Skip to main content

Cornell University

Email From My Cloud Hosted Website is Blocked by Cornell

How to fix the issue where accounts with a Cornell email address block email sent by your cloud hosted website

On This Page

User Experience

An email account from my website that is hosted in the cloud (Pantheon, Acquia, Media3, or another external hosting service) sends mail to users with a Cornell.edu address, but none of the email is delivered.

What Is Happening

Your website is hosted on a server that is currently blocked or blacklisted by Cornell.edu. This can happen even if your website sends legitimate emails, but another website hosted by the same service is sending spam messages to Cornell.edu addresses.

How to Solve this Problem

Create a verified account to send mail to Cornell.edu addresses.

Please use caution when adopting this solution to take care that your website does not become an open email relay into Cornell's mail system.
  1. Create an Exchange Group Account (EGA) .
    1. Assign email addresses to the account that will be used as the FROM address.
  2. Have the account verified by Identity Management and given a password (idmgmt@cornell.edu).
    1. Example email to send:
      Dear Identity Management,  I am the owner of the EGA ga."ega-mail". I am requesting a password on this EGA because we need to configure our website that is hosted outside of Cornell to use authenticated SMTP to send emails successfully. I understand that policy 5.10 prohibits the use of shared accounts and passwords with the central authentication system, except where it is not technically possible to provision individual accounts. I attest that it is not technically possible to use an individual account in this case. I attest that, in compliance with policy 5.10, I will maintain a local inventory of who has access to the account and change the password when there is any change in personnel or access requirements.
  3. Configure your mail settings:
If your cloud hosting provider is Media3, you do not need to do this step. However, if you choose to enter multiple email addresses for Media3, separate them with a comma(,) NOT a semicolon (;). Otherwise your server will not send email.
  1. Servername: smtp.office365.com
  2. User name: ga.itcornell@cornell.edu (the full GA name with @cornell.edu appended; this will be different for every site.)
  3. Password: as security office assigns
  4. If there is an option for TLS, enable it. Authentication will not work without TLS/STARTTLS support.
  5. Server Port: 587

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.