NHSmail Enabling collaboration for health and social care

Help

Service Status

Last updated: 18/02/2019 14:00




Anti-spoofing controls have been re-applied to direct spoofed emails from the internet to the ‘Junk E-mail’ folder within mailboxes. To make sure that you don’t miss any emails that still need to be actioned, please regularly check the ‘Junk E-mail’ folder within your mailbox, including any shared mailboxes that you manage.

This page provides you with up-to-date information on the status of the NHSmail services and any key known issues impacting users.

It is recommended that you regularly check these pages. For further information on any High Severity Service Incidents (HSSI) please refer to the NHS Digital Service Status Page (via N3/HSCN/NHS connection).



Email Gateway/Relay Status
Incoming Internet Email
Outgoing Internet Email
Internal NHS Email
NHSmail Status
Portal (administration tools)
Outlook Web Access (www.nhs.net)
Email Client Access (Outlook)
Mobile/Tablet Access


Complaints and Escalations Process

If you have any complaints about the NHSmail service, please email the national helpdesk. If you wish to raise an escalation, further information is available within the drop-down menu below.

  • NHSmail helpdesk

    LAs and users have the option to escalate incidents they feel have not been dealt with in an appropriate way or where the resolution provided does not answer the original query. Support is in place to deal with escalations 24/7.

    NHSmail helpdesk escalation process steps:

    • The LA / user provides the original ticket reference for the escalation being raised to the helpdesk.
    • The LA / user to provide an explanation of the reasons for the escalation and why the previous feedback has not provided the solution required.
    • The helpdesk should then perform an escalation to the appropriate Subject Matter Expert (SME).
    • If the escalation response is not acceptable then a further escalation can be requested to a higher level
    • Once the issue has been resolved, the helpdesk (or SME that has been dealing with escalation) will notify the originator of the issue via telephone / email to confirm closure of the escalation before actual closure of the incident takes place.

    Feedback mailbox

    The NHSmail Live Service Team also deals with escalations, via the ‘feedback’ mailbox. The team will check the following details before raising an escalation with the supplier:

    • If the incident / issue has already been recorded at the NHSmail helpdesk. If not, the LA / user will be asked to contact the helpdesk unless the incident / issue has service, security or clinical impact concerns.
    • If the incident / issue is still within agreed Service Level Agreements (SLAs) for the severity type (if it has already been raised with the helpdesk), the LA / user will be advised to contact the helpdesk for an update. The agreed incident resolution time is 48 hours excluding non-core hours, non-core hours are 22:00 until 07:00 so effectively this is 3 working days.
    • If a response has been provided by the helpdesk and this has not resolved the issue, and it’s still within 72 hours of the ticket being resolved / closed, the LA / user will be advised to contact the helpdesk to request that the ticket is re-opened.

    If an incident / issue remains unresolved after the above steps have been taken, it will be escalated by the NHSmail Live Service Team to the supplier.


High Severity Service Incidents

In the event of High Severity Service Incidents (HSSIs), information will be provided in this section. You can also see any HSSIs raised within the last 7 days.

  • 14/02/2019 - INC9588056 - NHSmail Helpdesk telephony issues

    Issue Description: The NHSmail helpdesk are experiencing issues with their telephony system and users will receive a 'not available' tone when attempting to call. Users wishing to report issues should email helpdesk@nhs.net whilst this issue is ongoing.

    14/02/2019 22:20 - Resolved: The NHSmail helpdesk telephony issue has been resolved and users can contact the helpdesk through this route again.

  • SPAM Emails Containing Phishing Website Links: NHSmail support teams have identified a series of SPAM emails containing phishing website links being sent to users. An account with a nhs.net address is claiming to be from an IT Support Team and is asking users to verify their account by providing their credentials and password. This is not from the NHSmail support team. Users should never click any provided link to verify their accounts. This account has now been deactivated but certain user's may have received an email with a provided link.

  • Outgoing Internet Email – Blacklisting: NHSmail is periodically experiencing issues relating to blacklisting. Please review the Known Issues below for further information.

  • 05/02/2019 - INC9458540 - BT have reported to Accenture that the N3/HSCN link into the Slough data centre is currently down. Resiliency remains to the Hemel data centre. BT have reported this to NHS Digital as a severity 2 incident and this incident is raised to track progress to recovery.

    Issue Description: There is currently no likely service impact to end users, however if the issue still remains as we enter the standard business day we can expect traffic to bottleneck on the single remaining link as it does not hold sufficient capacity. This is a known and reported risk NHS Digital are already aware of.

    05/02/2019 10:00 - Resolved: The issue has been fixed by Virgin Media and BT. All servers are up and running.

  • 21/01/2019 - INC9259722 - A small number of users are experiencing intermittent access their email account through OWA

    Issue Description: A small number of users are experiencing intermittent access their email account through OWA.

    21/01/2019 13:30 - Resolved: The issue has been resolved, but the team will continue to monitor over the course of the day.


NHSmail News

Things that are happening on the service that may impact your use of it.

  • Following a recent review of how account lockout incidents are dealt with, a step by step guide has been published to assist the Local Administrator community and users by providing information on how to resolve the most common forms of repeated lockouts. This guide is located in the Policy and Guidance section of the Portal help pages, under General Guidance

  • Anti-spoofing controls have been re-applied to the NHSmail service which means that from 12 February 2019 emails spoofing @nhs.net addresses received from the internet will be directed into users’ ‘Junk E-Mail’ folders. Spoofed email received from Transition Network / HSCN sources that spoof @nhs.net addresses will still be delivered to users’ inboxes.

    This security improvement is intended to help keep NHSmail safe and to improve the way that incoming emails are processed to stop spoofing on the NHSmail service. The NHSmail Spoofing Guide outlines what spoofing is and why these changes are being made.

    During 2019, spoofing will be blocked completely from the NHSmail service with the exact date to be confirmed nearer the time.

    Additional information is available on the anti-spoofing controls on the Policy and Guidance page of the Portal under ‘General Guidance’:

    Guidance is also available in the Portal Local Administrator Guide on how to enable / disable NHSmail SMTP / POP / IMAP settings.

  • The Business Continuity and Disaster Recovery (BCDR) test, that was scheduled for 22 and 23 September 2018, has been postponed to March 2019. Specific dates will be published here closer to the time.

    We do not expect any impact on end users during the course of the test, however Local Administrators should review their local business continuity arrangements as a precaution. If there are any organisations involved in self-migration NHSmail activity, a pause should be planned once dates are confirmed.

