E-Mail Macro Filter
E-Mails are frequently used as a distribution method for malware (viruses, trojans, etc.), as well as for phishing attempts. Attachments from unknown sources should be approached with particular caution.
The e-mail macro filter aims to inform users of the potential risk of suspicious incoming mails sent from external e-mail addresses. Suspicious attachments, in this case, are mainly office documents with active components, so-called macros.
This security measure is, however, only a part of the entire structure of "it-security". No protective measure can be 100% effective, and user caution is vital. This measure is not designed to be a blanket defence against cyber attacks via mail, but to draw attention to one specific feature - macros.
As such, please be aware that this measure does not filter all potentially dangerous attachments, and that there are other potential security risks in e-mails. We advise you to pay attention to suspicious e-mails, and to always double check before opening attachments from unknown or suspicious sources.
E-mails with attached documents containing macros and sent from e-mail addresses that do not belong to the central exchange mailing system will be sent with a warning label.
Specifically, this means that suspicious mails will not be sent directly to the recipient, but attached to an addition information e-mail.
The information mail will then be sent to the recipient in order to inform them of potentially risky content.
The information mail is sent from the address NoReplyemail@example.com and has the original subject of the mail that has been sent to the recipient.
The information e-mail will contain the original mail as a text file attachment with original header information including the original sender of the mail.
The original text of the mail can be viewed by clicking on the attached document.
E-mail programs handle attachments differently. To open the original attached email, the email must be opened in .eml format. For example, this format is supported by Outlook or Mail App for Windows.
If you have difficulties opening the attached e-mail (e.g. e-mail is empty or no document is attached), please try to open the e-mail in the RWTH Mail App via browser (mail.rwth-aachen.de).
Example: Workaround for AppleMail:
If the sender of the original message is trustworthy, and the attachment proves not to be suspicious, you can then go ahead and open the attached document.
Example: Microsoft Office documents with macros
It will initially be opened in a read-only version, and you need to actively enable editing in order to make any changes to the document.
When you enable editing on the document, you will receive another note on macros, and can then enable the active content of the document in order to use the macros.
Further information on macros can be found in our blog: https://blog.rwth-aachen.de/itc/2021/09/01/makros-2/
In case you have further questions, please feel free to contact the IT-ServiceDesk.