2024-04-12

More security when sending e-mails

SCC now also checks internal e-mails that may pose a potential threat to the IT infrastructure at KIT. There is a particular risk potential when sending specific files as e-mail attachments.

Security for mailboxes at KIT

E-mails with potentially dangerous files attached have long been blocked when sending to or receiving from external parties (see also Policy changes to incoming mail systems), as these files, such as Office files containing macros, are often used by attackers to infiltrate malware (so-called macro viruses). In order to close this popular gateway for attackers, SCC will increase the security of e-mail communication within the KIT and, for example, check e-mails for such potentially dangerous files and block them if necessary. The mail routing for KIT mailboxes will be adapted for this purpose.

From Tuesday, April 23, 2024, e-mails sent from KIT mailbox to KIT mailbox will also be checked. From this date, emails with potentially dangerous files attached will therefore be rejected and will no longer reach the target addresses.

This applies in particular to e-mails with the following attachments

  • RTF files or
  • Word/Excel documents with macros (*.docm and *.xlsm)

IMPORTANT: Please note the following information!

If it is necessary to send documents with such potentially dangerous document types internally, use mail encryption (S/MIME) or use the services provided for exchanging documents:

Depending on the confidentiality of the data contained in these documents, use the appropriate file exchange service. Get also user guidance via the various service documetation.

Note
After the implementation of this extension and the associated improvement of IT security at KIT, sending e-mails via the smtp.kit.edu service from outside will again be possible without a Virtual Private Network (VPN).

Information about this change can also be found in our operational messages.

SCC Support Team