  • Please find detailed below the dates / times of the upcoming Local Administrator webinars and open sessions. Further information, along with an invitation, will be sent to all Primary / Local Administrators around a week before the scheduled session.

    Date Time Session
    Wednesday 27 February 2019 11:00-11:45 Open session
    Wednesday 27 March 2019 11:00-11:45 Open session
  • Guidance for sending secure email (including to patients)

    Introduction

    NHSmail is a secure email service which means that data can be sent safely and securely to other email addresses which meet the same high standards of accreditation.

    NHSmail also allows users to securely exchange information with insecure or non-accredited email services via the NHSmail encryption feature. This feature must be used if you are sending any personal or confidential information to a non-secure email address, such as a patient email address.

    Sending sensitive information to non-secure email addresses (including patients)

    You must never send personal, sensitive or confidential information to a non-secure email address unless it is encrypted.

    Encryption is an additional security tool which means users can communicate securely to any type of email account.

    • How do I use encryption when sending from NHSmail?

    All you need to do is add the word [secure] in the subject line of a message - with the inclusion of the square brackets. Before using the service:

    • check local organisation policies and processes on sharing personal confidential data and sensitive information first which will take precedence over this guidance
    • ensure you are familiar with the NHSmail Encryption guidance and process

    You should only use the NHSmail encryption capability if approved to do so locally.

    • What will the patient receive?

    Patients will receive an email which looks like this:

    PRIVATE AND CONFIDENTIAL
    You have received an email message secured by Private Post. Please open the file called Encrypted_Message.htm to read the message.

    When they receive the email, if they have not done so already, they will need to register for the service.

    Once registered they can then open the email in their internet browser. After logging in they will be able to view and reply to the email, confident that their information is safe and secure.

    • Do I need to use [secure] in the subject line if I am communicating with another NHSmail address?

    No. When sending email from NHSmail to another secure service you do not need to take any action.

    You will know if you have an NHSmail email address because it will end in nhs.net. Please note that nhs.uk systems who have not met the accreditation standards are not considered secure.

    Email addresses which meet the same high accreditation and security standards as NHSmail are rare. You can spot them by their endings. They will end in:

    • Nhs.net
    • Secure.nhs.uk
    • Gov.uk
    • Cjsm.net
    • Pnn.police.uk
    • Mod.uk
    • Parliament.uk

    • I don’t use NHSmail, can I send sensitive information to patients?

    You must never send confidential information to or from an email address which does not meet the necessary standards of security.

    Your email provider may have a way for you to encrypt emails so that you can send confidential information securely and to the appropriate security standards. Please refer to your organisation’s IT policies for guidance or speak to a member of your IT team for further information

    Further information is available in the full encryption guide to NHSmail

    Sharing sensitive information summary

  • The annual user satisfaction survey is now closed. Thank you for all of the responses received. Results will be published on this site in due course.


Portal Releases, Known Issues and Guidance

Please see the current known issues outlined below:

  • Issue Description: There is an issue whereby the ‘Delete OneDrive’ button is available under the Actions section of the User Details page in the portal for user accounts that don’t have an Office 365 license.

    Latest Update and Guidance: This is being investigated by the development team with a view to ensuring all ineligible accounts have the button greyed out. The fix will be deployed in a future portal release.

  • Issue Description: There is an issue wherein owners are being removed when they update their SDLs, due to the "Add myself as owner" box defaulting to an un-checked state.

    Latest Update and Guidance: This is currently being investigated under PRB0077151 and will be fixed in a future release. As an interim workaround, owners must ensure that the "Add myself as owner" box is always checked when the SDL is updated, otherwise the user will remove themselves as an owner.

  • Issue Description: Mobile report doesn’t correctly show mobile device policies applied through the new security groups.

    Latest Update and Guidance: This is currently being investigated under PBI9941 and will be fixed in a future release.

  • Issue Description: Removing owners from a shared mailbox also removes their membership.

    Latest Update and Guidance: Re-add the owner as a member once they have been removed if membership is still desired.

  • Issue Description: When changing email address the UI accepts email addresses starting and ending with a ‘.’ or with consecutive ‘.’. These are invalid so can’t be saved but the UI presents them as ‘available’.

    Latest Update and Guidance: This is currently being investigated under PBI9938 and will be fixed in a future release.

  • Issue Description: After populating the notes field, if the user then navigates to a user operation (password reset etc) that navigates away from the main page – the notes field is cleared and must be re-populated. Existing notes remain populated in this scenario

    Latest Update and Guidance: This is currently being investigated under PBI9919 and will be fixed in a future release.

  • Issue Description: While trying to open up a SDL with defined owners, the page doesn't load the owners list at first go. A manual refresh is required to populate the owners.

    Latest Update and Guidance: Refresh the page one or two times to pull the owners into view.

  • Issue Description: There is an issue wherein the modal message doesn't show up when Admins set the new security group policy for the SDL.

    Latest Update and Guidance: This is currently being investigated under PBI9852 and will be fixed in a future release.

  • Issue Description: When an account is enabled or flagged as Leaver, an error message comes up, "An exception has occurred. Cannot move user in enable operation. Use the Move user cmdlet instead".

    Latest Update and Guidance: This is currently being investigated under PRB0065567 and will be fixed in a future release. Although the error message comes up, the action is getting executed fine in the back-end. If you get the error message, please refresh the page after a few seconds and you will see that the action (enabling or any other action) is processed successfully.

  • Issue Description: There is an issue with the push connector functionality where CSV files are not being processed.

    Latest Update and Guidance: This is currently being investigated under PBI700000433718 and will be fixed in a future release.

  • Issue Description: When an account is created through the Portal user interface, using the Portal .CSV Upload tools, or via TanSync, the account remains in a status of Pending instead of becoming Active. This applies to creation of shared mailboxes as well.

    Latest Update and Guidance: This issue is currently being investigated under PRB0102761, but the NHSmail team are taking regular action to correct this problem and in many cases without further action being required from the Local Administrator.

    During each working day our engineers are correcting accounts that remain in the status of Pending. This activity occurs in the morning, at lunchtime and late afternoon. With this in mind, we would ask that Local Administrators allow time for this process to complete and re-review the status of the account later in the day before choosing to raise a support ticket with the NHSmail Helpdesk.

    Following the account correction the vast majority of accounts will become Active, however a few accounts may become Disabled or may require re-creating.

