Email Spam and Attachments

What is Spam?

Spam is unsolicited email. From the sender's point-of-view, it's a form of bulk mail, often to a list culled from subscribers to a discussion group or obtained by companies that specialize in creating email distribution lists. To the receiver, it usually seems like junk email. In general, it's not considered good etiquette to send spam. It's generally equivalent to unsolicited phone marketing calls except that the user pays for part of the message since everyone shares the cost of maintaining the Internet.

JCU email aliases are provided to ease dissemination of information to all students and staff but their use should fall within acceptable use policy. See JCU policies on Guidelines for Communicating with the University Community and Information Security Policy for further information.

Spam is a significant problem for many internet users but there are a number of ways by which spam can be minimised or eliminated.

Dealing with Spam

DO NOT reply or forward Spam Emails.

Office 365 accounts

Messages sent to a JCU email address will be scanned and filtered automatically by Microsoft’s servers. Detected viruses will be deleted, and suspected spam will be placed in your Junk folder for you to review. It is important to periodically check your Junk folder to avoid missing a real message mistakenly marked as spam.

Microsoft’s Exchange Online Protection (EOP) service analyses email for spam, viruses and other Malware before delivering the filtered email to your mailbox. Any email that is suspected of being SPAM mail is quarantined and you will receive an email from Microsoft every day listing the emails that were addressed to you but quarantined. You have the choice of retaining the “Junk Mail” classification or changing the status if the email is in fact legitimate from within this email message. Instructions are included in the email describing the possible actions that you can take.

Reporting Spam

To report spam that is originating from within JCU, send all relevant details (including full message headers) to ithelpdesk@jcu.edu.au, along with a short explanation, and your report will be investigated.

Spam that appears to be originating from a non-JCU email address should be reported to that addresses service provider. All email providers are required to have an address for reporting abuse of their systems, for example abuse@example.com. Or, you can report the spam to Microsoft. This is acted on by Microsoft and will assist them to tailoring their automatic spam filtering rules for JCU users.

Attachments

Not only does Microsoft EOP scan for known viruses, it also protects against possible unknown viruses or threatening files hidden inside email attachments whose filenames match any given pattern. This can include generic patterns that trap filenames attempting to hide the true filename extension (eg. "txb.vbs").

The reason is that this is standard hacking practice and is a possible attempt to embed potentially threatening files eg. vbs scripts under the guise of documents eg. .vbs.doc or .doc.vbs

To pass through filenames must consist of three components <name>.<extension> <version> and extensions have defined types:

.doc Word document

.rtf Rich Text Format

.xls Excel spreadsheet

This is a defacto industry standard.

Certain attachment types are highly susceptible to containing viruses or malicious code. Best practice dictates that these are NOT delivered (this includes both incoming and outgoing mail). NO notification is provided to the sender or recipient given the sheer volume of these sent by hackers, trojans and MalWare.

The file types affected are as follows:

.Trojan

.cmd

.hta

.mov

.reg

.shs

.wsc

.avi

.cnf

.ins

.mp3

.scf

.vbe

.wsf

.bas

.com

.lnk

.mpeg

.scr

.vbs

.wsh

.bat

.cpl

.mhtml

.mpg

.sct

.vsf

.xnk

.chm

.exe

.mng

.pif

.shb

.wmv

document.com

Guidelines for Naming Attachments

Follow these guidelines to reduce the number of emails rejected by EOP Quarantine:

  • Use short filenames

  • Use all small letters in filename

  • Do not use spaces in a filename

  • Do not use special characters (?, *, @, #, $, %, etc.)

  • Use hyphens or underscores

  • Do not use double or multiple file extensions (eg. filename.vbs.doc)

The maximum size for an entire email at JCU is 30Mb; this includes the message body as well as any attachments.

Opening Attachments Safely

Regard anything that meets the following criteria with particular suspicion:

  • Always be careful of email that has been identified as Spam by Microsoft EOP or your email client filters.  While automated Spam identification is not perfect and cannot be relied on to automatically Trash, it currently provides a fairly high hit rate for identification of unsolicited email.

  • If they come from someone you don't know, who has no legitimate reason to send them to you.

  • If an attachment arrives with an empty message.

  • If there is some text in the message, but it doesn't mention the attachment.

  • If there is a message, but it doesn't seem to make sense.

  • If there is a message, but it seems uncharacteristic of the sender (either in its content or in the way it's expressed).

  • If it concerns unusual material like pornographic websites, erotic pictures and so on.

  • If the message doesn't include any personal references at all, (for instance a short message that just says something like "You must take a look at this", or "I'm sending you this because I need your advice").

  • If the attachment has a filename extension that indicates a program file.

  • If it has a filename with a double extension, like FILENAME.JPG.vbs or FILENAME.TXT.scr, that may be extremely suspicious. As far as Windows is concerned, it's the last part of the name that counts, so check that to find out whether it's a program masquerading as a data file, such as a text file or jpeg (graphics) file.

In all the above instances, it is recommended that you check with the sender that they knowingly sent the mail/attachment in question.

See the Computer Viruses Guide for more information about email viruses and how to protect your computer against possible infection.