some other country in the Mediterranean part of the world. But since the upgrade, these messages have disappeared.