Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: email threats
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 5 Sep 2007 11:08:59 -0400

Hi,

Our procedures are much the same, I work very closely with our Public Safety department - my piece is to tell them 
where it came from (if possible) and they
"talk to the people".  We collaborate on the value of the threat, but they have the final word.

We do use Spam Assassin to find "email bombs" (not real ones) .. if, for example, our president is getting a flood 
about something that happened, we add rules
into Spam Assassin to look for the keywords we are interested in (scoring them as .1), then we look for the special 
code in the header line to separate out the
emails of interest using our INGO filter - it's really fast and reduces the human time needed to filter thru all of the 
stuff coming into the Presidents inbox

Regards,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Wednesday, September 05, 2007 10:11 AM -0400 Valdis Kletnieks <Valdis.Kletnieks () VT EDU> wrote:

On Tue, 04 Sep 2007 16:52:53 EDT, Mark DeSerio said:
Does anyone have procedures in place regarding email threats to their
college? Such as certain key words in a message would get forwarded to
personnel to handle the email threat.   This would be bomb threats and
threats to employees. The recent occurrences at other colleges that have
be in the news our college is interested in what other schools have in
place for email threats.

On the rare occasions that something like that hits our security@ or abuse@
addresses, we just throw it over the fence to the police department and let
*them* figure out what to do.  I don't think we've had a e-mailed bomb threat,
but we *do* have the occasional user that forwards threatening/stalking/abusive
mail to ourabuse@ address. It's almost always just one small thing in a whole
soap opera of a relationship gone bad - the police department already had
procedures for dealing with "crazed psycho ex-whatever" long before any of
them e-mailed hate mail, so we let them handle it.



Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]