|Title||Start Date & Time||End Date & Time|
|Service Restored: Youtube Age-Restricted Content Inaccessible From CU Network||Saturday, September 15, 2018 - 2:28pm|
|Service Maintenance Scheduled: Turnitin||Saturday, September 22, 2018 - 9:00am||Saturday, September 22, 2018 - 5:30pm|
|Service Maintenance Scheduled: Campus Solutions & Portals||Sunday, September 23, 2018 - 6:00am||Sunday, September 23, 2018 - 2:00pm|
|Service Maintenance Scheduled: F5 Content Switch||Thursday, September 27, 2018 - 6:30pm||Thursday, September 27, 2018 - 7:30pm|
|Service Maintenance Scheduled: Wi-Fi in Bear Creek Apartments||Tuesday, October 2, 2018 - 6:00am||Tuesday, October 2, 2018 - 7:30am|
Yes. The CAN-SPAM Act of 2003: Requirements for Commercial Emailers. More information can be found at: www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm .
No, CU Boulder does not sell email addresses. Recognized departments and affiliates are permitted access to the CU Boulder Today and Administrative E-memo services when they have large numbers of email to send to faculty, students, and staff.
No, it's best to delete messages. Clicking an unsubscribe link may confirm to the spammer that your email address is working and is being used actively. Such 'live' email addresses are valuable and can be resold to other spammers, resulting in even more spam sent to you.
Very little spam actually originates at CU Boulder, though it often appears otherwise. Unless you view full headers, you can't tell where it came from. Even with full headers, it can be difficult to track the actual path the message took to get here. If you are sure the spam originated at CU Boulder, file a complaint by forwarding it with full headers to firstname.lastname@example.org.
All email messages have heading information that indicates how they got from the sender to you. Typically, you see only a few header lines - To:, From:, and Subject:. These header lines are unreliable because they can easily be forged (a result of the open standards used for email on the Internet). To track down the point of origin of a message, you need to view all of the headers - what we call "full headers."
The word spam is derived from a skit performed by the Monty Python comedy group. Its use today refers to unsolicited, commercial email. OIT mail servers process more than 10 million incoming email messages on a typical day. It is estimated that as much as 75 percent of these messages are spam. Add to that a growing number of viruses and you begin to understand the scope of the problems that unchecked email could pose to a network like CU Boulder's.
We recommend you delete the message and empty your deleted items folder periodically to reclaim space consumed by deleted messages. For all faculty, staff, and students who use Gmail or Exchange Online, you can create filters in your email client.
Also, resist the temptation to respond to it or to visit a web site that claims you can be unsubscribed. Often those are decoys used to determine whether your address is valid. Once you acknowledge to a spammer that your account is active, the address becomes much more valuable and may be resold to other spammers. Spammers often falsely claim that you have requested to be on their list. Responding to such claims confirms the validity of your email and makes it likely you will receive even more unwanted email. Legitimate businesses will recognize and honor list removal requests, but it's not always easy to determine whether a business has such integrity.
If you feel a message is threatening, contact the appropriate law enforcement agency immediately. If a message appears to be fraudulent, contact the Federal Trade Commission.
If the message originated at CU Boulder, it should be forwarded to email@example.com for investigation. However, be aware that most return addresses are forged, and what appears to originate here may have come from somewhere else. Please verify through reading the full email headers where the email came from before forwarding to abuse. For information on deciphering email headers, contact your departmental IT Liaison. Use the List of Campus IT Practitioners & IT Communications Liaisons if you do not know who your Liaison is.
The amount of unwanted commercial email continues to increase at an exponential rate, since sending bulk email is a cheap and easy way to market a product or promote a scam. Many Internet service providers, especially those outside the U.S., take few precautions to ensure they are not aiding in the spam process.
Outbreak filters perform a threat assessment of inbound and outbound messages and temporarily quarantine suspicious messages. Once outbreak rules from security vendors are received, messages are automatically released to the recipient. Users may notice a slight time delay when receiving messages that have been quarantined, but otherwise should not expect any disruption.
Yes. The implementation of this new technology does not change the fact that all email users must still be vigilant to limit the spread of spam and viruses. If you haven't already done so, you should install antivirus.
OIT scans incoming messages and uses an extensive collection of rules and reputation scoring to determine the likelihood that a message is spam. Based on this likelihood, messages are given an “SBRS” (SenderBase Reputation) score and an IronPort SPAM Score. For SBRS, the range is from 10 (likely a trustworthy sender) to -10 (apparent spammer). A score of “none” indicates that there was no information about the sender at the time the message was being processed.
