Skip to the content
Information Technology Services
Help Desk: (323) 343-6170
Link back to Cal State L.A.

FAQ: Anti-Virus/Anti-Spam Services
for Students, Faculty and Staff


Menu

Search form


Computer Viruses and Spam: Their Impact on the Campus

The University's Efforts to Mitigate Virus and Spam Attacks

The Enhanced Anti-Virus Service

The Enhanced Anti-Spam Service

Technical Support and Best Practices

Computer Viruses and Spam: Their Impact on the Campus

What are computer viruses and why are they a problem?

Two broad working definitions of a computer virus are:

  • "A program or piece of code that is loaded onto your computer without your knowledge, and runs against your wishes. Viruses can also replicate themselves." Webopedia [2005]
  • "A computer program that can reproduce by changing other programs to include a copy of itself. It is a parasite program, needing another program to survive." North Carolina Department of Public Instruction [2005]

    Computer viruses can cause minor to severe problems to data and computing resources, such as:

    • May be capable of transmitting itself across networks and bypassing security systems.
    • May quickly use all available memory and bring the system to a halt.
    • May destroy or delete files.
    • May write messages on the screen.
    top

    What is spam, and why is it a problem?

    Spam is sometimes referred to as unwanted junk mass e-mail. The California Business and Professions Code (Division 7, Part 3, Chapter 1, Article 1.8) describes it as consisting of unsolicited commercial e-mail advertisements. Spam is a problem because it:
    • May contain computer viruses that can cause serious damage to University computing resources.
    • May be sent by a counterfeit address that looks legitimate to trick recipients into taking a harmful action (like opening up a virus-infected attachment or divulging personal information).
    • May be annoying.
    • May take up valuable storage space on computers and servers.
    • Is an increasing drain on operating budgets (cost of unproductive time, anti-spam software, additional hardware, etc.).
    • Uses valuable and limited network bandwidth.
    • May contain inappropriate content.
     

    How is e-mail used in identity theft?

    Spammers and those who create viruses can counterfeit (forge) the return address. If you are tricked into thinking the sender is legitimate, you may respond or provide personal information such as your Social Security Number, bank account number, mother's maiden name, account PIN or password, date of birth, and home address. Some precautions regarding unsolicited or suspicious e-mail:

    • Do not respond to spam messages.

    • Do not click on embedded links.

    • Do not provide personal identifying information to spammers.

    • Banks and credit providers commonly do not e-mail solicitations. If in doubt, call those companies to check out doubtful messages.

    Read more about spam, viruses, and identity theft at: http://www.calstatela.edu/itsecurity. top

    The University's Efforts to Mitigate Virus and Spam Attacks

    How is the University trying to block viruses and spam?

    The following interventions are implemented to help protect the campus’s information and computing resources:

    • Anti-Virus on the Desktop
      At the desktop level, virus software is continually alert for infected files. In addition, security patches and updates are installed as they become available or as necessary. Information Technology Services (ITS) checks for updates and pushes them out to campus workstations daily.

    • Anti-Spam on the Desktop
      By configuring Outlook to handle junk mail, users can reduce the amount of spam in their mailboxes.

    • Anti-Virus / Anti-Spam on the Network
      Software performs hourly checks for updates and installs them immediately.

    • Router Controls
      Certain vulnerable ports are blocked, some to incoming traffic and some to both incoming and outgoing traffic.

    • Traffic Management
      Inbound traffic is evaluated for appropriate network usage.

    • Blocked IPs/Firewall
      The University blocks some known spam Internet Protocol (IP) addresses.

    • Enhanced Anti-Virus/Anti-Spam Services
      Enhanced anti-virus/anti-spam services provide an additional layer of protection for ITS-managed e-mail accounts. The anti-virus services are applied to every campus account. The anti-spam is applied to every student e-mail account, and faculty and staff have the option to subscribe to the service. When subscribed to the anti-spam service, users can:

      • Maintain a blocked senders list.

      • Maintain an approved senders list.

      • Release spam messages from quarantine to their inbox.

      • Delete blocked messages from view in the quarantine.
    top

    Why is the University deploying additional anti-virus/anti-spam services?

    The University is shoring up its defenses against the increasing spread of computer viruses and spam, which are becoming more sophisticated in their programming and delivery.

    Do these anti-virus/anti-spam services offer 100% protection?

    No. Virus and spam blocking services are not foolproof because:

    • A virus may hit the campus before there is a virus definition (inoculation) for it.
    • Users may click on links in spam messages or visit compromised Web sites, resulting in viruses being downloaded on users' machines.
    • Spammers sometimes use forged return addresses that look legitimate, such as jdoe@calstatela.edu.
    • Spammers may change their return addresses and/or subject lines to avoid detection.
    • Users sometimes click on "unsubscribe" links when the sender is unknown. Now, the spammer knows the e-mail address is valid.
    • Once spammers identify a particular spam filter, they change elements in the spam message so that it will pass through the filter.

    While no virus or spam blocker offers 100% protection, the many layers of protection deployed on campus provide a strong defense against most virus and spam attacks.

