Beginning November 25, 2025, CCS will implement DMARC (Domain-based Message Authentication, Reporting & Conformance) for the uoguelph.ca and guelphhumber.ca domains.
DMARC is an industry standard security protocol and is the next step in the continuous process of improving U of G’s email reliability and security. This implementation was originally planned for June 2025 but was delayed. (Please refer to the previous CCS News story which has more information about DMARC. A version of this new email was posted to CCS news on Friday.)
Beginning on November 25, incoming messages that fail DMARC testing will be immediately quarantined. In turn, external email providers will be instructed to quarantine messages sent from U of G that do not pass DMARC.
CCS has been working with system owners, and all known business software solutions have been configured to support DMARC. Email sent from these systems will be unaffected. For incoming email, CCS will be monitoring the quarantine for legitimate messages and will notify users accordingly. In the future, we plan to reject incoming email from invalid sources, but we are starting with this quarantine step. There is no current timeline for full rejection, and no messages will be lost during the upcoming change.
DMARC is an important step in improving email security for all faculty, staff and students. This change aims to protect our community from phishing attempts, email spoofing and fraudulent messages that could compromise sensitive information.
Please get in touch with any questions or concerns by way of the helpdesk: ithelp@uoguelph.ca