[Faccus] Update on Connect

Natasha Jennings njennings at uwaterloo.ca
Wed Oct 9 10:20:43 EDT 2013


Update: Additional accounts were compromised last night. As with some previous compromises, ADS credentials were used so IST has removed support for ADS credentials in Connect. IST is working with Microsoft to come up with a solution which will be evaluated in our test environment before implementing on Connect.

How this impacts you: Some clients have cached ADS credentials which will no longer work. If people are experiencing password prompts while connecting to Exchange, they should clear the Connect-related ADS entries in their password cache (Windows) or KeyChain (Mac). Thunderbird/IMAP clients may need to change their IMAP and SMTP configuration to use the "Nexus\" prefix. Please see the appropriate set of instructions below.


*        Windows: http://ist.uwaterloo.ca/connectinfo/clear-credentials.html

*        Mac: http://ist.uwaterloo.ca/connectinfo/clear-credentials-mac.html

*        Thunderbird/IMAP: http://ist.uwaterloo.ca/cs/exchange/non-outlookexchange.html#Thunderbird

As of this morning, we are not blacklisted by any external servers and mail flow has returned to normal.

Questions/concerns? Please contact the IST Helpdesk, helpdesk at uwaterloo.ca<mailto:helpdesk at uwaterloo.ca> or ext. 84357.


Natasha Jennings
IST Communications Officer
njennings at uwaterloo.ca<mailto:njennings at uwaterloo.ca>
519-888-4567 ext. 37951

[IST_email]<ist.uwaterloo.ca>

From: Natasha Jennings
Sent: Tuesday, October 08, 2013 10:04 AM
To: isthd at lists.uwaterloo.ca; faccus at lists.uwaterloo.ca; admin-support at lists.uwaterloo.ca; mactug at lists.uwaterloo.ca; ctsc at lists.uwaterloo.ca; ist-staff at lists.uwaterloo.ca; UWweb at lists.uwaterloo.ca; ucist at lists.uwaterloo.ca; Daily Bulletin; Aaron Miller (a2miller at uwaterloo.ca); Kirsty Budd
Subject: Important: Connect email servers blacklisted

Important: We will never ask a user for their password. If a user receives an email (or phone call) asking them to enter/share this information, it is a phishing attempt. The user should report the phishing attempt and disregard the request. It is imperative that this information be shared with users.

What is happening? As a result of the recent account comprises, which resulted in spam being routed through the Connect email server, many external servers are now rejecting email from Connect email services. While not limited to these groups, the majority of Connect email clients are Waterloo faculty and staff.

How does this impact me? Emails sent via Connect may be delayed or rejected by the recipients server.

How will I know if my message has been rejected or delayed? 4 hours after the email message has been sent, users will receive an email informing them that their message has been delayed. If after 24 hours the message has not been delivered, our server will stop attempting to deliver it and will send a message to the user telling them that it has given up.

Below is a list of servers currently rejecting email sent via Connect and the number of messages queued (as of 10 a.m.).


*        1 cdw.ca

*        2 gm.com

*        2 dell.com

Note: This list is fluid and will continue to change over the course of the next few days.

Questions/concerns? Please contact the IST Helpdesk, helpdesk at uwaterloo.ca<mailto:helpdesk at uwaterloo.ca> or ext. 84357.

We will continue to provide updates on this issue as we receive them.


Natasha Jennings
IST Communications Officer
njennings at uwaterloo.ca<mailto:njennings at uwaterloo.ca>
519-888-4567 ext. 37951

[IST_email]<ist.uwaterloo.ca>

From: Natasha Jennings
Sent: Monday, October 07, 2013 3:10 PM
To: isthd at lists.uwaterloo.ca<mailto:isthd at lists.uwaterloo.ca>; faccus at lists.uwaterloo.ca<mailto:faccus at lists.uwaterloo.ca>
Subject: SPAM mitigation changes on Connect

What is happening? Over the past 24 hours there have been four separate SPAM incidents that have leveraged Connect and UW user credentials to route SPAM worldwide.

Why is this important to note? To ensure the external reputation of the Connect email servers, the maximum number of messages a user can send per day, and the maximum number of recipients that message can be sent to, have been reduced.

Maximum number of messages per day: 1,000 (was 10,000)
Maximum number of recipients per message: 200 (was 1,000)

Theses maximums will be reviewed on Tuesday, October 15 and any updates or changes to these numbers will be communicated then.

Reminder: It is important that suspected phishing attempts be reported. Users should be advised against taking any action suggested in a questionable email. IST's Information Security Services website has valuable resources that can be shared with users.

*        Helpful tips and cyber safety information, http://ist.uwaterloo.ca/security/.

*        Phishing information and helpful posters, http://ist.uwaterloo.ca/security/posters.

Questions/concerns? Please contact Trevor Bain<mailto:trevor.bain at uwaterloo.ca>, or ext. 33738.



Natasha Jennings
IST Communications Officer
njennings at uwaterloo.ca<mailto:njennings at uwaterloo.ca>
519-888-4567 ext. 37951

[IST_email]<ist.uwaterloo.ca>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20131009/2e70e677/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 5559 bytes
Desc: image001.jpg
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20131009/2e70e677/attachment-0001.jpg>


More information about the Faccus mailing list