    • For Active accounts, no further action is required.
    • For Disabled accounts the Local Administrator should Enable them. They will then become Active.
    • If an account remains in Pending state after 24 hours please re-create the account and disregard the Pending account which will eventually be cleaned up and removed from mailbox reports etc.

  • Issue Description: Creating or updating accounts in bulk using the CSV Upload functionality of the Portal can result in the creation of duplicate accounts with an incremental email address (e.g. joe.bloggs@nhs.net, joe.bloggs1@nhs.net, joe.bloggs2@nhs.net) or accounts that sit in a status of Pending and do not progress to Active.

    Latest Update and Guidance: Although not the sole reason for duplicate accounts and accounts that result in a pending status, the volume of accounts that are included in a single CSV Upload submission is a significant contributor to the the issues being experienced. Likewise, the timing of the CSV Upload submissions can also contribute to a larger volume of issues being experienced during processing. A fix for this issue is currently under review with the expectation that it will be deployed under a future Portal release.

    As a workaround until the fix is deployed, the following recommendations should be followed:

    • Submit files for CSV Upload processing in batches no larger than 1000 accounts per file. If the file contains more than 1000 accounts, you will recieve an error, "Can only upload 1000 users per csv upload attempt".
    • Try to avoid submitting files for CSV Upload during times of day that usage of the Portal is at its peak. Typically this is between 09:00 - 10:30 and between 13:00 - 14:00 Monday to Friday.
    • Avoid re-submitting the same file multiple times

  • Issue Description: When performing a simple search whilst trying to add a user to a Shared Mailbox, a Static Distribution list, or within Admin section (Local Administrators only) the results take an excessive amount of time to return or the search times out.

    Latest Update and Guidance: There is a known issue with the Simple Search options at peak times and this is looking to be optimised in a future Portal release. When adding users to Shared Mailboxes or Static Distribution lists please where possible use the Advanced Search using the email address of the user you are trying to add. Local Administrators have an additional option to support the activities they perform that is impacted by this simple search issue. LAs could run a Mailbox extract (Reports -> Mailbox Report) so they can then identify the users email address in that extract and search for it directly in Advanced Search so the result is found much quicker.

  • Issue Description: There is a known issue with Dynamic Distribution Lists that target a very large volume of recipients whereby a DDL cannot be created or edited due to a timeout error.

    Latest Update - 01/02/2018: A fix was implemented during December 2017 that enabled large DDLs to be created and edited normally and users should proceed to use the Portal user interface to action. However it has been identified that there remains an issue with the creation/editing extremely large DDLs that target more than approximately 21,000 recipients. Whilst a fix for this is being developed, if a new DDL that fails creation or you are unable to edit an existing DDL, please raise a request with the NHSmail Helpdesk quoting the DDL email address and the rule you wish to apply. The DDL will be created/amended as requested by an engineer.

  • Issue Description: When navigating to a Pending Static or Dynamic Distribution List via Profile > Distribution Lists then Administrators may not see the ‘Approve’ or ‘Reject’ buttons.

    Latest Update and Guidance: If you are an Administrator and have a Static or Dynamic Distribution List requiring your review you must find it by navigating to Admin > Distribution Lists. Do not attempt to approve by going via the Profile area.

  • Issue Description: It has been identified that a small number of accounts are getting stuck in the status of either Enabling or Disabling when an account is being attempted to be Enabled or Disabled in the Portal. Problem references PBI700000413347 and PBI700000413348 have been raised to investigate the root cause.

    User Impact: When accounts are stuck in either of these two statuses the Local Administrator will be unable to carry out a password reset or unlock and the end-user will be unable to log into their NHSmail account.

    Latest Update and Guidance: If after leaving the Portal record in the User Management screens and going back into the effected account details the status is still showing as Enabling or Disabling, the Local Administrator should attempt to Disable the account again and wait for confirmation that the action has been successful. If the aim was to disable the account not further action should be required. If the aim was to Enable the account, then the Local Administrator should click on Enable again to complete the process.

    In the event that this process is still unsuccessful then the Local Administrator should log a ticket with the NHSmail helpdesk for support.

  • Issue Description: When an end-user is having difficulty logging into the NHSmail Portal and has tried to use incorrect or expired credentials the account will lock for security purposes after 12 attempts and require support from a member of the Local IT Helpdesk or a Local Administrator to unlock and if necessary carry out a password reset. However, from the point of the last login attempt that has caused an account lock it can take several minutes for the updated account status (Locked) to be reflected in the NHSmail Portal.

    User Impact: If after the number of incorrect login attempts have been made a password reset is carried out prior to the Portal reflecting the Locked status, the account will not be able to be logged into with the temporary password given.

    Latest Update and Guidance: Please can the Local IT Helpdesks and Local Administrators ensure that a minimum of 5 minutes has elapsed from the last login attempt to be sure that the account status has been updated successfully? An interval of more than 5 minutes may be required at peak times. This will ensure accounts are in the correct status before a password reset is performed.

    If it is suspected that an account has hit this issue, the Local IT Helpdesk or a Local Administrator should re-check the account status. If the account showing as Locked, perform an Unlock and if necessary a further Password Reset. If the account is Active, please log a ticket with the NHSmail Helpdesk for further investigation.

  • Issue Description: There will be a delay of 15 – 20 minutes from when a user is removed as a shared mailbox owner to when their access is revoked.

    User Impact: Users will experience a delay from when they remove shared mailbox ownership to when access is actually removed.

    Latest Update and Guidance:

    Users should allow 20 minutes after removing access to a shared mailbox before the change will take place.


Portal Release - 15th February 2019

The following defect fixes and new Portal features were deployed on the evening of Friday, 15th February 2019:

  • 10077 - mailboxHygieneNotification Job - Part of Mailbox Hygiene process to send notifications to the mailboxes in Inactive, Disabled, Leaver state as per the mailbox hygiene business rule. This only run in read only mode before sending any actual notifications. Once the target list of users is confirmed the job will be run in write mode to send the notifications.

  • 17790 - Deploy healthcheck.htm file for Load balancer monitoring - Technical change- To confirm app pool is running on target web servers.

  • 6420 - Easier way to find my LOA - Adding a new menu item- ‘Get Help’ under Help tab, so that local organisations can be the 1st point of contact in case the user needs any help.

  • 6535 - Improve Visibility of Leaver, Disabled Status for End Users - Functionality is to add MailTip to better indicate leaver or disabled status of recipient before sending the email.

