Frequently Asked Security Questions

Topics

Antivirus Software Confidential Data Storage Data Backups DNS Security Enhancement Email Attachment Restrictions Email Virus Filtering Encryption Firewalls Identity Theft IRC Bots

Passwords Phishing Software Patch Updates Spam Filtering Basics Spam: Allow/Deny List Basics Spam: Sample Filter Settings Spyware Viruses Wireless

Anti-virus Software

What is it?
Anti-virus software protects email, instant messages, and other files by removing viruses and worms. It may also quarantine infected files to keep a virus from spreading on your computer and can repair infected files so you can use them without fear of damaging your computer or spreading a virus to others.

What risks are involved?
If your computer isn't fortified against the most recent viruses, you leave your system wide open for every bug, worm, and virus floating around the Internet. These debilitating bugs and viruses can cause your computer to malfunction. They may also make your computer vulnerable to identity thieves and hackers.

What can I do to protect myself?
Install anti-virus software on your computer and run daily updates. Sophos anti-virus is free to all UC Davis students, faculty and staff, and can be used on home and work computers. See the Software License Coordination web site to download Sophos.

How do I know if I have anti-virus software on my computer?
A computer with a properly installed anti-virus software will generally prompt you to update the program every once and a while. If your computer doesn't ask you to update virus definitions, you may not have virus software properly installed. Some of the most common antivirus packages include: Sophos, McAfee, and TrendMicro.

Back to top

---

Confidential Data Storage

What is it?
Confidential data is any information you don't want others to obtain without your permission, including (but not limited to) your social security number, home address, phone numbers of friends/family/colleagues/students, your drivers license or bank account numbers, a list of all your passwords, your home address or phone numbers, your employee ID number, digital images, word documents containing personal text, etc. Most people store confidential data of some kind on their computers within Word files, address books, or application settings.

What risks are involved?
If unauthorized persons gain access to the confidential information you are storing, they could alter the information or use it to commit identity theft.

What can I do to protect myself?

• Only store confidential information on your computer if it is absolutely necessary.
• Store confidential information on portable media, such as a CD, flashdrive, ZIP disk or floppy disk. Secure the portable media in a locked cabinet when it is not being used.
• Encrypt files containing confidential data. Encryption is available on some operating systems. Refer to your operating system help center for instructions.
• Physically secure your computer (laptop or desktop) to the desk where it sits. You can purchase a simple cable lock (similar to a bike lock) at any tech-supply store for around $30 that will deter and usually prevent theft.
• Set your computer to ask you for an account password at login. If someone else is sneaking onto your computer, this will prevent them from gaining access to your files. For instructions on setting passwords, refer to your operating system help center.
• Be sure to disable the "Guest" account, as use of this account is likely to be untraceable.

Back to top

---

Data Backups

What is it?
To back up your files, simply create a second copy of your important documents somewhere other than your computer's hard drive.

What risks are involved?
If you don't back up your data, you run the risk of losing it. Your files could disappear due to a virus, computer crash, accidental keystroke, theft, or external disaster.

What can I do to protect myself?

• Back up critical and essential files on a daily basis and non-critical files on a weekly or monthly basis. You can back up your data to a CD, to an online back up service (for a small monthly fee), flash drive, USB key, or to a server, if you can get access to one from your Internet Service Provider or commercial vendor. Some companies offer automatic backups when you purchase their programs.
• Keep all your critical files in one place so you can easily create a duplicate copy.
• Store your backup media (CDs, disks, backup server, etc.) in a safe and secure place away from your computer, in case of fire or theft.
• Periodically test the capability to restore from the backup media. It's of little value to have a backup that is unreadable. To ensure that your backup files are reliable, simply upload the files to your computer.
• Faculty/Staff: Check with your department's Technical Support Coordinator (TSC) to find out if he or she runs regular backups of departmental computers.

How do I choose an online backup service?
For help choosing an online backup service that’s right for you, review 10 Questions You Should Ask Before Using an Online Data Backup Service.

