Got e-mail? Campus deals with new round of spam, viruses and worms
During a time of regular onslaughts from viruses, worms and spam, information
technology experts on campus say average users can help themselves by
learning more about the various technological evils that seem ever-more
troublesome and inescapable.
"Receiver beware, and never underestimate the power of the delete key,"
says James Hilton, associate provost for academic, information and instructional
This advice is particularly useful if the problems continue at the same
level as in recent weeks, when a confluence of worms and viruses attacked
computers all around U-M and the world at large.
While IT staffers on campus continue to advise users to set up e-mail
filters in their desktop e-mail packages and to delete suspicious mail,
the University also is working on a variety of efforts to block viruses
before they ever arrive in individual inboxes and to filter spam so users
don't have to see it.
Representatives from Information Technology Central Services (ITCS) and
several schools and colleges are looking into ways of filtering spam on
ITCS central servers. They still are working on details, but they hope
to have a system in place this fall, says Kitty Bridges, executive director
Those looking at such filters are aware that they not only need to protect
users from annoying and harmful e-mail, but also that they must be sensitive
to privacy and free-speech issues, Hilton says. One person’s definition
of spam might include the pharmaceutical pitches and ads for financial
service; another person’s definition might include unsolicited announcements
of campus talks and departmental events.
“Spam is a delicate issue for universities,” Hilton says.
“What is spam in one person’s eye is free expression in another
Even after a system is in place, people still will receive spam because
those people sending it change the characteristics of the e-mails, often
eluding even the latest filters, Bridges notes. “Spammers stay a
step ahead of everyone,” she says.
Changes also are being made to allow e-mail groups to be made private—that
is, the list of members will not be published, and only members of the
group will be able to send messages to the group.
In addition to the spam filters, anti-virus scanning and filtering at
the gateway level are planned for implementation this month, Bridges says.
Even after this system is in place, users still may receive e-mails containing
viruses from time to time, and they will get bouncebacks that appear as
undeliverable mail notices, she says. But many virus e-mails won’t
make it to individual inboxes once this system is in place, she says.
Viruses that come through e-mail are a sinister type of spam, says Liz
Sweet, director of the ITCS User Advocate Office. They are spread from
one computer to another, commonly through e-mail attachments. The recipient
usually must take an explicit action, such as opening an attachment, to
be infected. Once infected, the virus will send itself to other computers.
Blocking viruses is easier than filtering spam because the process is
based on the specific characteristics of each virus, Sweet says. Once
the new blocking system is in place, she says, “We look to see a
dramatic drop in the number of e-mail viruses on campus.”
ITCS—which blocked the fast-spreading SoBig.F virus starting Aug.
23—has suggested that mail groups being bombarded with bouncebacks
related to the virus can become “moderated” mail groups. If
that happens, then all mail sent to the group would go to a moderator
or moderators, who then could decide which mail to forward on to the whole
Worms—the small pieces of software that use computer networks and
security holes to replicate themselves—are a particular kind of
infection causing a great deal of trouble recently, including the Blaster/LovSan
and Nachi worms.
“They’re so simple, and so devastating,” says Paul Howell,
an information systems security officer for Michigan Administrative Information
Services. When worms go after users' computers, he says, “sometimes
you may not know anything is happening.”
When students returned to campus last week, they were greeted with information
about patching their computers to protect against a security flaw before
connecting to the Internet. Patches are available on a security disc at
residence halls, the Angell Hall Computing Site, Media Union Computing
Site and the Computer Showcase in the Michigan Union.
In addition to patching their computers, students and the rest of the
University community are encouraged to do the following:
• Install anti-virus software, which can be downloaded for free
• Don’t open attachments, even from people you know, unless
it’s something you’re expecting
• Properly configure the options on Internet Explorer. For security
reasons, Howell says, it is wise to turn off certain functions, including
it may be important to leave those on for trusted sites, such as http://wolverineaccess.umich.edu
• Configure your desktop e-mail package to filter e-mail you consider
to be spam
• Be wary about incoming mail, and know that it may not actually
be coming from the person identified as the sender.