Hi ,
I received your message "
Please read the following bulletin - specifically Section B3
If you are receiving e-mail that says "Quarantined Mail Received"...
Section A
#1. You have not done anything wrong.
#2. This is not necessarily SPAM. (See Section O for a definition of SPAM)
We receive hundreds of Quarantined messages at THQ every day. This is a good thing! This means that our e-mail system is working correctly to help protect us from potentially malicious content.
The message you receive states:
"An e-mail addressed to you from "Smith, John"
Section B
Please note:
#1. This does not necessarily mean that the message is malicious; that we do not trust the sender; or that the sender has done anything wrong.
#2. It does not matter that the sender is your own home address, or a close relative, or someone who always sends you e-mail. Malicious content is not usually attached to an e-mail by its creator. Your PC could be "infected" with a virus, worm or spyware and you may not know it - in this scenario you could unintentionally send an infected e-mail to your recipient.
There is no such thing as a "safe" or a "trusted" e-mail address. Everyone is susceptible to viruses and malware.
#3. We cannot "unblock" a specific person. If we made "Joe Smith" immune to the Quarantine process because he is an Army officer - and Joe's home PC became "infected". Any e-mails he would send to the Army would carry that "infection". If we did not quarantine his message it is possible that damage could occur in our offices as a result.
#4 "This person is safe" - "This is a legitimate sender" - "It's ok to send" - "I know this person"
Please note that the question that we ask of you is "Are you expecting this e-mail?"
Even the most inexperienced people with mal-intent are capable of sending you an e-mail that appears to come from an address or a person you know.
This is called "Spoofing" (See Section J for details on Spoofing)
For argument sake - lets pretend that this e-mail was not Spoofed - and that it did actually come from a person you know and trust:
This specific e-mail violated our security system. It may or may not be your trusted contacts fault; what matters is that it violated the system.
Our IT staff "should" be able to identify what part of the e-mail triggered the security measures. We will forward the e-mail on to you if you request it to be released,
however that does not mean that it is safe for your computer or for anyone else's computer that is on the same network.
Everyone is susceptible to attaining and propagating computer viruses. It does not matter if they are trustworthy, work for a legitimate organization or even if they
work for the IT department.
#5 "I need all e-mails from this person/address moving forward".
Remember that you are requesting something to be sent to you that our system has deemed potentially dangerous.
If you are willing to risk losing all of the data on your computer - and all of the data on the servers you share with the others you work with - over the highly important content of
this e-mail - all you need to do is follow the instructions that are sent to you along with the quarantine notice you received. "Forward the e-mail to USCSupport".
The Central Territory has lost significant amounts of data in 2016 due to ransomware that we received via e-mails. Upon review of the e-mails we were not surprised to find
some of the had been quarantined and requested to be released. Before you request your quarantine to be released - be certain that you are willing to support your
reasoning to your supervisors as to why you believed the content was more important than the security systems warning.
As far as the "moving forward" part is concerned - please read Section B3
Section C
What will trigger the quarantine process?
Our filtering system will catch and quarantine the following types of files:
.zip
.exe
.mdb
JavaScript (hyperlinks) - or excessively long URL Hyperlinks
.lnk
.htm
.html
.vcf
.docm
excessive coding
Hidden attributes
Intent Analysis
and anything that is unrecognizable (such as .js .odt .gno)
Bad SPF Records for the DNS entry of a Website/e-mail hosting address
(Definitions of these items can be found in Section F)
The reason these types of files are blocked is because they are all notorious for containing malicious code that could harm your PC.
We will be more than happy to release these e-mails to you in the future (assuming they do not contain malicious code), but we receive hundreds each day that are not legitimate so we will need your continued help in identifying when your legitimate messages come through. If you are expecting an e-mail from the sender in question, please follow the instructions in your quarantine message (which tell you to forward this message to : USCSupport)
Section D
If you do not recognize the sender and do not wish us to forward the message to you - you do not have to do anything.
Section Db (Quarantines from an Army Address)
Any inbound e-mails from an Army Address are permitted through without being filtered. If an inbound e-mail from an Army address gets quarantined it is because it did not originate from an Internal Army Server - which means it is not real - it is either Spoofed - or the system it came from was set up with an Army address as the "from" by a person who does not realize that you cannot do this. In this specific case the system needs to be set up with a different (non Army) from address. We will NOT forward quarantined messages that have a from address with the extension "salvationarmy.org"
I know it appears to be legitimate - that you may know this person yourself. It is not legitimate and we will not forward to you.
Section E (I receive quarantined messages every day)
I receive quarantined messages every day... what can I do about it?
A large percentage of quarantined messages are due to the presence of a .zip file.
While .zip files can be useful in sending large files via the Internet, most carry small files within them and a .zip is unwarranted. If you can convince your sender to stop zipping the files you will likely avoid the quarantine process.
More than half of the quarantined messages we receive each day are due to excessive JavaScript.
Newsletters typically violate a number of our security rules and end up in quarantine.
Section Eb (Business Related Only)
Before you ask us to unquarantine an e-mail please be sure that it is Army business related, and that it is not something like advertisements, sales pitches, newsletters or personal e-mails that should be sent to a non-Army e-mail address - that do not pertain specifically to your job at the Salvation Army.
Our system Quarantines e-mails based on a point system of violations. If an e-mail is Quarantined it has "something" wrong with it.
If you request that we release a Quarantined e-mail to you - you are putting your computer, network and your peers' computers at risk.
Be certain that if your e-mail were to cause an issue that you would be comfortable explaining to your supervisor how the content was pertinent to the Army.
Please refer to the Policies and Procedures Technology Acceptable Use for E-mail Notes Link
Section I. "Salvation Army provided access to e-mail via Lotus Notes is considered a company resource and is intended for business purposes only. All messages sent via Lotus Notes are considered the property of The Salvation Army and as such may be monitored, reviewed or read as deemed necessary by administration."