  • 6771 - Joiner/Transfer - Select Site - When marking a user as a Joiner or a Transfer there should be the ability to select sites under the organisation. Sites that will be eligible for selection will only be those sites applicable to the organisation selected.

  • 6775 - Change wording in leaver email (convert to HTML) - Change the content of the leaver email to HTML format.

  • 6962 - People Finder - Notification of Large Search Result - People Finder Search must return notification to end users when there is a large search result advising to refine search criteria.

  • 8544 - Make Site Type available in People Finder - Have the ability to assign sites to users when they’re marked as joiner or transferred.

  • 8972 - DDL Exclude and Include SDL - Have an ability to include/exclude SDL within a DDL.

  • 19361 - Technical Debt- Code refactoring review comments - Technical Item- Code refactoring comments as part of CI code review process.

  • 9966 - Hybrid 1 - O365 License expiry process - A local administrator that owns an O365 subscription for an organisation wants to be informed when the subscription is due to expire in line with the notifications received from the O365 tenant. The workflow for the licence expiry process should be as follows.

    • 60 days before the licence is due to expire send a 60-day expiry notice
    • 30 days before the licence is due to expire send a 30-day expiry notice
    • 7 days before the licence is due to expire send a 7-day expiry notice
    • On the day of licence, expiry send licence expired notice
    • 23 days post licence expiry send 7-day subscription disabled notice
    • 83 days post licence expiry send 7 days deprovision and deletion notice

  • 10017 - Hybrid - User -> Licence Allocation Report - A local or global administrator will have the ability to download a detailed license allocation report from the reporting section of the portal. The report will detail users Organisation, user details, the user policy name and associated licence and applications.

  • 13259 - Hybrid 1 - Expose the User Policy on User Details Permissions page - An O365 or global administrator will be able to access which user policy a user is a member of via the permissions page accessed via the User Details Page. A user can also be removed from a user policy from this page.

  • 13301 - Hybrid 1 - Advanced User Policy Search - An O365 or global admin would like to use the advanced search functionality to search for users policies using additional criteria. Users will now be able to search using the Policy Name, Organisation Name or the ODS code of the organisation.

  • 16147 - Hybrid 1 - Additional Columns for the O365AMAudit Table for O365 On-boarding Process - This is a technical change to add some additional columns to an audit table for O365 subscriptions.

  • 17740 - Hybrid 1 - Add a subscription status to the O365Subscription table - This is a technical change to add a status to the O365 Subscriptions held within the Portal database.

  • 17807 - Refactoring of Subscription Sync job - This is a technical change to implement some refactoring of the job which will update the subscription details held within the NHSMail portal. Functionality has not changed.

  • 18099 - Hybrid 1 - Add record to the O365AMAudit table when "Update Subscription Details" job runs - This is a technical change to allow recording of when subscriptions have been updated.

  • 14367 - Hybrid 2 - MFA Licence Quota Management - The O365 tenant will contain several centralised MFA licenses to be assigned to users. Due to the nature of the licenses being centralised the NHSMail portal will need to allow Global Admins access to set and modify an MFA licence limit per organisation.

  • 15300 - Hybrid 2 - Activate the Visio application - A local or global administrator would like to assign an MS Visio licence to a group of users through the NHSMail portal using User Policies. The requirement is to allow a user to select the MS Visio alongside the currently supported O365 licences and assign multiple licences to NHSMail users.

  • 15331 - Hybrid 2 - Create a Yammer connected group - A local or global administrator would like to create a Yammer Connected Group through the NHSmail Portal. This page should mirror the 'Create a Team' page currently available in the Portal. The LA should have the ability to set the name, privacy and description as well as add owners and members.

  • 15396 - B2B - Request New External Organisation to be whitelisted - This will allow admin users to raise a request within the NHSmail portal to whitelist (enrol) an External Organisation as part of the B2B workflow.

  • 15397 - B2B - Create Azure AD Guest Inviter group for each Org - As part of the B2B process n Admin will want to grant guest inviter permissions to users from their Organisation, by adding the users.

  • 15402 - B2B - View Azure AD Guest Inviter Group - As part of the B2B workflow an admin wants the ability to view the Eligible Guest Inviter Groups that they are responsible for.

  • 15403 - B2B - Schedule task (daily) to initiate email notifications to Guest Users (creation date + 30 days, subsequent 180 days) - As part of the B2B workflow, guest users will be subject to an attestation process. This PBI introduces the process for attestation and will identify which users require attestation, create a request and issue attestation emails to the guest users.

  • 15694 - Hybrid 2 - Activate PowerBI Pro Add On - A local or global administrator would like to assign an MS PowerBI Pro licence to a group of users through the NHSMail portal using User Policies. The requirement is to allow a user to select the MS PowerBI Pro licence alongside the currently supported O365 licences and assign multiple licences to NHSMail users. These PowerBI Pro licenses can also be assigned as a standalone (without an O365 license selected).

  • 15698 - Hybrid 2 - Activate the Microsoft Project Add On - A local or global administrator would like to assign an MS Project Online licence to a group of users through the NHSMail portal using User Policies. The requirement is to allow a user to select the MS Project licence alongside the currently supported O365 licences, and assign multiple licences to NHSMail users.

  • 15780 - Hybrid 2 - Activate the Stream Add On - A local or global administrator would like to assign an MS Stream licence to a group of users through the NHSMail portal using User Policies. The requirement is to allow a user to select the MS Stream licence alongside the currently supported O365 licences, and assign multiple licences to NHSMail users..

  • 15971 - B2B - View Azure AD Guest Inviter Group Details - As part of the B2B workflow an admin wants the ability to view the Eligible Guest Inviter Groups that they are responsible for.

  • 15998 - B2B - Update Azure AD Guest Inviter Group using bulk CSV import/export - This PBI gives a B2B or global admin the ability to add users to the Eligible guest inviter groups they are responsible for, using a CSV file.

  • 16012 - Hybrid 2 - Allocate additional storage as part of Project Online Add-On - An organisation has procured additional Project Online/Professional licenses. Each license gives an additional 10 GB of SharePoint storage. When the licenses are linked to an organisation in the Portal subscription table there is a requirement to uplift the Organisations SharePoint storage allocation.

  • 16014 - Hybrid 2 - Enable a Project Web App Site Collection to be created - There is a requirement for Local and Global Admins to be able to create a Project site collection (using a PWA template) - that will then enable users with a Project license to create their own project plans.

