The University, in co-operation with Microsoft, provides a web-based email service to all students. When you register with the University, you will be issued with an email account on Microsoft's Office 365 environment.
Find your email address and password
If you are unsure, please refer to your Student Banner record for your email address and/or initial network password (as used for the Portal).
How to Access your Email
When you click the 'Email and OneDrive' button in the Portal you will be redirected to the Office 365 login page where you will use your University email address and network password.
You can also login directly at the web address https://portal.office.com
To find out how to connect your Office 365 to an email client or mobile device, to auto-forward your emails, and more, please read the Office 365 Email User Guide.
Please note PHD students are not permitted to auto-forward. Please confirm this policy with the Doctoral college if required.
Frequently Asked Questions
How do I connect my Office 365 account to my Smartphone or Email Client?
Client access to your student email
Please note: you must know your Office 365 email address and Network Password (same as used for Portal and Student Workstations).
Most modern email clients such as Outlook 2016 will “auto-discover” your mailbox as long as you enter your correct account credentials when attempting to login for the first time. You should use your email address and the network password.
Further details on how to add your email account to Outlook are shown in this link: Microsoft Instructions - Add an email account to Outlook
Mobile Phone and Tablet access to your email
Please note: you must know your Office 365 email address and Network Password (same as used for Portal and Student Workstations).
Modern iOS and Android devices will “auto-discover” your mailbox if you use the Outlook app (free download from app stores) and you enter your correct account credentials when attempting to login for the first time.
You should use your email address and the network password.
Detailed instructions provided directly from Microsoft on how to configure your Office 365 account via a wide range of supported mobile phone and tablets (including other operating systems such as Blackberry) can be found from this link: Microsoft Instructions – setup email on a mobile device
The generic server name for Office365 connection is outlook.office365.com
Auto-forwarding your Office 365 email to another address
University policy is that all office communications are sent to your Office 365 mailbox, so you should monitor it regularly. If you would rather not directly log into the Office 365 mailbox regularly, then instructions are provided for auto-forwarding your email ** to an alternative address you may monitor more often.
** Please note that PHD students are not permitted to auto-forward email. Please confirm this policy with the Doctoral College, if required.
For current students, information is available from our OneDrive webpage. You can access your OneDrive via the Portal and the Office 365 email 'ribbon'.
Online Advice and Training Materials
Advice on using Office 365 via the web browser is available.
Full Office 365 suite Training and Tutorial information is also available.
Can I automatically redirect my Office 365 emails to a personally owned email address?
While staff are not permitted by policy to automatically redirect emails from their Ulster account to a personally owned email account, because of Information Assurance issues, there is no restriction on Students ** doing so.
Please note that PHD students are not permitted to auto-forward email. Please confirm this policy with the Doctoral College, if required.
All official University communications with students are distributed only via your University Office 365 email account. If you wish to ‘combine’ email accounts in order to avoid having to monitor multiple mailboxes, you can do so.
How do I set up auto-forwarding?
Sign into Office 365 mail and select the 'Cog icon' in the top right of your Office 365 mailbox.
In the "Search all Settings" dialogue box, type Forwarding and the contextual option will appear. Select Start Forwarding and enter your required forwarding address.
Digital Services recommend you keep a copy of the forwarded emails in Office 365. Then select Save.
Since you are required to check your Office 365 account frequently for communications from the University, this functionality may assist you to do this.
If you wish to turn off or change auto-forwarding rule, follow again the steps above to reach the relevant settings.
How can I manage my Email Quarantine and Junk Mail settings?
Staff regularly receive an email with a subject line of ‘Spam Notification’ containing a digest of emails which have been quarantined.
An example of this email is shown below:
Staff have the option to select ‘Release to Inbox’ – this will release the individual message to their Outlook Inbox.
There is also an option to ‘Report as Not Junk’. It is crucial to note that ‘Report as Not Junk’ may not mean that future messages from this sender are not trapped by Quarantine. This flags the issue to Microsoft, who assign a ‘spam score’ to the email. This ‘spam score’ is influenced by criteria such as the email content and the volume of emails sent by the sender. The number of individual users who select ‘Report as Not Junk’ can positively affect this ‘spam score’ but this may not necessarily be of sufficient volume to directly influence future email delivery.
