Clinton's Private Email Was Blocked By Spam Filters, So State IT Turned Them Off

An anonymous reader quotes a report from Ars Technica: Documents recently obtained by the conservative advocacy group Judicial Watch show that in December 2010, then-U.S. Secretary of State Hillary Clinton and her staff were having difficulty communicating with State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off -- potentially exposing State's employees to phishing attacks and other malicious e-mails. The mail problems prompted Clinton Chief of Staff Huma Abedin to suggest to Clinton (PDF), "We should talk about putting you on State e-mail or releasing your e-mail address to the department so you are not going to spam." Clinton replied, "Let's get [a] separate address or device but I don't want any risk of the personal [e-mail] being accessible." The mail filter system -- Trend Micro's ScanMail for Exchange 8 -- was apparently causing some messages from Clinton's private server (Clintonemail.com) to not be delivered (PDF). Some were "bounced;" others were accepted by the server but were quarantined and never delivered to the recipient. According to the e-mail thread published yesterday by Judicial Watch, State's IT team turned off both spam and antivirus filters on two "bridgehead" mail relay servers while waiting for a fix from Trend Micro. There was some doubt about whether Trend Micro would address the issue before State performed an upgrade to the latest version of the mail filtering software. A State Department contractor support tech confirmed that two filters needed to be shut off in order to temporarily fix the problem -- a measure that State's IT team took with some trepidation, because the filters had "blocked malicious content in the recent past." It's not clear from the thread that the issue was ever satisfactorily resolved, either with SMEX 8 or SMEX 10.

Trend Micro in the US Government?

[damn_registrars]

I thought the US government was concerned about Chinese made technology potentially giving up important information to the Chinese government. How is Trend Micro allowed in the State Department?

Re: I had problems with State's spam filter, too

So THATS why the Clinton's State Dept never sent help to Benghazi!

BINGO

[Kludge]

This is probably the reason that Clinton was using her own email server: the government email systems sucked because they were run by incompetent people.
Does this "excuse" Clinton? I don't know. But at least she did what she needed to do to get shit done, which is more than what you can say about many people in government.

Re:Whitelist

[khasim]

The worse issue is that her server wasn't setup with a certificate. So no startTLS option.

So all the emails she sent to it were sent IN THE CLEAR.

So yeah, it seems like idiots all around this issue. None of them understood email or security or anything more than click-here-to-make-blackberry-work.

Re:Typical . . .

[Tuidjy]

I have done it, literally, multiple times. I am the IT director of a privately owned manufacturing company. I report directly to the owner, and "this will be back for the company" is my trump card. Of course, I do not use it all that often, and of course, before I play it, I write page long arguments why I think so.

So, yes, a IT head duty is exactly to explain to his boss why something is a bad idea. Of course, I will obey an order from the owners to do something - it is their company, and they will bear the losses. But as I have explained to them, maaaaybe in not these exact words, if they think I don't know how to do my job, maybe they should hire someone whom they think know how to do it better.

Has my career ground to a halt? Well, I've had the position since 1997. So I guess it is technically halted. But I honestly do not mind where I am.

Re:This wouldn't even be news

[merky1]

Yes, your argument sounds reasonable, if you have never been briefed on how to handle classified information. There is NO context that any leaking of any information is ever allowed. If it was deemed mission essential that the information be disseminated, she should have talked with the FSO to properly release the information in question.

Now, did she do something criminal, that is a fair question. Violating a national security policy is typically grounds for dismissal, with some folks let go after walking into a facility with their cell phone too many times. But Clinton is in a special class of people, along with a national security advisor that was caught sneaking documents out in their pants https://fas.org/irp/congress/2... . Typically those people make an oops, and slowly fade into history. The difference is that Mrs. Clinton is not fading, and is attempting to gain access to even more classified information, which she has a proven track record of mishandling in the interest of personal expediency.

If anything, this story shows that Clinton was willingly deteriorating departmental security measures to maintain her ability to control her professional communications. Regardless of the why (Bug, Misconfiguration, contractor incompetence), she valued personal protection over protection of her agency. And this is the basic argument that I have against her current run. Every time she has been "tested," she consistently comes out dirty, but not "legally" responsible.