A surge of spam messages from an unknown source addressed to Georgetown e-mail accounts on Friday led University Information Services to limit network services of GUMail and several other university networks this weekend.

Beth Ann Bergsmark, UIS’ director for academic and information technology services, said the service disruption began on Friday morning, when a wave of 250,000 spam messages was sent to university addresses.

“This was most likely the result of spammers sending huge bursts of messages at thousands of addresses,” Bergsmark said. “Spammers often target large domains.”

The university uses spam filters to sift out unwanted messages, but on Friday morning, the number of messages hitting the directory service crossed the system’s capacity threshold, shutting down GUMail and systems which require NetID login, including Blackboard and GUShare, a system that allows professors and administrators to store their work online.

“The hardware didn’t fail, the system was not misconfigured, and it responded as it was intended to respond,” Bergsmark said. “The system was simply unable to double its capacity as the uncontrolled volume of requests from outside the university crossed the threshold.”

UIS responded to the surge by blocking external e-mail messages addressed to university accounts at 11:30 p.m. Friday, preventing more spam messages from reaching university servers and allowing UIS to restore access to the systems that require NetID login.

Members of the university community were notified of the outage in an e-mail sent just before noon on Saturday. By then, some services, including Blackboard and GUShare, had been restored, but external e-mails were still blocked from GUMail.

During the blockage, UIS worked with engineers from Sun icrosystems to permanently double the directory service’s capacity so that future attacks on the system will not have such pronounced consequences, Bergsmark said. External e-mail service was restored at 10 p.m. Sunday.

“This incident was another example of how the constant growth in spamming and security exploits can break through barriers, completely redefining the needs of the entire service within minutes,” Bergsmark said, noting that the directory service had operated without major disruptions since 1998.

“The larger response is to continue to monitor what is occurring outside the institution,” Bergsmark said. “While we continually adapt to the changing needs of our user community, we also must adapt to the changing security environment outside our community.”

As a result of the shutdown, the Registrar’s office was unable to run the waitlist for class registration on Friday, when the add/drop period was supposed to end, but instead processed it on Monday afternoon, producing the final round of waitlist winners. No student registrations were compromised by the situation, according to an employee in the Registrar’s office.

Brian Reardon (COL ’08) said the unexpected service outage was simply an annoyance.

“It was inconvenient,” he said. “But the problem was resolved quickly. It didn’t really affect me too much.”