Changes to ensure spam emails sent using fake @bristol.ac.uk addresses are flagged as suspicious

Email sign

[26 June 2014]

We have recently seen incidents where spam emails and phishing attempts have been made using messages which look as if they are sent from @bristol.ac.uk accounts.

To help restrict the ability to fake emails from @bristol.ac.uk addresses we plan to impliment new procedures from 28th July 2014. From that date we will publish Sender Policy Framework (SPF) data for the bris.ac.uk / bristol.ac.uk domain. This will identify emails with @bristol.ac.uk senders as valid only if sent though our:

  • Gmail servers
  • Postini Servers
  • UoB central mail relays

Anything else may be considered suspicious by the recipient’s email service, but should not be rejected, unless there are further issues with the message. Please note that the rules governing such actions are defined by the recipient's email service and may vary.

Activity that may trigger emails to be marked as suspicious

Please note that those receiving emails may also find them flagged as suspicious and/or spam if:

  • you have contracted a third party to send University of Bristol emails on your behalf

This will only occur if they are not using their own domain name when connecting to the recipients' mail servers.

Action - If you use a third party to send emails and are concerned please contact IT Services so we can test whether or not there is likely to be an issue.

  • your email is sent via a mailing list

This will only occur if the list server does not use its own domain name when connecting to the recipients’ mail servers.

Action - contact the mailing list owner to report the issue.

Please note: We do not anticipate there being problems with UoB Sympa mailing lists, but if you are the owner of a list that is experiencing problems please contact IT Services.

  • the recipient of your email forwards it to another account

This will flag the message as spam if the forwarding server does not use its own domain name when connecting to the other account’s mail server.

Action - the recipient will need to take this up with the supplier of their forwarding service. N.B. We do not anticipate there being problems with forwarding from Gmail accounts.

  • you send work emails using your home Internet Service Provider’s (eg. Virgin, BT) service, rather than smtp.gmail.com or smtp-auth.bris.ac.uk

Action - contact IT Services about how to configure an email client to use a supported server.

  • the recipient’s mail server checks the wrong sender address against the SPF data

Action - the recipient will need to take this up with their email service provider.

Even with this additional protection in place it will still be possible for other parts of a message to be faked so as to fool an email client into displaying a different sender address from the one that has been checked. We advise staff and students to continue to be vigilant and follow the advice at http://www.bris.ac.uk/infosec/email-threat/