E-mail Security and Filtering

Last Updated: 01/10/2018


OIT servers regularly process more than 10 million incoming email messages per day. Using an extensive multi-tiered filtering solution, OIT is able to catch the more than 75% of these incoming messages that are categorized as spam. As part of this process, OIT servers scan messages for malicious contents (URLs, viruses and certain file types) and remediate them.

URL Filtering

As of September 2017, OIT will be scanning messages for URLs with poor reputations in an effort to protect the campus from malicious web links. When suspect or malicious URLs are found, you will either recieve a warning heading in the email or a notification webpage when you click a link.

Email Heading Notifications

If the campus servers determine a URL is malicious, the URL will be removed from the message and a warning heading added to the email similar to this:

Malicious URL Notification

In other instances, if the campus servers are unable to definitively determine if a URL is malicious, it may still be considered suspect and routed through Cisco, an external security service, for further evaluation. If Cisco finds malicious activity, the URL may be rewritten and you will receive a notice when attempting to click the URL:


When a website is malicious or has been compromised, it will likely be blocked by the new filtering measures. To reduce the incidence of false positives, OIT has proactively whitelisted websites that are commonly referenced in communication from our campus. If you have questions or find a URL that is being blocked but has a legitimate business function for our campus, please contact the IT Service Center at help@colorado.edu or at 303-735-4357 (5-HELP from an on-campus phone) for assistance.


  • OIT's email filtering solution is able to determine the level of likelihood that an incoming message is spam.
  • Messages with a mid-range spam filter score are flagged as "POTENTIAL SPAM" in the subject line of the message, which allows you to set up a filter to keep these messages from ending up in your inbox.
  • Messages with a very high spam filter score are blocked entirely from reaching your inbox.
  • Messages carrying viruses are blocked prior to delivery.
  • Messages with attachments that are considered a threat will have the attachments removed and a notice inserted prior to delivery.
  • URLs (commonly known as web links) are scanned for poor reputation and removed or tagged for further evaluation as needed. (Enabled 09/18/2017)


Many virus-infected emails will be captured before they are sent out from campus or before they are delivered to your email account, however, all email users must still be vigilant to limit the spread of viruses. OIT recommends several antivirus solutions for CU Boulder faculty, staff, student staff, and students.  Choose the solution that best fits your needs and specifications.


Antivirus software available through OIT includes:

  • University-owned computers: System Center 2012 Endpoint Protection for Windows or Mac, Windows Defender
  • Personally-owned computers: Microsoft Security Essentials, Windows Defender, Sophos Home Edition

Visit the Antivirus page for for detailed information regarding CU Boulder's recommended antivirus solutions.


URL filtering and antivirus programs are available at no charge to CU Boulder faculty, staff and students.

Who can get it

All CU Faculty, Staff and Students can download Antivirus software, and anyone utilizing an @colorado.edu email address receives URL filtering.

How to get it

Email spam filtering and protection is a built-in part of OIT's email solutions. For Antivirus software and installation assistance, visit the Antivirus - Help page.