    Do the enhanced anti-virus/anti-spam services replace any existing services?

    No. The enhanced services augment existing services and provide an additional layer of protection for our campus.

    top

    What e-mail accounts are supported by the new services?

    The new services support all student, faculty, and staff e-mail accounts.

    Anti-virus services are applied to all accounts. Anti-spam services are applied to all student accounts. Faculty and staff users may subscribe to the anti-spam service through an online self-service interface (see www.calstatela.edu/qmtraining for more details).

    To request that a department mailbox be subscribed to the anti-spam service, mailbox "owners" must e-mail the ITS Help Desk at helpdesk@calstatela.edu. Include your name, department, telephone extension, and department mailbox address in the e-mail.

     

    The Enhanced Anti-Virus Service

    Must I subscribe (opt in) to the enhanced anti-virus service?

    Since viruses are such a dangerous threat to University resources and confidential/sensitive information, all users with a campus e-mail account are automatically opted in to the anti-virus service with no option to opt out.

    top

    How do the enhanced services handle viruses?

    E-mail messages are evaluated for viruses before being delivered to users' mailboxes. Attachments containing viruses are deleted from the message and replaced by a text attachment named ATT###.txt, Alert.txt, or VirusWarning.txt (see Figure 1).

    Deleted Virus-Infected Attachment Notification

    The file originally attached to this e-mail message, filename, was replaced by this text file because it contained the virus(es) listed below:

    Virus Name: virusname

    You may want to notify the sender, if known and trusted, that the attachment contained a virus, and request that the original file be disinfected and resent.

    System Administrator Information:
    Protection Source:
    Message Identification:

    ITS Help Desk (323) 343-6170
    Information Technology Services (ITS)
    helpdesk@calstatela.edu

    Figure 1 - Deleted Virus-Infected Attachment Notification

     

    What if someone I know sends me a virus-infected attachment?

    You may want to notify the sender of the situation so that the sender can take steps to rid the attachment of viruses before resending it or sending it to anyone else.

    top

    The Enhanced Anti-Spam Service

    Must I subscribe (opt in) to the new anti-spam service?

    All student OWA e-mail accounts are permanently subscribed to the anti-spam service. Opting out is not available to students due to storage limitations. Spam accumulates rapidly and would tax the system's capacity if it weren't deleted regularly.

    Subscribing is optional for faculty or staff accounts. Learn how to subscribe at www.calstatela.edu/qmtraining.

     

    How do I access the Quarantine Manager?

    Once you subscribe to the anti-spam service, log in to the Quarantine Manager with your user ID and password at https://qmanager.calstatela.edu.

     

    What if I opt in to the anti-spam service and later want to opt out?

    Students may not opt out. Faculty and staff users may opt in or out whenever and as often as they like.

    top

    How do the enhanced services handle spam?

    Messages that do not contain viruses are evaluated by the campus e-mail system in this order:

    • Blocked Attachments
      If the attachment is allowed, the evaluation continues. If the attachment is blocked, the message is quarantined.

    • Recipient's Status in the Enhanced Anti-Spam Service
      If the recipient's account is subscribed to the anti-spam service, the evaluation continues. If not, the e-mail message is delivered to the recipient's inbox.
    • Blocked Senders
      If the sender has not been blocked by the recipient, the evaluation continues. If the recipient has blocked the sender, the message is quarantined.
    • Spam Probability
      If the message is rated not likely to be spam, and the score is below the set threshold, the message is delivered to the recipient's inbox. If the message is rated likely to be spam and the score is above the set threshold, the message is quarantined. Ratings are determined by a very complex set of heuristics and rules.
    top

    How will I know when a message containing spam is quarantined?

    If one or more messages are quarantined, users are e-mailed a "spam digest." The digest lists each quarantined message, its system-assigned ID number, delivery time to the campus, and score (see Figure 2). The ID is non-numeric, containing letters and symbols. The score is the percent likely that the message is spam (e.g., 100%, 91%, 78%, etc.).

    Digests are sent once daily only if spam messages are received; otherwise, no digest is sent.

    It is strongly recommended that users check each spam digest to determine if any messages were erroneously placed in quarantine. All messages listed in the digest are deleted 14 days after they were received.

    The service does a good job at distinguishing spam from actual e-mail messages, but because spam filters are not 100% foolproof, occasionally a "real" message may be mistaken for spam. Based upon feedback from beta testers, this scenario is unlikely. If a message is quarantined by mistake, the user can release it and have it sent to their inbox.

    Sample Spam Digest
    Figure 1 - Sample Spam Digest

    top

    What if a legitimate message is placed in quarantine by mistake?

    During the 14-day quarantine, any blocked message can be released and sent to a user's inbox in one of three ways:

    1. To release a message from the spam digest, click on the message's ID (see leftmost column in Figure 2). A reply message window will open. Click the Send button.
    2. To release all messages from the spam digest, open the digest message and click on the Reply button.
    3. To release one or more messages from quarantine, log in to the Quarantine Manager. In the Blocked Message view, click the check boxes of messages you want delivered to your inbox. Click on the Deliver Message button.