Back to top

---

DNS Security Enhancement

What is DNS?
DNS stands for Domain Name System. DNS servers are a critical part of the campus network infrastructure and the Internet because they allow information on the Internet to be available when you enter a URL in your Web browser. UC Davis disabled one capability of the DNS servers --recursive DNS - to help improve security.

What is recursive DNS?
One example of recursive DNS is when someone who subscribes to an ISP (e.g. Comcast) configures their computer to use the UC Davis DNS servers rather than their ISP DNS servers to access the Internet.

How do I know if I'm using the UC Davis DNS servers?
If your DNS configuration uses 169.237.250.250 or 169.237.1.250, you are using the UC Davis DNS servers.

Why are my DNS server settings blank?
Most ISPs provide DNS server information automatically, so you won't see anything in the DNS server settings even though your computer is properly configured. Check with your ISP to be sure.

What security risks are involved in recursive DNS?

1. Cache poisoning: An attacker could redirect users attempting to reach one site, say a bank site, to a malicious site without their knowledge. For more information about this type of attack, see http://www.lurhq.com/dnscache.pdf.
2. Recursive DDoS attacks: An attacker can send streams of DNS queries to caching servers. As all of these servers answer the queries, the victim host is targeted with a massive distributed denial-of-service attack (DDoS). For more information, see http://www.us-cert.gov/reading_room/DNS-recursion033006.pdf.
   

Back to top

---

Email Attachment Restrictions

What are email attachment restrictions?
To help prevent the spread of viruses, the campus prevents certain attachment types from entering the campus email system. If someone sends you an email message with a file attached and that file is one of the restricted file types, you will not receive the attachment, but you will still receive the email message.

How will I know if attachments are removed from email messages I send/receive?
Recipients will receive a message clearly stating that an attachment was removed, the name of the attachment, why the attachment was removed, and options for resending the attachment as an unrestricted file type. However, senders of restricted file types will not receive notification that the attachment was removed.

Is there a list of file types that are being restricted?
Yes. See Attachment Restrictions page.

What can I do if a file type I want to send is on the restricted file type list?
If you need to share a file type that is on the restricted list, consider renaming the file to an unrestricted file type or using Web-based file sharing (such as MySpace, the file sharing section of MyUCDavis) or removable media (e.g. CD, Zip).

Does this mean that all attachments I receive will be safe?
No. You should continue to use caution when opening email attachments. Do not open attachments you were not expecting or from senders you don't know. Attachment restrictions reduce but may not eliminate the number of virus-infected attachments that reach the campus.

Back to top

Email Virus Filtering

What kind of email virus protection does UC Davis offer email users?
The virus filtering software detects and deletes known viruses attached to all the incoming and outgoing email messages that are processed through the central campus email servers.

Who benefits from this email filtering service?
All those who send or receive email through the central campus email servers will benefit from this service.

Why is email virus filtering necessary?
Not only are viruses annoying, but they can corrupt essential data stored on your computer, thereby compromising the integrity of your computing system. Since 87% of viruses originate or transmit themselves via email, the campus considers email filtering an important part of computer security.

How does the virus filtering system work? What do I have to do?
As an email user, you don't have to do anything to benefit from this service. Here's how it works: When you send an email, it always travels through an email server where it is routed to the recipient (the person to whom you're sending it). The servers with this new filtering software will act as "checkpoints," searching all incoming and outgoing email messages for known viruses.

What happens if I send a virus-infected email message?
If a known virus is attached to your message, the software on the server will detect it and delete it, protecting the recipient of your message from receiving the virus. As the sender of the infected message, you will receive a short message notifying you of the virus attached to your outgoing message.

What should I do if I get a notification message that I sent a virus-infected email?

• Be aware that the message and any attachment in question will not have been sent to the intended recipient.
• While the virus infection will be removed from the email, the infected computer from which the email originated will continue to be infected until virus removal efforts are complete. Check for virus conditions on your computer by running anti-virus software.
• Since certain viruses are clever enough to forge sender names, you might not actually have a virus on your computer. Contact IT Express (754-HELP) or your department's TSC for advice.

