Cranfield University UBE (spam) reduction policy

Introduction

Receipt of Unsolicited Bulk Email (UBE also known as "spam") is a growing concern for Email users at Cranfield University as well as for Email and network managers. This document provides a description of what we are doing about it, why and how that effects you.

This document serves several purposes and addresses four types of readers.

  1. The Cranfield user who wants to know what we are doing about spam
  2. The legitimate end user at Cranfield or elsewhere who finds that s/he is no longer able to send mail to Cranfield and was referred to this document.
  3. The site administrator at a site that is prevented from sending mail to (or through) Cranfield.
  4. The site administrator at other sites who are curious about what sites like ours are doing.

Very Important Note: Some of our policy and practice will have a negative effect on legitimate users at sites which are blocked and on those at Cranfield who wish to receive email from those sites. Please continue reading this document to understand why we have made this choice, despite its short term harmfulness to some legitimate users.

Also note: it is possible for our email hubs to refused mail from you or your system for reasons other than UBE blocking. Please read the section on non-spam reasons for which you may have been blocked and have been referred to this document.

Contents

Why spam is bad

There are a large number of sites which discuss why spam (Unsolicited Bulk Email) is bad. Links will be provided within this document as it expands and is updated.

The overall principle, beyond the fact that it is annoying, is that it constitutes a theft of service. A comparison with unsolicited bulk postal (physical) mail may be helpful. There are important similarities and differences.

Similarity
Both are unsolicited and often unwanted by the recipient

Similarity
The marginal cost of carrying any particular message is negligible. That is, once the basic system for carrying mail (in either form) is established and running, the additional cost of carrying an additional letter/message is very small.

Similarity
Both can usually be easily discarded by the recipient after receipt without difficulty.

Alleged similarity
Both are part of normal or creative business practice and help promote commerce. Especially allowing entry to smaller businesses wishing to compete with well branded giants. [This claim about spam probably doesn't hold up, but this is not the place for a detailed investigation.]

Alleged similarity
Both are (or should be) protected by basic rights to free unfettered expression.

This just doesn't hold up for spam: The content of the messages may be entitled to such protection, but not the unstoppable delivery onto the recipients computer system. By analogy, the content and right to publish some short note may be protected, but that would not grant the publisher the right to tie it to a brick and throw it through your house window.

Difference
In most cases it is possible (though not always easy) to get your address removed from a postal mailing list. But once spammers have your email address, you will not get off it. (So-called "remove" systems are mostly used to confirm that addresses are real and are read. Attempts to get yourself removed from a spam list by following the spammers remove instructions are almost always bound to get your on more lists.)

Difference
Spam is almost always forged. Often the address the message is made to look like it comes from is a real and innocent person, who then becomes the victim of misdirected complaints and email delivery error reports.

The fundamental difference
The cost of transporting and storing spam is borne by the unwilling recipient hosts and users as well as by unwilling relay sites. Additionally, a very large price may be paid by a user and system whose address is forged in the spam. With postal bulk mail, the fees paid by the bulk mailers provide resources to the postal system which end up reducing costs to ordinary users. (This is true even though bulk mailers pay a discounted bulk rate.)

It is because of this difference that email and network managers consider UBE as a theft of service.

What does site blocking mean

Site blocking means that our email hubs which process all incoming email to Cranfield refuse to accept mail from blocked sites (with the exception that mail may be accepted if addressed to special addresses such as postmaster@Cranfield.ac.uk or abuse@cranfield.ac.uk).

Cranfield University's central mail hubs will simply reject mail connections from blocked sites. When receipt is refused the sending system will be informed that the mail was refused (in the normal way). Additionally a notice is added to the emailer error message refering to this document.

Blocking websites that advertise via UBE

One way to put pressure on spammers is to block access to websites which are persistantly advertised by UBE. Cranfield may block HTTP access from Cranfield to such sites, making such advertised sites unreadable from the Cranfield network.

Site blocking appears to sometimes hurt legitimate users. Why do it?

