PenaltyBox (an Anti-Spam Tool)
PenaltyBox was implemented March 25, 2007.
What Is PenaltyBox?
PenaltyBox is an innovative new ITCS anti-spam tool implemented at the U-M Mail Gateway. PenaltyBox checks mail from external IPs (mail coming from umich.edu IP addresses is exempted) that is sent to @umich.edu addresses for the following characteristics:
- Compliance with Internet and e-mail system best practices and protocols.
- Whether the connecting IP is included on the Do Not Spam List.
PenaltyBox then causes a temporary delivery failure to be generated for mail it considers questionable. PenaltyBox stores information about the mail, and if delivery is retried, the mail is accepted for delivery.
Why do we need PenaltyBox?
While our current anti-spam tools, SpamBox and the Do Not Spam List, have made a dent in the amount of spam received, a considerable amount of spam continues to get through. We have noticed that a large volume of the spam that SpamBox users report SpamBox misses is not compliant with Internet and e-mail best-practices.
PenaltyBox targets these messages. By generating a temporary mail delivery error, PenaltyBox takes advantage of the fact that spambots and compromised spam-sending machines seldom if ever queue such temporarily failed deliveries for retries—and legitimate Internet Service Providers routinely queue and retry such mail.
Do I have to sign up to use it?
No, you don't. PenaltyBox works on all messages sent from outside the University (that is, from non-University IP addresses) to uniqname@umich.edu or groupname@umich.edu addresses. It basically works on all mail from outside the University that enters the University through the U-M mail gateway.
Please note that PenaltyBox does not work on mail that does not enter the University by first going through the mail gateway (for example, messages sent directly to addresses such as uniqname@engin.umich.edu or uniqname@med.umich.edu).
What does PenaltyBox do?
PenaltyBox generates a temporary failure for questionable mail. Temporary failures are routine in normal e-mail delivery. They are generated by mail-receiving machines for a number of reasons, including temporary mail server outages, over-quota mailboxes, and more. The standard response from mail service providers is to queue temp-failed mail and try to resend it later, typically within 5-60 minutes.
PenaltyBox maintains a database with identifying information about each message for which it generates a temp failure. If it sees one of those messages come through again, it lets the mail through. PenaltyBox accepts resent mail anywhere from five minutes to three days after it was first sent.
See What Penalty Box Does diagram.
How does PenaltyBox decide which mail is questionable?
PenaltyBox examines the message according to these criteria:
- Compliance with Internet and e-mail best practices.
- Whether its sending IP address is on the Do Not Spam List. Our Do Not Spam List is a list of known spam-sending IP addresses. The Do Not Spam List is made up of several commercially provided RBLs (Real Time Blacklists). Because PenaltyBox delays rather than rejecting mail, we may also consider adding some more aggressive RBLs to it in the future.
Additional criteria may be added in the future as spammers adapt their methods.
How does PenaltyBox fit in with ITCS's other anti-spam services?
It works in concert with them to provide a comprehensive approach to fighting spam (see comprehensive anti-spam approach diagram).
I am sending mail from my umich.edu address, but it is being delayed. Why?
This is most likely to happen if you are using a computer in your home to relay mail. Many cable and DSL addresses are listed on DUL (dynamic user list) RBLs. U-M IP addresses are exempted from PenaltyBox checks, not umich.edu e-mail addresses, because e-mail addresses are easily and regularly spoofed (faked). You should ensure that your e-mail client is using smtp.mail.umich.edu for outbound e-mail. Then your messages will come from a umich IP address, and they will not be delayed by PenaltyBox.
If you are using your ISP's e-mail servers for outbound SMTP and your messages are being delayed, your ISP can contact postmaster@umich.edu for help identifying Internet and e-mail best practices compliance issues.
I am not receiving mail at all from an address that used to get through just fine. How do I fix this?
There are a few domains that do not implement a standard retry, or do not retry at all. We have checked all the domains we have been made aware of from reviewing lists compiled by sites that have implemented greylisting, but since these domains are compliant with the PenaltyBox criteria we do not anticipate any problems with receiving this mail on the first try. If you are not receiving mail from a particular domain please contact postmaster@umich.edu.
Mail from someone I know is being delayed by PenaltyBox. How do I fix it?
Senders affected by PenaltyBox can correct their compliance issues to avoid the initial temporary failure, or they can configure a different retry interval on their servers to decrease the delay in delivering mail. ISPs can contact postmaster@umich.edu for help identifying their specific compliance issue. Alternately, the sender could try another ISP, such as a free web e-mail account.
How do I report a mail delivery problem to the U-M Postmaster?
Send mail to the U-M Postmaster at postmaster@umich.edu.
If mail from your account or ISP is being blocked and you are unable to get your e-mail through to the U-M Postmaster, you can use our Keep in Touch Tool to reach the postmaster.
This page last verified April 19, 2007
|