How do I know if my email goes through the central campus servers where this virus-scanning occurs?
If you have been receiving email at an "@ucdavis.edu" address, you will automatically benefit from this filtering service. If you receive email at an address that contains the name of a department (such as "@dept.ucdavis.edu"), your email processes through a separate department server.

My email doesn't go through the central campus servers. How do I find out what kind of protection my department email server provides me?
Contact your department's Technology Support Coordinator. If you don't know who your TSC is, visit the TSC directory to find out.

What else can I do to keep my personal computer virus-free?
The email filtering system will catch viruses in your email, but it is up to you to make sure your computer is protected. The best way to do this is to:

• Configure your computer to seek virus definition updates from your anti-virus software vendor on a daily basis. For more advice, contact IT Express at (530)754-HELP.
• Not open any attachment to an email that has a suspicious subject line, file name, or message. Remember: some viruses can forge themselves to appear as if they are from someone you know; therefore, the "from" line alone cannot be trusted.

Back to top

---

Encryption Basics

What kinds of information should be encrypted?
Restricted information such as:

1. Identity information (Social Security numbers, California driver’s license or identification card numbers)
2. Financial account information (checking, savings and credit card account numbers)
3. Student record information (grades, financial aid information)
4. Medical record information (diagnoses, treatment information, identity information included in medical records)

Why should I protect restricted information?
Several federal and state laws say that you must.  Several UC and UC Davis policies say that you must.  Failing to protect restricted information can have serious consequences, including financial penalties for you, the campus and the University. 

What is encryption software and what does it do?
Whole disk encryption software – like Pointsec for PC – garbles information stored on computers so that it cannot be understood if accessed without using the password (or key) that you use to un-garble (or decrypt) the information.  If your computer is lost or stolen and you have encryption activated, information on the computer will not be readable by individuals who try to access it.

Will Pointsec for PC work on my computer?
At this time, Pointsec only works on computers running Windows XP, Windows 2000 and Windows Vista operating systems. 

What will I see after Pointsec for PC is installed on my computer?
Once installed, Pointsec for PC encryption software is virtually invisible except when you boot or power on your computer.  Whenever you boot your computer, you will need to enter your password. 

If I have Pointsec for PC installed, is my computer encrypted whenever I’m not using it?
No. Your information is encrypted only when your computer is off or hibernating, or when you have turned on your computer but not yet entered your Pointsec password.  To ensure your data is protected by encryption without shutting down completely, select Hibernate.

How do I know if Pointsec encryption is right for me?
If you must store restricted information on your computer for business purposes, you may need to use encryption.  To help you determine if encryption is the right solution for you, please contact your technical support staff for assistance.  If local technical support is not available, Desktop Enterprise Solutions (DES) is available on a re-charge basis.  Contact desktop@ucdavis.edu or (530) 757-8907.

If I have my technical support person install Pointsec on my computer, will they have access to data on my computer?
Your technical support person will have access to data on your computer only if they also have a valid Windows account on your system.

Will my technical support person know my password? 
No.  Normally, the user account name and password are both reset during the first login.

What should I do if I forget my Pointsec password?
Contact your technical support person or cybersecurity@ucdavis.edu (UC Davis faculty and staff only) to help you reset your password.

Can I get help on campus with Pointsec ME and/or Pointsec for Linux?
These items are available but not supported at this time.

What types of files can Pointsec ME encrypt?
Pointsec ME will encrypt almost any file type. If you have difficulty encrypting a file using Pointsec for ME, please contact cybersecurity@ucdavis.edu.

Do I have to purchase Pointsec through campus Software Licensing Coordination?
The UCOP agreement requires a minimum order of 25 licenses.  If you are ordering 25 licenses or more, you may purchase directly or via Software Licensing.  If you are ordering fewer than 25 licenses, you should purchase through campus Software Licensing Coordination (https://my.ucdavis.edu/software).   

Back to top

---

Firewalls

What is a firewall?
A firewall acts as a protective barrier between your computer and the internet, monitoring all incoming and/or outgoing traffic and allowing only the network traffic you permit. Firewalls come in the form of software, which nestles itself between your operating system and your network card. They also come in the form of hardware; for many home and small office users, it is a simple router device that sits between your computer's network jack and the wall connection. You can customize the level of protection the firewall gives you, setting it to filter information flow from specific domain names, addresses or types of network traffic.

