Home Help
 Academic Programs
 Medical Center
 Events Calendar
 Prospective Students
 Faculty & Staff
 About Columbia
 A–Z Index
 E-mail & Computing

Columbia News
Search Columbia News
Advanced Search
News Home | New York Stories | The Record | Archives | Submit Story Ideas | About | RSS Feed

Protecting the Computer Network by Blocking Spam

Virus-infected computers can often be unwitting transmitters of spam -- and with the University rejecting half a million junk e-mails a day, it's clear that spam generated by non-Columbia computers presents a daily threat to Columbia's own network.

Since 2003, the amount of spam has increased fivefold worldwide. A report from San Francisco-based Ferris Research, an advisory group that studies messaging technology, puts the business cost of spam for this year at $50 billion worldwide, which includes deploying anti-spam software and lost user productivity.

The onslaught of spam that plagues universities and a recent spam attack that was enabled by the Sober computer virus are stark reminders of how vigilant the Columbia community must be. Several machines on campus reading mail from non-Columbia systems were infected. These infected machines were detected by Columbia-developed software that searches for so-called "trojaned," or compromised, machines.

A recent spam wave started with a trickle one Saturday afternoon. By Sunday morning, however, waves of similar spam about German politics began flooding Columbia's e-mail servers with innocuous-sounding subject lines such as "Turkish Tabloid Enrages Germany."

Joel Rosenblatt, a senior security officer for Academic Information Systems (AcIS), and Joe Brennan, Columbia's e-mail postmaster, detected the new German message attack and took action.

By Sunday afternoon, the postmaster had reprogrammed Columbia's e-mail filter, adjusting some of the spam settings to block almost 100 percent of the spam, using a software package called SpamAssassin.

SpamAssassin's rating system evaluates each message based on its content and gives it a number from zero to 20. Anything with a spam rating greater than eight is automatically rejected. Among the other things the program looks for are key words such as "Viagra" or "Cialis," including words camouflaged with numbers (e.g., "C1al1s") as well as special characters.

Because viruses are constantly evolving and can sometimes piggyback on spam, it's critical for Columbia to stay one step ahead of the spammers, says AcIS Deputy Vice President Vace Kundakci.

The University also subscribes to a number of "block lists" -- a compilation of continuously updated e-mail and network addresses known to generate spam.

Of course, AcIS can't work on this complex problem alone.

Individual users have a big role to play. Having the latest anti-virus and anti-spyware software is fundamental to protecting Columbia's network.

Some other tips:

• Do not open an e-mail attachment unless you are expecting it and have confirmed that the sender intended it for you.

• Be extremely careful about e-mail hyperlinks: These could be fronts that merely lead to what could be a spyware-infecting Web site. It's preferable to manually type in the URL.

• A good anti-spyware package also protects against bots, little pieces of code that infect a computer's hard drive and later receive orders from another computer, maliciously commandeering a user's desktop, often unbeknownst to the victim.

• Users should always update their operating systems, virus and spyware software. Threats of this kind change on a daily basis.

• Visit www.security.columbia.edu for safety tips.

Users can also report spam to the Federal Trade Commission (FTC) by sending a copy of unwanted or deceptive messages to spam@uce.gov. The FTC uses the unsolicited e-mails stored in this database to prosecute people who send deceptive spam e-mail.

Related Links

Published: Jun 29, 2005
Last modified: Jun 29, 2005

Tell your friend about this story