Cimarron Municipal Schools subscribes to a service from Tangent Computer that uses the Barracuda email filtering engine to protect all of our incoming email. This system sits between our local network and the outside world, and examines every email message coming into aurora.edu from the Internet, discarding junk messages before they hit your inbox.

As your techs, we have searched through a variety of tools to fight spam and viruses, and one of the problems we've had to face is that no single configuration meets everyone's needs: for some users one approach would be too rigid, blocking some legitimate email, while for other users it would be too permissive, allowing some spam and viruses to get through. One of the benefits of using Barracuda is individual users can fine-tune the filter engine to suit their personal preferences. The purpose of this document is to guide you through the configuration and use of this service.

In general terms, the Barracuda service evaluates incoming messages and applies a series of tests to classify each message according to its likelihood of being spam or carrying a virus. The four categories are as follows:

1. Messages that are clearly neither spam or virus-bearing. These messages are delivered directly to your inbox.
2. Messages that have some of the characteristics of spam but which may be legitimate are marked as "bulk" so that you can make a decision about how to handle them. Messages from organizations, businesses, and mailing lists often fall into this category.
3. Messages that have objectionable content, attachments that might contain viruses, or which match known spam content are marked as "quarantined." You have the option of having these suspicious messages held on the server for your review.
4. Messages that are clearly spam or virus-bearing are discarded before you see them.

At the simplest level you can use your email program just as you have always used it. Barracuda will strip out obvious spam and deliver the remaining messages to your inbox. You will however notice one major difference: some of the messages arriving in your inbox will bear the labels [BULK] or [QUAR] in the subject line. These labels are there as a warning to help you determine what needs to be done with those messages: read them, delete them, store them in a separate folder, etc. You will need to be cautious, particularly with messages marked [QUAR], since there is a small probability that they could contain viruses.

This basic approach requires minimal time and effort on your part. The downside is that when used at this level you're agreeing to accept Barracuda's judgment as final, which means some unwanted messages may get through while other desirable ones may get blocked, or at least labeled. If this isn't good enough, you can take advantage of Barracuda's customization tools by setting up an individual user account. Setting up and using that account is the subject of the remainder of this document.

Setting up a Tangent/Barracuda user account

All CMS email users have access to the personal account management system that runs on Tangent's servers. To make use of this system you must initialize your account. Follow these steps:

1. Access the Tangent/Barracuda site from your browser. The URL is http://ms4.tcnoc.com/. You'll see the following login form:

   

2. Request a password. Your username is your regular email address, in the form username@cimarronschools.org or cmseagles.org. If you have never used this service before the system will need to issue you a password. To request a password, enter your username/email address in the Username: field and click Create New Password. The system will confirm the operation and a new password will be sent to you in the body of an email message, usually within just a few seconds. You can also use this process to get a reminder if you've forgotten your password.

3. Login again with the password. Return to the login page and this time log in with your username/email address and the password you just retrieved (or click on the link in the email message you received from the server). If everything is working properly the next screen will be the main user account management screen displaying the Quarantine Inbox with other tabbed options. When you leave the system, don't forget to click the Log Off link in the upper right-hand corner, or simply close your browser.

    

Setting your preferences

Once your account is working there are some basic preferences to set. All of these are available from the Preferences tab. When the Preferences page appears, the default view will show you the Security page, with the other options displayed as a row of links.

Security (change password)

You can use this form at any time to change your password. Fill in the fields and then click the Save Password button to activate your changes. You will at this point be sent back to the login page, where you will be able to log in again with your new password. If at any time you happen to forget your new password, use the Create New Password option on the login screen to get a reminder, as described above.

Quarantine Enable/Disable

This section of the preferences page gives you the opportunity to turn the quarantine service off and on. If you select "Yes" for Enable Quarantine, then all messages that would otherwise show up as [QUAR] in your inbox will instead be stored on this server. You will have to log into the server to review and act on those messages. If you prefer to have your quarantined messages delivered to your inbox, select "No". Note that if you click "No" there is a chance that questionable messages may find their way into your inbox and you may be exposed to a virus-bearing message. Click Save Changes after you have made your choice. If you decide to use the quarantine service you can also elect to be notified about quarantined messages by email (see below).

Spam Filter Enable/Disable

On this page you can enable or disable the filter. "Yes" is the default, and is the recommended option. If you set this to "No" then you will not be protected by Barracuda. Click Save Changes to record your settings.

