You are here Email Services > Email Authentication

Email authentication

What is email authentication?

Email authentication is a technique used to prove that an email is not forged.

For example, it provides a way to verify that an email coming from somebody@tcd.ie is actually from that person. Email authentication is most often used to block harmful or fraudulent uses of email such as phishing and spam.

Why is email authentication being enforced?

Trinity, like other large institutions suffers from regular email 'phishing' attacks. 'Phishing' emails are fraudulent emails aimed at getting recipients to divulge important information such as passwords. The 'phished' information can then be used to gain unauthorised access to a system.

The 2021 ransomware attack on the HSE started with a phishing mail.

Email spoofing

Phishing emails generally use a technique called 'email spoofing'.

The phishing email will try to 'spoof' a legitimate Trinity email address like itservicedesk@tcd.ie or hr@tcd.ie and trick you into thinking the email is from a legitimate Trinity email account.

To counter the threat of spoofing, IT Services have implemented email authentication checks that aim to stop the spoofing of Trinity email accounts.

How does this impact me?

If you send email, using a @tcd.ie address, from an official Trinity email service (Student email, Staff email), mail authentication will not impact you and will help to ensure that your mail is delivered.

If you send email, using a @tcd.ie address, from a non-Trinity email service (Gmail, Yahoo, or cloud application for example), the email will likely not be delivered. Your email will likely be quarantined or rejected by the receiving mail service.

Third-party services that send email

Some third-party services (e.g. cloud applications) may have a requirement to send mail. An example would be using a cloud-based product to send marketing emails.

In general, when using third-party services, a non-Trinity email address should be used to send email from the service. If you attempt to send email, from a third-party service, using a @tcd.ie email address, the email will likely be quarantined or rejected.

As an exception to this, certain third-party services have been approved to be able to send email using a Trinity email address. Please see the below a list of approved and some non-approved services.

Services that are approved

• Mailchimp - For staff only
  • How to configure a @tcd.ie address to send in Mailchimp - For staff only
• ClickDimensions - used by Global Relations
• TargetConnect - used by Trinity Careers Service
• The Summer reservations system - used by the Accommodation Office
• Meltwater – used by Public Affairs and Communications

Services that are not approved

• Gmail
• Hotmail
• Yahoo
• Outlook.com
• Sendinblue
• Blacknight.com
• Any other cloud application

Requesting that a service be 'approved' for use

If you want to send mail using a TCD email address from a third-party service, it cannot be facilitated by IT Services unless it is being implemented as part of a College approved project and if there is an enterprise level agreement with the cloud application provider.

Such projects are usually initiated via the IT Services Project Management Office or the Trinity Programme Management Office.

'Approval' will be granted on a case-by-case basis and is not guaranteed. The domain portion of the mail address (the bit after the "@") will always be a TCD sub domain (e.g. @app1.tcd.ie or @service1.tcd.ie). Please note that a mail address of the form "X@tcd.ie", i.e. using the "tcd.ie" domain cannot be facilitated.

For services that are used by a small number of people, and that are not part of a College project, 'approval' will not be granted. In these situations, using a non-Trinity email address is advised.

If you have a service that is being implemented as part of a project, and require further information, please contact the IT Service Desk.