Email Support: Documentation

About OIT

Office of the CITO

OIT Departments

OIT Staff Directory

OIT Functional Org Chart

OIT Staff Org Chart

Reports On IT

System IT Council

Support Center (HELP)

Acceptable Use of Online Resources

Audio Conferencing

Blackboard

Cellular Telephones

Desktop Hardware Support

Desktop Software Support

Desktop Tech Refresh

Email Support

Internet/Network Connection

Acceptable Use of Online Resources

Computing Support - OIT Support Center

Getting Email, Computer, and Network Accounts

Directory Search - Find People or Departments

Student Employment Opportunities - Apply Online

Acceptable Use of Online Resources

Getting Email, Computer & Networking Accounts

Proofpoint Anti-Spam

Information and
Frequently Asked Questions

Last Revised 28-Apr-2008

OIT uses two spam filters, SpamCop and Proofpoint, to help prevent spam from getting to your UAF and Statewide emailboxes.

SpamCop is a service that lists reported spam sending mail servers. We are using it as a pre-filter to our second antispam software, Proofpoint. In the last week, SpamCop blocked 10,479,453 email connection requests (messages) destined for UAF and Statewide. (This counter is automatically updated every Monday morning.)

Proofpoint is an anti-spam solution for email that both detects and quarantines spam messages before they get to your email inbox. Currently Proofpoint is quarantining an additional ~million emails/day (the ones that get past SpamCop. See the Abbreviated Summary Dashboard Report or all Proofpoint statistics reports.)

This means that between UAF and Statewide alone, we are currently receiving and blocking over 2,000,000 unwanted emails each day; and these numbers will likely increase.

How does Proofpoint work?

Similar to how an antivirus software vendor works, the ProofPoint vendor monitors spam worldwide and constantly adjusts their client's local antispam filters. (We are receiving an average of 3-5 updates/hour recently.)

Why do I sometimes receive more spam in my email?

When a new spam approach is created by those mischievous spammers, and sent to millions of email accounts, some may trickle through our filters before the antispam vendor has time to react. This is why we sometimes see an increase in spam that get through to our mailboxes. It is directly related to new spam traffic worldwide. This helps explain why we receive a new antispam filter update in Proofpoint approximately every 15 minutes around-the-clock.

Hint: When you see an increase in spam getting through to your inbox, compare that additional amount to the quantity in your Proofpoint digest. Typically they will both increase and decrease by about the same proportion; confirming that Proofpoint is quickly adjusted to intercept new types of spam.

What does Proofpoint do for me?

Proofpoint labels (scores) email messages as either Spam, Probable Spam, or Not Spam.

Using the links included in your daily Proofpoint Digest you can:

release a quarantined message

add a sender to your Safelist

notify Proofpoint that a message is Not Spam

request a New End User Digest (in addition to the one received each day)

access Proofpoint Help

Quarantined messages are held for a period of 14 days (to provide you ample opportunity to release any quarantined messages, if necessary) before being automatically deleted.

In order to properly view and use the links in the Proofpoint Digest email message, you will need to view it in HTML format within your email client.

SquirrelMail and CommuniGate users may need to enable the option to show HTML

Proofpoint End User Digest Message

The End Digest Message will look very similar to this one below -- this one is displayed in SquirrelMail:

End User Digest Window in SquirrelMail

Help for Proofpoint features is conveniently located within the Digest message. Also, note the Release / Safelist / Not Spam links next to the list of quarantined messages:

Links in Digest Message

Frequently Asked Questions:

1. Does Proofpoint Anti-Spam work for Pine mail users?

2. When do I get an End User Digest?

3. Is it ok to just delete the daily Digest messages?

4. Can I stop getting the daily Digest messages?

5. I use SquirrelMail/CommuniGate and the links aren't working in the Digest message. What do I do?

6. What happens when I release a quarantined message?

7. What should I do if I have set up filters in my email client and this blocks delivery of my Proofpoint digest of quarantined messages?

8. I use Eudora. How do I look at (release) quarantined messages?

9. What if I don't want Proofpoint to quarantine my mail?

10. What are the current Proofpoint stastics?

11. I would like to report a message as Spam. What do I do?

12. How do I enable the Adult Content Filter?

13. How do I get specific files mailed to me without them being blocked?

1. Does Proofpoint Anti-Spam work for Pine mail users?

No, Proofpoint doesn't work well for Pine users; the text-based version of Digest handling was deprecated in a recent Proofpoint upgrade. Regarding the html links, our version of Pine does not handle html too well, either. You can get PC-Pine from the University of Washington here; PC-Pine can call your browser with any link you select.

2. When do I get an End User Digest?

Proofpoint Anti-Spam continually quarantines incoming email. Every day Proofpoint creates digests for those who have received spam. The Digest lists all potential spam messages conveniently in one daily message that you may quickly peruse and easily handle. Proofpoint only sends you an End User Digest when you would have received spam.