  • 16047 - B2B - Approve/ Reject Azure AD guest user extension - An Eligible NHSmail Guest Inviter wants to approve or reject a Guest User Attestation request within the NHSmail portal.

  • 17612 - Hybrid 2 - Activate Teams Call Recording - A local or global admin would like to turn on Teams Call Recording through User Policies within the NHSMail portal through a settings toggle.

  • 17617 - B2B - My Approval Requests Enhancements - A technical change to add enhancements to the My Approval Requests page.

  • 17619 - B2B - Create B2B Pilot roles - A technical change to add new roles and permissions to support the B2B Pilot.

  • 17623 - B2B - Schedule task (daily) to fetch last login date from Azure AD - A technical change to allow the NHSMail portal to fetch the date that the Guest User last logged in and store for the attestation process.

  • 17694 - Hybrid 2 - Create a standard Yammer group for new organisations on the platform - When a new organisation onboard to the Hybrid platform, there is a requirement for a standard Yammer group to be automatically created for that organisation.

  • 17695 - Hybrid 2 - Apply leaver/joiner process to users with a standalone Visio license - When a user is assigned a standalone Visio license (VISIOONLINE_PLAN1 & VISIOCLIENT) they are automatically granted access to OneDrive for Business. An O365 admin or Global Admin should have the ability to delete the one drive content for that user, through the User Details page of that user.

  • 17926 - B2B - Schedule task (daily) to fetch all guest accounts from Azure AD and update Portal DB - A technical change to allow the NHSMail portal to fetch details about the guest users and store within the NHSMail portal for use in the B2B attestation process.

  • 17941 - Hybrid 2 - Show available MFA licences when loading the Organisation settings - On the organisation setting screen a global and a local admin would like to see the number of available licences for them to set as the Quota. The value should be the total number of licences - all current Quotas.

  • 18641 - B2B - Schedule task (daily) to remove My Approval Requests - A technical housekeeping change to remove requests that are more than 2 weeks old. All requests from ATP and B2B will be removed.

  • 18962 - Hybrid 2 - Editing Connected Yammer Group - An O365 Admin or global admin will want to be able to update a Connected Yammer Group, once it has been created.

  • 19039 - Hybrid 2 - Update existing APIs for enabling a Project Web App Site - A technical change to refactor and updating some existing functionalities to support the creation of Project Web App sites.

  • 19125 - Hybrid 2 - Skype online connection for Azure Cloud - A technical change allowing a connection to be created between the NHSMail portal and the Skype Online PowerShell module to allow for Teams Call recording policies to be set.

  • 19287 - Hybrid 2 - Limit the amount of PWA's each Organisation can create - Microsoft has limited the amount of PWA's that can be created per O365 tenant (10,000). This PBI will be implemented to ensure there is a fair usage policy across the Hybrid O365 tenant.

  • 19559 - Hybrid 2 - List and Search Yammer connected group - Allows any O365 or global admin to search for and view a list of Yammer connected groups.

  • 19346 - Dipper Prod ATP - Elevation requests not being audited - This bug will ensure that the ATP Elevation requests are properly audited.

  • 19453 - Dipper Prod ATP - Elevation approvals/rejections have the same requesting user and target object when audited - This bug ensures that the audit records for ATP approvals and rejections have the correct requesting user and target object.

  • 19455 - Dipper Prod ATP - X26-SOC-ATP-Reporters group is not visible within ATP User Management - This bug ensures that the X26-SOC-ATP-Reporters group is visible from within the ATP User Management page.

  • 19574 - Dipper Prod ATP - User Report is failing to generate a CSV file - When selecting the ‘All my organisations’ drop down from the Admin reports page in the portal the ATP User report is timing out. The bug fix will ensure that the report does not time out.

  • 8182 - DL Name change not updating all AD attributes - This bug relates to DL name change not updating all attributes in AD. Fix will ensure CN and SAMAccountName getting updated after the name update.

  • 9218 - Getting success message when creating duplicate external contact - This bug relates to the API notification displayed while the user tries creating duplicate external contacts within an organisation. The fix would ensure that user gets correct notification if the contact already exists in AD.

  • 9224 - Distribution Lists created with Shared Mailboxes as recipients don't load after creation - This bug relates to the DLs with SharedMailbox as recipient not loading on the UI after creation. The fix will ensure DL loads on the UI when SharedMailboxes are added as members.

  • 9487 - Duplicate accounts with same external sync ID under same organisation - This bug relates to the DLs with SharedMailbox as recipient not loading on the UI after creation. The fix will ensure no duplicate rows with local ids as part of transfer operation.

  • 9548 - CSV Mark as Leaver Issue - This bug relates to odd error message for bulk update in a large file when site information gets included. The fix will ensure we don’t have any issue while adding/updating site information.

  • 9654 - Downloading admin report for all my orgs option doesn't create any audit entry in ELK - This bug relates to admin report download transaction not being populated under the audit reports. The fix will ensure the transaction gets correctly aligned to the organisation.

  • 9686 - People Finder showing admins under orgs who are Deleted - This bug relates to when an admin gets deleted the admin tag not getting revoked from the user. Fix will ensure all deleted users directory information gets updated with removal of all admin roles.

  • 9689 - Previous org site details stay attached to transferred users - This bug relates to when a user gets transferred the site details remain attached to the user. Fix will ensure site details do not remain attached to the transferred users.

  • 9706 - Receiving error when the owner trying to delete DL - This bug relates to when a non-admin owner tries deleting the DL, it’s thrown with an error of not having the access. Fix will ensure non-admin owners are allowed to delete DL they own.

  • 11808 - Unlock Requests not showing in the audit - This bug relates to unlock action in AD not getting tracked in ELK. Fix will ensure unlock requests are shown in the audit.

  • 11809 - INC6555114 : leaver state is removed when unlocking the user account - This bug relates to when leaver account gets unlocked, the status is changed to active. Fix will ensure unlock action doesn’t change to any other status other than the current state.

  • 12407 - BAU R1.15- Improper error message after updating more than 25 owners in a SDL. - This bug related to invalid error message being shown to the admin when the number of owners exceed set limit of 25. Fix will ensure correct error message is shown to the user advising action.

  • 12497 - Locked Job updating Deleted accounts - This bug relates to locked job updating deleted account status from deleted to locked. Fix will ensure all invalid states are excluded when the locked job runs.

  • 13296 - Delete not updating/closing usersubscription map for top ups such as A&VC - This bug relates to delete action not closing existing user subscriptions in the map table and in the report extracted from it. Fix will ensure all active subscriptions are closed when a user is marked as deleted.