Section Ec (Using Personal e-mail addresses for Business Purposes)
The e-mail you are requesting to be released from quarantine appears to be business related; however it also appears to be from your own personal (non-Army issued) e-mail address.
Please note that it is strictly against Army policy to conduct Army business from a non-Army e-mail address.
Notes Link VI. All official electronic communications must take place via Lotus Notes and not any other electronic means (such as, but not limited to, MS Outlook, MS Exchange, AOL, CompuServe, web based e-mail, other Internet service provider mail systems like Freeserve, Hotmail, Gmail etc.) Correspondence with contacts outside of The Salvation Army is permitted as long as The Salvation Army portion is done via Notes.
Section Ed (Forwarding e-mail from personal addresses to Army addresses)
It appears that you sent this to your Army address from your personal e-mail address.
Please note that we have a policy about using personal e- mail for official Army business as well as a policy regarding your Army address for personal use.
You should NOT be sending e-mails from one to the other. This e-mail violated our security system and therefore poses a threat to our network.
You are permitted to access your personal e-mail via a web-based e-mail interface. This is the method you should be using to access personal mail while utilizing Army computer equipment.
Notes Link VI. All official electronic communications must take place via Lotus Notes and not any other electronic means (such as, but not limited to, MS Outlook, MS Exchange, AOL, CompuServe, web based e-mail, other Internet service provider mail systems like Freeserve, Hotmail, Gmail etc.) Correspondence with contacts outside of The Salvation Army is permitted as long as The Salvation Army portion is done via Notes.
Section F
Definitions:
.zip (a .zip file compacts large files into a smaller file for quicker transportation between PCs)
.exe (an .exe or executable is what runs programs - if you aren't expecting a program from someone it is not wise to open it)
.mdb (an .mdb is typically a Microsoft Access database which can contain macros (small programs) that could be harmful - like the .exe - if you are not
expecting it, don't open it)
JavaScript (hyperlinks) (JavaScript runs code (a small program) that most PCs can read without having to download new instructions. Flashing pictures and
Hyperlinks (links to other web pages) are popular quarantine triggers!
.lnk (a .lnk is usually a mistake - it means that someone tried to attach a file (like a Word.doc) to their e-mail to you, but did not attach it correctly. Instead of the
file they attached a 'link ' to the file which only points your pc to their local PC (which is not accessible). If you receive a .lnk file in your e-mail it will not
likely go anywhere when you click on it. The reason these get quarantined is because it could 'link' you to a malicious web site. .htm and .html are the
same as .lnk
excessive coding (at the end of some e-mails there might be paragraphs of garbled code. While this is harmless in most cases, it could contain hidden code
that could direct your PC to do something that you did not tell it to do.)
Hidden attributes (Hidden attributes usually consist of "White on White" text (you can't read white text if it is on a white background) or coding hidden behind
images... it is always possible that a virus could be hiding behind that picture of the cute dog your neighbor sent you)
.vcf (a.vcf attachment is an "electronic business card" - they are usually attached to an e-mail as a form of signature.)
SPF : Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.[1] The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged "from" addresses, so publishing and checking SPF records can be considered anti-spam techniques
In English... If a company registers a website that also has e-mail hosting (ie: dell.com and a user of john@dell.com) the DNS entry that is registered around the world
contains valid server names or IP addresses that state which server "should" be sending e-mail from a user of john@dell.com IF an e-mail from john@dell.com arrives from
another server (or no valid server was ever named in the DNS settings) the majority of e-mail servers around the world will assume that the e-mail has been spoofed and that
it is not a valid or legitimate e-mail.
More than likely - if the quarantined e-mail in question was from a legitimate source - it means that their IT staff did not specify a permitted sender host.
If we have determined that this may be the case you are welcome to forward this message to the person who sent you the e-mail that was quarantined:
"The Salvation Army's IT staff believes that your e-mail hosting servers are not specified as a permitted host in your company's URL - DNS settings. Please have your IT staff check your DNS settings to ensure that a permitted sender host has been specified."
Excessively long Hyperlinks: The Salvation Army servers will count the number of digits in a hyperlink. The rational for this is due to the fact that many viruses, malware, bots and trackers will alter a normal length URL and add specific and unique coding to the URL that will provide information back to its creator. This information may be as harmless as "This person opened and read this e-mail"... it could be as harmful as collecting information you have stored in your browser and returning that information to its creator. Passwords, keystrokes, Credit Card information... anything that is stored in your browser - or another location that the code is instructed to seek out.
Here is a good example (I created this one - so it is harmless - but test it for yourself and you will see what I am referring to)
Look at the link to Yahoo above. It appears to be simple, harmless - and it would appear to take you directly to yahoo.com
Hover your mouse over the hyperlink, however, and you will see a lot more.
To be exact you will see this: 
It may look like gibberish to you, but to the computer it will send all of your information to - it could mean quite a bit - and it could mean personal information you do not want shared - is being sent back to a server that you know nothing about.
That gibberish is not constant - it will be different for every e-mail that is sent out. It is a uniquely generated code that is embedded into the Hyperlink right as it is being sent to you.
It very well be just a note to the sender that you have received the e-mail. The Salvation Army chooses to err on the side of your privacy and health of your computer.
That hyperlink should be 13 digits long, but because of the embedded coding - it is 51 digits long.
Our security system graciously grants any abnormally long hyperlinks that may be legitimate up to 40 digits. Anything longer is assumed to be malicious and will be reviewed by an IT technician in the event that you choose to have that e-mail released from Quarantine.
Section Fb
.docx .xlsx .pptx etc....
Our e-mail system filters out these extensions based on their history. We realize that the use of these extensions is steadily increasing; unfortunately
the malicious code creators are aware of this as well. This will likely increase their use to spread malicious code. Therefore we cannot allow such
extensions to transfer without observation.
In Microsoft Office 2007 you have the ability to change your extension when you save your file. For example: instead of clicking on "Save", click "Save
As" and change your extension to an older version such as ".doc" or ".xls".
