At a Glance
Central Software
CityVoD - CSC Forum Archive
Software List on CSC Student LAN

Location and Floor Plan of the CSC Teaching Studio Areas
Opening Hours of the CSC
Systems Maintenance Schedule
List of Blocked Network Cards / IP Addresses
List of CSC Representatives
List of Departmental Network Administrators
Staff Computer Courses
CSC e-Forms
Submit CSC Work Req.
Req. for Printing
Req. for Dump / Restore
Teaching Studio Booking / Cancellation
Email Alias Application
Apply for a New Domain Name
Remove an Existing Domain Name
Modify the Hosting of an Existing Domain Name
Useful Links
IT Information for Students
IT Information for Staff
IT Information for Alumni
Got any questions, comments or suggestions? Contact the editors at
Issue 37 - Sep 2003
Email Spamming
By Clevin Wong

What is "spam"?

"Spam" can be regarded as a synonym of "junk mail". It refers to unsolicited commercial email (UCE) and unsolicited bulk email (UBE). Email spam is an annoying problem faced by most of the email users on the Internet. No one wants his/her mailbox fills up with unwanted messages. However, spam spreads everywhere on the Internet nowadays, we get it almost every day and the condition is getting worse.

Senders of spam are known as "spammers". They send spam to advertise products/services and recruit victims for scams. The following are some common examples of spam:

  • "Get rich quick" or "make money fast" schemes
  • Foreign bank scams or advance fee fraud schemes
  • Pyramid schemes, including multilevel marketing
  • Offers of mortgage loans
  • Offers of credit reparation
  • Offers of software or service for collecting email addresses and sending spam
  • Scams on health products and remedies
  • Offers of illegally pirated software
  • Chain letters
  • Pornographic materials
  • Unsolicited political materials
  • Others types of unsolicited commercial advertisements

How can spammers get my email address?

It is really an unhappy experience to find your mailbox filled up with spam. Most victims of spam will ask "how can spammers get my email address?" Spammers collect email addresses in many ways. For example, they regularly use some search engines to harvest email addresses automatically from web pages, newsgroups, bulletin boards, directory services ... on the Internet. They may generate random sequences of characters, hoping to match a few valid addresses. They can buy email addresses from other spammers. Moreover, sometimes people may be required to submit their email addresses on the Internet (e.g. before downloading some software), and these addresses may be released to unknown persons.

In order to avoid spamming, you are advised to safeguard your email address. For example, you should not disclose your email address when filling questionnaires from unknown organizations.

What should I do when I receive spam?

First of all, you should never buy/use/enquire any products and services advertised in the spam. Otherwise, you will encourage more spamming and you may become one of the victims for scams (please refer to for the most common scams in spam).

You should not open any files attached with the spam, because these files may contain computer virus or indecent material. You should avoid clicking any links (including the "click here to unsubscribe" links) or pictures in the spam, because spammers may use these links to verify that your email address is active. You should not send replies or "remove me" messages to the spammers because this will also inform them your email address is active. Once they know your email address is active, they may send more spam to you and give your address to other spammers.

Besides deleting the spam manually, you can set up client-side email filters in your email clients to file/delete the spam mail automatically (please refer to for the detailed procedure). Moreover, you can directly complain to the site administrator if you know the actual originating site of the spam. Or, you can report the case to CSC using the email address

What has CSC done to reduce spam?

Up to now, there is no perfect solution to completely stop all spam. The following are some of the major difficulties:

  • The sender address of the spam may be fictitious. Spammers can fake any sender addresses.

  • Spammers can employ the "hit and run" strategy. They create ac-hoc accounts solely for sending spam and send the spam from different network locations.

  • Some Internet Service Providers do not response to complaints of spamming from their customers.

  • Automatic identification of spam mail is complex and difficult. Unlike virus scanning that can use exact pattern matching; there is no exact pattern for spam. Moreover, in order to avoid being identified as spam, spammers may use special software to disguise the spam by sophisticated techniques: generating spam with dynamic subjects and contents; using non-English character set; misspelling some keywords by intention; displaying the messages as graphics; scrambling the message source with HTML comments ... etc.
In order to reduce spam, the Computing Services Centre (CSC) has implemented the following mechanisms:
  • All our email servers have installed with anti-relaying control to prevent them from being used by non-CityU machines for sending spam.

  • We have made use of the some well-known public databases to block email connections from black-listed spamming sites.

  • We have implemented control scheme to detect spam automatically by traffic volume. The sender sites will be blocked automatically once the predefined volume threshold is exceeded.

  • Sometimes the spam may come with virus-infected attachments. To protect our users, we have installed virus-scanners on the mail servers to scan all email messages automatically.

  • We have created a special email account to receive spam reports from our users. Mailing sources that are frequently found sending spam will be blocked.

  • We have developed a web-interface for users to setup their server-side mail filters. Server-side filters are usually more efficient than client-side filters. A pilot-run of this utility will be launched in the near future.

Besides the above, we are evaluating different hardware and software technologies on anti-spamming. We also keep on exploring more effective ways of dealing with spam including experience sharing among experts in this field and in academic institutes.

Also in this issue...
Video Conferencing: Now a Much Easier Option
CKC Chinese Input System is Available at CityU
You Can Make a Difference in Virus Prevention
Computer Ownership Programme 2003
Maintenance Arrangement for Desktop and Notebook PCs


Current & Back Issues
Search Articles
Microsoft Windows10
Microsoft Windows 7
Office 365 ProPlus
Microsoft Office 2013
Microsoft Office 2010
Internet Explorer 11
Internet Explorer 9
Email Services
Confidential Email
Wireless LAN
Virtual Desktop Service (VDS)
USB Flash Drive
CityU SMS (for Department)
CityU SMS (for Staff & Student)
iPad (iOS 5.x)
Wiping a Mobile Device
Wiping Mass Storage Device
Handling Handheld Smart Devices for Service Maintenance, Recycling Use, and Disposal
Staff Account Renewal
Changing Local Administrator Password
McAfee Endpoint Security
Full Scan of Your Computer for Concealed Computer Virus
Computer Warranty Scheme Software Copyright Declaration and Compliance Observation
Technical Guides
AV Facilities User Guide
Connecting to Wireless LAN (WiFi)
VPN Connection Setup Guide BitLocker To Go User Guide
Copyright© Computing Services Centre, City University of Hong Kong. Best viewed in 1024x768 with IE. Javascript enabled. Last modified on Friday December 28 2018 .