CIS Help
Request Form

Lab Looking at Solutions for Email Relaying Vulnerability

Many of the Lab's email systems, including the IMAP4 server, are vulnerable to problems when email is sent from sites outside the Berkeley Lab network to other sites outside the Berkeley Lab network. The Information and Computing Sciences Division is studying the issue and exploring several solutions to the potential problem. While the problem and any solution would affect some email servers, it would not affect the web interface to IMAP4 email. This is one alternative if you need to send email from outside the Lab's network.

At this time, ICSD is not recommending that employees who use the main Lab email service for outgoing mail change the way they send email. Future changes needed to fix the vulnerability are not expected to affect the sending of email from within the Laboratory network. The Laboratory network includes being at the Lab, off-site facilities such as the Joint Genome Institute and the Lab's Washington Office, dialing into the Lab while on travel via the toll-free or local PPP connections, and the use of ISDN. Again, no changes are anticipated if you are using the Lab's Web-based email system from anywhere on the Internet. However, if you are sending email from the Internet (e.g. @home, DSL, at a university or another Lab, using a Ricochet wireless modem, high speed connection in a hotel or conference), we anticipate that some change may be necessary in the near future.

The goal is to address the vulnerability while continuing to do everything we can to protect the Laboratory's scientific environment and minimize disruption.

ICSD is working with the Lab-wide Computing and Communications Services Advisory Committee (CSAC) to address the vulnerability and determine the best way to solve the problem. Employees will be informed as soon as the best path forward has been identified.

For detailed instructions and more information, click here.

In a parallel, but separate effort, the Computer Protection group, in conjunction with the Division Computer Security Liaisons, is working to have all independently run mail servers shut off their ability to relay external mail.