Update - 7/22/2017, 6:00am The Zimbra email service was under a Denial of Service attack yesterday. We were able to successfully block the offending IPs and stabilized the service as of 3:30pm yesterday. We continued to monitor the service throughout the night and the service has been functioning normally.
Update - 12:30pm We continue to monitor the spike in usage of the Zimbra service and have implemented several measures to address the problem but are still investigating the root cause.
7/21/2017, 9:00am Around 2:30 this morning we started seeing alarms about the
performance of the Zimbra email service. We have restarted the
service on all mailboxes to ease the congestion while we continue to
investigate and monitor. We'll send updates as soon as we can.
Exchange Service Alerts
Update: 11/9/2016, 4:00pm - Database access is now reinstated including for the Exchange Account Management application.
Update: 11/9/2016, 2:45pm - Access to all mailboxes should be fixed now.
The database connectivity to mailboxes is once again working. Unfortunately, this database connectivity problem also affected the Exchange Account Management application and that application continues to be down. We do not expect that the application will be available again until later this evening.
Update: 11/9/2016, 2:00pm - We are still investigating the problem which is affecting a portion of our users. Some users will continue to experience problems connecting to the mailbox database as we continue our investigation.
We will share updates as we can.
11/9/2016, 11:45am - A portion of our Exchange users are failing to connect to the Exchange OWA. We are aware of the problem and are running a cleanup program to restore access.
ISC Networking and Telecommunications Email Service - Security Tips
From the ISC Information & Security Office:
While Penn may be closed for the winter break, most of us will
continue to use our computers for business and pleasure. Don't let the
holiday rush allow you to drop your guard. Below are 7 simple tips to
help you identify and avoid phishing scams and to work securely
off-campus during the Break.
- No organization at Penn will ever ask you for your username and
password via e-mail.
- Double-check the URL of any websites you are being told to click on
in e-mail messages, especially if once directed there, you are asked
to login. Be suspicious if the message claims to be from Penn, but the
URL goes to a .com, .org, .net, etc. address.
- If you believe you have mistakenly clicked on a link or otherwise
disclosed private information in a phishing attack, immediately change
your e-mail and PennKey passwords.
For more details, see:
- Make sure you are working on a computer that has software with
up-to-date security patches, the firewall setting turned on, and
antivirus software installed.
- Use a dedicated computer that no one else uses. If that's not
possible, use Remote Desktop to reach your campus computer.
- Don't use unsecured wireless hot spots at hotels, airports, coffee
shops or other public areas.
- Be especially careful about what data you store on portable
devices, since they are more easily lost and stolen. Consider
encryption or remote file deletion.