November 7, 2002

CIT to Employ A New Tool for Blocking Spam

Print More

Cornell will try to eliminate a growing problem for anyone with an e-mail account, next semester.

Beginning next Spring, Cornell Information Technologies (CIT) will enable a tool, which will eliminate viruses sent through Cornell’s e-mail system and will identify spam in order to effectively remove them.

Spam, which is unsolicited commercial e-mail, has an uncanny ability to make what might ordinarily seem desirable into something aggravating.

The program, called PerlMX, is currently being deployed on test servers to ensure that it will work when applied on a larger scale to the entire Cornell e-mail community. It should identify over 98 percent of all spam and will protect against internal security breaches and viruses sent and received by Cornell mail users, according to CIT. The program will not add to the cost of ResNet or ethernet access, as the money will come from a budget allotted to the e-mail system.

Mail servers will add a special header to identify e-mails that appear to be spam but will not delete them. This will protect users from losing personal or important e-mails that may appear to be spam but actually are not. However, users can arrange to have Eudora automatically send the spam to the trash.

“We can avoid the problem of mistakenly filtering out these false positives [spam look-alikes],” Rick MacDonald ’71, director of systems and operations at CIT said.

Of the potential Cornell users, he says, “If they don’t want to see [the e-mails identified as spam], they never will.”

E-mails can be identified as spam by indicators such as keywords or coming from a well-known spam site.

PerlMX will automatically eliminate virus-laden e-mails. Users will be notifed if a virus is found in an e-mail so they can pursue any information that might have been lost in the deleted e-mail.

“Even though we’ll have virus control on the Cornell servers, you’ll still need to update and use Symantec’s Norton Anti-Virus to get a good level of protection,” MacDonald said. He added that even with the new product, viruses may escape detection. Users should set Norton’s LiveUpdate to run once a week.

Cornell chose PerlMX over similar programs because it allows server-based pricing and maintenance, which will be cheaper for Cornell and its sizeable community. In addition, this program enables more flexibility than others and the references were impressive.

As to why such a program hasn’t been purchased until now, MacDonald said, “It really got a lot worse this year.”

“We’ve been looking for 5 to 6 months. It’s just now that we’ve reached a conclusion,” MacDonald said.

“The market for this sort of thing is fairly new,” said Don Mac Leod ’77, assistant director of client server systems and services at Cornell. “It is a faily new phenomenon and they’re getting better at handling it. [PerlMX] was far and away the best deal for Cornell.

Jennie Berger ’04 expressed her enthusiasm for this new service.

“That will be extremely beneficial,” she said. After receiving a bad virus her freshman year, she lost much of her computer’s capability. “I lost almost an entire paper that wasn’t able to be recovered. I didn’t even know I had a virus. CIT called me to let me know that they had traced it through the system. It’s so easy to get viruses because you don’t even know that you need to be updating and running your virus scans frequently,” she said.

Cornell policy supports the blocking and filtering of spam as an extension of their policy prohibiting harassment. PerlMX will not violate freedom of information, as it will identify, not delete, items, with the exception of potentially harmful viruses. CIT currently attempts to eliminate some clearly identifiable spams but can only do so much without the help of a program specifically designed to identify even the most evasive spammers.

The changes will only affect Cornell mail and will not protect e-mail accounts from other providers such as America Online or Hotmail. However, receiving e-mails from these sources will be protected if the e-mail is opened through a Cornell account.

The community will be notified when the changes are initiated and CIT will put out documentation and provide instructions for how to set up filters to delete spams.

PerlMX is currently used by University of North Carolina at Chapel Hill, University of Colorado at Boulder, Indiana University and Iowa State University, as well as companies including Handspring, Qualcomm and JCPenny.

In the meantime, users should keep Norton Anti-Virus running regularly and avoid opening attachments from unknown sources.

Archived article by Stephanie Baritz