Sept 12 Change of Anti-Spam Service, Update on Email Spam and Delivery Issues

Posted September 7th, 2012 at 10:32 am.

This post is an update to the email issues referenced in previous messages (most recently August 24th).

Our campus has been experiencing a high volume of spam email messages, and resulting problems with email delivery.  This problem has been severely intensified by two factors — our own community members responding to scam messages with passwords in greater numbers than ever before (and those Bryn Mawr accounts becoming a new source of spam), and a change made without notice by Postini, our anti-spam vendor which forced us to cease our outbound filtering (leading to more sites blocking our email much more quickly).  We also stated that a significant change would be needed to address this pressing issue.

In the last two weeks, we have taken the following actions:

  • We have chosen to stop using our current anti-spam vendor (Postini).  With the assistance and advice of several peer institutions (most notably Yale and Lafayette) we have selected Proofpoint to replace this critical function.
  • We began to use Proofpoint within the last week to help manage our outgoing email filtering — we have already seen a significant improvement although we still have a ways to go in achieving full effectiveness.
  • We have diversified our education efforts (with more to come).
  • We have begun to work with offices to change bulk emailing business processes.

On Wednesday September 12 at approximately 5pm, we will stop processing incoming spam with Postini and begin using Proofpoint for processing incoming email.  Please note that in order to address the email issues as quickly as possible, we consider our use of Proofpoint to be a “live pilot” — we have tested this product to the extent that we are able in this short timeline, but expect that we will need to modify our configuration as we identify any outstanding issues.

  • At that time, http://spamcheck.brynmawr.edu will no longer point to the current quarantine, but to the new, Proofpoint quarantine.
  • You will still receive digest emails detailing the messages that have been quarantined.  These will look different, but serve the same purpose.
  • To report spam, you will be able to use the spam button within Webmail which will automatically submit the message to the Proofpoint server and file it in your junk folder.
  • Please be sure to check your existing quarantine on Wednesday before you leave to deliver any messages you may need to your inbox.  If you are unable to retrieve specific messages and need them thereafter, you will need to contact the Help Desk to have them delivered to you.  These messages are expected to be available until they expire (2 weeks after their arrival date), and can only be delivered to you if they can be located in your quarantine.  After September 26, no emails will remain in the old quarantine.

More information and documentation on the new email quarantine will be available closer to when we make this change.

The increase in volume and sophistication of scam email is a global issue, and peer institutions have encountered many of the same issues we have, some with similar results.  While an improved technological change will make a substantial difference,  the heart of the issue is not technological.  A technological solution can, at best, address 99% of spam and scam emails.  Even one individual answering a scam and allowing a Bryn Mawr account to be hijacked threatens not only his or her privacy and identity, but potentially College data and our reputation as an email sender (which determines email blocking).  Only each community member’s willingness to become educated and sophisticated in identifying and avoiding email and Web scams and threats can lead to a complete end to this issue.

References:

Filed under: Announcements,System Status by Amy Pearlman

Comments are closed.