For the IronPort SPAM score, the range is 0-100. Email scored between 0-49 are considered “clean” and are delivered without alteration. Messages scored between 50-90 are considered “suspect” and are tagged with POTENTIAL-SPAM in the subject line. Messages with a score of above 90 are considered positive SPAM and are not delivered.
If the message is flagged as "Potential Spam," and delivered to your email account, the scoring information will appear in the message header. To learn more about this click here.
Filtering allows you to easily sort through incoming messages and separate them into other folders based on content, such as the sender and subject of the message. Most email clients support the customizable filters.
Our testing shows fewer than 1% of messages are incorrectly flagged as spam. The risk of improperly flagging messages must be weighed against the loss of productivity, resources, and offensiveness of the flood of spam the campus experiences.
False negatives are messages that you consider to be spam but which were not flagged as such. This occurs when the spam score associated with the message falls below the threshold and so it was not categorized as spam. If you would like to report a "false negative" see How to Report Spam page.
Messages incorrectly marked as spam are known as false positives. Some legitimate messages contain many of the characteristics of spam, such as common spam phrases or HTML tags. If enough of these spam-like attributes are found, the score for the message will have a score higher than 49. Messages scored between 50 and 90 will still be delivered to your email account and flagged as "Potential Spam." Messages cored higher than 90 will be blocked and not delivered to your email account. If a blocked message is found to be a "false postive," contact the IT Service Center within two days. OIT also recommends that you periodically review your email marked as "Potentital Spam," for false positives. You can also report "false positives" by following the directions on How to Report Spam page.
If you are certain that a legitimate message was blocked and not delivered to your email account, contact the IT Service Center right away at 303-735-HELP (5-4357 from an on-campus phone). Please have the following information ready to provide the service agent:
If you contact the IT Service Center within three days of missing a legitimate email, there is a possibility that the message can be retrieved and delivered to you.
If legitimate message from that host continues to be blocked, call the IT Service Center 303-735-HELP (5-4357 from an on-campus phone) for further assistance.
Many virus infected emails will not be delivered to your email account. However, that does not change the fact that all email users must still be vigilant to limit the spread of spam and viruses. If you haven't already done so, you should install antivirus.
OIT uses an email filtering technology to process incoming email for spam and viruses for the CU Boulder campus. This technology can be described as a spam and virus firewall. Messages will be scored on a scale of -10-10 and again from 0-100. Any messages scored between 50 and 90 will be delivered to your email account, but marked as "Potential Spam." Messages scored above 90 will be blocked, and therefore not delivered to your email account. Learn more about marking potential spam.
Email attacks have become one of the most common ways of compromising university user accounts, systems and data. And despite the university regularly conducting IT security awareness campaigns and warning against phishing, hundreds of university students, faculty and staff respond each time the Office of Information Security sends phony phishing messages as part of its proactive email phishing awareness campaign. URL scanning and rewriting for all email traffic has proven a highly effective strategy to reduce the incidence and impact from email phishing and malicious content attacks.
A: The URL filtering service works very similarly to the campus email anti-spam/anti-virus solution. Cisco maintains a database of known good and known bad URLs and domain names. For every email sent to a CU Boulder email address, the IronPort devices (the appliances that provide email routing, anti-spam, and anti-virus services to CU Boulder) scan the email content for anything that resembles a URL. If one is found, the URL is compared against the Cisco database. There are 3 possible reputation scoring outcomes:
Two methods exist for classifying a URL as “Clean” prior to delivery.
If you know of any external web URL used for conducting CU Boulder business and want to make sure it never has a rewritten URL, please contact the IT Service Center at firstname.lastname@example.org or 303-735-4357 to help us update the list.
The Cisco URL reputation database tracks websites over time to determine what, if any, risk they may pose. If a website has had issues with malicious content, Cisco will downgrade the reputation. URLs pointing to websites that have a suspicious reputation, or websites that have not been cataloged by Cisco, are rewritten by the IronPort appliances and therefore have a long URL that starts with http://secure-web.cisco.com. The very long URL is used to track every email message and the user it is sent to for reporting purposes; the length is due to generating a unique URL for the millions of messages delivered each day. Unfortunately there is no way for us to control these URLs as they are automatically produced by Cisco when it comes across a site that does not yet have a reputation.
If you encounter a URL that is being blocked, but has a legitimate business function for our campus, please contact the IT Service Center at email@example.com or 303-735-4357 to request a “Safe URL Exception.” The Messaging & Collaboration team will investigate the blocked URL and make a determination about its whitelisting status and follow up with the requestor.