  • 13684 - O365 R3 MO- For Audit and Authorisation Role bulk edit option is enabled, though API errors out when you try the action - This bug relates to where audit and authorisation roles can click bulk edit action (though the actual API errors out). Fix will ensure audit and authorisation roles don’t have any access to bulk edit.

  • 13722 - Organisation/OU/Department address being truncated to 64 characters - This bug relates to where Organisation address getting truncated to 64-character limit. Fix will ensure address of the organisation can accept more than 64 characters.

  • 14044 - Delete action should remove all LA roles - This bug relates to all admin roles and tags not getting removed from the user when delete action is performed. Fix will ensure that delete action removes all LA roles.

  • 14944 - Removing admin role leaves 'NHSmail administration' clinical role - Another variation of bug#14044. Fix will ensure all tags are dropped as soon as the user is deleted or admin role is removed.

  • 15468 - Update Mobile Device Hangfire Job does not remove old devices - This bug relates to where mobile device Hangfire job still reports on old devices which no longer syncing email. Fix will ensure only those devices get reports which exist in Exchange, and remove all obsolete devices.

  • 16915 - Unable to enable A&VC when telephone has spaces - This bug relates to error while enabling A&VC when telephone number included whitespaces. Fix will ensure whitespaces are trimmed.

  • 17863 - Sprint 96- 16080 : Dial-in option is editable at user edit page even if skype for business in not enabled - This bug is an internal sprint bug which allowed dial in option to be enabled via UI even if Skype for Business isn’t enabled. Fix will ensure Skype for Business enablement is a pre-requisite before you enable dial in.

  • 18983 - Audit report Display wrong result and wrong Mailbox limit displayed for organisation - This bug relates to an audit report displaying all results when a specific keyword is included in the object description. Fix will ensure only the matching records are returned as per the search criteria.

  • 19297 - Sprint 98: 8972: DDL Include/Exclude: Only Include option is not showing Target users - This bug is related to a sprint bug which doesn’t allow target users to be queried if include option is selected. Fix will ensure include/exclude feature works end to end when we release the intended functionality to production.

  • 14568 - O365Hybrid-Edit User policy with importing members does not remove license - This bug fixes the licence removal issue when users were being removed through the CSV import functionality on the User Policies pages.

  • 15674 - O365Hybrid-On Delete pop-up the message is not accurate - Correction of the on delete pop up message when users has O365 licences.

  • 16111 - O365Hybrid - Duplicate Members details displayed on Teams View audit record - The audit records for Teams showed the members duplicated when a user was both a member and an owner, this bug resolves this.

  • 19002 - Dipper O365 INT- O365Groups not showing user as owner - This bug fixes the issue where Owners of O365 groups were not being shown correctly on the user details permissions page.

  • 17875 - Formatting of the success growl message incorrect for Set Licences API - This bug resolves the formatting issue of the growl messages returned when setting O365 licences of users.

  • 19458 - Hybrid 2 Overlapping ticks on selecting long organisations - When selecting additional organisations from the organisation drop down, the ticks once selected were overlapping with the organisation name when the organisation had a long name.

  • 19560 - Hybrid Production: User Policies created before the Dipper release don't have any of the new apps available (PowerApps, Flow, etc) - User policies created before the Dipper release do not show the new applications which were enabled as part of the Dipper release. This bug exposes the new applications on all user policies.

  • 19573 - Hybrid 2 - Organisation field to show up error message when not selected on Teams and Yammer groups - When an organisation is not selected on the Teams UI a validation message is not displayed to the user stating that the field is required. Validation is now shown on the UI before submitting the form.

  • 21000 – Synchronisation of B2B Guest Users is not executing as expected - The synchronisation of O365 guest users is not executing as expected, resulting in the details of guest users not being automatically added to the NHSMail portal, this does not affect the access of guest users.

  • 21169 – Unable to open an existing Yammer Connected Group & 21170 – Unable to create Yammer Connected groups - On an intermittent basis Local Administrators may experience failures when creating a new or viewing existing Yammer groups.

  • 21234 - Guest inviters who are transferred or marked as a leaver are still able to invite guest users to O365 - If an NHSMail user that is configured as an inviter of Guest Users is marked as a Leaver or is transferred to a new Organisation, without manual intervention that user will still be able to invite Guest Users to O365.

  • 21248 - Leading or trailing spaces in the email addresses for guest inviters throws error on the front end with no unique row identifier - When importing a CSV file of users into an Organisation guest inviter group, there is a cosmetic issue around rows which have leading or trailing spaces.

  • 21249 – Members of Guest inviter groups are not sorted - When viewing the details of a guest inviter group the members of that group are not sorted.

  • 5193 & 5194 - Users who are eligible to invite guest users are not able to do this through SharePoint online.

  • 5195 - Users who are eligible to invite guest users are not able to do this through the Teams app.


Skype For Business Known Issues

The key known issues affecting the Skype for Business desktop / mobile application are outlined below. These known issues are seperated out into Instant Messenging and Presence (NHSmail core service) and Audio and Video Conferencing (NHSmail additional service):

Instant Messaging and Presence

  • Issue Description:'Send a meeting' invite from Skype for Business option does not work for users who have outlook configured on their local machine (both via N3 and Internet)

    Latest Update and Guidance:This is expected behaviour whilst audio and video conferencing is not enabled. Users do not need take any action.

    Steps to re-create:

    1. User right-clicks on a contact in their contact list
    2. User selects ‘Schedule a Meeting’

    This results in no action being taken.

  • Issue Description:Once the address book download is completed (approx. a day across platform), the user can search contacts within their organisaiton and Instant Message each other without having the need to add them in their local contacts list. Only applicable to thick client.

    Latest Update and Guidance:Users should use the full email address for searching for their contacts until the address book download is completed.

    Steps to re-create:

    1. User searches for another user in Skype for Business using only first and surname before full address book sync has completed

    This results in the user receiving the error message ‘Address book synchronizing. Results may not be current.’. The user should search using the full email address when searching for users in the Skype for Business IM window. When searching for any users external to a user’s organisation, they should always search by email address.

  • Issue Description:Users on Windows XP platform will not be able to use desktop clients. To avoid compatibility and latency issue during IM they're advised to use web clients (> IE 9.0)

    Latest Update and Guidance:The product is not compatible with Windows XP. Please refer to the Service Configuration Guide.

