If 'checking your e-mail' has become a euphemism for 'deleting virus warnings,' you're not alone--Duke students, faculty members and staff may receive as many as 20 virus warnings a day.
Office of Information Technology officials report that the number of infected e-mail messages has doubled in the past six months, mostly due to a worm known as the Klez virus. Currently, about 4 percent of the messages received each day by OIT are infected.
Students said they have noticed the increase this semester.
"I get impatient because I don't remember getting any last year," said sophomore Mimi Wachendorf. "I'm not sure if the number of viruses has really increased, or if they're just sending out more warnings."
Chris Cramer, an OIT security officer, said specific statistics of earlier viral traffic are hard to come by because OIT began scanning messages only about a year and a half ago. He said, though, that there has been a recent increase in the number of both viruses and warnings.
Klez forges a sender's e-mail address, making it impossible to determine the true host of the infected mail, explained Rob Carter, director of systems administration at OIT. This defeats the purpose of sending a virus notification to the alleged host and causes confusion about whose computer is actually infected. A student may not realize that his computer is infected, which allows Klez more time to spread the virus to more computers-hence the large increase in virus warnings.
Because of the confusion resulting from forged sender addresses, OIT stopped sending Klez-related messages to potential hosts about a month ago; as of Oct. 25, warning messages to recipients were halted as well.
"[Virus warnings] were prominent at the beginning of the year, but have definitely tapered off," said junior Jessica Vorys. Despite the reduction, Vorys said she feels her inbox is still bombarded and described the messages as "annoying."
Widespread use of listservs on campus potentially increases the number of viruses that may be spread, but Carter said the majority of viral traffic is random. Messages are sent to a mailing list by an individual host and then scanned by OIT before they are sent to the list of recipients.
"One listserv is not necessarily more prone to send viruses than another, but the chances [of receiving warnings] increase with the more listservs you're on," Carter said.
But students said some lists seem to pose more of a problem than others.
"When I was on the Students Against Sweatshops list, I got about 20 [virus warnings] a day," said sophomore Andrew Waugh. "It was pretty annoying, so I just took myself off the list."
Listserv managers have little control over the spread of viruses. The main preventative measure that the listserv managers can take, Carter suggested, is to configure the lists for restricted posting. That way, only messages specifically from the list members may be accepted and sent to others, which ultimately reduces the number of random viral messages that are passed around.
OIT processes all of the e-mails that pass through Duke gateways. If a message is found to be carrying a virus, it is held at OIT instead of being delivered, and the system sends two e-mails in its place. First, a message is mailed to the sender, informing the host that his computer is attempting to spread a virus. Klez, however, prevents the successful completion of this step in the scanning process. A second warning is sent to the intended recipients with a URL copy of the original message, making it possible for the recipients to safely view the e-mail.
These warnings are what clutter the inboxes of most students, who generally delete the messages without viewing the URL copy, students said. Because OIT sends only a copy, and not the original infected message, it is rare that such a virus ever infects a student's computer.
E-mail systems that do not provide automatic filtering services are also prone to delivering virally-infected messages. Carter said the best thing students can do to prevent viruses from damaging their computers is to maintain a virus scanner and run it regularly.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.