IT is beginning the process of sending S/MIME digitally signed email messages from automated systems that need to send email to users.
This will allow you to verify the authenticity of the email message and know that it did indeed come from Rice and is not some phishing or hacking attempt.
Currently, only messages from no-reply@rice.edu are going to be digitally signed. These messages will appear to be from the user Automated Email and the certificate will be issued by InCommon Standard Assurance Client CA.
The full certificate chain will look like this:
- AddTrust External CA Root
- UTN-USERFirst-Client Authentication and Email
- InCommon Standard Assurance Client CA
- Automated Email
- InCommon Standard Assurance Client CA
- UTN-USERFirst-Client Authentication and Email
You will want to verify that that the expiration date for the certificate is still valid, meaning that the date has not passed.
Notice in this test email, in the header of the message (in Mac Mail) there is a Security header with a checkmark and the words Signed (Automated Email). If you were to click on the checkmark it will give you information about this signature.
Notice the certificate chain is the same that is printed at the top of this page, that the Expiration date of the certificate has not passed and that there is a green check mark indicating that this certificate is valid.
This allows you to know that this message did come from Rice University IT and is something that you should probably pay attention too.
Other mail clients also allow you to verify the signature but it is slightly different for each one. Please contact your DivRep or the IT Help Desk to learn how to verify this signature in your mail client.
In Rice Webmail it looks like this:
Clicking on the link "Automated Email (no-reply@rice.edu)" in the yellow box will display information about the signature.
