Spam & Virus Email Filtering
Spam and Virus Filtering
Microsoft Forefront Online Protection for Exchange (FOPE)
ITS utilizes an internet-based service called Forefront Online Protection for Exchange (FOPE), provided by Microsoft, that protects inbound and outbound email from spam, viruses, and phishing scams. It is used for all ITS-managed email servers and is available for departments with their own mail servers to route their incoming and/or outgoing mail through this service.
Microsoft’s FOPE has a global network of data centers that provide fault-tolerance and redundancy to provide a highly available and reliable service for timely and efficient delivery of email. FOPE is an integrated email security andfiltering solution that provides the following services:
- Anti-virus Service: Helps protect your organization from receiving email-borne viruses and other malicious code by using multiple antivirus engines and heuristic detection to minimize the window of vulnerability during emerging threats.
- Anti-spam Service: Helps ensure that unsolicited email is automatically filtered before it enters your organization’s messaging systems.
- Policy Enforcement Service: Provides the ability to custom create highly flexible policy rules to regulate email flow for compliance purposes.
- Directory-Based Edge Blocking Service: Provides the ability to specify all valid users on a domain or to configure different filtering settings for groups of users within a domain.
- Automatic Spooling: Helps ensure that no email is lost by instantly and automatically queuing messages for later delivery if the receiving email server is unavailable.
Maximum Email Size (including attachments)
The size limits of messages sent through FOPE are:
150MB incoming messages
150MB outgoing messages
NOTE: The ITS managed mail system maximum email size is 50mb per incoming or outgoing message. Individual department mail systems will have varying maximum email size limits. Please check with your department on their maximum email size limits.
Emails that exceed these limits will be bounced back to the sender with a "Message Size Violation" error and a message explaining the size limits. The bounce message also advises the sender to use the FSU DropBox Utility to send large attachments.
Please use the FSU DropBox Utility to send attachments that cannot be sent via email due to message size violations. The FSU DropBox Utility can be found at: http://dropbox.fsu.edu/. Please note, the FSU DropBox Utility has its own size limitations - see About the Dropbox for more information.
A file attached in an email is usually larger than the original file. This is due to the encoding that is done to the attached file during email transmission. For this reason, it is possible for an email with a specific sized attachment to exceed the maximum message size.
Attachment File Type Restrictions
Certain file types are considered potentially dangerous because they can contain executable programs or macros and therefore files withthe following extensions are blocked:
EXE, PIF, SCR, VBS, ade, adp, ani, bas, bat, chm, cmd, com, cpl, crt, exe, hlp, ht, hta, inf, ins, isp, job, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst, pcd, pif, reg, scr, sct, shs, url, vb, vbe, vbs, wsc, wsf, wsh, lil
Emails that contain files of these types will be delivered to the recipient with the offending files stripped off. A message will be appended to the bottom of the email explaining which files were stripped and why and advising the recipient to use the FSU DropBox Utility to send these types of attachments.
We understand that not all files with these extensions are dangerous (just potentially dangerous, especially if they are from unknown or untrusted sources). So, for cases where you need to transmit files with these types or extensions, please use the FSU DropBox Utility to send attachments that cannot be sent via email. The FSU DropBox Utility can be found at: http://dropbox.fsu.edu/
Archive attachments (such as "tar" and "zip" type files) are not systematically blocked. However, if the archive attachment file contains a file of a prohibited type from the above list, then the entire archive file will be stripped from the email. Also, if an archive file is password protected, then the virus scanner cannot open the file to check it for viruses ,and the email is discarded and not delivered. There are several popular viruses that propagate through this method.
'Backscatter' is the name given to messages generated when a spammer uses your mail address in the 'From:' line of their messages. If the spammer's message can't be delivered for any reason, the receiving host will send back a bounce or non-delivery report to the address in the 'From:' line (you). For more see our page explaining backscatter.