This will remedy many of the problems that are experienced with Office 2007 such as e-mails being quarantined and your recipients not being able to
open the document you sent them.
Section G
Do you recognize this cute little cat? How about this dog?
He will get your e-mail quarantined - guaranteed! He violates 2 rules (that we can see) right off the bat. He is a hyperlink to another website, and he is a moving graphic that is run with JavaScript.
Many Army employees/officers have started using this FREE Animated Icon by Incredimail. If you are concerened about the timeliness in which your e-mail messages are delivered - do not use these types of features in your mail. They WILL delay your delivery.
Section H (Social Media)
Sites like Xanga, Facebook and MySpace are fairly safe in their own design - meaning that they do not (easily) allow you to post malicious content on your page; however they can be compromised, and it is extremely easy to post a hyperlink on your page that points you to another site that is malicious and cannot be governed by Xanga's, MySpace's, or Facebook's rules.
These "social" sites are a prime target for hackers or people with malicious intent. This is because the majority of its members are technically inexperienced. Such an audience is prone to fall for Phishing scams which can permit people with malicious intent to use other people accounts to send
spyware, viruses, advertisements, lures, or even messages in YOUR name.
If you use a community site - change your password regularly to avoid being "hacked".
A common claim from users receiving quarantined messages from Xanga is that "I used to get them without any trouble, so why are they a problem now?"
This is because your previous messages didn't contain anything that would trigger the defense system. If your new message triggered the defense system it means that your new message contains JavaScript coding, a Hyperlink, a virus, or anything else listed in Section C.
We receive several hundred Xanga e-mails that are quarantined each day; please be patient with us in regards to how quickly we can release them. We must attend to Army business matters before personal matters.
Section I (DaySpring)
DaySpring Christian Greeting Cards.
These e-mails are automatically blocked because they are trying to run JavaScript Code on your PC.
The messages from DaySpring are not likely harmful, but as stated in Section B3, we cannot unblock any specific sender because they too may become infected. Programmers who design malicious code are likely to target trusted sources such as DaySpring, Amazon.com and The Salvation Army. Assuming that an e-mail is safe because it originated from a Christian source or a personal friend or relative is a sure way to put your PC and your peers' PC at risk.
Section J (Spoofing)
"Spoofing" is the act where a person with malicious intent sends e-mails with the To and From fields containing names and addresses that are more than likely not correct.
This is done so that the person being "attacked" cannot trace the e-mail back to its creator.
In many cases the addresses that are being sent to are not even verified as legitimate. When those e-mails get bounced back the "sender" is the person who receives the "Delivery Failure Notice" - if YOUR e-mail address was Spoofed - YOU will be the one who receives the Delivery Failure Notice.
When you do - you will probably exclaim "I didn't send any e-mails to this person!"
Unfortunately - there is nothing you can do about Spoofing.
If someone has Spoofed your e-mail address it is probably because they had access to someone else's address book that had your address in it.
The good news is that you do not have to do anything, and it is unlikely that it will happen very often.
There is nothing in a Delivery Failure Notice that can harm your PC.
Another form of Spoofing is when you receive an e-mail that appears to not have been addressed to you. When you look at the "Send to:" you may see someone's name that you recognize, or it may have been sent to someone you don't know - but YOUR name is nowhere to be found.
This is because they have sent this message to several people, more than likely YOUR name is in the bcc (Blind Carbon Copy) field - and the name in the Send To field is just a decoy.
Yet another form of Spoofing is when the "From" field contains a "fake" address.
For example... you may receive the same SPAM over and over again.
You tell Lotus Notes to Block it, not Accept it, to send it to the Junk folder or to the Trash.
But they still keep coming...
You told Notes to block "bob@yahoo.com"
Yet the same SPAM keeps coming from bob@yahoo.com
When you try to tell Lotus Notes to block sender it tells you "This Sender is already in the Block Senders List"
This means that although it appears the e-mail is coming from bob@yahoo.com it is really coming from another address.
Notes doesn't see the real address so it thinks that it is coming from bob@yahoo.com and it has been fooled!
Again, there isn't anything you can do about this. Once the collective of people with malicious intent have your address - they have your address.
This is why it is important to keep your e-mail address safe, and to not use your work address for personal activities.
A great habit to get into is to create a free e-mail address (like hotmail or yahoo) and use that address for transactions online that you are unsure of. Only use your primary e-mail address or your work e-mail address for those activities that you are certain to be free of any malicious intent.
Section K (Chain Letters)
"Chain Letters" - A chain letter by definition is a letter directing the recipient to send out multiple copies so that its circulation increases exponentially. By its very nature chain letters are dangerous because of the resources that it takes to stop its progression and the time it takes for each recipient to read and either destroy it or pass it along. In addition, they can cause damage to an organization's reputation when associated with a legitimate company or cause.
Chain Letters can also generate other SPAM e-mails to be sent your address. If you send it along to 10 of your friends - they too may suffer increased SPAM (and/or viruses) because you have now made their addresses known to malicious code creators as well.
The best targets for malicious code creators are innocent people who have morals, ethics, religion, and a caring heart.
This, fortunately, makes identifying Chain Letters very easy...
"Send this to 10 friends"...
If you want God to bless you
Or you will have bad luck
If you care
And your prayer will be answered in 7 days
The basic rule of thumb is very easy - If it says to forward it on to other people - DELETE THIS E-MAIL
The content of such an e-mail is usually very touching, easy to indentify with, something you will find appealing, true, or funny. It can also appeal to you by standing FOR something... such as signing a petition to retain God in our schools, government, or on our currency; OR participating in a Kindergarten experiement to see how fast an e-mail can travel around the world.
These movements, activities, petitions, pleas, blessings and curses are not real. They are not tracked, tallied, or turned in. Their purpose is to either distribute malicious content, create unwanted congestion for the Internet, or collect address information for later use.
"But the message is a good message and I WANT to send it to my friends and family..."
Here is what you can do...