How does a firewall work?
Hackers search the Internet in a way akin to dialing random phone numbers. They send out pings (calls) to random computers and wait for responses. Firewalls prevent your computer from responding to these random calls. If your computer doesn't respond, hackers won't know it's there.

What are the risks of not having a firewall?
If your computer, like most, is automatically set to enable file sharing or to keep network ports open while you are online, you could be susceptible to a variety of attacks. If you don't have a firewall, which will monitor ports to stop unwanted traffic from slipping through, you have to know how to manually close ports and disable file sharing in order to control risky traffic from coming in to your computer.

What do I need to know before installing a firewall?

• A firewall is not the single solution to computer problems. As with other computer security measures, malicious programs disguised as friendly ones can circumvent a firewall.
• Like any add-on to your computer, a firewall can interfere with other applications on your system.
• Firewalls may prevent campus vulnerability scanners from alerting you of a problem on your computer.
• Depending upon which department and network you belong to, there may be restrictions on the use of personal hardware firewalls/routers.
• If your computer comes with basic firewall capability or if you are thinking of installing a firewall, you should contact your tech-support person first.
• Faculty and staff should consult with their department's Technical Support Coordinator (TSC) before installing a firewall. Students can contact IT Express (754-HELP).

Does UC Davis use a firewall?
Campus departments may now purchase Netscreen firewall products through Corsa at a 35% discount. To receive this discount, purchases must reference the UC Davis blanket purchase order number. For additional information, visit the firewalls page.

Back to top

---

Identity Theft

What is identity theft?
Identity theft occurs when personal information is obtained by unauthorized individuals who then use that information to commit a crime such as fraud or theft.

Who is at risk for identity theft?
Everyone. Careful management of personal information, identification, and passwords can help minimize your risk.

What are the risks?
Victims of identity theft often have to spend time and money cleaning up their personal and financial records. In the meantime, they may be refused loans, housing or cars, or even get arrested for crimes they didn't commit.

What is the campus doing to protect my personal information?
No matter what your affiliation with the campus, your personal information resides on at least one campus computer system. The campus minimizes the number of systems on which personal information resides and mandates a high level of security on these systems. Individuals will be notified in the event that their information is obtained via a security breach.

How can I protect my personal information?

• Order a copy of your credit report from each of the three major credit bureaus - Equifax, Experian, and TransUnion. Make sure it's accurate and includes only those activities you've authorized. California residents can order one free copy of their credit report from each bureau annually. For more information on how to obtain your free credit report, visit the California Office of Privacy Protection.
• Place hard-to-guess passwords on your credit card, bank, and phone accounts. Keep your passwords and PIN numbers secret. Don't share your Kerberos password!
• Use a shredder when discarding documents containing personal identification.
• Don't send personal information via email.
• When shopping online, make sure the site is secure by looking for the padlock icon in the corner of the page that asks you to input your personal information.
• Don't keep personal information stored on computers unless necessary and encrypted.
• Ask about information security procedures in your workplace.

Back to top

---

IRC Bots

What are they?
IRC is short for Internet Relay Chat. IRC appears in software such as AOL Instant Messenger, Yahoo! Messenger, and ICQ.
A bot, or robot, is automated software set to perform certain functions. Many programs feature bots, which are not always malicious programs. An example of a peaceful IRC bot is a digital chat room moderator that boots and bans users who flood the channel with spam. Over the years, however, many malicious IRC bots have integrated themselves into popular programs and are proving to be a growing security risk.

What risks are involved?
A malicious bot could record everything you type in your IM program. Should you mention sensitive information such as credit card or bank account numbers, you are at risk for identity theft.  Bots can also create backdoors on your computer, giving hackers quick access to your system.

