[Eril-l] Office 365 Threat Management and Content Provider Domains

[Peters, Paul M.]

I don't know if anyone else may have encountered this issue, but our university recently implemented Outlook 365's Threat Management/Email Quarantine. This implementation has had the unfortunate consequence of catching emails sent from our content providers like Proquest, EBSCO, Cengage, Clarivate, etc. For example. PQ's Refworks requires users to set up an account. Upon doing this, Refworks sends out a confirmation email. These emails were getting caught and not released until the next day. Now, we discovered the RefWorks problem, and got our new security admin to whitelist the necessary domain. However, we subsequently discovered that it is affecting things like students and faculty trying to email themselves articles or a list of citations from one of our databases.

I am aware that many of our content providers have lists of URLs that should be whitelisted to avoid the kinds of problems I described above. However, as we get content from multiple vendors who may have multiple URLs that should be whitelisted, we are talking about a lot of URLs. Our security administrator is unwilling to whitelist all of these URLs. He says that it offers too many opportunities for unauthorized users to gain access to our network.

Has anyone else encountered this sort of issue? Thoughts or suggestions would be appreciated.

Michael Peters, MSIS
E-Resources Librarian
J.E. & L.E. Mabee Library
University of the Incarnate Word
4301 Broadway, CPO# 297
San Antonio, TX 78209

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eril-l.org/pipermail/eril-l-eril-l.org/attachments/20181018/8f934873/attachment.html>