Whitelist/Blacklist

This section of the Barracuda interface allows you to instruct the system to allow certain messages to bypass parts of the filtering process. You have two choices. The whitelist option allows you to designate senders that might have otherwise received a tag to pass through to your inbox without modification. Note that the whitelist option only applies to messages that have a medium-probability spam rating. High probably spam and virus bearing messages will not be delivered even if the sender's address is whitelisted. Alternatively, you can name senders and domains that will always be blocked, even if there's nothing wrong with the message. In the tables provided, enter either a fully qualified email address or a domain name (everything after the @ sign in an email address is the domain). In the latter case, messages from all senders at that particular domain will be affected. In this example, two items (one sender and one domain) have been added to the Whitelist ("allowed") and three have been added to the blacklist ("blocked"). You must click Add for each new entry to record it in the list.

You can use this feature to make sure that you will receive messages from certain favored senders, to block messages from unwanted mailers, and more generally to reduce the number of items that arrive marked as [QUAR] or [BULK], which will in turn cut down the amount of time you have to spend on maintenance. To remove an item from either list, click the trash can image next to that entry.

Quarantine Notification

If you have enabled the Quarantine service, messages that are labeled [QUAR] will be held for you on the Barracuda server for you to peruse at your convenience. In this part of the preferences section you can tell the system to send you email reports summarizing the contents of your Quarantine box, either daily or weekly. These notifications are graphic email messages that looks very much like the Quarantine Inbox that you see when you log into the Barracuda server. Answering "Never" to this question will not affect the quarantine function, but it means that you will have to access the browser on your own to see the messages that have been quarantined. Click Save Changes to record your settings. Here's an example of an email notification. This is actually an interactive message: in most email clients clicking on a link in the Actions column will open your browser and take you to directly to the Quarantine Inbox display on the server without requiring a login. See below for details on managing quarantined messages.

 

Managing Quarantined Mail

The Quarantine Inbox is your personal display on the Barracuda server of any quarantined mail that has been saved for your review. Here's a screen shot of a section this page, showing three quarantined messages pending.

The system assigns messages to the Quarantine category that have a high likelihood of being junk mail. But because these messages are quarantined rather than simply discarded, you have the opportunity to make decisions about how to handle them.

Near the top of this screen are several controls that affect the display. The Refresh button is like a browser's refresh or reload button, updating the display to show the current state of the system. The Filter feature lets you limit the display to specific items, and at the right (not visible on the screen shot above) there are left and right arrow controls that page the display forward and backwards if there are too many entries for a single page.

Below those controls is a row of five buttons that define various actions that can be applied to messages. You can apply any of them to a single message, or you can click the checkbox at the left side of each entry to select several messages and apply an action to the whole group at once. The first three are fairly straightforward:

• Deliver -- sends the selected message(s) on to your regular AU inbox.
• Whitelist -- automatically adds the sender's information to your whitelist.
• Delete -- discards the selected message(s).

These three functions are also available as links in the Actions column for each entry -- you can use these to apply the action to single messages. The problem with the "Deliver" and "Delete" options is that they affect only the current message, not any future messages with the same profile. For example, choosing to have a quarantined message from a particular source delivered will do nothing to change the fact that the next message from that source will probably get quarantined as well, and by the same token deleting a specific message won't stop the next message that comes in from that sender. This just means more work for you. Fortunately there's a better way: taking advantage of Barracuda's ability to learn by example.

Normally the Barracuda filter applies a series of global tests and each tested message receives a cumulative score that determines how the message will be classified. These tests are reasonable approximations of what most users want, but there is a large gray area in between "spam" and "not spam" and you may find that you don't always agree with Barracuda's decisions. The solution to this problem is to feed Barracuda examples of messages you consider to be spam and messages you consider to be valid. This is the purpose of the other two action buttons on this screen:

• Classify as Not Spam -- submits the selected message to the filter engine, which in turn uses its features to classify future similar messages as valid email.
• Classify as Spam -- submits the selected message to the filter engine, which in turn uses its features to classify future messages as spam.

Note that using these buttons will perform no other operation on the selected message. If you want to deliver, or delete the message, you'll have to perform that action separately.

This is a dynamic system that in effect learns your preferences over time. The more examples you present to the system, the more accurate its tests will become and the number of messages appearing in the Quarantine Inbox will go down. It's important to note that this is not a binary, yes/no decisionmaking process. It is instead "fuzzy" and constantly changing, and whether an individual message is ultimately labeled as [BULK] or [QUAR] is a function not of any single test but the cumulative effect of all the tests. What Barracuda is giving you with these tools is a way to influence the criteria used when these tests are applied. As the system learns your needs it will become, from your perspective, "smarter" and will require less of your time and attention.