What can I do to protect myself?
Malicious bots tend to be both partnered with unofficial modifications to the IRC and integrated into spyware applications. To avoid these bots, never download an unofficial addition to a legitimate program and be sure to:

• Run an anti-spyware program on a weekly basis
• Virus scan all files on a weekly basis
• Download and install the latest operating system patches
• Enable Windows Firewall and/or purchase a third party firewall program

How do I know if I have an IRC bot on my computer?
You may not notice the presence of some bots. Others may slow your computer or show symptoms similar to those of spyware and viruses.
The CERT-In: Indian Computer Emergency Response Team site explains the functions of an IRC bot in detail and lists a technique to help Windows users locate IRC bots that may be running on their systems.
Securityspace.com offers a free malicious IRC bot vulnerability test for registered users (registration is free) at http://www.securityspace.com/smysecure/catid.html?id=14841.

Back to top

---

Passwords

Are passwords really an important part of security?
Yes, strong passwords can prevent unauthorized people from accessing the information you store on your computer, the applications you use that allow you access to others’ information and to services you use online (e.g. banking and shopping).

What is a strong password?
Strong passwords are those that would be difficult for others to guess – even those who know you well. Let’s face it, most of us choose passwords that we can easily remember, which usually means that we use a word, phrase or name we use in our daily lives. These are weak passwords because anyone who knows you could probably guess them.

How do I create a strong password?
To create a strong password, use a combination of uppercase and lowercase letters, numbers and symbols. The strongest passwords are 14 characters or longer. Avoid repeating characters or using sequences.

How do I know if a password is strong?
There are a number of password checkers available on the web, including Microsoft’s Password Checker: http://www.microsoft.com/protect/yourself/password/checker.mspx.

---

Phishing

1. What is "phishing?"
"Phishing" (pronounced "fishing") refers to a form of fraud that attempts to acquire sensitive information (usually your username, also called login or loginID, and password). There are many variations, but the most obvious characteristic of a phishing message is that it instructs you to provide sensitive information either by replying to the message, or clicking on a link and entering the information on a Web page. Always remember that there is no legitimate reason for anyone to request a password or other sensitive data via email, and you should not respond to any such message.

2. What should I do if I think I may have responded to a phishing message?
Please call the IT Express Computing Services Help Desk at 530-754-HELP (4357) immediately if you think you have provided your password or other personal information in response to a phishing scam.

3. What if a message from a UC Davis sender asks me to confirm my login ID and password?
UC Davis will never ask you to do this via email or telephone. Call the IT Express Computing Services Help Desk at 530-754-HELP (4357).

4. How do I know if a message is a phishing scam?
Phishing messages often:

• Instruct you to supply your account information, including your password, by email or by clicking on a link in the message and then entering the information via the Web. This is never a legitimate request.
• Have a "From:" line that sounds (and sometimes is) legitimate, but the message itself is vague.
• Contains a threat for not supplying the information, such as having your account deleted.
• Have spelling and grammatical errors. Legitimate messages aren't always perfect, but with careful reading many scam messages become obvious.
• Use a generic salutation rather than using your personal name.

Print and post this Don’t Let Phishers Play You flyer to remind you what to look for.

You can always contact the IT Express Computing Services Help Desk at 530-754-HELP (530-754-4357) if you are unsure about a message.

5. What can happen if I reply to a phishing scam?
If you reply to phishing scams with the information they request, they could use your email account to send millions of spam messages, open accounts under your name or commit other fraud.  In 2008, several Internet Service Providers (ISPs) began rejecting email from ALL UC Davis addresses because a few people on campus gave their login IDs and passwords to phishers who then used the accounts to send millions of spam messages. Accounts found to be compromised and sending spam will be shut down.

6. How can I prevent my account from being compromised?

• DO NOT respond to phishing scams in any way. It's really that simple. Just don't answer. Don’t click on links in the message. Delete the message immediately.
• Be suspicious of messages requesting personal or account information.
• Be suspicious of messages threatening to close or suspend your account if you don’t respond with the information that is requested.
• Check the authenticity of email messages by calling a company phone number known to be genuine.
• See the Cyber-Safety Basics for information about protecting yourself and your computer from other cyber attacks.
• See 10 Things Everybody Should Know about How the Email World Works for more tips about email.
• And for even more information on phishing, please see www.us-cert.gov/cas/tips/ST04-014.html.

