S 5.54 Protection against mail overload and spam

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: Administrator, IT users

A flood of advertisements or intentional overloading via incoming e-mails can not only block mail systems but also give rise to considerable expenses for the recipient. To protect IT systems against "spamming" - or e-mail with irrelevant contents - every user should make careful decisions as to when to disclose one's e-mail address to whom.

The following safeguards can be implemented against advertisement mail and spamming:

• Anonymous remailer services are available on servers for the purpose of de-personalising e-mail. A remailer makes it possible to send contributions to newsgroups and dispatch e-mail without the recipient being able to identify the address of the sender. A disadvantage here is that e-mail is often rejected if the sender cannot be identified.

• The mail server or firewall should be equipped with e-mail filtering programmes which only allow the passage of e-mail from/to specified communications partners and restrict the influx of spam by means of other header entries. Caution must be exercised here to prevent desired e-mail from being filtered out as well.

• Every organisation should decide whether to allow its employees to post articles in newsgroups and, if so, which form and which topics may be involved. In this context, users must be instructed to observe Netiquette and, in particular, refrain from distributing information of irrelevance to the general public.

• It might be advisable to use e-mail addresses which are not easy to guess (also refer to S 2.122 Standard e-mail addresses).

• On no account should attempts be made to retaliate with mail bombs or similar measures in response to spam. In fact, senders of spam should not receive any response at all. Sender details in a lot of spam mail are forged. In such cases, responses are routed to innocent parties or returned as undeliverable. At any rate, responses to spam further increase the volume of e-mail traffic and, in the worst case, confirm the correctness of e-mail addresses to advertisers.

• One effective measure against molestation by spam is to inform one's own mail provider and the mail provider of the sender so that they can take appropriate action against the sender.

It must be noted that not all of these measures are advisable under all circumstances, as each of them impose certain restrictions. On one hand, it might be advisable to refrain from basing e-mail addresses on user names in order to protect one's IT systems against undesired advertisements. On the other hand, abstract e-mail addresses can render communications with external parties difficult, as such addresses are harder to memorise. The form of an e-mail address should always comply with internal organisational rules.

A high volume of e-mail traffic can also result from subscriptions to a correspondingly large number of mailing lists. In general, regular checks should be made as to whether the subjects discussed in a mailing list are still worth reading. If not, subscription should be cancelled. Users must be instructed to make regular (i.e. daily, if possible) checks of mail influx related to subscriptions to mailing lists. In large organisations, mailing lists of professional interest should only be subscribed to by one staff member (e.g. the mail administrator) and then made available centrally to all other employees.

Additional controls:

• Have all users been informed about the threats posed by spam?

• Who subscribes to which mailing lists?