Email Security
Learn how IT Services and Health Information Services keeps your UC San Diego email secure.
Overview
UC San Diego, including UC San Diego Health, relies on a layered approach to email security. No single process or technology is sufficient to secure the university’s environment, so layers of technology and user education are employed. A threat that manages to circumvent one layer is likely to be caught by another.
Layers of email security
Reputation filtering by IP address
UC San Diego uses technology from Proofpoint to block malicious emails in near-real time at the campus and Health borders.
Key benefits of Proofpoint include:
- Protection of data by removing malicious and phishing emails from your inbox
- Removal of unwanted spam from your inbox
- Control over marketing email with the ability to maintain personal blocked and safe sender lists
- Daily notification of emails that have been quarantined
Spam quarantine and tagging
The Proofpoint environment that we have deployed for campus and Health gives each email a spam-likeliness score based on key words and phrases, email signatures, sender IP, embedded links, and a proprietary set of artificial intelligence engines. This information is added to the email headers of your incoming messages. Email with a high-likelihood of being spam is quarantined from your regular email inbox. You will receive a digest of these quarantined messages as spam arrives, with various actions that can be taken. Visit our spam quarantine page to find out how to manage your quarantined messages, view/edit your Safe and Blocked Sender lists, or adjust your spam quarantine levels.
Anti-virus and malware scanning
Anti-virus and malware scanning evaluates email for malicious content that we can then remove before it reaches your mailbox.
Outbound email
Like your inbound email, outbound email is also scanned for malicious content. This protects other organizations from malware and spam that initiates from compromised UC San Diego accounts and protects UC San Diego’s reputation with the rest of the email community.
Outbreak filtering
This service identifies potential outbreaks of malware and temporarily quarantines messages until further verification can occur. Most of the time, this quarantine of potential threats lasts a few minutes.
Email delays
All of these processes do add some delay to email processing. This can especially be true if you are sending attachments that require complex analysis. You should expect that email between campus email addresses should never take more than five minutes. For campus personnel experiencing significant delays, we encourage you to check the ITS Status Page for information on current service interruptions, or contact the ITS Service Desk. If you are an employee of the UC San Diego School of Medicine, Skaggs School of Pharmacy and Pharmaceutical Sciences, or hospitals and clinics, contact the Health IS Service Desk.
Your role in email security
Blocked / quarantined email
There are times when one of the layers of email protection may quarantine or block legitimate email. The ITS Service Desk or Health IS Service Desk can work with you on troubleshooting and resolving these false positive events.
Phishing awareness
Phishing uses targeted email messages to steal your online credentials and other personal information. It is important that you stay vigilant to this threat. Learn more about phishing.
Report fraudulent email
IT Services continuously monitors for phishing emails and takes action when the message source can be reliably determined. If you receive a suspicious email, please forward it to abuse@ucsd.edu where it will be automatically analyzed and the results used to prevent additional deliveries.FAQ
Q: I work with federally regulated information - is the new anti-spam system approved for use with email for researchers like me?
A: Yes. The new campus and Health anti-spam system, while hosted off-campus (as is both the Microsoft O365 and Google Gmail service), can be used by every member of the UC San Diego community, including those who work with highly-regulated data. Our agreement with our vendor was highly vetted by security and contract specialists across the UC system. Indeed, many of the security features provided by the service will make future compliance with federal requirements easier to meet than our former environment.
Q: In the online dashboard, is there a way to select all items on the screen at once to delete en masse?
A: Yes. Under normal use there isn’t a need to manually delete items from the spam quarantine as items automatically drop off after two weeks. For the cases when a user wants to clear his Spam or Low Priority quarantines he can click on the Manage My Account link in their quarantine notice to access the portal. Once there he simply selects which group to take action, then clicks on the Options menu at the top of the portal in order to access the Delete All function.
Q: The system only allows users to unblock or release five senders at a time. Is it possible to take action on more than five messages to add to the Safe Senders list?
A: Not at this time. This is a known limitation and we are working with ProofPoint to have the limit increased.
Q: Is there a way to view the email from the dashboard before releasing it?
A: Yes, however there is a known limitation with the size of message that can be viewed from the online portal. Simply click on the message and the contents of the message will be displayed at the bottom of the list of messages in the quarantine.
Q: Is it possible to add a domain to the Safe Senders list to allow all emails to be delivered from that domain?
A: Yes. Using the Manage My Account link to access the online portal, select the Lists option located on the lower left corner of the window. Choose either the Safe Senders or Blocked Senders lists on the upper left side of the window depending on the desired action. Select the New menu option across the top. Enter in either the email address OR the domain of the sender. For example adding a new entry of apha.org to the safe senders’ list will whitelist all messages from that domain; i.e. adding apha.org to the safe senders list will automatically whitelist all messages from membership@apha.org, news@apha.org, xxx@apha.org.
Q: I’m in Health Sciences and have to do two actions to add a sender to the safe senders list and then release. Is it possible to do both with one click, release and add white list the sender?
A: Yes, for items in the Spam quarantine folder. Health IS will be making a change that will move all items in the low-priority folder to the spam folder making the single action button available for all quarantined items.