Spam and Phishing Filtering for Email – Proofpoint

CUIT uses Proofpoint filters as a first line of defense against spam and unsolicited bulk emails; each day you will receive the Proofpoint Email Digest listing the spam (potential phishing emails) and low priority (bulk emails) that you received the day prior, allowing you to delete, block or release and approve these messages/senders.

To further protect you from malicious email attempts, Proofpoint URL Defense is used to automatically check every link that is emailed to you for potential phishing or malware scams. You will notice that URLs are rewritten as part of this effort, though you will be sent to the correct website (if the URL is confirmed to be "safe"). Proofpoint's patented services are used by many of our Ivy League peers, including Harvard, Princeton, and Cornell, as well as by CUIMC and other top companies and government agencies.

How do I...

From the Daily Email Digest
  1. Click the subject to preview the email.
  2. Click Release to allow just that specific email.
  • To allow this and future messages from a sender in Low Priority Mail click Release, followed by Allow Sender.
  • To allow this and future messages from a sender in Spam click Release and Allow Sender.

Note: If the links in your daily Email Digest have expired, you will be prompted to log in to the Email Digest Web App to release a message.

How to release an email from the Daily Email Digest
From the Email Digest Web App
  1. Check the box next to the message(s) you would like to keep.
  2. Click Release to allow just that specific email.
  • To allow this and future messages from a sender in Low Priority Mail click Release, followed by Allow Sender.
  • To allow this and future messages from a sender in Spam click Release and Allow Sender.
Release and Allow Sender options in Email Digest Web App
From the Daily Email Digest
  1. Click the subject to preview the email.
  2. If you would like to add the email to the Block Sender list, navigate to the Email Digest Web App and follow the instructions below.
From the Email Digest Web App
  1. Check the box next to the message(s) you would like to block.
  2. Select Block Sender in the panel at the top of the page. This will block future messages from that sender.
  • To delete spam, check the box next to the message(s) you would like to delete, and then click the delete button in the panel at the top of the page.
  • To delete low priority mail, first release any message(s) that you would like to keep, and then you can delete all remaining messages by clicking Options in the panel at the top of the page, and then selecting Delete All.
Block sender from Web Digest App

Messages will still be filtered for a virus or inappropriate content.

The Safe Senders list is simply a list of approved senders of email. When a sender address is included in the Safe Senders list, the Proofpoint Protection Server does not filter the message for spam.

When you add a domain name (e.g., yahoo.com) to the Safe Senders list, all email addresses from that domain will be considered “safe.” You should restrict the safe list to specific senders by entering their full email addresses (for example, [email protected]).

From the Daily Email Digest
  1. Click the Request Safe/Blocked Senders link in the upper-righthand corner of the Email Digest.
  2. Check your email for a list of your Safe Sender and Blocked Sender addresses. Select Add to update your list(s).
Request safe/blocked senders list in Daily Email Digest
Add an email address to Safe/Blocked sender lists
From the Email Digest Web App
  1. Select Lists near the bottom of the left-hand pane.
  2. Add the full email address* to either Safe Senders or Blocked Senders.
    *If you only add the domain name (e.g. gmail.com) to the list, then all email addresses from that domain will be considered "safe" or "blocked". Generally it is best to only add full email addresses to these lists (e.g. [email protected]).
Lists section in the Proofpoint Digest web app

You cannot turn off the Email Digests completely, however you can turn off Low Priority (Bulk) Email Filtering. Spam will continue to be filtered, and you should continue to check for spam at least once every 14 days.

