Spoofing Recipient Email Removal

We have been communicating with you about the security improvements being made to the way that incoming ‘spoof’ emails are processed by NHSmail. This has included the initial move of spoofed email to ‘Junk E-mail’ folders, to the most recent Sender Policy Framework (SPF) changes.

Your work, together with the support you’ve given your end users, has contributed to a significant reduction of almost two million spoofed email per week, taking this down to less than 30k a week. This is a fantastic achievement – thanks for helping to keep the NHSmail service secure.

From today we will no longer be sending the spoofing recipient email which means that any intended recipients of spoofed email will no longer be notified that someone has tried to send them a spoofed email.

We have considered the clinical and cyber security impacts of this change and have provided further information in the Anti-spoofing Clinical Safety Case Addendum.

The process for managing spoofed email is now embedded in our operational processes, bringing the spoofing project to a close.

What action do I need to take?

• Please can you remind your users that all spoofed email is blocked from the NHSmail service, and that they will no longer receive notifications of any spoofed emails intended for them.

Further information on spoofing is available on the NHSmail support site.