Published to Newsletter on Nov 24, 2021
In response to global trends and other emerging threats related to information security, President Stokes has asked UNM IT to make a focused effort on accelerating improvements to our security controls in 2021-2022 (President’s Message, 7/26/21 and 11/8/21). The first update, based on industry best practices, enhances the safeguards protecting LoboMail accounts by using Sender Policy Framework (SPF)* to help prevent email address spoofing.
NOTE: These changes apply only to UNM LoboMail (unm.edu) users. These changes will not be made to the security controls for HSC accounts or other email accounts that are not managed by UNM IT.
Beginning 11/29/2021, to further protect LoboMail users, emails that are likely to be a result of spoofing will be quarantined. Spoofing is where the “From” address does not match the originating email system. While this approach has been proven to be very effective at protecting against malicious emails, it can result in the quarantining of legitimate messages. When an email is quarantined, instead of receiving the original message, you will receive a message telling you that the email is quarantined.
Please see FastInfo 7900 for detailed information on addressing email quarantine notices. If you believe the email was sent to you by a legitimate sender, please contact UNM IT Customer Support Services at 277-5757 to request the release of the email for delivery to your Inbox. Hours of operation are Monday – Friday, 7:30 a.m. to 5 p.m.
Due to the healthcare nature of the Health Sciences Center, there are variations to services and support for HSC students, faculty, and staff. If you have questions regarding HSC technology services, please contact the HSC Service Desk at 272-1694 or HSC-CIO-notices@salud.unm.edu.
* Sender Policy Framework (SPF) is an Internet standard protocol (RFC 7208) recommended by the Internet Engineering Task Force to help prevent spoofing by using “From” addresses to determine if an email came from a source approved by the sender's domain. The receiving email system then processes the email based on the SPF information returned by that domain.
Tags: CampusUpdate
