Email change to maintain WSU reputation, ease blacklisting

PULLMAN, Wash. – A change to email sent through Washington State University’s Information Services (IS) systems (Connect Exchange, smtp.wsu.edu, mail.wsu.edu) will be implemented Tuesday, July 9. It is expected that only 1-2 percent of email users will notice. The change will not apply to email systems managed outside IS (veterinary medicine, WSU Tri-Cities, etc.).

Spamming, blacklists, blocking

The change is being made to help protect WSU’s email reputation. In recent months multiple compromised WSU email accounts have been used by malicious third parties to send spam through WSU servers.

This leads to WSU email being placed on email “blacklists” and blocked by various Internet domains (@yahoo.com, @frontier.com, @comcast.com). This delays or blocks outbound email communication until IS can get the university’s email reputation cleared, which can take from one to several days.

Automated process prevents abuse

Beginning July 9, IS will put in place automated processes to help prevent abuse. The limits on these processes will be high enough that individual email users are unlikely to notice any difference.

It is expected that only 1-2 percent of email accounts will encounter the rate limit. The accounts affected will tend to be those that send bulk email – either a large number of messages at one time or one message to a large number of recipients at one time.

There will be an exception list to allow legitimate WSU bulk email senders to continue to send as needed.

WSU employees who have any questions or who wish to request inclusion in the exception list should contact the Help Desk at 509-335-4357 or helpdesk@wsu.edu. If requesting an exception, please provide the email address and/or the WSU NID that will be sending the bulk email.

Prevent compromised accounts

It is important to remember that the root cause of WSU email being blocked is the compromise of one or more WSU email accounts. All it takes is one compromised account to generate a large amount of spam.

Things you can do to help prevent this are:

• Do not give your WSU Network ID (NID) login and password (used to log in to your email account) to anyone, enter them into an untrusted website or send them to anyone via email.
• Immediately change your password if you suspect that your NID or computer has been compromised and then contact the Help Desk for further assistance. It is important that the incident is reported to limit potential damage.
• Do not click on links in email or open attachments from unknown or untrusted sources.
• Regularly update your antivirus software and apply all operating system patches and updates.

Contact the Help Desk at 509-335-4357 or helpdesk@wsu.edu with any questions you may have about these changes.