1. Print it out (you have already opened it and thus have already submitted your PC to the potential dangers)
2. Start a new e-mail from scratch - type in the content from your print out.
3. DO NOT INCLUDE "Send this to 10 people...." etc...
4. DO NOT CUT AND PASTE the content from the e-mail into your new e-mail... you will likely cut and paste the malicious code along with the text. Such code can be hidden within the text - embedded in a graphic - or simply colored to match the background so it cannot be easily seen.
THQ has opted to be part of the solution rather than continuing to be part of this global problem.
Any quarantined message that contains a Chain Letter will not be forwarded.
Section Kb (Highly Suspicious)
The e-mail you are requesting to be released appears to be highly suspicious.
There is no greeting or salutations (ie: Hi Bob,)
There is no signature
There is no content in the body of the e-mail
There may be only an attachment.
This very much looks like a virus.
If this is indeed a legitimate e-mail, it was very unprofessionally written and any future correspondence received in this manner will be viewed as potentially dangerous.
Because you are expecting this message, can you please tell us what the content should be?
If your description matches the actual content we will forward it on to you.
Please note that even though we will forward it on to you - the e-mail triggered our security system for a reason. We do not believe that this e-mail is safe for your computer or anyone else's computer on your network.
Section L
1. We cannot forward Quarantined Messages to anyone other than who it was addressed to in the first place.
E-mails are addressed to specific individuals. If you are not one of those individuals we cannot forward the e-mail to you.
If another user uses Lotus Notes features such as "Access and Delegation" or has e-mail automatically forwarded to you... those features will notify you of the message accordingly.
2. "I've taken over responsibilities for the person this quarantined message was addressed to".
You need to follow these steps:
a. note the senders e-mail address in the e-mail we sent you asking you if you are expecting this message.
b. write them an e-mail informing them that the person they addressed the e-mail to is no longer in this position and to please change their contact records to include your
contact information.
IT will not permit the former employees name to remain in existence for long - if you do not have them update their records - eventually you will lose contact with them
permanently.
We will not forward your predecessors e-mail to you. If the message is important enough - you will find a way to let the sender know that the former person is no longer in this
role.
3. We cannot accept your request to release a quarantined e-mail to anyone other than yourself. Just because you are willing to take the risk of infection does not mean that the other intended recipients are willing. Each individual will be required to send us their own consenting request to be exposed to whatever caused the message to be quarantined.
Section Lb
We cannot forward your Quarantined message to people other than yourself; even if they were addressed in the e-mail.
The e-mail was Quarantined for a reason. You may decide that risking all of the data on your computer and all of the data stored on your share drives is worth reading this e-mail, but we cannot permit you to make that decision for someone else.
If and when you request a Quarantined message to be released and it does cause damage to Salvation Army property we will have a record of your request to ignore the warning from our security system.
If we were to send a potentially harmful e-mail to someone else on your behalf they would be unsuspecting of the risk and we would not have a written statement from them accepting the responsibility.
Section M
Graphics in your Signature. In the Policies and Procedures for the Salvation Army:
Notes Link : TECHNOLOGY ACCEPTABLE USE POLICY E-MAIL POLICY :
Graphics may not be added to e-mail as part of a heading, stationery or signature block.
This means that having something like this as your signature - it NOT allowed:
Sincerely,
John E. Tate IV
IT Help Desk Coordinator
847-294-2030
The following items are the only elements allowed in the signature block of Lotus Notes correspondence:
Name
Rank
Title/Appointment
Address
Telephone Number(s)
Salvation Army Web Address
Approval for exceptions to the above, including the use of tag lines, will be the responsibility of the Unit Commander or their designee.
Section Mb
You are not permitted to attach a Virtual Business Card to your signature.
If you absolutely must send a .vcf to a recipient it needs to be done manually and intentionally.
Attaching a .vcf in your signature adds unnecessary data to each one of your e-mails AND to everything that is replied to you; this places a burden on our servers.
Do not add a .vcf to your signature - If you need assistance in removing it - we will be glad to help you.
Have you seen e-mail signatures like this?
You may not know it, but there is a policy that specifically outlines what you can and cannot have in your e-mail signature.
You might view these rules as micro-managing or something else negative - but I can assure you that there are a few really good reasons why
you won't want to have a signature that looks like the one above.
I'm going to repeat that part...
YOU won't want to have your signature look like that.
Let's focus on that part above all else...
Why wouldn't you want your signature to have a nice Shield or Virtual Business Card attached?
1. Broken and Ugly
Almost ALL e-mail systems in the world have a default setting to remove, hide or even alter images that are embedded into an e-mail.
They do this because the VAST MAJORITY of e-mail distributed around the world is Junk, SPAM, Newsletters, Phishing, or contain Malware and Viruses.
I would love to give you a percentage - but that would be nearly impossible considering the wide range that changes each day.
I can tell you that at THQ - we quarantine roughly 15,000 e-mails each month simply based on content - usually JUNK.
My Outlook e-mail client at home automatically deletes embedded images and replaces them with a Red X or Broken Graphic Image.
I can change my settings so it will not do this, however I can assure you that the majority of users out there do not know that this can be changed and therefore that pretty signature above will look like this:
This can make your intended recipient nervous. It doesn't look safe.
2. Sent to Junk or SPAM folder
Some e-mail systems will automatically file this type of e-mail to your Junk or SPAM folder. Which means that your e-mail may never even get read - simply because you wanted to add the Shield, or a .vcf card.
3. Rejected
Most e-mail systems have a file size restriction. In 2015 the average account will permit up to 3 Megs to be transferred. At THQ we will allow 25 Megs.
Many people do not know how to attach that shield in as small a file size as possible while having it still appear to be a sharp, clear image.
The one I have above was simply copied from the Internet. Its file size is 1.16 Megs.
If I also attach a 2 Meg Word document to my e-mail, that Shield could throw me over the 3 Meg limit on my intended recipient's mail server - and they may not receive my e-mail.