  • Issue Description: Users receive an error message similar to “Cannot synchronize address book” or “Skype for Business can’t sync with your organisation’s address book right now”. This address book synchronisation failure is due to a bug in Microsoft Office 2016.

    Latest Update and Guidance: There is a requirement for local IT teams to update MS Office to the latest version to fix this issue. Users should speak with their Local Administrator for further guidance.

Audio and Video Conferencing

  • Issue Description: The Skype for Business mobile application does not support content sharing through peer-to-peer calls when one participant is on a desktop device and the other on a mobile device.

    The issue does not impact Skype for Business meetings but only direct peer-to-peer calls from the Skype for Business desktop application to the Skype for Business mobile application.

    User Impact: Users on a mobile device will be unable to view content being shared on a peer-to-peer call. The user on the desktop will be unaware that the content is not viewable unless the mobile device user notifies them.

    Latest Update and Guidance:

    Guidance for Users: Rather than initiating a peer-to-peer call, the desktop application user should use the 'Meet Now' feature in Skype for Business and invite the mobile user to join the Skype for Business meeting by following the instructions below:

    1. Open the Skype for Business desktop application
    2. Click the drop down arrow next to the settings icon and select Meet Now

    3. Add people to the meeting by clicking Invite More People
    4. Type the name or email address of the person you want to add in the box. Select the correct user from the list and click OK
  • Issue Description: Users who are enabled for Instant Messaging and Presence-only cannot join the audio/video for Skype for Business Meetings. The Skype for Business desktop application will launch and join the call, but no audio/video will be available.

    User Impact: The user is unable to join the audio/video of the audio/video for the Skype for Business Meeting.

    Latest Update and Guidance:

    Guidance for Users: The user should join the call via the Skype for Business web application as a guest. User should follow the instructions below to join as a guest:

    1. Open the Skype for Business Meeting from Outlook / Outlook Web App
    2. If available in the meeting invitation, click Skype for Business Web App as per the screen shot below.
    3. If this link is not available in the meeting invitation do the following;
      • Right click on Join Skype Meeting and select Copy Hyperlink .
      • Open a new browser window
      • Paste the copied URL into the browser box and add ?sl=1 at the end e.g. https://join.nhsmeeting.com/meet/ted.jones/V5T8957J?sl=1
      • Press Enter to open the meeting via the Skype for Business web application.
    4. Click Sign in as a guest to the meeting

    5. Click to download the Skype for Business Web App plug-in if not previously completed

    6. If the meeting does not automatically launch in the web application, click Join the meeting
  • Issue Description: Occasionally, Skype for Business Meetings may not launch due to connectivity issues following clicking the Join Skype Meeting from a meeting invitation.

    User Impact: User is unable to join the Skype for Business Meeting.

    Guidance for Users: Users experiencing this issue should try joining again after 30 seconds. If this issue persists, users should contact their Local IT Support Team for further support.

  • Issue Description: When a user clicks Join Skype Meeting from a meeting invitation, they are directed to meet.nhs.net which subsequently launches the Skype for Business desktop application or web application as appropriate. In some instances, a security log-in will pop up. The user will experience that they are unable to log in using their NHSmail credentials.

    User Impact: The user may occasionally experience a security login pop-up when attempting to join a Skype for Business meeting. If the user attempts to log in, they will receive an error message.

    Guidance for Users: Users should click Cancel when faced with the security pop-up pictured below. Once cancelled, the Skype for Business desktop application or web application should launch successfully.

  • Issue Description: Shared Notes will not be available for meeting participants to view or modify content during meetings if all conference/ call attendees do not have OneNote installed on their PCs.

    User Impact: This may cause some confusion for users as the 'Shared Notes' option will still appear in the desktop application regardless of whether they have OneNote installed or not.

    Guidance for Users: Users are advised to capture meeting notes via a different method or install OneNote to utilise this feature.


General Known Issues and Guidance

This section provides information and guidance on the common issues and questions raised by users of NHSmail. You can use the dropdowns below to show more information on each of the issues

  • Latest Update and Guidance: Organisations that are only using NHSmail as their email solution are not required to submit spam/ phishing evidence for the Data Security and Protection Toolkit (DSPT). Where organisations are using an email solution in addition to NHSmail, evidence is only required to be submitted for the other email solution. Further information available here: https://www.dsptoolkit.nhs.uk/News/46.

  • Issue Description: Users may experience a critical error when accessing the Options section of OWA when using the Microsoft Edge web browser. This is currently under investigation.

    Latest Update and Guidance: If changes to the Options section are required, it is recommended that an alternative web browser (Internet Explorer 11, Google Chrome, Mozilla Firefox etc.) is used as a workaround whilst the investigation is ongoing..

  • Issue Description: There is an issue with Chrome browser where a Zero Width Space (​) character is sometimes prefixed to the body of the email that has been composed via OWA, in Chrome. When the email is then sent, the recipient sees the Zero Width Space displayed as a "?" in the email.

    Latest Update and Guidance: This occurs only while using the Chrome browser which is being investigated by Chromium under the bug 578155. The workaround is to access OWA via browsers other than Chrome such as Internet Explorer or Firefox if this is seen to be causing an issue for end users.

  • Issue Description: Users who administer a large number of contacts across multiple organisations can get an error when searching for contacts if their search isn’t narrow enough as the amount of data returned from the search is too large.

    An example of the error message received is as follows:

    Latest Update and Guidance: Narrowing the search using the Advanced search filters allows results to be displayed. For guidance on narrowing down the search, please see 'Advanced Search' section in the LA Admin Guide.

  • Issue Description: Some government organisations have tested turning off the family domain ‘GCSX’ on 29th June 2018 and this resulted in some organisations being unable to send emails to some email addresses ending .gcsx.gov.uk since then.

    Latest Update and Guidance:This is in preparation for the retirement of the .gcsx.gov.uk domain in March 2019 (https://www.gov.uk/guidance/securing-government-email). If you experience similar issues whereby you are unable to send emails to a local government organisation, then please inform them that you are not able to send emails to their .gcsx.gov.uk email address and to determine the best alternative means of communication.

  • Issue Description: Outlook performance issues with folders in secondary mailbox.

    Latest Update and Guidance: Perfomance issues may be noticed with folders in secondary Microsoft Exchange Server mailboxes in Outlook 2016, 2013, 2010 and 2007 versions. New items may not appear or seem missing in secondary mailbox, deleted items may still appear in secondary mailbox or Outlook keeps crashing erratically. To solve these issues, please follow the guidance availabe in the Microsoft KB article.