To turn off Low Priority Email Filtering:

  1. Navigate to the Email Digest Web App.
  2. Click Profile.
  3. Click Settings.
  4. Select Turn Off Low Priority Filtering (Continues to Quarantine Spam).
  5. Click Save.
Use Settings in profile to turn off low priority filtering
Turning off your Daily Email Digest is not recommended. It is possible that legitimate or important mass emails are being held for your approval. These will be permanently deleted after being held for 14 days. (NOTE: After several weeks of tuning your approved and blocked senders, your Email Digest should become shorter.)
  1. Navigate to the Email Digest Web App.
  2. Click Profile.
  3. Click Settings.
  4. Check / uncheck the option of your choice.
Turn off your daily digest via profile --> settings
  1. Navigate to the Email Digest Web App.
  2. Click the down arrow next to your username (i.e. [email protected]) and click on the mailing list you wish to review.
    • If you do not manage any lists, you will not see a down arrow or any additional email addresses. Lists that end in @lists.columbia.edu are not eligible for a daily Email Digest.
    • If you do not see one of your @columbia.edu lists, please check with your colleagues that have admin access to that specific list. Proofpoint only permits one person (the first alphabetical administrator) to manage a shared list, but you can work around this by setting up forwarding in LionMail or Outlook so other list administrators receive the daily Email Digests. They can then manage the emails on hold from the email forwards.
  3. Proceed as you would normally to review, delete and/or release emails.
Change the email address that you are reviewing the email digest for

1. Open a Daily Email Digest message and click on the three dots in the upper right-hand corner. Select Filter messages like this.

Open a Daily Email Digest message and click on the three dots in the upper right-hand corner. Select Filter messages like this.

2. Enter the full group email address in the To field and select Create filter.

Enter the full group email address in the To field and select Create filter.

3. Place a checkmark in the Forward it to: option. Then select the receiver's email address from the drop-down menu. If it's not there, click add forwarding address and follow the prompts to create a new forwarding address to either a [email protected] or a group address (i.e. [email protected]).  When you are done, select Create filter.

Place a checkmark in the Forward it to: option. Then select the receiver's email address from the drop-down menu. If it's not there, click add forwarding address and follow the prompts to create a new forwarding address to either a UNI@columbia.edu or a group address (i.e. GROUPNAME@columbia.edu). When you are done, select Create filter.

1. Open a Daily Email Digest message and select Rules. Next, select Create Rule.

Select Rules, then Create Rule in upper right corner of Outlook

2. Place a checkmark in front of From CU Email Digest - Do not reply and Sent to [email protected], where GROUPNAME is the name of your mailing list group.

Then select Advanced Options.

Check in front of From Columbia University Email Quarantine Digest - Do not reply and Sent to GROUPNAME@columbia.edu, where GROUPNAME is the name of your mailing list group. Then select Advanced Options.

3. Select Next on the following screen. (This should be pre-filled with the information that was included in the previous window.)

Select Next (this window recaps info you entered)

4. Place a checkmark in front of Forward it to people or public group, then select on people or public group in the lower portion of the window. Select Next.

Check Forward it to people or public group, then select on people or public group in the lower portion of the window.

5. Type in the recipients' email addresses, or choose them from your address book, Ensure that the addresses are separated by a semi-colon (;). Select OK.

in the recipients' email addresses, or choose them from your address book, Ensure that the addresses are separated by a semi-colon (;). Select OK.

6. Name this rule based on your preference. For example, "Forward spam/bulk email digest for GROUPNAME to colleagues". Select Finish.

Name the rule and select Finish

Email Digest FAQs

No. The Proofpoint Email Digest will not effect any filters that you already have in place.

You may continue to receive some emails in your LionMail Spam folder. Even with Proofpoint, not every "spam-like" email is caught, and in some cases, the Gmail spam filter may catch an email that Proofpoint does not. You should still continue to review your Spam folder in case something legitimate is accidentally held there.

You might be an owner of a mailing list and a digest is sent to the first alphabetical owner/administrator of a list. You can set up forwarding so the other owners/administrators of the list also receive the Daily Email Digest.

Check your LionMail spam folder. Gmail's spam filter may have flagged the same email for spam- or phishing-like qualities.

If this is an email subscription that you continue to want to receive, click Release, followed by Allow Sender in your daily Email Digest and the email will go to you inbox and future emails will not go to the Email Digest.

