Spam Blocking
The University receives an average of 26 million spam messages each month. To help block a larger quantity of spam and to reduce the load on ND servers, we have subscribed to the Spamhaus project. Spamhaus is a leading provider of real-time anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide.
Spamhaus tracks spam operations and sources, and maintains realtime spam-blocking databases that keep back the vast majority of spam sent out on the Internet. This enables us to block a larger percentage of spam from reaching your mailbox.
How Spamhaus works with our servers
Spamhaus's databases include:
- IP address of systems that have been identified as egregious sources of spam, or that have been identified as hijacked systems controlled by spammers and/or hackers; and
- IP space whose owners have identified the addresses as being used solely for dynamic address location, which means there should be no legitimate mail servers at any of those addresses.
ND mail servers are configured to check the Spamhaus databases for every inbound message and reject messages from systems listed there. If you find that ND servers reject legitimate messages from a specific source, that source may be listed in the Spamhouse databases, or the sender's email server may not be configured correctly.
What to do if legitimate email is blocked
ND mail servers will reject email for several reasons, and the sender will receive a rejection message. Note: Delivery of that rejection message to the originator's email is determined by their email provider; we have no control over its delivery.
ND mail servers will not accept messages from any system listed in the Spamhaus databases. When a message is rejected, the sender will receive a message which should contain one of the following advisories:
- Message rejected due to Spamhaus listing.
The sender should report this problem to their email administrator, so the email administrator can take appropriate action to have their mail server removed from the list. Additional information is at http://www.spamhaus.org/lookup.lasso.
Mail will not be accepted from any system which has missing, incomplete or conflicting DNS (Domain Name Service) information. The IP address of the system which connects to deliver a message must resolve to a hostname, and that hostname must resolve to the same IP address. When a message is rejected because it does not resolve correctly, the sender will receive a message which contains one of the following error statements:
-
Possibly forged hostname for x.x.x.x
or
Fix reverse DNS for x.x.x.x
where 'x.x.x.x' represents the IP address of the sender's mail server.
- The first message means that the IP address resolves to a hostname, but the hostname does not resolve, or does not resolve to the same IP address.
- The second message means that the IP address does not resolve.
In either case, the sender should report this problem to their email administrator so the email administrator can correct the DNS entries for their mail server, to ensure that their mail server has a matching set of A and PTR records in DNS.
Email Administrators: Click here for instructions on diagnosing and resolving this issue
If you need assistance in identifying the cause of the problem, have the sender provide you with a copy of the delivery error message, either by FAXing a printed copy to you, or by sending it to a personal email address you might use (e.g., Gmail or Hotmail). Contact the OIT Help Desk (574-631-8111) with this information.
If it is not possible or feasible for the sender to have the DNS records for their ISP corrected, specific addresses can be added to ND's whitelist upon request, to enable delivery of email. A current member of the ND community must initiate this request by contacting the OIT Help Desk. The requestor will receive an incident number to relay to the external sender, with instructions to send a test message to oithelp@nd.edu so that OIT's system administrators can obtain needed information to configure the whitelist entry.
When email is rejected by ND servers, the recipient will receive a delivery error (although not all mail servers will pass that on to the original sender). Here is a listing of some of these errors and their explanations.
If you have additional questions regarding spam filtering and blocking, please contact the OIT Help Desk (574-631-8111).
False Delivery Errors - Google
Instructions for Email Administrators
SMTP (Port 25) Blocking
Email Rejection Errors
Spamhaus Rejection
Possibly Forged Rejection
User Unknown Error
Bogus HELO Rejection
Mismatched DNS/rDNS Rejection
Authentication Error Message
Local Policy Rejection
Service Status
Contact the OIT Help Desk
128 DeBartolo Hall
oithelp@nd.edu
Contact Form
(574) 631-8111
Help Desk FAQs
- How do I take my data when I graduate and leave ND?
- I'm new to ND, how do I get started with IT services?
- How do I change my password?
- How do I learn about other features of the VoIP telephone service?
- How do I access my Exchange email & calendar?