Mississippi Bend AEA9

Groupware-Email Hosting Services

 

Anti-Virus and Anti-Spam Policy Information

 

REVISION:  1.2

DATE:  1/26/2005

 

 

ANTI-VIRUS/ANTI-SPAM POLICY PURPOSE

 

Mississippi Bend Area Education Agency employs a layered system of anti-virus and anti-spam measures for all district and schools that utilize the Groupware-Email Hosting Services.  This helps ensure that valuable network and computer learning resources are available to the students and staff of the subscribing districts and schools.  These resources are critical to the enrichment of the educational environment.  To leave them unprotected would be irresponsible and a failure of AEA9's mission to improve teaching and learning for all students.

 

 

ANTI-VIRUS/ANTI-SPAM POLICY ENFORCEMENT

 

The anti-virus and anti-spam measures provide protection by scanning incoming email messages for viruses and worms, potentially harmful attachments, dangerous or malicious encoding, and checks if the sender's Internet address, or IP address, is a known source of spam or viruses.  If the email message contains one or more of these dangers, it is deleted and the message is returned to the sender.  The returned, or bounced, message will usually contain more detailed information about why the message was not delivered.

 

 

RESOVLING PROBLEMS

 

The most common causes that someone would have a email bounced are that their computer is infected with a virus or that the IP address that their ISP assigned them is listed as a known source for spam or other threats.

 

Step 1:  Make sure the sender's computer is updated and virus-free.

 

In either case, the first step in trouble-shooting the problems is to make sure that the sender's computer is virus-free and secured against viral threats.  It is the sender's responsibility to ensure that their computer is not infected with or spreading a virus and properly updated to prevent a viral infection.

 

1) Make sure that anti-virus software is installed, functioning properly, and up-to-date with the latest virus definitions from the software maker.  There are a number of free and/or inexpensive anti-virus software packages available for home users.  (See "REFERENCE LINKS" for more information.)

2) Perform a complete anti-virus scan of the computer.  This procedure varies widely by anti-virus maker.  Check the documentation and/or help information on how to run a complete or holistic scan.

3) Depending on what the results were of the complete scan, it may be necessary to clean or remove the infection.  This procedure, like the scanning process, varies widely depending on the anti-virus software that is used.   Consult the documentation, help information, and the software makers website for the specifics.  Most anti-virus software companies provide a number of free and easy to use tools to remove an infection.

4) Update the operating system, web-browser, and email client to the latest versions or security patches.  The most common operating system, Microsoft Windows, is easily updated via the Windows Update website.  (See "REFERENCE LINKS" for more information.)

 

Step 2:  Contact the sender's ISP for help.

 

Since an infection of the sender's computer by a virus or worm was largely ruled out in Step 1, it is possible that the IP address that the ISP assigned them is listed in an RBL (Real-Time Block List) as a source of virus infection or spam.

 

1) Most service providers, including MBAEA, use RBLs to help catch the most common senders of spam and viruses.  Neither the intended recipient nor MBAEA can help in removing an IP address from an RBLs listings, it is the responsibility of the ISP to ensure that the IP addresses they provide to their customers remain unlisted in the various RBLs.

2) When contacting the ISP make sure to forward or include the information and contents of the bounced message.  This will help the ISP identify the potential problem.

 

Step 3:  Contact the recipient's Technical Coordinator.

 

Most of the time, the problem is resolved either by cleaning up any virus infections or by the sender's ISP working with the individual RBLs to remove the listed IP addresses.  When the problem  goes unresolved, the next step is to contact the Technical Coordinator for the district or school.  The Technical Coordinator can then work help identify the problem, work with MBAEA and the sender's ISP, and coordinate any further trouble-shooting.

 

1) As in Step 2, when contacting a Technical Coordinator, it is important to make sure to provide the information and contents of the bounced message.  Without this information it becomes very difficult to determine the cause of the problem and no further trouble-shooting can occur.

2) Incoming email is also checked by content filters that also catch potentially dangerous encoding or formatting.  Always try to re-send the message with the content changed by removing any graphical images, colorful backgrounds, or extra formatting.  Doing this may help resolve the problem by preventing any mis-identification as spam.

3) It may be that either the sender's computer is still infected with a virus or that the sender's ISP must resolve issues with the RBLs.  If this is the case, it then becomes the responsibility of the sender and/or the ISP to first resolve any outstanding problems they might have before any further trouble-shooting can take place by either the Technical Coordinator or MBAEA.

 

 

REFERENCE LINKS

 

Anti-Virus Software --

       Grisoft (AVG Anti-Virus):  http://www.grisoft.com/

       Sophos (Sophos Anti-Virus):  http://www.sophos.com/

       McAfee (McAfee Anti-Virus):  http://www.mcafee.com/

       Symantec (Symantec Anti-Virus):  http://www.symantec.com/

       Frisk (F-Prot Antivirus):  http://www.f-prot.com/

 

Microsoft Windows Update --

       http://windowsupdate.microsoft.com/

Microsoft Security Home Page --

       http://www.microsoft.com/athome/security/protect/default.aspx

 

Spam Filtering --

       http://computersecurity.articleinsider.com/129620_email_content_filtering.html

       http://computersecurity.articleinsider.com/129590_spam_filters.html

       http://computersecurity.articleinsider.com/129591_anti_spam_software.html

       http://computersecurity.articleinsider.com/129593_spam_blockers.html

 

 

TERMINOLOGY AND FURTHER INFORMAITON

 

"anti-spam"      http://www.webopedia.com/TERM/a/anti_spam.html

"anti-virus"     http://www.webopedia.com/TERM/A/antivirus_program.html

"ISP"            http://www.webopedia.com/TERM/I/ISP.html

"spam"           http://www.webopedia.com/TERM/S/spam.html

                 http://www.webopedia.com/DidYouKnow/Internet/2002/GettingRidofSpam.asp

"RBL"            http://www.webopedia.com/TERM/R/RBL.html

                 http://itmanagement.earthweb.com/cio/article.php/977611

 

 

TROUBLE-SHOOTING LINKS

 

Primary RBL Subscriptions In Use --

 

MAPS (Mail-Abuse Prevention Systems) Main Website

       http://www.mail-abuse.com

MAPS (Mail-Abuse Prevention Systems) Lookup Tool

       http://www.mail-abuse.com/lookup.html

 

NJABL (Not Just Another Bogus List) Main Website

       http://www.njabl.org

NJABL (Not Just Another Bogus List) Lookup Tool

       http://www.njabl.org/lookup.html

 

Spamhaus (The Spamhaus Project) Main Website

       http://www.spamhaus.org

Spamhaus (The Spamhaus Project) Lookup Tool

       http://www.spamhaus.org/lookup.lasso

 

SpamCop (SpamCop) Main Website

       http://www.spamcop.net

SpamCop (SpamCop) Lookup Tool

       http://www.spamcop.net/bl.shtml

 

General RBL Lookup Tools --

 

DNS Stuff

       http://www.dnsstuff.com

Open RBL

       http://openrbl.org

Ted's Webtools

       http://www.mob.net/~ted/tools/rbl.php3

SamSpade

       http://www.samspade.org