Skip to main content

Office 365’s FOPE service: What to do when an account is blocked

Microsoft’s Office 365 includes Forefront Online Protection for Exchange (FOPE). FOPE blocks accounts that appear to be sending malicious messages or apparent spam. A new web page explains what happens when a user’s account is blocked, and what the user’s IT staff need to do.

Key points:

  • A user whose account is blocked will receive “delivery has failed to these recipients” error messages when they try to send email.
  • The IT staff who support an affected user will run diagnostics on the user’s computer(s) to determine and fix the underlying causes.
  • After any problems are addressed, the affected user must change their NetID password. IT staff then contact the IT Service Desk to tell them that the problem has been resolved and that the user’s password has been reset.
  • CIT staff asks Microsoft to evaluate the account’s activity and re-enable the account. The timing for this part is out of Cornell’s control; it make take a few hours or a few days.

Email service stabilization

Between May and July, CIT is intensively reviewing and making improvements to the university’s email service in order to provide the Cornell community with stable, reliable, and predictable messaging capabilities. We are taking several steps to improve the technical infrastructure, support processes, and customer service.

May

  • Collaborated with the College of Engineering to develop an end-to-end performance monitoring tool
  • Changed after-hours escalation procedures to notify the on-call staff when any email issue is reported, regardless of whether it appears to be individual or widespread

June

  • Putting end-to-end performance monitoring tool in production
  • Addressing gaps in process monitors and alerts
  • Refreshing hardware for border routers
  • Increasing the IT Service Desk’s Level 2 and 3 resources for email support

July

  • Making changes to reduce the risk of having Cornell’s email system blacklisted as a result of password compromises
  • Reviewing current on-premise architecture to identify opportunities for improvement

Please note: This time line is approximate and may shift based on data from the end-to-end performance monitoring.