Using the UNT IronPort SPAM Appliance - spam.unt.edu

On November 13, 2007, UNT implemented an IronPort network appliance to reduce the number of unsolicited email, or SPAM, entering the campus mail system. This document explains how to:

• Login to the system
• Check for quarantined messages
• Release legitimate messages
• Manage your Safelist
• Manage your Blocklist
• Log Out of the system
• Report a SPAM message

Messages are deleted from quarantine after 15 days and are unrecoverable. Checking your quarantine should become part of your regular routine to lower the risk of losing important messages.

Login to the System

1. Browse to http://spam.unt.edu/ from your favorite web browser. Enter your EUID in the Username field and your associated password in the Password field then click Login. Forgot your EUID or password?
   
   
   

Managing Your Quarantined Messages

As in the old SPAM system, highly suspect mail is automatically eliminated. Messages quarantined as possible SPAM reside in quarantine until you release them, delete them or they reach 15 days old and are purged by the system. Once you delete a message from quarantine, or it is expired after 15 days, that message is unrecoverable. You should login to http://spam.unt.edu/ periodically so legitimate messages are not purged from your quarantine.

1. Follow the steps outlined in Login to the System.
2. Messages tagged as SPAM start out in your quarantine. By default, the interface displays 25 messages at a time which you can change. From this interface you can select individual messages, or "block select" all displayed messages (click the check-box next to the From header), to act on. The limited characters in the Subject field is by design; this keeps spammers from getting their message through in the subject. You can hover your mouse over a subject to see the full subject line.
   
   
   
3. There are two options for releasing messages from your quarantine. You can release a message and only that message will be forwarded to your mailbox. You can also Release and Add to Safelist which releases that message to your mailbox and adds that email address to your Safelist. You can also Delete the selected messages.
   
   
   
4. Be sure to Log Out of the system when you are finished.

Manage Your Safelist and Blocklist

If you know specific addresses that caused you problems in the past by either being wrongly tagged or not properly tagged, these would be good candidates for your Safelist and Blocklist respectively. Your Safelist and Blocklist items are applied in addition to the system rules. If you have an address in your Safelist it will be honored above the priority of the global system settings and likewise for your Blocklist.

1. Follow the steps outlined in Login to the System.
2. The Options menu in the upper-right of the screen allows you to choose your Safelist or Blocklist to manage.
   
   
   
3. Choose Safelist or Blocklist from the menu to show its contents; by default both lists start out empty as all filtering is done system-wide. Changes to your personal Safelist and Blocklist are applied in addition to the global settings. The image below shows the zobh.com domain added to a Blocklist. You can use the examples provided in the interface to block or allow entire domains or just select addresses. You can remove an entry by clicking the trashcan icon to the right of the entry.
   
   
   
4. Be sure to Log Out of the system when you are finished.

Log Out of the System

1. Be sure to Log Out of the system from the Options menu in the upper-right of the screen when you are finished.
   
   
   

Report a SPAM Message

Occasionally, a SPAM message will get past the IronPort appliance. You can help improve the filtering by forwarding these messages to IronPort for analysis to help provide better filtering. Be sure messages you forward are truely SPAM. For instance, if you subscribed to a mail list and do not want mail from the list anymore, unsubscribe instead of reporting it as SPAM. If you receive an advertisement for a company you've never done business with, this is valid SPAM and should likely be reported.

1. Forward the message, as an attachment, to spam@access.ironport.com and IronPort will tweak their spam detecting rules and attempt to block that kind of message in the future.

Resources

• Forgot your EUID or password?
• The Help -> Online Help menu has more detail on some of the topics covered in this document.
• Read the INhouse article New anti-spam software to reduce number of "bulk" messages
• Email the CAS Postmaster a question

College of Arts and Sciences
Computing Support Services
225 Ave. B GAB 313
Denton, TX 76203
Tel: 940.565.4498
E-mail: cascss@unt.edu