Email Protection

Eligible: Students, Faculty & Staff, Alumni

Availability: 24 Hours, 7 Days

Support: Monday - Friday, 8:00 a.m. - 6:00 p.m.

AKAs: Anti-Malware, Anti-Phishing, Anti-Spam, Anti-Virus Email, Spamblock, Microsoft Email Protection, MS Email Protection


To better protect the University community from potential email threats, University of Miami Information Technology (UMIT) implemented Microsoft (MS) Email Protection – a combination of Microsoft's advanced threat protection and exchange online protection – to replace Proofpoint.

MS Email Protection seamlessly integrates with UM's Office 365 suite of products and services, and provides multi-tiered protection against spam, viruses, malware, and phishing attempts, including encryption services to further protect your personal information.

This multi-tiered protection consists of:

  • Perimeter intrusion protection - Rejecting network traffic from bad reputation sites.
  • Central email protection - Rejects all email from bad reputation sites, virus/malware infected email, known phishing attempts and incorrectly addressed email. It also quarantines email that is diagnosed to be SPAM and does not forward it to the user's mailbox. A daily digest is available for all SPAM emails that are quarantined.
  • Application email protection - Email applications and clients generally offer email SPAM protection. This is the best place to customize your settings. You will find email that has been identified as SPAM or Junk in a folder so named.
  • Advanced Threat Protection (ATP) - Email protection service which replaces all the URLs (web addresses/links) in an email with ATP URLs. These ATP web addresses are routed through email protection services to determine if the destination website is a safe site. If the destination website proves to be a safe site, the user is allowed to access the destination. For more information, please see our ATP FAQ.


  • All Users: Must use your CaneID to login.
  • UM Alias Holders: Available to all users with an or an email alias.
  • Please Note: Domains have no effect in your Safe senders and domains. Instead, please add specific emails (Ex:


  • It is a best practice to primarily list both safe and blocked senders within your email application/client (i.e. in MS Office 365, MS Exchange, MS Outlook). Entering safe and blocked senders in the enterprise's central SPAM protection product/service may reduce the effectiveness of that product/service. This product/service is designed to be highly dynamic. It is constantly learning and improving. Fixed rules may seem like a good idea but they may circumvent the increasing effectiveness of this product/service.
  • To repeat, entering these safe and blocked senders should primarily be done by using your email application SPAM protection. One reason does exist to enter safe senders in the central email protection. If a message has been identified as SPAM by that system but is really a message you want delivered, possibly even on a regular basis, you would need to add the sender to the safe list. This should be done responsibly. It would be preferred that you just released this email upon quarantine rather than entering it as a safe sender.
  • Note: Users inadvertently may make a poor decision in creating safe or blocked sender lists. Some users have made a safe sender but that opens the door to an exploit. Many SPAM senders have found creative ways to send email that appears to be from By making safe, you may be opening the door to all these unwanted and potential harmful emails. Additionally, when viewing their SPAM quarantine list, users may just click on a sender and make them safe without fully inspecting their address and considering the implications of adding them to a safe list.
  • If you are protected by non-customized central email protection, you can be more relaxed about making decisions concerning safe and blocked sender within your email application. 


  • No fees are charged for this service. 




Related Services