4. Size
If that Shield is 1.16 Megs in size - when you send it out - it takes up 1.16 Megs of space on the Salvation Army's Notes Server.
If your intended recipient is an Army officer or employee - it will now take up 1.16 Megs of space in YOUR sent folder - and 1.16 Megs of space in your intended recipients Inbox.
If you send that e-mail out to 2 of your staff - we are now taking up 3.48 Megs of space on our servers - just because of that Shield.
If one of your staff reply to all - we are now taking up 6.96 Megs of space.
5. The Virtual Business Card issue.... .vcf
We have to look at the .vcf issue from two perspectives.... from the outside recipient and from the Internal (Army Employee/Officer) point of view.
- A. The Outside View...
When we send e-mail to people who do not work for the Army, the .vcf attachment can make a lot of sense!
We want them to have our contact information and we want to make it as easy as possible for them to retain that information. A .vcf (if clicked on) in most e-mail systems will automatically add all of our contact information to their e-mail system (and likely their phone contacts list as well).
When we send this out - we need to be aware that any of the steps 1 - 4 above apply.
The .vcf may get blocked, altered, rejected or cause your entire e-mail to be automatically filed in the SPAM folder.
If you have already sent it to the recipient in the past - it can be viewed as annoying as each new e-mail or reply you send to them has your business card as well.
(Imagine how odd it would seem if every time you saw your friend you handed them a business card.... and in your short conversation they asked you how you are doing... and as you reply back "I'm great how are you?" you hand them ANOTHER business card.)
When your .vcf is in your signature - this can happen every time you send or reply to someone.
B. The Inside View...
Technologically speaking, one of the coolest things about the Salvation Army - WORLD WIDE - is that 99% of our employees and Officers are using Lotus Notes.
Every single person using Lotus Notes already has your contact information (whether they realize it or not).
When addressing a new e-mail you can simply start typing your Army employee/officer name in the To: Field and what pops up is a direct link to everything that is public knowledge about that person. Essentially we have a Yellow Pages for everyone in the Army - and there is a 99% chance YOU ALREADY HAVE IT.
The average .vcf is 395 bytes in size. Relatively small by itself, but if you send it in your signature to 10 people in your department you will be taking up 395 X 11 (or 4kb) of server space. If all 10 people reply to you it jumps to 8k... here is where it gets exponentially worse - if you reply back again it will not only include the 1 initial .vcf and the 10 replied but it will now add 1 more .vcf 10 more times and now we are taking up 96k of space.
This is space used simply for that .vcf and doesn't include the text, pictures or attachments that might be part of that e-mail as well.The unnecessary part about this is that all 10 of those people already have your contact information.
Now you may not care about how much space we have available for the Central Territory's e-mail system.... however this next part may encourage you to remove the .vcf from your signature...
- C. The Outside View...
If you send your .vcf out via e-mail to someone who does not work for the Salvation Army and they import it into their address book....
and for any reason your contact information changes. Their address book will be outdated. If you change your .vcf and e-mail it to them - they will then have two entries for you in their address book. One that is correct, and one that is old. If they are not diligent in cleaning up their address book - or if you do not tell them that the .vcf has changed - they will not know which of the entries is correct. If they simply type in your name and do not do a visual scan of their address book - the address they pick for you could very well be the old one. If that s the case - they may e-mail you, or call you and never reach you.If you send a .vcf to them every time you e-mail them - they will never suspect that it is important (like crying wolf). In contrast, if you only send the .vcf to them when your information changes - they will have a better chance of being aware that there is a valid reason why you are sending the .vcf to them again - rather than seeing it in every e-mail correspondence from you.
D. The Inside View...
Lotus Notes on your computer will read 3 different address books - in this order
1. Your Personal Address Book
2. Your Territorial Address Book
3. The Global Salvation Army Address Book
As I stated above - if you work for the Army, either as an employee or as an officer - your contact information is already in Address Books 2 AND 3.
The really neat thing about 2 and 3 is that if your contact information changes BOTH 2 and 3 are updated. So if your Officer Assignment changes - so do 2 and 3.
We are quickly getting to the point that the majority of Army officers and employees are using Notes Traveler on their phones.
This means that the phone entry is automatically updated on EVERY phone using Notes Traveler.
However....
The .vcf is stored in Address Book #1. Your Personal Address Book.
So if you send out a .vcf to someone who works for the Salvation Army - you will be adding a duplicate entry to their Lotus Notes. That person will now have 3 entries for you in their Address book.... and 2 and 3 will be updated if your information changes.... #1 will NOT be updated.
Because Notes reads the address books in this specific order - when you search for a person who exists in 1 - 2 - and 3 - it will find the entry in #1 and use it without searching through 2 and 3.
So, if your appointment (or any of your contact information changes) that person who downloaded your .vcf will have old information for you.
That was a lot of information.... but here is a very short and to the point recommendation.
1. Use .vcf Virtual Business Cards only to people who do not work for the Salvation Army.
2. Send them out intentionally - and DO NOTmake them part of your signature.
If you follow these two rules....
You will be saving the Salvation Army money
and
You will be showing the people that you correspond with that you respect their time, efforts and equipment.
As always, If you have any questions, please do not hesitate to contact me!
John E. Tate IV
IT Help Desk Coordinator
The Salvation Army
Central Territorial Headquarters
10 West Algonquin
Des Plaines, IL 60016847.294.2030
847.227.5030 (f)
Section N
Newsletters
90% of the e-mails we receive are Newsletters. Most of those Newsletters aren't even related to an Army function or focus.
We see a lot of Animal Adoption newsletters, Gun Clubs, School Updates, Knitting Clubs etc... Please consider the content before requesting potentially dangerous e-mails to be released into our network.Other work-related Newsletters come out every day with specials at Office Max, or new backdrops for MediaShout, discounts at Vista Print etc...
There is an extremely high possibility that any of these advertisements are available directly from their websites.
Again, these e-mails were quarantined for a security reason.If you are indeed in need of receiving the Office Supply stores most recent update on their products, please feel free to request that the e-mail be released.
