Here are two important facts that affect the UST campus community:

• Approximately 60 percent of all the email messages received by St. Thomas each day are classified as spam.
• St. Thomas processes approximately 320,000 email messages per day.

IRT is faced with the challenge of blocking approximately 60 percent of the messages sent to you each day and preventing those messages from reaching your email inbox. The real challenge, however, lies in predicting which messages you would likely want to receive and blocking those messages that you would not want to receive. This is a delicate task that requires a significant amount of processing power and a sophisticated tool that can recognize and separate “good” mail from “bad” mail.

MailMarshal @ UST

UST uses MailMarshal, a server-based application that grabs mail as it enters the university’s mail servers and compares it with a list of criteria to determine its authenticity. Each message receives a score based on that comparison, and IRT is able to set a threshold that the message must exceed to be deemed “authentic,” or not spam. If the threshold is set too low, then you will begin to see more spam reaching your inbox. If the threshold is set too high, then there is the risk that some legitimate email could errantly be classified as spam and it would, therefore, be blocked from your inbox.

Spoofing

Groups that create and send spam are aware of spam-management tools such as MailMarshal and try to find ways to further disguise their messages from identification. “Spoofing” is a practice used to make a message appear like it was actually sent by someone else. You may have received a spam message that appears to have come from a St. Thomas address, but was in fact a “spoofed” address, pirated by a spam sender. Another method used to disguise messages is to intentionally misspell words, often inserting numbers in place of letters so they are not recognized as spam keywords.

Phishing

Another common form of spam is ” phishing.” Phishing emails attempt to deceive the recipient into giving up private information in a response to the message or by leading the recipient to a fraudulent website. Individuals who send these messages will then use the returned username and password to send further spam through the victim’s account, or attempt to gain access to sensitive information for illegal purposes. IRT will never ask you for your username or password via email.

Here are a few key components to look for to verify the legitimacy of an email from an institution requesting personal or institutional information from you:

1. Verify that the sender’s e-mail address is legitimate. Check to see that the domain name (the “@stthomas.edu” portion of the address) matches that of the institution’s website.
2. If the email suggests that you click on a link to provide information, pay close attention to the URL (or address) to verify that the address matches that of the known website. Also look for an HTTPS:// to ensure a secure connection.
3. Look for proper grammar. It is surprising how often phishing messages contain poor English grammar when requesting information. This is certainly not the case with all messages, but it could be an early indicator that the message is fraudulent.

A good resource for more information on phishing scams is available on IRT’s Help and Support Web page.

MailMarshal Digest

In an effort to provide an increased level of filtering for those people who receive significant amounts of spam, IRT has created the MailMarshal Digest. This service requires only an email to the Tech Desk to be placed in the digest group, which will increase the filter on your MailMarshal account to catch additional spam.

Because we are filtering more mail, there is an increased possibility that some legitimate email will be identified as spam and will be blocked by MailMarshal. In order to assist with the identification of legitimate email, we will send a digest of quarantined email to users once a day. From this list, you will be able to identify any messages from quarantine that you feel are legitimate. If you find legitimate email, ensuring safe delivery is as easy as logging into MailMarshal and designating the sender, or the sender’s domain as an allowable and “safe” sender. If you feel that there are no legitimate messages shown in the digest, you can simply delete the digest message.

To be added to this digest, send an e-mail into irthelp@stthomas.edu. You may visit your MailMarshal account by going to http://mail.stthomas.edu/ and logging in with your UST Net ID.

If you have questions about spam or MailMarshal, email the Tech Desk.