Virus Protection Software Installation Scheduled for University's Outgoing E-mail Servers
May 24 through May 27, 2004

University Park, PA -- In an effort to curtail the proliferation of computer viruses at Penn State, Academic Services and Emerging Technologies (ASET), a unit of Information Technology Services (ITS), will install virus protection software on Penn State's backend outgoing e-mail servers (smtp.psu.edu). The servers will be updated, one server per day beginning on May 24 and completing on May 27, during the regular daily maintenance window (Monday through Friday, 5:30 - 7:30 a.m.).

How It Affects You

Any message with a virus sent from Penn State through smtp.psu.edu will automatically forward to Security Operations and Services (SOS), also a unit of ITS, for notification. SOS will determine the sender of the e-mail and take appropriate action.

Reminder: Computer users who send virus/worm reports to virus@psu.edu should send the original e-mail with full headers, but should not include attachments.

Additional Information for System Administrators

Please note that any infected attachments sent from a Penn State network machine will not be delivered. Any e-mail virus/worm reports sent to virus@psu.edu, which include an infected attachment, will be intercepted. A report will be sent to SOS detailing which e-mail worm infected the attachment and the IP address of its origin and the original will be discarded.

This could produce some problems and additional work for system administrators throughout the Penn State system, who may need to sort out who really has an infected machine vs. who is reporting an e-mail worm/virus but accidently included a virus attachment.

This is a short term issue which should be resolved early during the fall 2004 semester, when the filtering of e-mail worms from non-Penn State sources is expected to be implemented on psu.edu. Once this is implemented, mail sent to .psu.edu will be scanned regardless of its final desitination (mail.psu.edu, email.psu.edu or a departmental e-mail server. For example, let's assume that a user checks email at xyz123@deptserver.psu.edu, where deptserver.psu.edu represents an independently managed departmental e-mail server. Any mail sent to xyz123@psu.edu will be scanned before it goes to the xyz123@deptserver.psu.edu mailbox. Please note however that if mail is xyz123@deptserver.psu.edu, it will not be scanned. Neither will any messages sent directly to mail.psu.edu or email.psu.edu addresses. As good practice, users are encouraged to send e-mail messages to the e-mail address noted in the "E-mail" field in one's directory entry and not to the the "address" listed in the "Mailbox" field.

Please also note that this will reduce the likelihood of receiving any e-mail worms; however, occassional incidents can be expected between the time when a new worm is released and new virus definitions are added to the filtering in response.

As noted above, system administrators are reminded that virus/worm reports sent to virus@psu.edu should contain the original e-mail with full headers, but attachments should not be included.

Future Directions

Virus protection on Penn State's outgoing e-mail servers is the first step in a series of steps to improve the security of the central e-mail system at Penn State. Later this summer, ITS plans to continue this effort by installing virus protection software on Penn State's incoming e-mail servers. Please check ASET's Web site later this summer for any updates and announcements.

Getting Help

For additional virus information, please refer to the ITS Virus Information Web page. Questions or requests for assistance may be directed to the ITS Help Desk at helpdesk@psu.edu.