But please consider the content before making the request.
A lot of the quarantined messages being released are (in our opinion) not worth the risk of infecting your computer, or those in your network.
Section Nb (www.efsp.unitedway.org Newsletters and Webinar notifications)
The United Way e-mails are newsletters that inform you of upcoming webinars.
The e-mails all contain this statement "Updated information will also be posted on the EFSP website, www.efsp.unitedway.org. "
Essentially all of the information in these newsletter blasts is available on their website.
You can avoid going through the tedious process of requesting a quarantine e-mail to be released by simply visiting their site.
Section O (What is SPAM)
SPAM
Do you know what "SPAM" is ???
Technical Definition:
E-mail SPAM, known as unsolicited bulk Email (UBE), junk mail, or unsolicited commercial email (UCE), is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients. Spam in e-mail started to become a problem when the Internet was opened up to the general public in the mid-1990s. It grew exponentially over the following years, and today composes some 80 to 85% of all the email in the world, by a "conservative estimate".http://en.wikipedia.org/wiki/Spam_(electronic) - cite_note-2
Increasingly, e-mail spam today is sent via "zombie networks", networks of virus- or worm-infected personal computers in homes and offices around the globe; many modern worms install a backdoor which allows the spammer access to the computer and use it for malicious purposes. This complicates attempts to control the spread of spam, as in many cases the spam doesn't even originate from the spammer
and Now In English....
SPAM is the e-mail you get that:
1. Didn't come from someone you know (even though sometimes it says it is from someone you know)
2. You didn't subscribe to (from a company who shouldn't have your e-mail address)
3. Doesn't make any sense (contains just a hyperlink, or computer coding)
4. Tells you to send or forward this message on to everyone you know
5. Asks you for money
6. Pretty much any e-mail that you weren't expecting
Can You Block SPAM from getting to your Inbox?
This is a complicated question. The simple answer is "You can try" (See Block Sender below)
The reality is that the creators of SPAM, Malware and Viruses are always one step ahead of the programs that keep us safe.This is logical, you cannot fix what is not broken.
Most e-mail programs allow you to "block sender" which means that any e-mail coming from a certain person will automatically
get put in the trash or another designated folder.
The problem is that the creators of SPAM know this... so they will rarely send from the same address more than one time.
They may even "appear" to come from the same address, but they are fooling the e-mail program by "spoofing" an address.
You can block the "spoofed" address, but in reality the e-mail came from somewhere else and you may not be blocking anything
at all.Block Sender
In Lotus Notes 9:
1. Highlight the e-mail you would like to block
2. Click on "More" just above your e-mail
3. Click on "Deliver Senders Mail to Junk"
4. Check the box that confirms you want ALL mail from this sender to be sent to your Junk Folder
In Lotus Notes 8.5:
1. Highlight the e-mail you would like to block
2. Click on "More" just above your e-mail
3. Click on "Deliver Senders Mail to Junk"
4. Check the box that confirms you want ALL mail from this sender to be sent to your Junk Folder
In Lotus Notes 7:
1. Highlight the e-mail you would like to block
2. Right Click
3. Click on "Block Sender"
Section Ob (We do not block SPAM from getting to your inbox)
Notes vaguely attempts to identify e-mail as SPAM based on simple rules such as.... is there a large number of recipients?
This is just a "heads-up" and has no bearing on the destiny of the e-mail. Unless you have a rule set up in your personal Notes settings that specifically addresses e-mails marked as SPAM, all SPAM marked e-mails will be delivered to your inbox, just as any other correctly addressed e-mail that is not "blocked" or "quarantined".Section Oc (Why am I getting SPAM all of a Sudden?)
The first step to understanding SPAM is grasping the concept that SPAM is not personal.
It was not designed specifically for you; rather it was designed to be sent to everyone in the World with hopes that
somebody will open it, potentially click on an embedded link or whatever else it may contain.How did "they" get your e-mail address in the first place?
That's a great question!
1. Any time you sign up for a newsletter, service, store account, purchase something from a website etc... you are publically sharing your e-mail address.
Even when the disclaimer says "We will not share, sell or distribute your e-mail address" - you can pretty much count on your
e-mail address being shared, sold and distributed.2. Many e-mail systems (such as gmail, yahoo, Outlook, hotmail etc...) are not designed to hide your e-mail address book from Malware. Sophisticated e-mail systems like Lotus Notes have your address book hidden in a separate location from your e-mail.
Because of this - people who design Malware and Viruses know the path to your address book and create malware that will
search for your address book and return the findings to its creator.So, let's say that your Mom and Dad use Outlook for their e-mail at home. They have your Army e-mail address in their Outlook address book.
Somebody sends malicious e-mails to your Mom and Dad and they open those e-mails. The Malware attached to that e-mail finds your Army address and sends it back to the creator.The next time the creator sends out SPAM, Malware or Viruses - YOUR Army address will now be included in the list of people to send to.
3. Some organizations ask people to share their address books with others who might be interested in similar topics, products etc.
4. Some websites do not hide your e-mail address. Twitter, FaceBook, and eBay (unless you specifically change your default settings to NOT show your e-mail address) Your e-mail address is not only displayed, but searchable to the public.
Malware creators can design a "Bot" program to search and collect e-mail addresses from these websites - EASILY,Why didn't I get these e-mails before?
They didn't have your e-mail address until now.
What can I do about this?
1. Do not use your Army e-mail address for ANYTHING that is not official Army business.
2. Do not use an Army e-mail address for Social Media (Ever) - Instead create a "burner" e-mail address like gmail that
can be deleted at any time.3. You can attempt to block e-mail from the sender - however this is not usually a very successful resolution.
4. Our best recommendation is that you ignore/delete these types of e-mails. If their numbers become too many to cope with you may need to consider getting a new e-mail address. If it is an Army address this will pose a great deal of issues.