By blocking a site, Cranfield's network connectivity is reduced. Suppose site A gets blocked. That does not mean that only the spam is blocked from that site, but that (almost) all email from that site is blocked. This may very well include legitimate users who have legitimate correspondence with people at Cranfield. This hurts both the legitimate users at the blocked site and the effected users at Cranfield.

That cost is recognized and regreted, but there are reasons for it. Some are purely practical, others more based on some abstract principles. In general, Cranfield shares the view of many Internet systems managers as expressed by the rationale for the RBL system

What to do if you are an effected legitimate user

If you are not a user at Cranfield, first get in touch with your site's Email support people and refer them to this document. Pass on to them all of the details which lead you to believe you are from a blocked site. That will probably include an email "non-delivery report" (NDR), that is the bounce or error you got when you tried to send mail to Cranfield. No site will be blocked without first being informed and given an opportunity to respond. (Some spamming sites are not set up to receive mail properly and so may get blocked without having received a warning. But there should be few legitimate users at such sites.) So, your email staff will have been warned and informed about blocking.

Email from most blocked sites may may still be sent to postmaster@Cranfield.ac.uk or Abuse@Cranfield.ac.uk. Please do not ask the email managers at Cranfield to forward a message to a user at Cranfield except to inform particular users that mail from your site is blocked. It is not part of their jobs to get into the business of forwarding such email.

For particularly large sites that are blocked specifically by Cranfield some explaination may put up about specific information about why some particular sites are blocked. However not every blocked site will be listed, and for confidentiality reasons some of the information listed may be deliberately vague.

Note also that there are blocked sites -- which very many other sites also block -- which are not added to Cranfield's blocking lists locally, but are done via the MAPS Realtime Blocking List mechanism. Cranfield supports their criteria for adding and removing sites from their RBL, and so will continue to use their listings. You should follow documents there to find out what criteria they use for listing and de-listing sites to block.

Additionally, Cranfield does not accept mail connections which come directly from the temporary dial-up addresses from most ISPs. This should not have any noticable effect on legitimate users. Those using dial-up accounts should have their mail go via their ISP's mail hubs. So Cranfield subscribes to the MAPS Dial-up User List (DUL). These should not affect legitimate users except for those with the following misconfigurations:

In the mean time you will have to find alternative ways to communicate with the people in question. Please note that you should report the problem to your site administrators. If they take appropriate action or give us a credible promise to take appropriate action, Cranfield email support staff will remove them from the Cranfield blocking list at the first opportunity.

How does a site get on our list?

Note that it is possible to be blocked by virtue (if that is the word) of being on the RBL list, Cranfield does not maintain that list but is supportive of their policy.

If your site is blocked by local policy reasons at Cranfield it could be for any combinations of reasons. Sites will not be added to the list without first attempting to warn and explain to action to the managers of the blocked site. However many sites which behave in ways which lead to them being blocked do not provide a mechanism for us to contact them. In such cases they will have to get in touch with the Cranfield University Computer Centre after noticing that thay have been blocked. Mail from blocked sites is always allowed to Postmaster@Cranfield.ac.uk and Abuse@Cranfield.ac.uk .

The rules below are vague for two reasons: First, if explicit rules are provided, sites may find ways of maintaining the same abuse while technically not violating the rules. Second without full time dedicated staff dedicated to maintaining the list, many things will slip through. As a consequence there will be substantial inconsistence in who "gets caught".

First the spam related reasons:

Non-spam reasons

These are reasons that are not the consequence of attempting to send spam or abusive mail to Cranfield users.

A final note to Cranfield users and site administrators everywhere

The use of blocking lists should produce a noticeable reduction in spam at a fairly low cost, however it will not eliminate it and a substantial portion will continue to get through. While there are other measures Cranfield could take, the marginal gain would not justify it.

Cranfield adopts this policy not only because of the local spam reduction it will lead to, but because if enough other sites on the network did the same, then the cost to spammers and the hosts that support them would become high enough that there really would be a substantial reduction of spam on the network as a whole. It is hoped that our users and other sites will support this effort.