1. News
  2. Email Security Update

Email Security Update

Last year, an article was published by University Information Security about email authentication – what it is, why it matters, and what you should do. This is an update on our progress, and some news on what’s next. 

What is email authentication? 

As a reminder, Email authentication helps verify the origin of a message; whether it comes from a trustworthy source or has been faked or forged by someone pretending to be someone they are not. All major email providers, starting with Google, have been increasing enforcement of these authentication rules over the past 2 years. You have likely seen signs of this in your personal email, as well as in the workplace – warnings about untrusted senders, requests to verify your domain, and other indications that the world is cracking down on spoofing and phishing. 

What is changing now? 

The University of Rochester is implementing a change at the end of January to prevent these unwanted emails from being delivered. These are changes that have already been implemented by Google, Yahoo, and other providers. In fact, some of the workflows described below are already broken, not by us but by Google. 

How will it impact you? 

As the IT and Information Security teams have been working on cleaning up and configuring all legitimate email flows to ensure they will pass these new authentication checks, they’ve identified a few common ways people use email that will no longer work once these changes are in place on Jan 29, 2026: 

  • Using your work email address to send from personal accounts (e.g., Gmail) will no longer be possible. Any emails sent from a personal account attempting to use your work email as the “From” address will be blocked because they will fail our authentication checks. 
  • Forwarding personal or student email to work accounts, or work email to personal or student accounts, will cease to function reliably. Once these settings are in place, emails forwarded in this manner will likely be rejected or flagged as spam. 

These practices, while convenient, were not compliant with University policies, and introduce security vulnerabilities. Please ensure you adjust your email settings to comply with these requirements before the end of January. If you have any questions or need assistance in adapting your workflow, please contact your local service desk for support: 

  • University IT Help Desk: (585) 275-2000 
  • ISD Service Desk: (585) 275-3200