Spamming is the use of any electronic communications medium to send unsolicited message in bulk. HKBU started to provide anti-spamming service to staff and student community in November 2004 and March 2005 respectively. All messages addressed to @hkbu.edu.hk domain will pass through the ITO e-mail spam filtering server before delivered to the users.
HKBU has subscripted the Cisco IronPort Email Security Appliance to guard against spamming. At present, the service has two mode, tag-and-pass or quarantine, depends on the level of score which analysis by the anti-spam engine. When suspicious spam messages are detected, instead of delivering them to the recipients’ mailboxes, they will be quarantined in another restrict area. ITO will send a notification mail to each individual user about their quarantined messages.
For details, please refer to the Email Anti-Spamming System User Guide.
|In the quarantine mode, when will the notification mail of the quarantined messages be issued?||The notification mail will be sent out at around 6:00 a.m. daily. It shows the details of sender, subject title.|
|When I find messages that are wrongly quarantined of treating as spam mail, how can I obtain these messages back?||If you find any messages that are wrongly eliminated, you can get them back through the notification mail by clicking their corresponding “Release” link. After receiving such request, the spam filtering server will release the messages back to your mailbox.|
|If I do not take any action for claiming those quarantined messages, when will they be removed?||As proposed by the IT Users’ Subcommittee, all unclaimed quarantined e-mail will be automatically removed permanently after 10 days. No further claim on the removed messages can be entertained.|
|What is the “Tag and Pass” mode of anti-spamming service for students?||In this mode, the spam filtering server will only stamp with a [SUSPECTED SPAM] tag on the subject title for the suspected spam messages. It will continue to deliver the messages to the recipients’ mailboxes.|
|What is the purpose of having a [Spammail] tag on the subject title?||When retrieving the mail, users will be alerted with those mails that are classified as spam mail and then decide the respective deletion process if they wish.|
|Is there any people to read my email content during the anti-spamming process?||The whole filtering process is automatically handled by machines without any human intervention. The contents could therefore not be viewed by anybody.|
|What should you do if your good email has been marked as spam or your spam email has not been marked at all?||Cisco IronPort has two email addresses that can be used to report false- positives and false-negatives.|
- Report undetected spam to: email@example.com
- Report false-positives to: firstname.lastname@example.org
IMPORTANT: You must include the full email header. The full header looks like this:
Received: from mailgwy04.hkbu.edu.hk (18.104.22.168) by ITOPA83.hkbu.edu.hk (22.214.171.124) with Microsoft SMTP Server id 126.96.36.199; Fri, 19 Dec 2014 09:39:13 +0800 Received-SPF: SoftFail (ITOPA83.hkbu.edu.hk: domain of transitioning email@example.com discourages use of 188.8.131.52 as permitted sender)Received-SPF: None (mailgwy04.hkbu.edu.hk: no sender authenticity information available from domain of firstname.lastname@example.org) identity=pra; client-ip=184.108.40.206; receiver=mailgwy04.hkbu.edu.hk; envelope-from=”email@example.com”; x-sender=”firstname.lastname@example.org”; x-conformance=sidf_compatible Received-SPF: Pass (mailgwy04.hkbu.edu.hk: domain of email@example.com designates 220.127.116.11 as permitted sender) identity=mailfrom; client-ip=18.104.22.168; receiver=mailgwy04.hkbu.edu.hk; envelope-from=”firstname.lastname@example.org”; x-sender=”email@example.com”; x-conformance=sidf_compatible; x-record-type=”v=spf1″Received-SPF: None (mailgwy04.hkbu.edu.hk: no sender authenticity information available from domain of firstname.lastname@example.org) identity=helo; client-ip=22.214.171.124; receiver=mailgwy04.hkbu.edu.hk; envelope-from=”email@example.com”; x-sender=”firstname.lastname@example.org”; x-conformance=sidf_compatible Authentication-Results: mailgwy04.hkbu.edu.hk; dkim=pass (signature verified) email@example.com X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: X-IPAS-Result: X-IronPort-AV: E=Sophos;i=”5.07,604,1413216000″; d=”scan’208″;a=”57560233″ Received: from mail-vc0-f171.google.com ([126.96.36.199]) by mailgwy04.hkbu.edu.hk with ESMTP; 19 Dec 2014 09:39:06 +0800 Received: by mail-vc0-f171.google.com with SMTP id hy4so27872vcb.30 for <firstname.lastname@example.org>; Thu, 18 Dec 2014 17:39:04 -0800 (PST)DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; mime-version:date:message-id:subject:from:to:content-type bh=sHQs/KRVHrYg== MIME-Version: 1.0 X-Received: by 10.221.66.138 with SMTP id xq10mr1754235vcb.24.1418953144763; Thu, 18 Dec 2014 17:39:04 -0800 (PST) Received: by 10.52.89.102 with HTTP; Thu, 18 Dec 2014 17:39:04 -0800 (PST) Date: Fri, 19 Dec 2014 09:39:04 +0800 Message-ID: CABuqgN80KZj7iQVoP+ys_yPcuOga1eDSMMA=8fBK8c-AvotxGQ@mail.gmail.com> Subject: test From: Google email@example.com To: HKBU ITO firstname.lastname@example.org Content-Type: multipart/alternative; boundary=”001a11364ca4258c03050a87c6ba” Return-Path: email@example.com X-MS-Exchange-Organization-AuthSource: ITOPA83.hkbu.edu.hk X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-PRD: gmail.com X-MS-Exchange-Organization-SenderIdResult: SoftFail X-MS-Exchange-Organization-AVStamp-Mailbox: MSFTFF;1;0;0 0 0 X-EsetId: C6EABA3DB895353192ADE2
Full headers must be included if you are reporting improperly marked email to Cisco Ironport. Failure to include the full header will result in your submission being ignored.