UC Irvine’s New Anti-Spam Measures Keith Chong Network & Support Programming Network & Academic Computing Services UC Irvine August 9, 2005 Keith Chong Network & Support Programming Network & Academic Computing Services UC Irvine August 9, 2005

New Anti-Spam Measures Realtime Block List (RBL) from Spamhaus.org: Spamhaus Block List (SBL): List of spam sources and spam services. Exploits Block List (XBL): List of computers with proxies, viruses, and trojans installed. “Greeting delay” blocks connections from non- conforming mailers that send data too early. Greylisting temporarily rejects new senders. Compliant servers will return. Spammers are not likely to return. Unknown users blocked earlier in transaction. Rate limiting: 60 messages per minute and 10 concurrent connections on a per server basis. Realtime Block List (RBL) from Spamhaus.org: Spamhaus Block List (SBL): List of spam sources and spam services. Exploits Block List (XBL): List of computers with proxies, viruses, and trojans installed. “Greeting delay” blocks connections from non- conforming mailers that send data too early. Greylisting temporarily rejects new senders. Compliant servers will return. Spammers are not likely to return. Unknown users blocked earlier in transaction. Rate limiting: 60 messages per minute and 10 concurrent connections on a per server basis.

UC Irvine’s System

Effectiveness of Anti-Spam Measures 418, , ,353 Accepted 190,446 Spam 19,972 Viruses 131,674 Accepted 11,307 Spam 836 Viruses

Connections Blocked

New Preventive MeasureBlocked Connections Spamhaus RBL186,240 Greeting Delay11,898 Unknown Users9,426 Too Many Open Connections 6,115 Rate Limit Exceeded10,793 Statistics for 7/29/2005

Questions & Answers