Please refer to #1 above.Section P (The Quarantine Process)
The Quarantine process works in this manner:
1. The Sender sends the e-mail to you (the Intended Recipient)
2. The e-mail violates the Salvation Army's security system.
3. The e-mail becomes Quarantined.
4. The Intended Recipient is notified.
5. If the Recipient is "Expecting" the e-mail - the Quarantine message is forwarded to THQ's IT Team at USCSupport.
6. The IT Team searches the Quarantined e-mails based on the forwarded message's contents.
7. If the message is within the last 30 days, AND the IT Team cannot quickly identify the threat - the message is forwarded (along with the threat) to the Intended Recipient
Section Pb
There are 5 things that can potentially happen with incoming e-mail:
1. The e-mail is successfully delivered.
2. The e-mail is Blocked
When an e-mail is Blocked (it is done so on THQ's Barracuda Box in London (IHQ))
E-mails that are blocked have violated a very specific rule or contain a known virus or malware.
Swear words are specifically blocked.
The sender of a blocked e-mail will receive an e-mail from our IT team (automatically) informing them that their message has been blocked
and their message has not been delivered.3. The e-mail is Quarantined
When an e-mail is Quarantined (it is done so on THQ's Barracuda Box in London (IHQ))
E-mails that are Quarantined have accumulated too many violations of "tell-tale" issues that could present a problem.
The intended recipient will receive an e-mail from our IT team asking them if they are expecting this specific e-mail.
The sender will have no indication that their are being Quarantined.
4. The e-mail was incorrectly addressed
For example (john.tate@usc.salvationarmy.org instead of john_tate@usc.salvationarmy.org)5. The e-mail cannot reach its intended recipient due to DNS or connectivity issues.
There is nothing we can do about this - there is no guarantee that any e-mail anywhere will ever be delivered - we recommend they try again.Section Q
We do not require any rationale as to why you want an e-mail released from Quarantine.
All that we need to know is that you are expecting the e-mail from this specific sender.
We understand that you are expecting this e-mail simply by forwarding the e-mail to USCSupport - NO EXPLANATION IS NEEDED.
Please remember that no e-mail address is a safe address - everyone is susceptible to viruses and malware - and our forwarding this message to you - does not mean that it is safe.
Section Qb
If you somewhat regularly receive e-mails from someone - that does not constitute "Expecting this specific e-mail" - and you should not assume that it is harmless.
Our system Quarantined it for a reason; You should consider its diagnosis seriously before requesting the message to be released from Quarantine.
Section Qc (I've received e-mails from this person before)
"I've received e-mails from this person before? "
"They've never been quarantined before?""For years these e-mails have always made it to me correctly without being quarantined."
These types of statements imply that because you have received e-mails from this person/company in the past that it is impossible for them to have made changes to their system, or attained a virus or malware.
If we apply this logic to an every day analogy it would appear something like this:
"I cannot be sick, I've never been sick before."
"My tire cannot be flat, it has never been flat in the past.""I cannot be out of fuel, I put gas in my car last year."
All e-mail is susceptible to viruses and malware. There is no such thing as a safe sender or a trusted company. Even people at the Salvation Army become infected on a daily basis. The Salvation Army is a Trusted Company that does good Christian work.... yet we inadvertently send out our own infections to our correspondents every day.
We will do our best to find out exactly what triggered the quarantine on your specific message; but it's track record does not have any bearing on its current health.
Section Qd (I can't imagine this person/company would send anything objectionable)This statement implies that you believe that only bad people/companies send out and/or propagate viruses and malware.
If objectionable material only came from "badguy@criminal.com" the collective ISP's across the world would simply disallow messages from this person to be delivered anywhere. This would make our jobs in IT security very easy. The "bad guys" out there know we already do this - so they don't send it it out themselves and definitely not from their own e-mail address.
Instead, they have reputable people/companies (like the Salvation Army) send out their viruses and malware for them; After all, who would expect the Salvation Army to send objectionable material?
Always remember:1. There is no such thing as a "Safe Sender". All e-mails, people and companies are susceptible to viruses and malware - Including YOU!
2. The e-mails you should be the most suspicious of are: Your Parents, Wal-Mart, Yahoo, FaceBook, your Pastor etc.... These are the addresses that the clever
creators of malware will spoof (pretend to be) in order to gain your immediate trust.3. If your e-mail was Quarantined - there is a reason for it. Our system didn't just to a random check like they do at the airport. This e-mail triggered our security system.
Even if we forward the Quarantined e-mail on to you - it does not mean that it is safe for you or anyone else's computer that is on your Network.Section R (Please remove from Quarantine List) (Please add to the "White List")
Your request implies that you believe it is impossible for the sender's computer to be infected with a virus, malware or anything else that our system declares as potentially dangerous.
There is no "Quarantine List" for a name to be removed from.
We do not "White List" any addresses.E-mail's become Quarantined when they violate a security rule that we have established.
Everyone is susceptible to attaining and propagating viruses and malware via e-mail... including the Salvation Army
An analogy I like to use would be:
A police officer pulls over a man for speeding - 75 mph in a school zone.As you are driving by - witnessing the police officer writing a ticket to the man driving - you notice that the driver is your pastor.
So you immediately pull over and approach the police officer - "It's ok that this driver was speeding officer, he's a good man... please let him go - and do not pull him over again in the future."The example here shows that even good people who have good intentions can break the law. I'm sure that you would have a difficult time getting that officer to let your pastor off the hook... and even if you did - asking him to never pull him over in the future for committing the same crime - probably would not be successful.
The fact is that this specific e-mail you are referring to violated our security system.
Even if we do forward it on to you per your request - it does not mean that it is safe for you or your computer.Section S (Automatic Click to Dial Buttons)
There is an issue we experience on rare occasions where e-mails are quarantined because of the "Click-To-Dial" functionality within Smart Phones.
Here is an example....
I send an e-mail out to "Bill Tester" who owns a Smart Phone - and has a third party application that allows him to dial a phone number written in an e-mail - simply by pressing it.
