|
|
|
|
          |
Research, Planning and Systems ManagementServicesInternet/Email
Since 2001, the Winnipeg School Division has been utilizing the Internet content filtering product entitled XStop. XStop is managed by and located at Manitoba Education Research and Learning Information Networks (MERLIN). All the school based Internet traffic is routed to MERLIN for filtering by the Winnipeg School Division’s proxy servers The Division’s content filtering of the Internet has new features including a new and expanded database consisting of over 95 blocked categories. In addition, the Division also maintains its own customized filtered list of blocked categories to which other school divisions subscribe. The Winnipeg School Division’s firewall protects the central office and the school's local area networks from outside intrusion. The firewall works as a filter between all outside traffic and the Division’s private networks by approving some types of traffic (such as a student accessing a web page) and blocking others (when unauthorized users attempt to access our network). The central office firewall also controls internal traffic on the Division’s networks by managing access to department LAN’s and/or computer systems (email, student administration system, payroll, financials human resources, etc).
JUNK MAIL Junk mail consists of two types of emails - spam and legitimate but unwanted email. SPAM In late May, WSD incorporated MERLIN's spam filtering service. WSD continues to use the spam filtering service available with our email server but the primary spam filtering is done by MERLIN. MERLIN provides this service as part of the Partnership program to all participating divisions in Manitoba. MERLIN uses the Barracuda Spam Firewall. The Barracuda is an integrated hardware and software solution providing anti-spam, anti-virus, anti-spoofing, anti-phishing and denial of service protection. It can handle up to 25,000 active users and 25 million email messages per day. The Barracuda Spam Firewall is continuously updated with the latest spam and virus definitions every hour. Updates are provided by Barracuda Central where engineers work around the clock monitoring the Internet for trends in spam and virus threats. The Barracuda uses a number of techniques, such as, user-specified rules, spam fingerprint check, intention analysis, Bayesian analysis and rule-based spam scoring to determine if an email is to be blocked as spam, quarantined for review as possible spam or allowed as a legitimate email. Spam scoring is the rules based system (about 4000 rules) that looks for characteristics in the email. The Spam scores are used to determine what to do with the email. They do not contribute directly to the future analysis. The rules are updated by Barracuda Networks on a regular basis. Bayesian analysis also contributes to the Spam scoring. Spam scoring is done using emails that MERLIN flags as either SPAM, or NOT SPAM. WSD was averaging about 20-25 thousand emails from outside sources per day. This has almost doubled in the past 2 weeks. Of these, an average of approximately 3,000 emails per day are actually delivered to you. The vast majority are eliminated as spam. Sometimes, spam will come in waves as spammers change the pattern of the spam messages or new spam sources come into the Internet. The filtering analysis will catch up and improve its success rate at recognizing a message as spam. But, there will be times when spam messages appearing in your mailbox will increase and then drop off again. Experts suggest that an average of 3-5 spam messages per day is an excellent filtering rate. Occasionally, a person may have their email account harvested by many spammers who use the person's email account name as the sender of spam messages. Spoofing is the "technical" term. This can result in that person's email account being flooded with hundreds of return messages from mail servers rejecting that message as spam, an undeliverable message, etc. It is impossible to trace the source and these messages cannot be blocked as they are from legitimate email servers. The only option left is unpleasant as it means changing the person's email address. Contact information Systems at 789-0485 for follow-up if you have issues related to excessive spam e-mails or if you have a staff member who is receiving many unwanted emails every day. See below for some tips on how to avoid receiving spam messages. E-mails meeting some of the spam criteria are quarantined. MERLIN reviews these daily and releases legitimate e-mail. Delivery of these may be delayed up to a day.
LEGITIMATE BUT UNWANTED EMAIL
TIPS TO REDUCE SPAM − Do not send your email address through chat rooms, instant message services or Internet bulletin boards and newsgroups. your e-mail address, obfuscate it so it cannot be easily harvested such as “name –athotmail – dot- com,” Or if you need to include your e-mail address in your signature, include a small graphic image containing your e-mail address. − Never reply to spam messages even when they entice you to reply to "remove" you from their mailing lists. Often the instructions are either bogus, or a way to collect more addresses. Lists of confirmed e-mail addresses are more valuable to spammers than unconfirmed lists, and they are frequently bought and sold by spammers. − Most Web-based sign-up forms require an email address. If you don't want to hear from the site (and don't need a confirmation e-mail or tech support), don't give a real email address. − When you do sign up for or buy something online and you have to give out an email address, remember to opt out of everything you're not absolutely sure you want to receive. When filling in Web forms, check the site's privacy policy to ensure it will not be sold or passed on to other companies. − Check to see if your e-mail address is visible to spammers by typing it into a Web search engine such as www.google.com. If your e-mail address is posted to any Web sites or newsgroups, remove it if possible to help reduce how much spam you receive. − When replying to newsgroup postings, do not include your e-mail address. − Do not open spam messages wherever possible. Frequently spam messages include "Web beacons" enabling the spammer to determine how many, or which e-mail addresses have received and opened the message. − Do not click on the links in spam messages, including unsubscribe links. These frequently contain a code that identifies the e-mail address of the recipient, and can confirm the spam has been delivered and that you responded. − Never buy any goods from spammers. The spammers rely on very small percentages of people responding to spam and buying goods. If spamming becomes unprofitable and takes lots of effort for little return, spammers have less incentive to continue spamming. Would you risk giving your credit card details to an unknown, unreputable source? − Make sure that your anti-virus software is up to date. Many viruses and Trojans scan the hard disk for e-mail addresses to send spam and viruses. Avoid spamming your colleagues by keeping your anti-virus software up to date. − Do not respond to e-mail requests to validate or confirm any of your account details. Your bank, credit card company, eBay, Paypal, etc., already have your account details, so would not need you to validate them. If you are unsure if a request for personal information from a company is legitimate, contact the company directly or type the Web site URL directly into your browser. Do not click on the links in the e-mail, as they may be fake links to phishing Web sites. |
|||
© Winnipeg School Division
|
 |
