Information Technology Services

UTAS emails blacklisted by some external organisations

Summary

Emails from UTAS addresses blocked by some external email providers

Start Date

1st Feb 2017 8:00am

End Date

2nd Feb 2017 12:00pm

Status

Resolved

Type

Unplanned Outage

Location

All Campuses

Due to a number of breached accounts being used to send spam emails the University of Tasmania's email services are currently being blocked by some external email providers. Emails sent to non-UTAS addresses may not reach the recipient and, depending on the recipient's email service, you may receive no notification that your email was not received.

The cause of UTAS being blacklisted is spam email originating from our UTAS domain utas.edu.au, email account providers such as Microsoft (Hotmail) and Google(Gmail) are actively looking for indicators of spamming activities originating from specific domains; utas.edu.au as an example. When they detect spam originating from a domain they will without any warning simply block that domain from being able to send any emails to them for a period of a day or two (providing no additional spam is sent in the meantime), this is also known as 'blacklisting'. Spam is sent from Utas email accounts when staff or students responding to phishing emails and thereby give their UTAS password to spammers, the spammers then send large volumes of spam from the UTAS email account of the staffer or student. ITS subsequently detects that large email volumes are being sent from a Utas account and disables the student or staffers UTAS login. The problems that arise from UTAS being on a blacklist can be extensive and affect a large number of areas of the business. 

In terms of what we can do about the blacklisting, the major services (Hotmail, Gmail, Yahoo etc.) do not have a mechanism for manual removal from their blacklisting. The removal process is automatically enabled by the email provider when UTAS has demonstrated good behaviour for a period of time (24-48 hours), that is no more spam has originated from the Utas domain. If however further Utas users give their login details away and more spam is sent within this time period then the blacklisting service providers will extend the blacklisting period.

Minimising our presence on blacklists is somthing that ITS is actively working on. A MyLO unit/module called "IT Security 101 (IT Services)" has also been developed for staff and students to provide information about the danger of phishing emails and how to identify them and other important IT Security tips. This unit is available to all University members. The Security 101 unit takes only around half an hour to complete and contains videos with practical examples of how to easily identify phishing emails.

UPDATE Thursday 2-Feb-2017 2:00pm: The external blacklisting service 'SORBS' have removed UTAS's email gateway addresses from their blacklist last night.