7. Why doesn’t the campus just block phishing scams like we block spam?
We employ multiple layers of the latest and best anti- spam, anti-virus, and anti-phishing technology available. Unfortunately, none of these systems are 100% effective at combating malicious email.

8. I’ve never replied to a phishing scam, but have been getting spam emails from my own email address. How does this happen?
These emails result from a very easy spammer technique called "spoofing.” All spam has a spoofed (or forged) “From” address. Unfortunately, there is no way to prevent the use of someone else's “From” address in email.  If you are receiving more than five spam messages from yourself per day, contact the IT Express Computing Services Help Desk at 530-754-HELP (4357).

9. What happens to compromised accounts?
When UC Davis identifies a compromised account, the account is locked immediately. If your account is locked, you must go to one of six password reset locations in campus computer rooms, prove your identity, and change the password. Click here for more information.

For Technical Support Coordinators, Managers and MSOs
Information and Educational Technology (IET) has developed resources to help you spread the word about phishing scams to faculty and staff in your departments. To access these resources and learn more about IET’s anti-phishing efforts, see http://security.ucdavis.edu/phishing.

Back to top

---

Software Patch Updates

What is it?
Patches are updates that "fix" flaws in your operating system, the basic program that runs your computer (e.g.Windows 2000, Windows XP, Windows Vista or Macintosh OS X). Patches are released on an as-needed basis from your operating system vendor (such as Microsoft or Apple) and should be installed as they become available.

What risks are involved?
If your operating system goes unpatched, it leaves your computer vulnerable to hackers as well as viruses.

What can I do to protect myself?

• Windows users: Set your computer to download operating system updates on a regular basis. Look in your Control Panel and find System or Automatic Updates. You can also find Windows updates in the Tools menu in Internet Explorer, or by visiting Microsoft's Web site at http://windowsupdate.microsoft.com/.
• Mac OS X users: Consult the "software update" pane in the System Preferences utility to manually or automatically schedule updates.

What is UC Davis doing to protect me?
UC Davis provides resources to assist you in protecting your computer.

• The IT Express Help Desk will help you configure settings for automatic updates or help you with manual updates.
• Announcements are posted on TechNews and the Computer and Network Security Web site when new patches are released.
• Technical Support Coordinators (TSC) are available for faculty and staff in departments across campus.

Back to top

Spam Filtering Basics

What is spam?
Spam is unsolicited commercial email, or that junk mail that you get in your email inbox.

What is spam filtering?
Spam filtering helps reduce the amount of spam you receive in your email inbox.  There are a number of ways this can be done.

Does UC Davis filter spam?
Yes, UC Davis uses a number of techniques to identify and filter spam, and enables you to customize spam filtering for your campus email account.

How does the campus spam filtering service work?
UC Davis employs several different methods for identifying spam.  These methods work together to assign scores to potential spam email messages.  The scores assigned are based on lists of characteristics of known spam messages. 

Does every email message receive a spam score?
Most email messages will receive a spam score, but not all. Messages receiving a score of 4 or lower are more likely to be legitimate email messages.

Can spam filtering accidentally delete legitimate messages?
Spam filtering is not 100% accurate, so you may want to check your UCD-spam folder for false-positives. Through Geckomail or MyUCDavis, click UCD-spam from the list of folders on the left. Your UCD-spam folder is not accessible from email client like Outlook or Eudora unless you use IMAP.

Can I change the way the campus filters spam to my email account?
Yes, you can customize the way the campus filters spam to your email account by visiting http://email.ucdavis.edu/secure/spamfilter.php.  You can change the point at which spam is filtered to your UCD-spam folder and when it is automatically rejected.  You can also create allow and deny lists.

I have my campus email redirected to a non-UC Davis email account. Will the campus filter my email before it is redirected?
No, email is redirected before it is filtered.

My email is redirected to a departmental account at UC Davis. Will the campus filter my email before it is redirected?
No. Not unless your department's system administrator or Technology Support Coordinator is using the campus scanning and tagging service. Nonetheless, consult your administrator, as they may have local filtering.

