Beginning in June, [U]Tech will make email infrastructure configuration changes to strengthen the level of email authentication and protection for all emails sent by and on behalf of Case Western Reserve University. These changes align CWRU with the rest of the industry as it moves to deploy various strategies to combat spam, phishing and other email spoofing.
Deployment will be a phased process. Starting June 1, [U]Tech will begin to transition to a full reject policy by first setting it to quarantine (i.e., marked as SPAM) those messages that do not appear to be properly authenticated on behalf of CWRU. Phase 2 of the transition effort will begin July 1 and involves ramping up the policy to reject those messages that are not properly authenticated on behalf of CWRU.
Over the last six months [U]Tech has been working with various university departments and individuals to make sure they are properly configuring and authenticating the emails they are sending. This has allowed emails sent by and on behalf of CWRU to be trusted and accepted for delivery by the receiving mail domains and ensuring malicious mail will not impact the email reputation of CWRU. After the new email settings are deployed, any email sent from an @case.edu (or @cwru.edu) email address may be rejected by its recipient if it is not properly configured. See below for more details.
Note, if you are using webmail or have properly configured your email client as outlined on item six on the Google Mail Authentication Change FAQ University Technology web page, you should not experience any issues.
In general there should be no actions needed as a result of these changes. Valid authenticated emails being sent through the CWRU email system will not be impacted. Those who are using third-party applications may experience rejected email if the owner of that service did not work with [U]Tech over the past six months to ensure their application is configured to follow the required authentication guidelines to send mail on behalf of CWRU.