1. My message was rejected because it contains a "Badmacro". How can I send it?
You've tried to send a message with, say, a Microsoft Word or Excel attachment and received an error message similar to
This message contains malware (Sanesecurity.Badmacro.Doc.creobj.byt.UNOFFICIAL)
The part to look out for is Sanesecurity.Badmacro.Doc.
Although your attachment may be legitimate, it contains elements in common with dangerous malware such as Dridex which has caused serious financial loss to the University in the past. After reviewing these incidents, the Information Security team told us to stop delivering messages with this type of attachment.
In order to send you attachment, you could:
- encrypt your message/attachment so that the malware scanner can't see it.
- use a service designed for transferring files such as Oxfile.
As an analogy, imagine you are a researcher wanting to send a radioactive sample to another university. You can't use the normal postal service to transport such dangerous (albeit legal) cargo so must make alternative arrangements such as using a specialist courier.
2. Does Oxmail offer TLS-only connections?
No, but it does support opportunistic TLS. This means that it will send/receive over TLS if the other end supports it, else uses a non-encrypted connection. If you want to ensure that your mail server only sends/receives to/from Oxmail over TLS, make sure your mail server only offers TLS connections.
Bear in mind that STARTTLS uses hop-by-hop encryption so every hop gets to see your message in plaintext. If you care about the confidentiality of your message, you may wish to take IT Services Information Security's advice and encrypt the entire email content using dedicated technologies such as PGP or S/MIME.