Educause Security Discussion mailing list archives
Re: email threats
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 5 Sep 2007 11:08:59 -0400
Hi, Our procedures are much the same, I work very closely with our Public Safety department - my piece is to tell them where it came from (if possible) and they "talk to the people". We collaborate on the value of the threat, but they have the final word. We do use Spam Assassin to find "email bombs" (not real ones) .. if, for example, our president is getting a flood about something that happened, we add rules into Spam Assassin to look for the keywords we are interested in (scoring them as .1), then we look for the special code in the header line to separate out the emails of interest using our INGO filter - it's really fast and reduces the human time needed to filter thru all of the stuff coming into the Presidents inbox Regards, Joel Rosenblatt Joel Rosenblatt, Manager Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel --On Wednesday, September 05, 2007 10:11 AM -0400 Valdis Kletnieks <Valdis.Kletnieks () VT EDU> wrote:
On Tue, 04 Sep 2007 16:52:53 EDT, Mark DeSerio said:Does anyone have procedures in place regarding email threats to their college? Such as certain key words in a message would get forwarded to personnel to handle the email threat. This would be bomb threats and threats to employees. The recent occurrences at other colleges that have be in the news our college is interested in what other schools have in place for email threats.On the rare occasions that something like that hits our security@ or abuse@ addresses, we just throw it over the fence to the police department and let *them* figure out what to do. I don't think we've had a e-mailed bomb threat, but we *do* have the occasional user that forwards threatening/stalking/abusive mail to ourabuse@ address. It's almost always just one small thing in a whole soap opera of a relationship gone bad - the police department already had procedures for dealing with "crazed psycho ex-whatever" long before any of them e-mailed hate mail, so we let them handle it.
Joel Rosenblatt, Manager Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel
Current thread:
- email threats Mark DeSerio (Sep 04)
- <Possible follow-ups>
- Re: email threats Bob Bayn (Sep 04)
- Re: email threats Roger Safian (Sep 04)
- Re: email threats Deborah Manning (Sep 04)
- Re: email threats Roger Safian (Sep 04)
- Re: email threats Bob Bayn (Sep 04)
- Re: email threats Roger Safian (Sep 04)
- Re: email threats Valdis Kletnieks (Sep 05)
- Re: email threats Joel Rosenblatt (Sep 05)