If the email sender subsequently attains a ‘spam score’ which allows their emails to be ‘whitelisted’, they will bypass Microsoft’s Quarantine and their emails will be delivered directly to all intended recipient’s mailboxes as normal. Please note that Digital Services has no direct control over this process.
Since it is not good email security practice for Microsoft to publicise the rules which control their ‘spam scoring’, Digital Services will not always be able to establish the reason why specific emails are quarantined since this information is not public knowledge.
How to see your quarantine folder directly in ‘real time’
If staff wish to see their quarantine folder in real time, as they may suspect an expected email may be quarantined ahead of the next scheduled email summary, this can be done via logging into microsoft.
This is authenticated via your University staff email address (e.g. firstname.lastname@example.org) and the password used also for email and Portal.
Outlook Junk Mail
Digital Services is aware of an issue which may cause some Outlook users within the University to have email messages delivered to their Junk Mail folder rather than their Inbox. This is due to their individual copy of Outlook mistakenly identifying that message as 'spam'.
This is an Outlook Client specific issue, and as such, Digital Services cannot resolve this centrally - so users experiencing this issue will need to resolve this individually, as follows :
- Please check the contents of the Junk Mail folder regularly.
- If an email is in Junk Mail which should not have been marked as 'spam' please RIGHT CLICK on it, and from the pop-up menu select 'Junk Email' and 'Add Sender to Safe Senders List'. Users can also choose to select 'Add Sender's Domain (@example.com) to Safe Senders List' if they are sure they may receive legitimate emails from more than one address on that domain - but this option should be treated with caution.
If further advice or guidance is required, please Contact the Digital Services IT Service Desk.
Where can I find security advice regarding my University email account?
While the University takes proactive steps to protect the email accounts of staff and students, it is also imperative that you assist by being aware of security risks to your email account while online.
A compromised email account not only disrupts your own email access and personal security, but may have wider consequences to the University - such as blacklisting of our email servers causing email bouncebacks affecting other users and possible corporate data compromise.
All Staff and Students are reminded they must abide by the University Acceptable Use Code of Practice (PDF format) with respect to taking adequate safety precautions when using University email accounts.
Why spam email reaches your mailbox
The vast majority of spam emails (Wikipedia link) are discarded by the University spam filters before they reach user mailboxes, but it is inevitable that a small percentage of rogue emails may be able to reach the user mailbox.
It is virtually impossible to prevent this, since setting spam filtering rules too strictly may result in legitimate emails being rejected as 'false positives', and spammers are always seeking ways to bypass automated spam filtering systems.
In some cases, local spam rules on user mailboxes will also mark emails as spam - such as the Junk Mail folder in Outlook client (staff) and Office 365 (student) - for more information on how to block/allow emails see the Online Help within Outlook and Office 365.
IMPORTANT NOTE: It is crucial to understand that just because an email has reached your inbox this does not guarantee it is legitimate, so you should still be wary of all unsolicited emails - particularly those requesting personal or account related details.
Why spammers want your account details
Spamming takes many forms, from dubious bulk advertising (known as malvertising) to phishing - where the spammer is trying to trick you into providing personal details by pretending to be a legitimate company or person you may know.
Attempting to directly phish financial or personal details to commit fraud or identity theft may be the most obvious reason - but why do the spammers want your University email account details? A compromised account may provide your personal information indirectly via the emails in your mailbox - it's important to note that the spammer will be able to access everything in your mailbox. University email systems also tend to be 'trusted' and therefore it makes our email accounts very attractive to spammers when continuing their on-going spamming activities.
The University has taken steps which assist in proactively identifying email accounts which may have been compromised, however it is important to note that ultimate responsibility for keeping their mailbox secure remains with each staff member or student.
How to recognise a phishing email
Some phishing emails are more obvious than others and some spammers go to great lengths to 'spoof' their intended recipients. Just because it looks legitimate doesn't always mean it is - web addresses and email links can be 'spoofed' and corporate images (such as bank logos, etc.) can be misused. Remember: if in doubt, check!
Online banking is an obvious common target of phishers, and many people are now extremely wary of providing financial account details to non-solicited emails, but spammers have diversified into other areas such as:
- Student Loans Company 'account alerts'
- Email Mailbox 'loss of access' or 'upgrade' alerts (Important: Digital Services will NEVER ask for your passwords in this manner)
- HM Revenue & Customs 'tax refunds'
- Parcel shipping 'non-delivery' from DHL, etc.