3. Is it ok to just delete the daily Digest messages?

It is advised that you examine the digest of potential spam messages so that you may identify any false-positive quarantined messages.
This is especially true if you belong to mailing lists coming from outside the university. By doing so, you will be able to add any false-positive senders to your Safelist and prevent their future identification as "spam."
You should at least keep your most recent digest around to for the links contained within (Request New End-User Digest, Request Safe/Blocked Senders List, Manage My Account) if you need them when looking for a lost mail, dealing with problem mail, etc.

4. Can I stop getting the daily Digest messages?

If you really want to, yes you can! Click on the link in the digest for "Manage My Account". This should bring up your web browser with your Proofpoint configuration page. In the left-hand pane of the Proofpoint page, select "Profile". Within your Profile, you can un-select the checkbox to "Send digest with new messages in my End User Digest." Click Save to save changes to your settings.
If you do turn off the daily digest, keep the last one you receive, in case you ever need to get back to any of the Proofpoint web pages (Request New End-User Digest, Request Safe/Blocked Senders List, Manage My Account).

5. I use SquirrelMail and or CommuniGate Pro and the links aren't working in the Digest message.

If you are a SquirrelMail user, then in order to make use of the clickable links within the End User Digest, you need to enable messages to be viewed in HTML. To do so, follow these steps within SquirrelMail:
click on Options
then click on Display Preferences
scroll down and select Show HTML Version by Default and click Yes
then scroll to the bottom of the page and click Submit.
Your End User Digest Links will be now be enabled.
If you are a CommuniGate user, then in order to make use of the clickable links within the End User Digest, you need to enable messages to be viewed in HTML. To do so, follow these steps within CommuniGate:
click on the Setting and Options button (3rd from the left)
now navigate down to section labeled Message Viewer
find the label Show HTML: and select inline or inframe
then scroll to the top of the page where you can click on Submit the settings on this page. (The button has a green check mark on it.)
Your End User Digest Links will now be enabled.

6. What happens when I release a quarantined message?

A message that has been quarantined by Proofpoint has not yet been delivered to the email server; when you release the message, Proofpoint will add "[Released]" to the Subject of the message and then deliver it to your email inbox. Once there, you may open and read the contents if you wish.

7. What should I do if I have set up filters in my email client and this blocks delivery of my Proofpoint digest of quarantined messages?

You should be able to fine-tune the local filtering rules you've set up in your email client to allow the Proofpoint digest in (for example, whitelist messages from proofpoint-pps@uaf.edu).
The same is true of released messages. Local filtering rules may well redirect the message again. For that, you should be able to whitelist any message with the subject "[Released]".

8. I use Eudora. How do I look at (release) quarantined messages?

You may need to reply to the Digest message, and include the original message in the reply. Before you send it off, scroll down and you now see the activated options to Release, among others. Select the option you want, and send the message. If you selected Release, for example, you will receive that released message in your email inbox, where you can examine it in more detail.

9. What if I don't want Proofpoint to quarantine my mail?

If you choose the "Manage My Account" link in the Proofpoint End User Digest, it should bring up a new web page where you can manage both your Safe & Blocked Senders Lists and your Profile. Select Profile, and you can then choose what Spam policy you want:

the default "Global Spam Policy"

"Same rules but no quarantine" which attaches all the same X-Proofpoint headers but doesn't quarantine spam

"Don't do anything at all" which does nothing (no headers or quarantine)

Don't forget to click on the Save button if you make changes!
Reminder: If you turn off quarantine, you'll no longer receive the daily digest. Therefore, you should keep the last one you receive, in case you ever need to get back to any of the Proofpoint web pages (Request New End-User Digest, Request Safe/Blocked Senders List, Manage My Account).

10. What are the current Proofpoint statistics?

The Proofpoint Protection Server is set to publish daily reports on volume and traffic. You may view the following Proofpoint Reports:
Full Summary Dashboard Report
Abbreviated Summary Dashboard Report
Message Volume / Day
Message Volume / Month
Spam Classification Trends / Day
Spam Classification Trends / Month
Spam Score Distribution / Month
Top Spam Senders / Month

12. How do I enable the Adult Content Filter?

If you are interested in enabling the Adult Content Filter please read this document.

13. How do I get specific files mailed to me without them being blocked?

Certain email attachments are automatically blocked by Proofpoint because of the common use by purveyors of malware (viruses, worms, trojan horse programs). Any executable attachment will be blocked. Instead of the actual attachment, Proofpoint will put in the text of the message that the attachment was stripped. However, zip files will no longer be checked for executable files within, so you may have the sender put file(s) together into a zip file and add that as an attachment to a message they send you. As long as the message size doesn't exceed the maximum allowed by the mail server, you should receive the zip file unharmed.

Warning! Always be very careful when dealing with email attachments! Malware is sometimes delivered as a zip file in an email attachment; be very sure that a zip attachment is expected and contains what it should before you extract files!

Proofpoint Anti-Spam

Information andFrequently Asked Questions

Information and
Frequently Asked Questions