IT Professionals,
On Thursday, September 22 at 11am, IU will begin rolling out new security measures that prevent individual student email accounts from sending unusually high numbers of emails. If a student exceeds the limit they will receive a non-deliverable report (NDR). Additionally, they will be blocked from sending email until midnight UTC (currently 8pm ET) or until unblocked by the Support Center. If the account is blocked, the status will be visible in CCI Tools, and students should contact the Support Center.
This change is in response to recent phishing campaigns where attackers have gained access to IU email accounts and used those accounts to send phishing and scam emails in large numbers.
These changes will increase security, help with detecting potential compromises, and reduce the negative impact on our community. Email communications for clients with typical use patterns should not be impacted. At this time, these security measures will only affect non-employee students. Similarly, IU List and Exchange distribution list mailings will not be affected.
For more details regarding current email policies, we recommend you review the following documents from the IU Knowledge Base:
About IU’s policy on mass email
Security guidance for senders of mass email and workflow email
Excessive Use of Information Technology Resources
–IT Community Partnerships on behalf of UISO Information and Systems Security