[Eril-l] Office 365 Threat Management and Content Provider Domains

Lutzow, Eileen elutzow at csuniv.edu
Fri Oct 19 09:10:17 PDT 2018 

You can login to Outlook 365's Threat Management/Email Quarantine at any time to release messages without waiting until the next day.

Go to https://protection.office.com/
Login with your email username and password
Select a way to verify your identity (like letting them text a code to your phone)
You will need to identify your identity with a new code anytime you login
If the verification code screen displays again after you enter the code they send you, hit Cancel
Once you are logged in, on the left side, click on "Threat Management, Review"
In the middle click on "Quarantine"
A list of messages will display
At the top, there is a menu next to "Show messages quarantined due to" It is probably defaulted to Spam, so select Bulk
Another list of messages will appear
If the message you need isn't in either list, wait a while and check again later

Eileen

Eileen Lutzow
Systems and Electronic Resources Librarian
Charleston Southern University
Charleston, S.C.
elutzow at csuniv.edu<mailto:elutzow at csuniv.edu>

From: Eril-l <eril-l-bounces at lists.eril-l.org> On Behalf Of Peters, Paul M.
Sent: Thursday, October 18, 2018 5:53 PM
To: eril-l at lists.eril-l.org
Subject: [External] [Eril-l] Office 365 Threat Management and Content Provider Domains

I don't know if anyone else may have encountered this issue, but our university recently implemented Outlook 365's Threat Management/Email Quarantine. This implementation has had the unfortunate consequence of catching emails sent from our content providers like Proquest, EBSCO, Cengage, Clarivate, etc. For example. PQ's Refworks requires users to set up an account. Upon doing this, Refworks sends out a confirmation email. These emails were getting caught and not released until the next day. Now, we discovered the RefWorks problem, and got our new security admin to whitelist the necessary domain. However, we subsequently discovered that it is affecting things like students and faculty trying to email themselves articles or a list of citations from one of our databases.

I am aware that many of our content providers have lists of URLs that should be whitelisted to avoid the kinds of problems I described above. However, as we get content from multiple vendors who may have multiple URLs that should be whitelisted, we are talking about a lot of URLs. Our security administrator is unwilling to whitelist all of these URLs. He says that it offers too many opportunities for unauthorized users to gain access to our network.

Has anyone else encountered this sort of issue? Thoughts or suggestions would be appreciated.

Michael Peters, MSIS
E-Resources Librarian
J.E. & L.E. Mabee Library
University of the Incarnate Word
4301 Broadway, CPO# 297
San Antonio, TX 78209

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eril-l.org/pipermail/eril-l-eril-l.org/attachments/20181019/64686605/attachment-0001.html>

More information about the Eril-l mailing list