- iTunes, eBay and PayPal 'purchase' alerts
- Social Media 'access' alerts
Access to this information may provide the spammer with the indirect route to other personal or financial information.
Clicking on attachments and web links within suspect emails also increases the risk of malware and spyware infection of your computer or smart device.
View an example of phishing emails received by the University recently (PDF format)
How to protect yourself
If you receive an unsolicited email from an organization you do have links with, which includes web links, go to their official website by typing the link into your internet browser or use your browser bookmark/favourite. Do not click on any link in an unsolicited email. If in any doubt, use the contact details on their site to query the email.
Tip: hovering over a hyperlink with your mouse (not clicking on it!) can preview the real web address the link is directing to. In many phishing instances this will clearly show a dubious link unrelated to the real site it is purporting to be - this is one way to spot a potential phish.
Do not 'unsubscribe' from unsolicited email lists, this is likely only to increase the volume of spam you receive, as you will mark your email account as 'live' to the spammer. Mark the email message as junk or just delete it.
Do not register your University address on numerous external websites, forums or email distribution lists - except those for University related purposes. The more 'footprint' your email address has on the internet, the more likely it is that you will receive spam. Instead, it is better to register and use a web based email account for personal internet use.
When accessing University systems via personally owned devices, use an up-to-date web browser. Anti-phishing technology is now common in recent versions of standard web browsers such as Firefox, Chrome and Edge. University staff and student workstations currently use Edge as the supported default browser. Google Chrome is also installed.
If you are unsure about the authenticity of an email in your University mailbox, forward it to the Digital Services IT Service Desk at email@example.com for advice.
What to do if I think you have been compromised
In the event you suspect your University email account may have been compromised (possibly by you having mistakenly supplied details to an unsolicited email or via your mailbox demonstrating other signs as outlined below), then it is vital that you inform the Service Desk on 028 9536 7776 as soon as possible.
If the incident occurs during core working hours of Mon-Thurs 09:00-17:00 and Friday 09:00-16:30, the Service Desk will assist you in changing your password immediately and will then open the investigation to establish if any actual compromise has occurred.
Outside core working hours, please attempt to change your password immediately using the Staff Password Manager and then inform the Service Desk via telephone at the earliest opportunity of the suspected compromise.
IMPORTANT NOTE: the new password must be completely unrelated to the possibly compromised password; hence it should not be guessable to the spammer if they re-try to gain access.
Please do not use email to report a suspected compromise.
It is important to note that the early reporting of a possible compromise may assist in reducing the impact significantly. Some spammers may not actively misuse your account immediately, so if the password has been changed at the earliest possible time, this may block any active misuse of the account.
Signs your account may have been compromised include:
- Receiving email bouncebacks, especially from emails you do not recall sending.
- People on your contacts list report receiving strange emails from you.
- Emails appear in your Deleted Items, Sent Items or other folders that you do not recognise.
- Presence of mail rules diverting your email to another folder within your mailbox instead of the Inbox, or to another email account entirely.
- Personal signatures on outgoing emails changed to other contact details instead of your own.
If you also think you may have compromised personal details related to a non-University IT Account, then contact the relevant company or organisation for assistance. For example, if your mailbox contains details of any online bank accounts, then you should assume that a spammer with control of your mailbox could have accessed that information at any time.
Related online material
- University - Acceptable Use Code of Practice (PDF Format)
The following links are external to the University but provide useful additional information on this subject.
- Student Loans Company - advice regards phishing emails
- Microsoft Safety & Security Centre - Phishing Frequently Asked Questions
- Microsoft Safety & Security Centre - how to recognise phishing email or links
- BBC Viewpoint: How hackers exploit 'the seven deadly sins'
- Sophos 'Naked Security' blog - Targeted webmail phishing attacks
- Citizens Advice - How to check if something is a scam
- Stay Safe Online - Spam & Phishing
- Sophos - IT Security DOs and DON'Ts (video clips)
Disclaimer: this section includes links to external websites in order to provide additional information. We are not responsible for the content or availability of any external website and the inclusion of such websites does not constitute a recommendation or endorsement of an organisation or its website by Ulster University.