Automatic protection filters for e-mails

This pages describes the measures used by the Chemnitz University of Technology e-mail system to automatically filter e-mails. They serve to protect against e-mails with dangerous content (malicious code, e.g., viruses) or misleading or unwanted content (phishing, advertising e-mails, spam). (phishing, advertising e-mails, spam).

These protective filters are effective for all e-mail addresses as soon as they reach the incoming server, i.e., when the email arrives at Chemnitz University of Technology from the internet. You can also set up individual filters on the central mailbox server in addition.

However, these technical measures do not exempt you from handling emails with care and taking precautions on your end devices (be careful with email attachments, security updates for your software, anti-virus software, etc.)! Please refer to "Security aspects for e-mail" for more information.

Description of the automatic protection filters

Prtoective measure	Description / impact
Spam protection text analysis	Evaluation of e-mails by eXpurgate This solution, which runs on the TU's mail servers, classifies incoming e-mails. E-mails that are dangerous or classified as spam are rejected. Other characteristics (e.g., bulk e-mails) are included in the further evaluation. a rule-based detection system based on SpamAssassin (tm). A spam rating (spam score) is calculated from the content of the e-mail (up to a maximum of 100 KB). If the threshold value for spam (currently 8.2) is exceeded, the e-mail is rejected. If the emails are accepted, the rating appears in the email headers `X-purgate-type` and `X-Spam-Score`, e.g.: X-purgate-type: suspect.mail-count X-Spam-Score: 2.4 (++) You can also use these mail headers to filter individually.
Content protection Malware	Rejecting e-mails containing malicious code (e.g., viruses, worms, malware) Every e-mail is scanned by ClamAV for known malicious code. If malicious code is detected, the e-mail is rejected.
Content protection for potential dangerous attachments	Rejection of all e-mails with active content, i.e. e-mails containing attachments with executable programs, will be rejected. This applies to file attachments with `bat, com, docm, exe, pif, scr, vbs`, etc., even if they are contained in archives such as `zip, rar, arj, 7z`, etc. File attachments with executable programs have often been the starting point for rapid virus spread on Windows systems. This measure protects us from receiving such files. If you still wish to exchange executable programmes with email partners, please note the information in Increasing security in electronic mail traffic (in German).
Errors in the e-mail	Rejection of e-mail that do not comply with the standard, e.g. errors in addresses
Spam protection Administrator	Rejection of dangerous and unwanted mail by our email administrators. If the above rules do not prevent this, we take special protective measures in exceptional cases, e.g. rejecting certain senders.

If one of these measures results in an email being rejected, the email is usually returned to the sender by the sending mail server. The TU Chemnitz servers then do not accept the email and therefore do not place it in a spam folder.

If you do not receive an email that should have been delivered, please contact us. We will then investigate the cause and correct the incorrect assessment if necessary.