sheridan
IT Services
Employee Email & Calendar

Email, Spam and Virus Filters

Spam ChartSheridan receives almost 1 million email messages per day. Email traffic consists of approximately 90% spam and 10% legitimate email.

According to spamhaus: 'For most average Internet Service Providers and networks in North America, Europe or Australasia, today's incoming email traffic consists of approximately 90% spam and 10% normal legitimate email. Many large providers report the numbers are greater than 90% spam, some as high as 95%.

The challenge is to filter out spam while not losing legitimate email and to keep the email queues flowing without spam-filter processes slowing down the mail delivery.

A two-stage process is used to deal with incoming mail that originates from outside Sheridan. Each message first goes through a blocker that stops mail sent from blacklisted sites. These sites are identified using a list created in-house and a blacklist subscription service. Then the remaining messages go through a spam/virus filter that runs a series of tests on each message to identify spam and viruses in attachments. Messages that have greater than 99% certainty of being spam or that contain viruses are rejected. The senders of these messages receive rejection notifications. Messages that have a low probability of being spam (below 30%) are delivered to the intended recipient. Messages that are identified as possibly being spam (between 30-98% probability) or containing a virus are placed in quarantine.

Since spammers constantly change their tactics, spam will occasionally get through the filters and into your inbox. This is unavoidable. Our mail system administrators stay informed about the latest challenges faced by those running an email system, regularly modify the spam filters to address the changing spam tactics, and maintain a balance between the need to filter as much spam as possible without preventing legitimate mail from being delivered. We work in conjunction with international sites that maintain lists of blacklisted hosts.

Rather than withholding quarantined messages that were destined for users' mail boxes, Sheridan employees receive a weekly digest of quarantined messages that have been identified by our mail filters as spam. This allows users the opportunity to safely review the quarantined messages and release legitimate messages that have been incorrectly quarantined.

Weekly Digest of Quarantined Messages

The weekly email digest you receive provides a list of quarantined messages that have been identified as likely spam. It contains simple instructions on how to release legitimate messages that were incorrectly quarantined. These instructions are explained below.

When one of the weekly digest messages comes into your inbox it contains a table similar to the one seen below:

Sample Quarantine List

Messages appearing in the digest are retained for 3 weeks. You should review your digest messages regularly to determine if any legitimate messages have inadvertently been quarantined – if so, follow the steps below to release a legitimate message.

If you see a legitimate message in the quarantine list, here is what to do to receive the email message:

  1. Click on the link in the ID field of the list.
  2. Your email client (e.g. Outlook, Mozilla, etc.) will start composing a new message, filling in the To address, the Subject line, and the message body. Do not alter these fields.
  3. Click Send.

This message is sent as a request which is automatically processed. Within 10 minutes, the quarantined message will appear in your inbox.

NOTE: The message will arrive, but the time and date stamp will be from the original delivery so you will have to scroll through your inbox to the date and time for the message indicated in the digest.

NOTE: This does not work from webmail use these instructions for more info about retrieving messages using webmail.

WARNING: Do not release a message that has a sender whom you do NOT know; only release messages from those whom you know and trust. If the subject line does not look normal or it otherwise strikes you as suspicious, you should think twice about releasing the message.

Spam in Your InBox Not Caught by Filters

Spam messages can still make it through the filters and into your inbox. If this happens forward the message as an attachment to is-spam@sheridancollege.ca. When you do this the host/server that sent the spam message is put onto our block list and they can no longer send emails to Sheridan.

Legitimate Email that Gets Blocked Regularly

If you notice a legitimate email getting blocked on multiple occasions you need to forward the message as an attachment to not-spam@sheridancollege.ca and the host/server will be removed from the block list.

The full header on the message is required for us to analyze the message and troubleshoot why it is being blocked.

What Messages Do Not Appear in the Digest

Not all messages sent to you appear on the digest list. The following types of messages will not appear on your list.

  • messages from a server on the block list
  • messages that contain viruses in their attachment(s)

Frequently Asked Questions

What is the email digest?

The digest is a weekly summary of messages that had been destined for your inbox but because they embodied suspicious characteristics they were tagged as spam and held in quarantine rather than being delivered to you.

There is a message in the digest that I need to see. It isn't spam.

If you see a legitimate message in the quarantine list, here is what to do to have it sent to your inbox:

  1. Click on the link in the ID field of the message you wish to see.
  2. Your email client (e.g. Outlook, Mozilla, etc.) will start composing a new message, filling in the To address, the Subject line, and the message body. Do not alter these fields.
  3. Click on send.
  4. Within 10 minutes the message will appear in your inbox, but it will be filed under the date and time that it was originally sent to you. The digest indicates that date and time.

How quickly will I receive the email when I ask for one from the digest?

The software managing this process releases requests in batches every 10 minutes.

I am looking at an old digest, can I still see a message from that list?

Quarantined messages are stored for 5 days - after this the message is deleted.

What happens to email that contains a virus?

Mail messages containing viruses are discarded.

My friend sent me a message that I never received. Why?

There are numerous reasons a message may not arrive in your inbox.

  • If the message was infected with a virus, it would have been rejected by our email filters.
  • The sender may have made a mistake in addressing the message to you.
  • If you have set up message filters, the message may have arrived and been moved out of your inbox into a folder specified by you message filter and you have missed seeing it.
  • You may have set your mail client to forward messages to another email address (e.g. you have forwarded your Sheridan email to your home email account).

When an email is rejected by our mail server, the originator is sent a rejection notification informing them that the mail was not delivered and why.

If there is not apparent reason for the message to not arrive, you can ask the originator to turn on the full headers and print a copy of the message then fax it to you. Forward that fax to IT for analysis.