All email that enters the Weizmann network and recognized as directed to our authorized mail hosts is checked by our mail-gate. The security software will reject the mail if the destination address does not appear in the WIS global address book. Mail is also rejected as spam if the actual remote sender appears in a large, worldwide RBL (reputation-based list) of known spammers. This filtering rejects enormous amounts of spammed messages.
If the mail-gate decides to accept the whole message, its contents are processed further. The mail is scanned not only for viruses, but for spam and other malicious content. If a virus or other malicious code (like executable files) is detected, it is removed, or the attachment is deleted, and a note is added to the email.
Global SPAM information and rules, as well as content analysis, are used to check for spam. Mail which is suspected of being SPAM, is tagged (i.e., the subject of the mail is modified, to include the words **SPAM-W**), and the mail is delivered without change.
Unfortunately, there is no 100% error-free way to check for spam contents. To avoid unrecoverable errors (in other words, blocking legitimate emails that are incorrectly labeled as spam (False Positive)), the WIS policy is to only tag email as spam, not to block it. The user can then decide whether or not to delete the tagged mail.
If you think that mail that was marked as SPAM comes from a well- trusted source, or you think that mail you received is actually SPAM but wasn’t marked as such, please forward the mail to its@weizmann.ac.il.
Most email systems have filters that allow various actions, such as placing email in separate folders, based on criteria that the user can specify. Most mail clients will allow you to write a rule specifying that all mail sent to you that has **SPAM-W** in the subject line goes to a folder that you create. One can periodically check the junk folder to see if any legitimate mail is there, and the rest can be sent to the trash.
In order to create criteria of automatic filtering in your mail systemt, see: Filtering of Junk Mail (SPAM).
Spoofing and PhishingOccasionally, we will encounter spoofing, which is the fraudulent use of your email address as the sender address for spam Emails. Spammers often use this trick in an attempt to bypass address-based spam filters (i.e., sending from a forged sender address, generally taken from the same address list as the one the spammers themselves are emailing to). They are able to capture your email address by running software robots to “harvest” email addresses from institutional websites, or by sending millions of emails with automatically generated user names to a site, until they find some that are not returned to the sender with an “address unknown” error.
If you will inspect such a “spoofed” email message (by viewing the message source), you will see that the email is sent from an external email address and not from the weizmann.ac.il domain, and it will usually be tagged as SPAM.
Another thing one can do in case of "spoofing", other than to ignore it, is to switch to a new email address, after making sure that this email address is not published in clear-text on websites, but only in "obfuscated" form (i.e., in a form that is readable to humans but not readily identified as an email address by spam bots).
Phishing is a different, and much more dangerous, kind of email fraud. The “phisher” attempts to lure the recipient into revealing personal information, such as password(s), or even bank account details, by sending fraudulent emails that look like legitimate requests for information (e.g., from WICC).
“Phishing” messages are usually correctly tagged as *SPAM-W** because of their malicious content. In such cases, please use your judgment and be aware of the threat. These letters must, of course, be deleted and in no case be replied to.
Please be aware that no branch of the Division of Information Systems, or the Computing Center, will ever send an email requesting you to reveal personal details such as your ID number or password.