So now you can live your days and nights (relatively) spam-free you
can't forget about spam altogether, because no automatic detection
scheme can be perfect. You can think of the spam score as a sort of
probability that the message actually is spam – the higher the
score, the more likely it is to be spam. But some legitimate
messages might also look like spam. And if they quack like that duck,
SpamBuster will block them from your inbox. So you should...
Check your quarantine periodically!
You will occasionally want to manually scan through your
quarantined spam to look for any legitimate messages (false
positives) that have been inadvertently identified as spam. (Use
the Spam Quarantine link in the left-hand nav section of this page.)
Individual messages can be previewed in your Quarantine. Each time
you review your Quarantine, any messages that you do flag as
legitimate will be removed from the quarantine and re-delivered, to
wind up back in your regular inbox, irrespective of their original
spam score. Other messages (true spam) can be discarded. (How?
See FAQ #3.)
You can affect the number of false positives (and false negatives)
you get by adjusting your spam threshold up or down. The default is
set at a value that seems to work fairly well, but feel free to play
with it as you learn how it performs for you. It's almost certain
that you won't want to raise it. But many people lower it and seem to
live happily. But your mileage will vary!
Sounds great! But I'm still seeing tons of spam. Why?
Your spam is almost certainly getting
scanned and tagged, but the default Action for
my spam setting is probably set to
pass-through (which sends all your mail – spam or not
– directly to your regular mailbox.) You can change this by
visiting your
SpamBuster Preferences page, and setting that option to
quarantine. (Don't forget to press Save.)
You can also lower your spam threshold a little bit
(like a half-step or so at a time), but it's a good idea to check your
quarantine carefully for the next few days, to be sure you aren't
getting any false positives (legitimate messages caught by the filter
and stuck in the quarantine.)
I'm already using a spam filter. How do I switch?
Easy. Just turn off whatever you're using now. Then
visit your
SpamBuster Preferences and change the Action
for my spam setting to quarantine and press Save. Or, you can leave your filter on, if you
want. The SpamBuster acts on the mail before it arrives at your
mailserver (and your filter might catch some spam that SpamBuster
misses.)
When reviewing
your quarantine, you will mark any legitimate messages as unspam. But you need to explicitly flag messages
for discard, too. There is a way that you can flag all messages for
discard when you start reviewing, which will
save you lots of clicking (special 'mark all' checkboxes are
located at the top and bottom of the list -- for any of the settings,
actually). But if you do mark everything for discard, be sure that you have scanned all messages
before you click the Finish button - otherwise
you might overlook a legitimate message that found it's way into your
quarantine. Also check out the Default
Disposition setting in your Spam
Preferences.
As of SpamBuster version 2.0, all messages older
than four months will be automatically purged from the quarantine on a
nightly basis (this is required to keep performance of the system
within acceptable limits). You can change the period using the
Auto-Discard preference, but you cannot disable this feature
altogether!
You can also use the mass-discard
feature to discard any message older than some age, or with a spam
score higher than level. A huge relief if your quarantine is
overwhelmingly large!
Large quarantines are extremely cumbersome to deal
with, since you can only review and dispose of a relatively small
number of messages at a time. The mass-discard feature
will discard any message older than some age that you specify, or with
a spam score higher than a level that you specify. Look for this at
the bottom of your spam list (just above the preferences.)
Grey-listing takes advantage of a feature of the
Internet mail transport protocol, whereby any message that is
temporarily rejected by the receiving mail transfer agent (MTA) will
be resent after a short wait. This mechanism was originally designed
for reliable mail transport by allowing the receiving MTA to stop
receiving mail when it temporarily runs out of resources. But most
spammers use fairly unsophisticated mailers (especially those embedded
in spyware), and they do not bother to even check for rejected
messages, let alone re-queue any rejected messages for resending. The
first time a message is received from a given sender, it is simply
rejected with a temporary failure status. And if it is received again
within 5 hours (most MTAs will resend temporarily rejected messages
after about 30 minutes), it will be accepted. Any "accepted" sender
(by the sender's email address and /24 IP address prefix of the
sending host) to a local address will be remembered, and all
subsequent messages received from that sender within one month will be
accepted without the reject/resend process. So as long as your
correspondents send you something once a month, there will be no
delays; if they don't send that frequently, then their next message
will go through the same reject/resend cycle.
There is one small disadvantage... When you register
at certain websites, they may send you a registration confirmation
message via email which contains a followup URL you must visit before
you can proceed. Some web registration systems will send password
reminders upon request to your mail address. You don't want to wait
30 mintues for those, which is why grey-listing was established as an
opt-in feature. If you like using the grey-list feature, you can
always disable it temporarily whenever you are about to request a
password reminder or register at a website.
Grey-listing is an opt-in feature - it is
disabled by default, for individuals. You must
enable grey-listing in your
Spam
Preferences.
For mailing lists, grey-listing is an
opt-out feature. Mailing lists are an especially painful
spam target, because the effects are multiplied manyfold. And because
mailing lists typically do not have the disadvantage described above,
grey-listing is enabled by default. It can be disabled by
list administrators, in the Mailman list administration pages.
Does grey-listing affect regular SpamBuster filtering?
No. Grey-listing is just a pre-filter. Once the
resent message has been accepted, it is sent along it's way to the
regular SpamBuster filter, where it will get scanned as usual, scored
and possibly quarantined.
What are all the tags that SpamBuster inserts into
the header of my message?
A list of all the headers that SpamBuster includes in
your email is available
here.
Why am I not seeing any of the special SpamBuster
header tags?
All incoming email to the department from outside UW
is scanned and tagged, regardless of whether it is spam or legitimate
mail. There are three possibilities:
- Your setting for Scan my mail for
spam is set to off.
- At times of extreme load, the email system suspends the spam
filtering process until the incoming mailstream lightens up. We
monitor system performance, and will put appropriate resources in
place to address load problems.
- More likely, your email client is simply not displaying the
header tags. Outlook, Outlook Express, Netscape/Mozilla Messanger,
for instance, only display a few of the header fields (e.g., FROM,
TO, SUBJECT, DATE). In that case, you may want to enable the
SpamBuster setting for "Modify Subject line", which will insert an
easily identified string into the subject line of any message that is
identified as spam (according to your threshold.) Also, if your mail
client has a built-in filtering tool, you can use a tagged subject
line to filter for spam. In Outlook, for instance, set up a special
folder to hold spam, then use the Rules Wizard to set up a filtering
rule to cause any incoming message with a modified Subject line to be
immediately diverted to that folder. (Be sure to check that folder
– in addition to your SpamBuster Quarantine –
occasionally for legitimate messages that might have been
mis-identified spam!)
How do I prevent mail from my regular
correspondents (or others) from being treated as spam?
Add their email address (or the domain name) to your
"good list", which you will find on your
SpamBuster Preferences page.
How do I block mail from certain sites or addresses
from ever showing up in my inbox?
Add the email address (or the domain name) to your
"bad list", which you will find on your
SpamBuster Preferences page.
Good and bad list addresses are file-glob-style
patterns, so "friend@somewhere.com", "*@isp.com", or "*.domain.net"
will all work. Specifically, "*" and "?" are allowed, but all other
metacharacters (special characters) are not. Regular expressions are
not permitted for security reasons.
CSE Home 
