Internal Use
Security
Case ITS SMTP Policy
Case ITS SMTP Policy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Case ITS SMTP policy
version 1.1.1, 2003-08-27
Christopher Ursich
Policy text
===========
Part 1) Connections originating outside the Case network to the SMTP port
(port 25) of hosts on the Case network will be blocked.
System administrators who need to operate independent mail systems should
contact ITS to request an exception to Part 1.
Part 2) Connections originating on the Case network to the SMTP port of
hosts outside the Case network will be blocked. All mail destined for
hosts outside the Case network must be directed through the ITS-run SMTP
server, smtp.case.edu.
ITS will grant exceptions to Part 2 for the following reason(s), based on
their strong technical merit:
* Message size limit
The ITS-run SMTP service currently limits the size of a message to 50 MB.
If University business cannot be conducted under this limit, mail system
administrators should contact ITS to request an exception to Part 2 until
this changes.
Rationale
=========
The implementation of this policy has several benefits:
1) Fewer problems with open mail relays
An open mail relay is a host which indiscriminately accepts and forwards
email. They are often a result of poor configuration and maintenance by a
mail server's administrator. Malicious people on the Internet use various
means to identify open relays. They then direct malicious, annoyance or
advertisement email spam through the open relay to other people. By using
the relay, the spammer makes his actions more difficult for security
personnel (including civic law enforcement) to track down. By blocking
SMTP traffic as described in the policy, spammers' ability to identify and
exploit open relays on the Case network is severely curtailed.
2) Fewer email virus problems
Email is a common means for computer viruses and other malware to spread
on a network. For approximately a year, ITS has provided anti-virus
software for Windows and Macintosh systems free of charge on the Software
Center, and advertised its availability. Unfortunately, recent virus
outbreaks demonstrate that not enough people are taking advantage of this
offering. These outbreaks have caused the distribution of confidential
documents, and delays in mail delivery. To further address the problem,
ITS is purchasing an anti-virus/anti-spam email filtering device. By
requiring all mail leaving the University to pass through the ITS-run mail
system (and hence, this device), virus propagation will be reduced.
3) Fewer instances of blacklisting
When other organizations on the Internet receive unwanted email from Case,
they sometimes choose to reject all mail from us, an action known as
"blacklisting." This has happened multiple times. In addition, there
exist Internet blacklisting services to which organizations may subscribe,
so that all subscribers will know to begin rejecting mail from a perceived
offender. This is a situation we must avoid. Suppose, for example,
MSN.com or Yahoo.com began rejecting mail from everyone at Case because of
a single open mail relay or virus-infected system. Clearly, ITS cannot
allow communications to be disrupted in this way.
4) Improved mail auditing
It is sometimes necessary to track down the source or ultimate disposition
of an email message. This process requires ITS to review the cumulative
delivery information the message contains. Unfortunately, in messages
sent by viruses, this information is often falsified. In addition,
because a message may traverse multiple, varied mail systems in order to
be delivered, the delivery information is incompletely reliable. By
requiring all mail leaving the University to pass through the ITS-run mail
system, we can guarantee a reliable and consistent point of audit,
logging, troubleshooting, etc.
5) Improved mail system management
As a result of this policy, ITS will have an authoritative list of the
mail servers operating on the Case network. This knowledge makes
vulnerability assessment, system administrator education, and remediation
practical for the first time.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use
iQA/AwUBP5132n2+z//CAlyPEQLjUQCeMfmsUiNKLijKPBCzezmraT5v4LQAn3B2
jl7cYHLg+lJIQas3hS63LGpK
=ooOt
-----END PGP SIGNATURE-----
Hash: SHA1
Case ITS SMTP policy
version 1.1.1, 2003-08-27
Christopher Ursich
Policy text
===========
Part 1) Connections originating outside the Case network to the SMTP port
(port 25) of hosts on the Case network will be blocked.
System administrators who need to operate independent mail systems should
contact ITS to request an exception to Part 1.
Part 2) Connections originating on the Case network to the SMTP port of
hosts outside the Case network will be blocked. All mail destined for
hosts outside the Case network must be directed through the ITS-run SMTP
server, smtp.case.edu.
ITS will grant exceptions to Part 2 for the following reason(s), based on
their strong technical merit:
* Message size limit
The ITS-run SMTP service currently limits the size of a message to 50 MB.
If University business cannot be conducted under this limit, mail system
administrators should contact ITS to request an exception to Part 2 until
this changes.
Rationale
=========
The implementation of this policy has several benefits:
1) Fewer problems with open mail relays
An open mail relay is a host which indiscriminately accepts and forwards
email. They are often a result of poor configuration and maintenance by a
mail server's administrator. Malicious people on the Internet use various
means to identify open relays. They then direct malicious, annoyance or
advertisement email spam through the open relay to other people. By using
the relay, the spammer makes his actions more difficult for security
personnel (including civic law enforcement) to track down. By blocking
SMTP traffic as described in the policy, spammers' ability to identify and
exploit open relays on the Case network is severely curtailed.
2) Fewer email virus problems
Email is a common means for computer viruses and other malware to spread
on a network. For approximately a year, ITS has provided anti-virus
software for Windows and Macintosh systems free of charge on the Software
Center, and advertised its availability. Unfortunately, recent virus
outbreaks demonstrate that not enough people are taking advantage of this
offering. These outbreaks have caused the distribution of confidential
documents, and delays in mail delivery. To further address the problem,
ITS is purchasing an anti-virus/anti-spam email filtering device. By
requiring all mail leaving the University to pass through the ITS-run mail
system (and hence, this device), virus propagation will be reduced.
3) Fewer instances of blacklisting
When other organizations on the Internet receive unwanted email from Case,
they sometimes choose to reject all mail from us, an action known as
"blacklisting." This has happened multiple times. In addition, there
exist Internet blacklisting services to which organizations may subscribe,
so that all subscribers will know to begin rejecting mail from a perceived
offender. This is a situation we must avoid. Suppose, for example,
MSN.com or Yahoo.com began rejecting mail from everyone at Case because of
a single open mail relay or virus-infected system. Clearly, ITS cannot
allow communications to be disrupted in this way.
4) Improved mail auditing
It is sometimes necessary to track down the source or ultimate disposition
of an email message. This process requires ITS to review the cumulative
delivery information the message contains. Unfortunately, in messages
sent by viruses, this information is often falsified. In addition,
because a message may traverse multiple, varied mail systems in order to
be delivered, the delivery information is incompletely reliable. By
requiring all mail leaving the University to pass through the ITS-run mail
system, we can guarantee a reliable and consistent point of audit,
logging, troubleshooting, etc.
5) Improved mail system management
As a result of this policy, ITS will have an authoritative list of the
mail servers operating on the Case network. This knowledge makes
vulnerability assessment, system administrator education, and remediation
practical for the first time.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use
iQA/AwUBP5132n2+z//CAlyPEQLjUQCeMfmsUiNKLijKPBCzezmraT5v4LQAn3B2
jl7cYHLg+lJIQas3hS63LGpK
=ooOt
-----END PGP SIGNATURE-----
Users who have been Quarantined
Updated Telecom Billing Information