When I send the e-mail to Bill - My Signature looks like this:
John E. Tate IV
IT Help Desk Coordinator
The Salvation Army
Central Territorial Headquarters
10 West Algonquin
Des Plaines, IL 60016847.294.2030
847.227.5030 (f)
When Bill reads my e-mail on his phone - my signature looks like this:
John E. Tate IV
IT Help Desk Coordinator
The Salvation Army
Central Territorial Headquarters
10 West Algonquin
Des Plaines, IL 60016847.294.2030http://us-mg204.mail.yahoo.com/neo/
847.227.5030 (f)http://us-mg204.mail.yahoo.com/neo/
Those little "phones" are now hyperlinks that tell the phone to use the previous digits as an actual phone number.
When you hover over these "phones" you can see that the hyperlink that has been created is very long - this is a tell-tale trait of malware - and it a common violation in many e-mail filters.
The Salvation Army's filters cannot allow this violation - if we did we would also allow all of the actual malicious content that we prevent from entering our system every day.
So what can we do about this?
Unfortunately - the problem isn't on our side - it's on the "other" side - whomever has the application that changes our text into a Click-to-Dial.Our options include:
1. Ask them to remove the app that transforms phone numbers in e-mail into 1-click dials2. Stop sending your signature to them in e-mails
3. Tell them to delete your signature when they reply to you
4. Tell them to send NEW messages to you rather than replying to your e-mails
5. Simply request that we release them for you when you receive a notice.
Section T (Red Shield Tool Kit)
- Greetings. It has come to my attention that you are having some difficulty logging onto the Red Shield Toolkit. (https://www.redshieldtoolkit.org/Account/LogOn.) I am reaching out to a select group of people to help better define and resolve authentication/logon problems. Please respond to me with one of the following that best describes your problem with Red Shield Toolkit.
Not sure what password to use.
Not sure which email address to use
Your Notes password works for other sites, but not this one
Please read through the following text critically. We are working on an email that an individual would receive automatically is they could not logon to the site correctly. If you have any other suggestions or concerns to be addressed with this process, please let me know.
ThanksEverett Jordan
(847)294-2259 - Office
(847)275-4867 - Mobile
(847)227-5059 - FaxIn order to use the website you need to know three pieces of information. I am certain you know the first two pieces;
- your territory - USC
- your email address - firstname_lastname@usc.salvationarmy.org
The third piece of information can be confusing, your password. The password you need to provide is your Notes Sametime or Internet password. It is the same password you use to connect to Sametime Instant Messaging, Traveler for use with a mobile device or iNotes.
If you are still not sure what the password is, check with your divisional IT support person. They will be able to help you reset the password.
If you think you know the password, you can also test it by logging into http://stime.uscthq.org or https://news.uscthq.org. If you are able to log onto either of these sites, but still can't use the Red Shield Toolkit, there is a problem with password synchronization. Please contact your divisional IT staff or reply to me
Section U ( eVite and Minted )
In recent times we have been seeing MASSIVE amounts of e-mails being quarantined - that are being sent via the services eVite and Minted.
In the Central Territory all eVites are quarantined because they violate our security system. They have hyperlinks that act as tracking code and are indicative of a virus or malware.
Only a scarce few ever request their eVite or Minted invitation to be Unquarantined.
The big picture here is this.... if you send out an Invitation and you do not receive any replies (or very few) you might think that the people you have invited are choosing to ignore you,
or choosing to not attend.
The reality is this... the chances are EXTREMELY high that the people you invited never received or read your invitation.
eVite and Minted are a business. Even when you utilize their FREE service - they are attaining some sort of information from you that they can either sell, or market to YOU.
You have information on your PC that companies are willing to pay for. Sometimes that information is as simple as your Browser History, other times it can be how long it takes you to reply to the eVite. In any case it is this tracking software that is embedded into your e-mail or into the hyperlink (really long hyperlink) that is in your eVite.
It is this tracking that quarantines the e-mail in the first place. Don't think that it is only the Army's e-mail filters that prevent these e-mails from reaching their intended destination. There are tons of e-mail systems out there that will block or quarantine this type of activity.
So, if your invitation isn't really that important, or you don't care if you are getting accurate responses on your RSVP's - continue using services like eVite.
OR
You can send e-mails directly from your e-mail account instead. The fewer at a time the better (you don't want your e-mail address to get blacklisted).
And please remember - that if your invitation is not work related you should not be using your Army e-mail address to send from... and if your invitation is not work related to the people you are inviting - you should be sending to their personal e-mail address - not an Army e-mail address.
Section V ( SPF )
If a company registers a website that also has e-mail hosting (ie: dell.com and a user of john@dell.com) the DNS entry that is registered around the world
contains valid server names or IP addresses that state which server "should" be sending e-mail from a user of john@dell.com IF an e-mail from john@dell.com arrives from another server (or no valid server was ever named in the DNS settings) the majority of e-mail servers around the world will assume that the e-mail has been spoofed and that it is not a valid or legitimate e-mail.
More than likely - if the quarantined e-mail in question was from a legitimate source - it means that their IT staff did not specify a permitted sender host.
If we have determined that this may be the case you are welcome to forward this message to the person who sent you the e-mail that was quarantined:
"The Salvation Army's IT staff believes that your e-mail hosting servers are not specified as a permitted host in your company's URL - DNS settings. Please have your IT staff check your DNS settings to ensure that a permitted sender host has been specified."
SPF : Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail
exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.[1] The list of authorized sending hosts for a domain
is published in theDomain Name System (DNS) records for that domain in the form of a specially formatted TXT record. Email spam and phishing often use forged
"from" addresses, so publishing and checking SPF records can be considered anti-spam techniques
Section X (Expired)
Our Quarantine system only retains messages for 30 days. If you do not request your message to be released within the 30 days from the time it was received in our system - it will be permanently deleted and we will not have the capability of retrieving it.
Sincerely,
John E. Tate IV
IT Help Desk Coordinator
847-294-2030
|
Rate this Topic:
|
|||
|