How will these measures affect class mailing lists or other address lists that go to UC recipients?
List owners who have configured their lists to filter spam should see less spam get through. People posting from off-campus may have difficulty if they're routing mail through blocked mail servers, but that would be just as true if they were trying to mail an individual on campus--the fact that the addressee is a mailing list rather than an individual is not a factor.

Does UC Davis provide specially tailored filtering rules that I can use with my email program, as an alternative to using the central campus spam filtering utility?
UC Davis not provide specific spam filtering rules, but does provide instructions for setting up spam filtering on campus-supported email programs. You may access these instructions and learn more about spam filtering options by visiting the Campus Spam Filtering page.

What can I do if spam filtering set-up instructions are not available for my email program?
Most email programs allow you to set up filters. You should consult help resources for your program to see what anti-spam measures they offer.

If all messages with a high score are sent to a spam folder that is only accessible through MyUCDavis and Geckomail, how can I make sure that the spam filter is not sending legitimate email to this folder if I never use MyUCDavis or Geckomail?
The folder will be visible to any IMAP client; Geckomail is merely one example of an IET-supported IMAP client. If a user has an email program configured to connect to their server via IMAP, then no change in behavior will be required. Those who have configured their email program to POP can change that configuration to IMAP. For more information about POP and IMAP configurations, see The IT Express Knowledge Base article on POP and IMAP.

Back to top

Spam: Allow/Deny Lists

What are allow and deny lists?
Allow and deny lists enable you to further customize the campus spam filtering service. All email originating from addresses on an individual’s deny list is prevented from reaching that individual’s inbox. All email originating from addresses on the individual’s allow list is permitted to reach that individual’s inbox, even if it would otherwise have been marked as spam and filtered away from the inbox.

Why implement Allow/Deny Lists?
No single spam filtering measure filters 100% of spam. Allow and deny lists add an extra layer of protection against spam. Legitimate email messages from news lists or subscriptions to professional online magazines or other publications may be filtered as spam (a “false positive”). By placing the sender’s email address on their allow lists, recipients of these types of messages ensure that they will not be filtered as spam.

How do I create allow and deny lists?
Go to http://email.ucdavis.edu/secure/spamfilter.php.

Can I change allow and deny lists at any time?
Yes, and changes to accept and deny lists are effective immediately.

Can I add @ucdavis.edu addresses to my allow and deny lists? 
Yes, campus email addresses can be added to allow and deny lists.

Can I add a domain to an allow list?
Yes.  If you receive email from a particular domain (@ucdavis.edu, for example) that you do not want the campus spam filters to scan (and possibly send to your UCD-spam folder or delete), you can add it to your allow list.  This will ensure that you get all email from that domain.

Can I add a domain to a deny list?
Yes.  If you receive email from a particular domain (@ucdavis.edu, for example) that you always want the campus to send to your UCD-spam folder, you can add it to your deny list.  This will ensure that no email from that domain will reach your inbox.

Back to top

---

Sample Spam Settings*

	Reject Spam**	Aggressive**	Cautious (Campus Defaults)	Deliver All Mail
Filter spam	Yes	Yes	Yes	No
To UCD-spam folder	None	5	5	None
Summary	No	Yes	Yes	No
Delete Spam	5	10	15	15
What you can expect if you choose these settings.	All spam scoring 5 or above will be rejected automatically. No email will be sent to your UCD-spam folder.	Most spam will be rejected automatically, but some will be stored in your UCD-spam folder.	Most spam will be either rejected or sent to your UCD-spam folder.	You will receive all spam scoring less than15 that is sent to your email account.
Who might want to choose these settings?	Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder.	Individuals who have previously used the campus spam filtering service and found that moderate-scoring spam could be rejected rather than stored in their UCD-spam folder	Most of the campus community will find that these settings provide the greatest level of accuracy with the least amount of spam delivered.	Individuals who want to receive all email that is directed to their email account, regardless of whether it is spam.
Other considerations	Set up allow lists to exempt certain email addresses or domains. Set up deny lists if you repeatedly receive spam scoring less than 5 from a particular address or domain.	Set up allow/deny lists to further customize your email filter.	Set up allow/deny lists to further customize your email filter.	Set up spam filtering using your email program’s junk mail or spam control features.

