Email Protection - Legacy

Eligible: Students, Faculty & Staff, Alumni

Availability: 24 Hours, 7 Days

Support: Monday - Friday, 8:00 a.m. - 6:00 p.m.

AKAs: Proofpoint

Note: ProofPoint is now a legacy cloud-based email protection solution; Microsoft (MS) Email Protection is the University's solution of record.

The University provides multi-tiered protection for SPAM/Viruses/Malware/Phishing. This multi-tiered protection consists of:

Perimeter intrusion protection - Rejecting network traffic from bad reputation sites.
Central email protection - Rejects all email from bad reputation sites, virus/malware infected email, known phishing attempts and incorrectly addressed email. It also quarantines email that is diagnosed to be SPAM and does not forward it to the user's mailbox. A daily digest is available for all SPAM emails that are quarantined.
Application email protection - Email applications and clients generally offer email SPAM protection. This is the best place to customize your settings. You will find email that has been identified as SPAM or Junk in a folder so named.
Targeted Attack Protection (TAP) - Email protection service which replaces all the URLs (web addresses/links) in an email with TAP URLs. These TAP web addresses are routed through email protection services to determine if the destination website is a safe site. If the destination website proves to be a safe site, the user is allowed to access the destination. For more information, please see our TAP FAQ.

All Users: Must use your CaneID to login.
UM Alias Holders: Available to all users with an @miami.edu or an @umiami.edu email alias.
Participating Campus/Schools/Departments: RSMAS, Law, Physics, Arts & Sciences, Engineering, Architecture.

It is a best practice to primarily list both safe and blocked senders within your email application/client (i.e. in MS Office 365, MS Exchange, MS Outlook). Entering safe and blocked senders in the enterprise's central SPAM protection product/service may reduce the effectiveness of that product/service. This product/service is designed to be highly dynamic. It is constantly learning and improving. Fixed rules may seem like a good idea but they may circumvent the increasing effectiveness of this product/service.

To repeat, entering these safe and blocked senders should primarily be done by using your email application SPAM protection. One reason does exist to enter safe senders in the central email protection. If a message has been identified as SPAM by that system but is really a message you want delivered, possibly even on a regular basis, you would need to add the sender to the safe list. This should be done responsibly. It would be preferred that you just released this email upon quarantine rather than entering it as a safe sender.

Note: Users inadvertently may make a poor decision in creating safe or blocked sender lists. Some users have made @miami.edu a safe sender but that opens the door to an exploit. Many SPAM senders have found creative ways to send email that appears to be from @miami.edu. By making @miami.edu safe, you may be opening the door to all these unwanted and potential harmful emails. Additionally, when viewing their SPAM quarantine list, users may just click on a sender and make them safe without fully inspecting their address and considering the implications of adding them to a safe list.

If you are protected by non-customized central email protection, you can be more relaxed about making decisions concerning safe and blocked sender within your email application.