You can take action on up to five emails at once using the Email Digest Web App. Check the box next to the emails you would like to take action on and click Release, Allow Sender or Block Sender.

Yes. You can click the action links (Release, Release and Allow Sender, Allow Sender or Block Sender) directly from the daily Email Digest on your mobile device.

Proofpoint URL Defense

In addition to scanning for potentially malicious senders and attachments, Proofpoint scans every link (URL) that is sent to your mailbox for phishing or malware websites. URL Defense rewrites all URLs to protect you in case a website is determined to be malicious after you have already received the message. The link is evaluated every time you click on it to ensure that it is considered safe when it is clicked. To learn more about the URL Defense scanning technology, watch Proofpoint's URL Defense overview video.

Please continue to exercise caution when clicking on any link in an email, especially from unknown senders. Proofpoint URL Defense is the second layer of protection against malicious emails, but scammers are continuously inventing new schemes designed to slip through security measures.

  • If the link is determined to be safe, you will be sent to the URL and you will see no difference.
  • If the link is found to be malicious, you will see the following notification in your browser:
URL Defense notification: "Web Site Has Been Blocked!"
Proofpoint URL Decoder

If you would like to know what the original URL (link) looks like without the URL Defense, you can use the decoder tool below to translate any link you receive in an email message.

To copy the URL in an embedded link, right-click (Ctrl+click on a Mac) on the link, and then select Copy Link Address, then paste it into the decoder.

URL Defense FAQs

No. Websites on the Columbia domain are considered trusted by Proofpoint.

You can use a URL decoder to retrieve the original URL. To copy a URL in an embedded link, right-click (Ctrl+click on a Mac) on the link, and then select Copy Link Address, then paste it into the decoder.

You cannot turn off URL Defense as it provides an important layer of security to keeping Columbia user's data safe.

To embed the URL in text, double-click the word or phrase that you would like to make a link, and then type Ctrl+K (Command+K on a Mac). A window will pop-up and you can enter the URL into the field and save.

No. Even if you look at an email that is years old, the Proofpoint URL Defense link will continue to direct you to the proper URL.

Email Encryption

Launch your email tool and add the word in brackets [encrypt] to the subject field to send an encrypted email message to someone outside Columbia. 

For example:

To: [email protected]

Cc: [email protected]

Subject: [encrypt] Meeting minutes from the quarterly review

Proofpoint Encryption will automatically trigger a rule to encrypt the message because the word [encrypt] is in the message's subject. You must include the square brackets.

Encrypt

External (Non-Columbia Email) Users: Decrypting Secure Messages

The following sections describe how users external to your organization receive and decrypt secure messages.

 

Reading a Secure Message

When you receive a secure message, it will look similar to this in your mailbox:

Secure Message

When you receive an encrypted message, you will see the following text:

You have received a secure, encrypted message from the sender. Click the attachment in the message to launch a browser to authenticate so that you can decrypt and read the message.

Click the attachment SecureMessageAtt.htm to authenticate so that you can decrypt and read the message.

Note: If you see red X icons in the browser, your email client is blocking images. These images are typically the logo or pictures of the sender's organization. You can display the images or ignore them without affecting your ability to read the message.

 

Open the Attachment

If you have not registered for Proofpoint Encryption, you will be prompted to create an account and choose a password on the registration page. In the future, you will not be prompted to register.

If you have already registered or your account already exists, you will be prompted to sign in and provide your password to decrypt the message. A More Info link is available if you need help.

Proofpoint

Note: Your password cannot contain spaces.

Your password will expire after 90 days. You will see a “Days until password expiration” message when you open a secure message. Click the link next to the expiration message to reset your password.

Suppose you forget your password and your administrator assigns a new temporary password. In that case, you will have to reset your password and select new security questions the next time you open a secure message.

Additionally, you can request Proofpoint send you a change password link to your email address by clicking the “Forgot Password."

 

Read Your Message

For security reasons, you will not be able to save the secure message.

Proofpoint Test Message

Click Logout when you are done.