OIT upgrades e-mail server, security

The Office of Information Technology unveiled a new security measure on Monday that will be added to the University's outgoing e-mail system in hopes of curbing Internet junk mail, more commonly known as "spam."

The new secure server, which will be instituted March 26, is called Simple Mail Transfer Protocol with Authentication (SMTPAuth).

This measure will force all users with a University-issued NetID and e-mail password to login before sending messages — similar to the process of logging in when reading e-mails.

OIT decided to add this security measure because outsiders have been using the University's IP address to send out spam, said Dan Oberst, director of enterprise services.

"This issue has been longstanding with the server," he said. "We're finally trying to fix it technically. We knew we had to do this and we hope we have explained it well enough to students."

Within the past few years, filters have been developed to record and block the e-mail accounts of subscribers from the IP addresses that historically have been used to send out Spam.

Because the Princeton server has been infiltrated in the past, some of these filters will not allow Princeton e-mails to go through to their clients.

"It's been a nagging kind of problem," Oberst said.

Other schools have been plagued by "damaging, spoofing" e-mails sent from anonymous sources that claim to be professors and administrators, Oberst said. These fake e-mails have caused numerous problems, he said.

By implementing SMTPAuth, Princeton hopes to avoid such incidents.

Those students with Student Computer Initiative computers that have Netscape Messenger installed by the University are already compatible for use with SMTPAuth.

In addition, students who use an SMTPAuth-compatible e-mail programs such as Microsoft Outlook will simply need to change the settings of their software to make it consistent with the new service.

Get the best of the ‘Prince’ delivered straight to your inbox. Subscribe now »

Though the service will be standard for most PC and Mac users after the change, some older computers that use software like Netscape 2.0 and early versions of Eudora will still have to use a separate, non-authenticated service which will require users to register with OIT before the server accepts the password.

OIT, formerly Computing and Information Technology (CIT), serves much of the computing needs of campus. It acts as the "front line of defense" for computing problems and provides technical services for the University community.