IT Service Desk Update


Did you know you can create your own Service Desk Incident through the self-service portal in ServiceNow? Just go to to start the process!

Email Security

Microsoft Defender Graphic


Marshall University Information Technology utilizes a comprehensive email and client security solution provided by Microsoft Defender for Office 365. In addition to antivirus and anti-spam protection, the Microsoft service improves security for both incoming and outgoing mail. This provides advanced protection against phishing, business e-mail compromise, and ransomware targeting our students, faculty, and staff.


Key Benefits:

  • Review quarantined messages: Ensure no legitimate messages are flagged as spam. A spam notification will be sent periodically with a list of quarantined messages. This notification will contain links that allow you to view, block, or release the message to your inbox.
  • Identify approved senders: Adjust filtering settings so that desired messages, which have been incorrectly identified as spam, will not be flagged as such in the future
  • Secure and protect your email inbox from:
    • Unwanted mass mailings (spam)
    • Messages with malicious payloads (viruses)
    • Messages with links that will steal information or download malicious software (phishing)

Frequently Asked Questions

No action needs to be taken on your part. Just keep an eye out for Spam Notifications which will come from You might receive an email periodically notifying you of messages that are in quarantine. If you do not receive these notifications, it means you have no email in your quarantine.

The new Spam Notifications will come from with the Subject “Spam Notifications: [x] New Messages

Below is a screenshot of what a Spam Notification will look like in Microsoft Outlook:

By default, Spam Notifications will be emailed to you no more than once daily. To view a quarantined message using the notification, click Review. This will open your browser and direct you to where you can view all messages in your quarantine for the last 30 days. To login, use your MUNet credentials and follow the prompts.

Only click Release if you are sure the message is safe. Releasing the message will remove the message from the quarantine and deliver it to your email inbox.


Once logged in to your Office 365 account, you can view a message by clicking on it, then going to Preview Message. You can also Release message from quarantine, View message header to see delivery metadata of the message, or Remove from quarantine.


A quarantined message will remain viewable for 30 days. After 30 days, the message will not be accessible.

There is currently no way to view a blocked message. If you know a legitimate email was sent to you and you are not receiving it, please contact the IT Service Desk at or (304)696-3200. They will ask for the sender, date/time the message was sent, and any other details you know about the message.

The main difference is visibility; you receive notifications that email has been quarantined, but are not notified of blocked email. When an email is quarantined, it does not go to your email inbox, but does go to a “quarantine inbox.” When this happens, you’ll receive a notification to your email inbox which allows you to view or deliver the message.

Blocked messages are not delivered to your email inbox, and you do not receive a notification of them. There can be dozens of blocked messages daily, so it would be overwhelming to be notified of all of your blocked messages. Remember, when a message is blocked, it is because Microsoft Defender for Office 365 has marked it to be unwanted or fraudulent for a reason.

There is currently no way to edit the frequency of the Spam Notifications. If you are receiving more than 1 per day, please open a support ticket with the IT Service Desk at or (304)696-3200.

Yes. There are measures in place to detect any fraudulent activity coming from a Marshall email address. This helps MUIT discover and remediate compromised accounts. Any email you send to an external email address (a non-Marshall address) will be filtered through Defender for Office 365. If an account begins to send fraudulent email, an administrator will be alerted.

To edit Blocked and Safe Senders, login at with your MUNet credentials. Go to the Settings gear at the top-right and click View All Outlook Settings at the bottom of the menu.

In the Settings window, go to Mail > Junk Email. Here, you can add email addresses and domains to your Blocked Senders and Safe Senders lists by clicking Add. Remove them by clicking the trashcan icon to the right of the entry. You can also edit the entry by clicking the pencil icon. Be sure to click Save at the bottom to save your changes.

You can also edit your Safe and Blocked Senders list in the Microsoft Outlook application by right-clicking any message and going to Junk > Junk Email Options…

Phishing is any fraudulent email designed to trick the recipient into taking an action that will compromise sensitive data. Bad actors who send phishing messages usually try to capture credentials, personal, business or banking information. Most phishing messages direct a victim to a webpage that looks like a familiar login page, such as Marshall’s Single Sign On. Others can infect a victim’s device with malware which can ultimately assist bad actors in collecting the data they are after. Some fraudulent messages are designed to impersonate a VIP of the university and trick an unsuspecting employee into sending account details or purchasing gift cards (also known as “whaling”).

Spam is unsolicited emails aimed at selling goods or services, that the recipient did not subscribe to. Spam messages are not aimed at stealing information. While bothersome, spam is not as dangerous as phishing emails.

It is important to know the difference between phishing/fraudulent email and spam/junk email when reporting unwanted messages.

It is important to know the difference between phishing/fraudulent email and spam/junk email when reporting unwanted messages. Before reporting a message as Junk or Phishing, please see the section above “What is the difference between phishing/fraudulent and spam/junk?

To report a message using the Outlook webUI at, click the ellipsis […] icon at the top-right of an unwanted message. Go to Report Message > Junk or Report Message > Phishing.  Try to categorize the message appropriately.

Messages reported as Phishing are sent to the MU Information Security team for further analysis, which aids in identifying and blocking future attacks. Spam messages misreported as Phishing are ignored and discarded; only phishing/fraudulent messages are analyzed by the MU Information Security team.

Messages reported as Junk (spam) are sent to Microsoft for further analysis to assist the research and improvement of their email protection technologies. When you report a message as Junk, the sender’s email address is also added to your Blocked Sender’s list.