New Email Authentication Designed to Prevent Spoofed Senders

picture of fee books in the library
Published | August 8, 2024

ITS has implemented the Sender Policy Framework (SPF), a crucial email authentication method that validates emails sent from the wlu.edu domain through the university’s Microsoft 365 account. This measure is designed to prevent spoofed senders commonly used in business email compromise (BEC), ransomware, and other phishing attacks. Additionally, the new policy enhances cybersecurity by creating a list of approved inbound domains, minimizing the risk of receiving malicious emails, and helping other servers verify the legitimacy of the wlu.edu domain and its subdomains.

What Should Users Expect from the New Policy?

  • Increased Quarantined Emails: You may notice an increase in suspicious inbound emails being sequestered to your Microsoft Quarantine page.
  • Impact on External Senders: Senders from outside the university who do not use SPF may experience degraded email delivery rates when emailing other SPF organizations, including W&L.

How to Check the Quarantine Page

There are two ways to review your Quarantine page:

  1. Email Notifications: Microsoft 365 Security will send you an email when you have quarantined messages. You can review, release, or block the sender directly from this email. A link to the Microsoft Quarantine page will also be provided.
  2. Direct Access: A shortcut to the Microsoft Quarantine page is available at spam.wlu.edu. Visit this page anytime to review your quarantined messages. Please be aware that you have 15 days to review emails on the Quarantine page before they are permanently deleted.

Is the Quarantine Folder in Outlook the Same as the Microsoft Quarantine Page?

No, the Quarantine folder in your Outlook client is different from the Microsoft Quarantine page. The Quarantine folder is a feature of the KnowBe4 Phish Alert Button (PAB). Clicking the PAB sends emails to the KnowBe4 Phish Emergency Room where they are reviewed by the ITS security awareness team. Those found to be malicious are temporarily quarantined in that folder while they are deleted from all W&L accounts.

Should you have questions about this new policy, please contact the ITS Helpdesk (X4357 or help@wlu.edu). 

You may also like…