Release Date: November 14, 2003 This content is archived.
Email delivery on campus will be very slow for at least the remainder of today as the result of an increase in queued email resulting from a problem with undesirable SPAM emails that occurred on Thursday, Nov. 13.
On Thursday, a computer on campus was compromised through an operating system vulnerability that opened the machine to be used as a source to send vast numbers of SPAM email through the campus network. The computer was pulled from the network, but not until considerable numbers of emails were sent. CIT estimates that perhaps 20 more computers on campus have this same vulnerability and will be watched carefully
More than 400,000 of these SPAM emails have been queued in UB's central email system for delivery, clogging email delivery. In addition, a large number of the SPAM emails used bogus email addresses that return to the campus undeliverable thus further clogging the email delivery queues. On a normal day, UB delivers nearly 1.8 million emails, so the unwanted SPAM places a considerable load on the system.
As of 9:45 this morning, incoming email was shut down to allow CIT to use a locally written program tool to extract the undesirable SPAM emails from the delivery queue. During this time, all incoming email is being collected on other machines so that no email will be lost. CIT expected the extraction to be completed between 11:00 and 11:30 AM. When it is done, email delivery will be turned back on.
CIT staff is investigating alternative methods to defend the campus from further outbreaks of this SPAM attack since UB is not alone in having computers compromised with this particular vulnerability. CIT staff will be closely monitoring network traffic flows of email and will aggressively shut down ports of offending computers.