    How soon after I release a message will it be delivered to my mailbox?

    Approximately 15 to 20 minutes.

    How long will messages be held in quarantine before they are deleted?

    All quarantined spam messages will be deleted 14 days after their delivery (received) date on campus. Check the spam digest or Quarantine Manager for the delivery date.

     

    Why aren't quarantined messages kept indefinitely?

    Deleting spam messages regularly helps the campus manage storage capacity on its e-mail systems.

    top

    Can I block messages from certain senders?

    Yes, you can block and "unblock" senders. The anti-spam service catches most messages considered spam, so you won't have to block the senders of the messages already in quarantine. For more instructions, visit www.calstatela.edu/qmtraining/.

     

    Can I block messages from certain domains?

    Yes. You can use wildcards to block whatever domains you choose (e.g., *@anywhere.com or *.*@anywhere.com).

     

    Can I prevent messages from certain senders from being quarantined?

    Yes. You can add senders to your approved list. Messages sent from approved senders will be delivered to your inbox regardless of their spam ratings. You can add or delete approved senders whenever you choose.

    How can I handle quarantined messages when I am away from the campus?

    Keep in mind that messages in quarantine are deleted 14 days after delivery. If you have access to the Internet, you can check your Quarantine Manager at https://qmanager.calstatela.edu/.

    Faculty and staff may choose to opt out of the anti-spam service during a lengthy absence. All e-mail, including spam, will be delivered until the user opts back in.

    How soon do changes to my approved/blocked senders lists take effect?

    It takes up to 15 minutes after adding approved or blocked senders for the system to recognize those changes.

    top

    Will messages containing blocked attachments be quarantined?

    The anti-spam service only quarantines messages rated as likely to be spam sent from addresses on the user's Blocked Senders list and from known spam senders.

     

    What happens to my approved and blocked lists if I opt out of the service?

    Your approved and blocked senders lists will remain intact even if you opt out of the service. If you opt back in, the lists will function as they did before.

     

    Will I still receive a spam digest if I opt out?

    No. Once your request is processed, you shouldn't receive a spam digest. If your request is not processed before the next scheduled spam digest is sent, you will receive that digest only. If you choose to opt back in, you will again receive spam digests.

    Note: Students may not opt out of the anti-spam service.

    Can a department mailbox get the anti-spam service?

    Yes. Department mailbox "owners" can e-mail the ITS Help Desk at helpdesk@calstatela.edu requesting that a department mailbox be subscribed to the anti-spam service. Include your name, department, telephone extension, and department mailbox address in the e-mail.

    top

    Technical Support and Best Practices

    Where can I get training materials on the new anti-spam service?

    Visit www.calstatela.edu/qmtraining/ to learn about subscribing, browser compatibility, system requirements, spam digests, and handling your Quarantine Manager.

     

    Where can I get technical support?

    Contact the ITS Help Desk: (323) 343-6170 or helpdesk@calstatela.edu.

     

    How can I safeguard my e-mail account?

    Be an informed user. Help protect your e-mail account from viruses and spam by following these simple recommendations:

    • Do not open attachments from unknown senders.
    • Do not forward messages or attachments from unknown senders.
    • Never respond to junk mail. Responding confirms that you have a valid e-mail address and increases the chances that your e-mail address will stay on the sender's distribution list or be distributed to other spammers.
    • Do not use the preview feature in your e-mail program. To determine valid e-mail addresses, spammers may use methods that track when you view a message, even if you don't open or reply to the message.
    • Always use caution when clicking on embedded links in e-mail messages, and never click on links in spam messages. Sometimes links can take you to a Web page that automatically starts downloading a virus or a file that contains a virus.
    • Delete unsolicited messages from unknown senders. A spam message may contain a virus or other malicious software that could damage your computer.
    • Do not make purchases by clicking on links in unsolicited e-mail messages. Unsolicited e-mail messages are particularly suspect since spammers can easily counterfeit return addresses. If you need to make a purchase online, go to the vendor's secure Web site from your browser, not by clicking on message links.
    • Never respond to unsolicited e-mail messages that ask for personal identifying information. Never provide your Social Security Number, name, address, mother's maiden name, or other personal identifying information in response to an unsolicited e-mail message. Many spammers counterfeit a return address, such as a bank's, to trick unsuspecting recipients into providing confidential information.
    • Use the blind copy (Bcc) field when sending e-mail messages to a large distribution list. Using the Bcc field conceals the distribution list from the other recipients.
    • Do not provide your e-mail address to newsgroups, online public forums, or Web sites. Spammers may utilize techniques to harvest e-mail addresses from these sites.
    • Never give your primary e-mail address to anyone you don't trust.
    • Use one or more secondary e-mail addresses for making online purchases, submitting registration forms, or requesting information and offers. This helps protect your primary e-mail account from abuse.
    • Configure Outlook to automatically handle junk mail in your e-mail account. For assistance, contact the ITS Help Desk at
      (323) 343-6170 or helpdesk@calstatela.edu.
    top