MENU

Responding to Problem E-Mail

This site is only for reporting problem email received at UMKC or originating from UMKC.  If you have other email abuse problems, contact your Internet Service Provider, www.spamcop.net for spam, or for threats, your local law enforcement.

Abusive email can range from mildly annoying to downright threatening, and can violate several kinds of laws as well as institutional or department policy.

  1. Report immediately to police all threats to persons or property. Telephone 911 or call the UMKC Police Department at (816) 235-1515.
     

  2. Do not retaliate or respond directly to the abuser's apparent email address. The apparent source may not be the real source or may exploit your reply. Instead, completely preserve and report the incident. See Reporting Problem Electronic Mail for instructions.
     

  3. Report suspected abuse of computing facilities to Information Services, (816) 235-2000, or by email to <abuse@umkc.edu>. During business hours, IS staff monitor this address and will acknowledge receipt of your email. You are encouraged to report any suspicious or abusive activity  towards members of the UMKC community, abuse caused by members of the UMKC community, or abuse committed by means of UMKC computer or network facilities. Information Services will treat your concerns seriously and confidentially, and will inform you of the result of their investigations.

Types of Problem Email

  • Advertisements, solicitations, junk mail, and "spam" do not usually target you individually; your email address was probably harvested along with thousands of others.  The University views such unauthorized use of its resources as trespassing and can serve notice on behalf of its members.  
     
  • Off-topic or inappropriate postings to discussion lists should first be brought to the attention of the list owner.  If the list owner is not responsive, one might escalate to the service provider for the list or for the abusive sender, for example, postmaster@some.where.com.
     
  • Insults, "flames", and offensive language may violate the sender's service agreement with their Internet service provider, particularly if the ISP is a school or employer.  Nevertheless, if communications are more disagreements or name-calling than defamation, intimidation, or threats, you should consider simply ignoring them, perhaps by automatic filtering
     
  • Scams, pranks, and most chain letters may violate federal racketeering laws, other laws, or University policy.  Notes may forge or claim authority they don't have, or make assertions that aren't true.
     
  • Defamation may violate terms of service agreements and may be pursued with civil lawsuit.
     
  • Intimidation and harassment have definition and penalties established by state and federal law and also may be pursued with lawsuit.  For example, postings to a public discussion might constitute racial or sexual intimidation.  Persistent abusive communication to you alone might qualify as harassment.
     
  • Threats of violence to persons or property should be reported to the police and other security authorities.

Reacting to Problem Email

    To report threats of violence to persons or property, UMKC members should immediately contact the UMKC Police Department; telephone (816) 235-1515.  As detailed below, submit the threatening note to UMKC IS  <abuse@umkc.edu> or call the UMKC Help Desk (816) 235-2000.

    Be Cool:  Generally do not reply directly to an apparent sender of an abusive communication.  The apparent sender may not be the real sender.  Replying often just brings more abusive email!  Do not delete or archive problem email, at least not immediately.  If problems continue, each note may provide an essential clue or bit of evidence.

    Be Quick:  Report any problem email as soon as possible.  System logs that might help trace a note may be retained for only a few days. Though an incident may appear minor to you, it may be part of a larger pattern of abuse.  Your evidence may help many people.

    Be Skeptical:  (1) Email addresses are easily forged!  Do not bother to call the National Enquirer if you get mail from elvis@graceland.com. (2) Do not trust email content that urges, "Class is canceled", "Change your password to xxxxx", "Make money fast...", etc.  Remember, the apparent sender may not be the real sender.  Except for reporting to authorities, do not forward chain letters such as get rich quick schemes or dire warnings of viruses or disasters.  Forwarding junk mail needlessly clogs inboxes and makes you a party to bogus claims.

Reporting Problem Email

    You must include in your report "header" information that does not normally display.  Here's a typical header:

    Received: from alpha.somewhere.edu ([128.175.44.54]) by beta.elsewhere.com with SMTP id <11350(4)>; Tue, 1 Jul 1999 16:23:18 -1000

    Header information can correlate with system logs to assure authorities that you are not making up or distorting an incident, and is essential for tracing the note's origin.

    To provide the full information to UMKC you can use these methods:

    For problems related to UMKC members and resources, report abuse to: <abuse@umkc.edu>.

    For reporting general email problems such as bounced email, use the "postmaster" address for a given service, for example: <postmaster@umkc.edu>.

Limits to Tracing

    There exist many free email services; for a partial list, see Yahoo!.  Free email providers typically do not even collect identifying information. These email services can do little more than turn off an account that you demonstrate to violate their terms of service, per the above instructions. They usually will not reveal information about their users with out a police or court order.  The abuser, in a few moments, can simply create another free account.

    The key to dealing with most problem email is to use email headers to trace back beyond the email service provider to the sender's connection to the Internet via some "Internet Service Provider".  Unfortunately, the connection may be made via a library or other open access site, or by a relay or proxy connection, or by a stolen account.  Yet even in those cases, multiple notes, correlative connections, and automatic tracing can lead and has lead to the individual sender.