*You may want to make incremental changes to these settings until you find your desired combination. Messages receiving a score of 4 or lower may be legitimate email messages, so please use caution when filtering or deleting messages with very low scores.
** Please be aware that the more aggressively you filter spam, the more likely you are to receive false positives.

---

Spyware

What is it?
Spyware is software that gathers information about your Web-surfing habits for marketing purposes. Spyware "piggybacks" on programs you choose to download. Tucked away in the fine print of user agreements for many "free" downloads and services is a stipulation that the company will use spyware to monitor your web habits for business research purposes.

What risks are involved?
Spyware takes up memory and space on your computer. It can slow down your machine, transmit information without your knowledge, and lead to general computer malfunction. You may choose to keep certain spyware programs on your computer in exchange for the free services that accompany them, but you should be aware of how that might affect your computer.

What can I do to protect myself?

• Closely read user agreements for free programs before clicking, "I accept." Watch for allusions to spyware and adware in user agreements.
• Regularly scan your computer with an anti-spyware program.

Back to top

---

Viruses

What are they?
Malicious small programs that easily replicate themselves, infect your computer, and often spread to others' computers via email attachments or network traffic.

What risks are involved?
Virus programs can delete files, format disks, attack other computers or slow your system. They can also create "back doors" that allow hackers to run programs on your computer or to gain access to your files.

How do I know if I have a computer virus?
A computer infected with a virus may suddenly act in unexpected ways. For example, it may take longer to access files or to start up programs, or it may lock up often. You may also notice uncommon sounds being played from your speakers, a variety of images popping up on the screen, or problems starting your computer. These are all signs that your computer could be infected with a virus.

What can I do to protect myself?

• Install anti-virus software on your computer and run daily updates. Sophos Anti-virus is available to all UC Davis students, faculty and staff for free on the Software Web site.
• Install "patches" at your operating system's Web site to keep your computer fortified against possible attack.
• Mac users: http://www.apple.com/support.
• Windows users: http://v4.windowsupdate.microsoft.com/en/default.asp.
• Do not open email attachments with suspicious subject lines, file names, or messages. Some viruses can forge themselves to appear as if they are from someone you know, therefore, the "from" line alone cannot be trusted.
• Be aware that viruses may come to you in links sent via Instant Messaging, email attachments, infected disks, freeware, shareware, or file-sharing.

What is UC Davis doing to protect me?
Virus filtering software checks every incoming and outgoing @ucdavis.edu email message for viruses. Widely-recognized viruses will automatically be filtered out of your incoming email. New viruses may still sneak through until the filter is trained to recognize them, which usually takes no more than 24 hours.

Back to top

---

Wireless

What is it?
The freedom to browse the Internet while sitting at your favorite cafe or relaxing on the UC Davis quad. Wireless networks are sprouting up everywhere, including UC Davis.

What risks are involved?
Because wireless access points don't require a user to plug into a port, the networks are often more difficult to monitor and secure. Many off-campus wireless areas won't require you to sign in with a username and password. If you're buying things online or logging on to Internet applications, it's a lot easier for someone to record your keystrokes and steal your identity.

What can I do to protect myself?

• When on campus, use MoobilnetX. See http://wireless.ucdavis.edu/ for more info.
• Restrict your online shopping to wired connections.
• Don't open programs that contain identifying information while you're on a wireless network. In fact, don't keep your social security number, driver's license number, or bank account numbers anywhere on your computer, period.
• Keep your computer secure by applying operating system corrective patches when they are released by the software manufacturer and keeping your anti-virus program up to date. Other computers participating in the wireless connection could be infected or compromised and may attempt to spread virus infections or attempt to hack into peer computers attached to the wireless network.
• Disable file sharing so that others can't help themselves to files on your computer. For instructions, refer to your operating system help center.

Back to top