Email: Catmail, Microsoft Outlook

Description

Microsoft 365-based email accounts for OHIO students, faculty, staff, and alumni who graduated after 2000. 

Access

Who can access

  • Current applicants, employees, and retirees

  • Enrolled undergraduate and graduate students

  • Emeriti and alumni who graduated after 2000

  • Sponsored guest accounts

    • Sponsor must request email access

How to request access

  • No request is needed. The service is enabled automatically based on your role at the University.

Features

Connect with other applications

Platform Needed

  • PC and Mac

    • Outlook 2016 or newer

    • Mac Mail and Calendar built-in apps: Mac OS 10.14 (Mojave) or higher

  • Mobile Applications

    • Outlook App: iOS and Android

    • iOS Mail and Calendar built-in apps: iOS 11 or newer

Additional resources

Service support

Get help

  • Visit the Technology Help Center ( help.ohio.edu ) to get live support, view outages, and browse trainings.

Accessibility

Visit the following Microsoft support page for information about accessibility features available in Email: 

Ohio University strives to make its digital resources and services accessible to all visitors, including those with disabilities who may also be using assistive technology. If special steps are necessary in order to improve the accessibility of experiences for end-users, those steps must be taken. 

If you experience a barrier that affects your ability to access OHIO websites, videos, online forums, documents, or other information technology, please let us know
For further information about OHIO's digital accessibility resources, see:

Security

Security Features: Catmail

Catmail includes advanced security features to protect you and the University from phishing scams, malware, and accidental disclosure of sensitive data.

Advanced Threat Protection

External Sender Warning

When you receive an email from an external sender (anyone outside of ohio.edu), the email will include a yellow banner at the top, warning you to use extra caution when clicking links or opening attachments. The warning is designed to reduce  phishing attacks,  which are fraudulent emails, often designed to look like official University communication, that trick users into disclosing sensitive information or opening attachments that install malicious software.

Reporting Phishing

When you receive a suspicious email, you can report it as a potential phishing attack directly from your email application. Reported phishing and junk messages are sent to both to OIT and Microsoft, where they are reviewed to improve the effectiveness of spam filters. 

Catmail (Outlook on the Web) users can report suspicious emails using the “Junk” dropdown menu and selecting “Phishing”:

A dropdown menu with the following options: Junk, Phishing, Block

Outlook desktop users will find a “Report Message” button in the Outlook Ribbon at the top of the screen:

A dropdown menu with the following options: Junk, Phishing, Not Junk, Options, Help

To report suspicious emails on Outlook for iOS, iPadOS, or Android, tap the three small dots in the upper right corner and tap the “Report Message” icon:

iOS: Android:

A screenshot from iOS with three dots circled in red in the upper right corner and a number one, then a report junk icon circled in red and a number two

A screenshot from Android with three dots circled in red in the upper right corner and a number one, then a report junk icon circled in red and a number two

SafeLinks

When you click a link in an email message,  SafeLinks  uses an automated Microsoft service to verify that the link's destination is not malicious. If the link appears to be malicious, the service will display a warning and prevent the linked site from loading. If you are using Outlook, you can view the actual destination of a SafeLink by mousing over it. If this does not work, or if you are checking your mail from a non-standard email client, you can use our  SafeLinks decoder (OHIO login required)  to view a link's destination. 

Safe Attachments

When someone sends you an attachment,  Safe Attachments  will scan that message and attachment using machine learning and analysis techniques to detect malicious content. Delivery may be delayed a few minutes to allow this scanning to occur. If a malicious attachment is detected, the attachment will be removed, and a substitute text file named “Malware Alert Text.txt” will appear in its place. If you believe an attachment was removed by error,  contact the IT Service Desk .

Screen shot: Malware warning text file

Data Loss Prevention

Email is not a proper method to share sensitive data with external parties. To reduce the likelihood of sensitive data disclosure via email, Ohio University has enabled  Microsoft 365 Data Loss Prevention (DLP)  for Catmail. Automated DLP scans can help reduce the risk of distributing sensitive data; however, it is still your responsibility to handle that data appropriately.

Respecting privacy - DLP scanning is automated. An Information Security analyst will only access a copy of a message if DLP flags that message as containing a large amount of sensitive data. 

What to expect: Social Security numbers

If DLP detects one or more Social Security numbers in an outgoing email, the service will block that message and notify the sender of the issue, either with a Policy Tip or through a rejection message.

In Outlook on the Web or Outlook for Windows, a Policy Tip will appear at the top of your window letting you know that your message appears to contain sensitive data and giving you the option of reporting a 'false positive.' If you press Send, the message will be rejected. 

On Outlook for Mac and mobile apps, the Policy Tip will not appear, but the message still will be rejected if you try to send it.  

To report a false positive, forward the rejection message  to the IT Service Desk  for assistance.

Report false positives of SSN Blocking via Web Outlook (Catmail)

Outlook on the Web

SSN blocking policy before sending email via Outlook Desktop Client

Outlook for Windows

SSN Blocking bounceback email

Rejection "bounce" message

What to expect: other sensitive data

  1. If DLP detects high volumes of PII (personal identified information) being sent to a non-ohio.edu address, the service will create an incident report for the Information Security Office.

  2. A security analyst will review the flagged data to determine if a data loss has occurred.

  3. If the match is a false positive, the case will be closed with no further action required.

  4. In the case of an actual data loss, normal incident response procedures will be followed, including disciplinary action if needed.

What to do if your message is blocked

If you still require sending sensitive information via email, please  encrypt your document  prior to sending it. You can password protect the document and securely share the password with the recipient via another form of communication such as telephone or in-person. 


The Ohio University Information Security Office strives to educate and empower the University community to appropriately manage risks and protect OHIO’s information and systems. This effort is facilitated through policies, standards, and information security risk management programs, as well as other tools and guidance that are provided to the University community. This modern approach creates a safe computing environment in which the university community can teach, learn, and conduct research. 

For additional information about OHIO’s security resources, see: