Educause Security Discussion mailing list archives
Re: Transport rule to put a header on external email
From: "Coller, Jon" <jonathan.coller () USASK CA>
Date: Tue, 7 May 2019 15:57:24 +0000
Hi Frank, We have it implemented here and the general behavior in Outlook is to break the plain-text content and show the signed HTML as an attachment: [cid:image001.png@01D504BB.43E675B0] The attachment still shows a valid signature: [cid:image002.png@01D504BB.43E675B0] _____________________________________ Jon Coller Chief Information Security Officer Information & Communications Technology University of Saskatchewan Ph: (306) 966-4858 From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Frank Barton Sent: Tuesday, May 7, 2019 9:06 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Transport rule to put a header on external email CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Not sure how often you folks get signed email, but does that break digital signatures? Frank On Tue, May 7, 2019 at 10:36 AM Madl, Michael <michael.madl () indwes edu<mailto:michael.madl () indwes edu>> wrote: Hi Mandi, I can definitely confirm that by adding a header to external email and explaining why, to the user community, has raised awareness to potential phishing attacks. Our users second guess any external email and reach out to my office when they are unsure. Compromised accounts have gone down in my opinion. We have also implemented a REPORT PHISH button for all outlook users allowing them to report any suspicious emails that meet a certain criteria. MICHAEL MADL INFORMATION SECURITY OFFICER UNIVERSITY INFORMATION TECHNOLOGY [cid:image003.jpg@01D504BB.43E675B0] From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Mandi Witkovsky Sent: Tuesday, May 7, 2019 9:40 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Transport rule to put a header on external email ** This message originated from outside the Indiana Wesleyan University email system ** ________________________________ For those who have a rule set up to add a header to incoming external email, have you seen a decrease in security events, or a corresponding increase in awareness? Did you whitelist any 3rd parties that send on your behalf so that the header doesn’t appear? Have you seen any pushback from people? Thoughts on adding a header vs prepending “EXTERNAL” or some such in the subject line? We’re looking into adding this, and I wondered what experience you all have had. Thanks, mandi -- Frank Barton, MBA Security+, ACMT, MCP IT Systems Administrator Husson University
Current thread:
- Transport rule to put a header on external email Mandi Witkovsky (May 07)
- Re: Transport rule to put a header on external email Madl, Michael (May 07)
- Re: Transport rule to put a header on external email Frank Barton (May 07)
- Message not available
- Re: Transport rule to put a header on external email Coller, Jon (May 07)
- Re: Transport rule to put a header on external email Frank Barton (May 07)
- Re: Transport rule to put a header on external email Madl, Michael (May 07)
- Re: Transport rule to put a header on external email Thomas Carter (May 07)
- Re: Transport rule to put a header on external email Erik D Evans (May 09)
- Re: [External] Re: [SECURITY] Transport rule to put a header on external email Gregg, Christopher S. (May 09)