  • Issue Description: Outlook performance issues when many shared folders or mailboxes are open. Additionally, users may encounter an error message when making changes or additions to a calendar, such as:

    "You don't have permission to create an entry in this folder. Right-click the folder, then click Properties to check your permissions for the folder. See the folder owner or your administrator to change your permissions."

    Latest Update and Guidance: It is a known issue within Outlook that an error occurs when making changes or additions to a calendar. The recommendation by Microsoft is to have 5 shared folders or mailboxes, but on a faster connection this can be as high as 10 or more. For more details please follow the Microsoft KB article.

  • Issue Description: All the folders of a mailbox do not load or appear in Outlook.

    Latest Update and Guidance: It is a known issue with Outlook that all the folders do not load or appear if there are too many folders within the mailbox. If there are more than 500 folders in the mailbox, it is likely to cause performance issues in Outlook. More details can be found in the Microsoft KB article.

  • Issue Description: When accessing email (OWA) from the portal via Safari 11.1 on MacOS High Sierra, users receive an error message as shown below and when accessing email (OWA) from the portal via Safari 11.1 on iOS, users get a bank screen.

    An example of the error received on MacOS is as follows:

    Latest Update and Guidance: The root cause of the issue is currently being investigated. As an interim workaround for MacOS and iOS, please follow the below:

    • For MacOS - Logout and clear cookies, then go to email.nhs.net directly (bypassing the portal) or use an alternate browser such as Chrome.
    • For iOS - Click the blue email icon (as shown below) after logging in to the portal www.nhs.net to access email.

  • Issue Description: When attempting to send an email to an existing address, a non-delivery report is received stating that 'The message wasn't delivered to anyone because there are too many recipients. The limit is 0. This message has 1 recipients'.

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance: This kind of non-delivery report is received when the user sends email without agreeing to the AUP and setting security questions in Portal. Users need to accept the AUP and set security questions before being able to send emails – otherwise will receive this error when sending emails.

  • Issue Description: Although users are either correctly set up as members of shared mailboxes, or delegates with ‘Send As’ rights to user mailboxes in the Portal they still receive the following message in a non-delivery report when sending from the account in the Outlook Client, getting the error message as :

    "This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user."

    Latest Update and Guidance:This issues occurs when using an auto-complete entry that already resides in the Outlook Client auto-complete cache, and this needs to be removed and replaced with the 'From' mailbox selected directly from the Global Address List (GAL). Please attempt the following steps to resolve the issue:

    1. Go to the inbox of the shared mailbox you wish to send an email from in the Outlook Client.

    2. Click on 'New Email'.

    3. Click on the 'From' drop-down button and it should show user's personal nhs.net email address along with possibly the shared mailbox email address user is trying to send from. If the shared mailbox exists in the list click on the X next to the email address to remove the auto-complete entry. If the shared mailbox is not in the list, go to step 4.

    4. The 'From' drop-down list should persist, so click on the 'Other Email Address..' option.

    5. Rather than starting to type in the email address, click on the 'From' button to bring up the GAL.

    6. Find the shared mailbox in the GAL and double-click on it. The GAL will disappear and populate the 'From' box.

    7. Ensure that the 'Send Using' option is showing as your personal nhs.net email address.

    8. Click on 'OK'.

    9. Try to send an email.

  • Issue Description: When attempting to send an email to an existing address stored in your email auto-complete selection list, or a new email address typed in manually, a non-delivery report is received stating that 'The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your helpdesk.'

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance:

    This kind of non-delivery report is typically received due to one of two reasons.

    • Firstly, the email address may have been typed incorrectly. Please double-check the email address you are sending to. If it is an NHSmail address, try adding the address from the Global Address List (click on the 'To...' button within the Outlook Client). If it is an nhs.uk address or an email outside of the NHS, please re-confirm with the recipient that the address you are sending to exists.
    • Secondly if looking further down the non-delivery report you see a message similar to the example below it is likely that the issue is caused by a corrupt auto-complete entry in the Outlook Client software which is easily corrected. Follow the guidance below to help correct this issue.

    Please follow the steps below to remove the auto-complete entry and then find the distribution list within the Global Address List (GAL):

    • Begin typing the name of the distribution list you want to use into a blank email within the Outlook Client software and you will see the auto-complete option similar to the following:

    • Click on the black cross to remove the entry from your Outlook Client auto-complete library.
    • Click on the To: button within the new email to access the Global Address List.
    • Type in the name or email address and click ‘Go’. Note: ensure that the ‘More columns’ radio button is chosen as shown in the example below which will search the email address column too.

    • Click the ‘OK’ button to return to your email. You should now be able to send successfully to the email address.

    In the event that this guidance does not resolve the issue, then please raise a ticket with your local IT Helpdesk or alternatively the NHSmail Helpdesk for additional assistance on this issue.

  • Auto-mapping is the automatic addition to the Outlook Client of any delegate or shared mailbox a user has security permissions to. The auto-mapping of mailboxes that a user has permissions to is enabled by design across the NHSmail platform. 

    The auto-mapping of accounts cannot be disabled on a per user basis, or across specific organisations. Mailboxes will be removed when the user’s permissions to the mailbox are also removed via the Portal by the mailbox owner or a Local Administrator. This decision has been taken to assist users with the adding of mailboxes they have permissions to access automatically rather than have to add mailboxes manually and to prompt the removal of the mailbox permissions after they are no longer required by the user.

  • When using the Outlook Client software connected to a local organisation domain, users should be aware that when prompted for NHSmail login credentials Outlook by typically offers the local domain username and only requests a password. NHSmail users should check closely the username that is being offered and if it is not your NHSmail email address choose the 'Use a different account' option to allow you to type in a replacement username (your NHSmail email address) and then add your NHSmail password.

    Likewise, when adding an NHSmail account to the Outlook Client for the first time the software defaults to the local domain username when following the account setup wizard. To add your NHSmail email address, simply start deleting characters from the email address text box and the window will expand to allow you to enter your NHSmail credentials.

  • Issue Description: The NHSmail Service experiences periodic issues relating to blacklisting. This is where external email and spam filtering services block email being sent from NHSmail to other email providers.

    Real Time Blacklists (RBL) is a measure employed across the industry to identify and block unsolicited (spam/phishing) email. There are thousands of RBL services operating using their own business rules. RBL services operate reactively and automatically blacklist network addresses. Receiving systems (e.g. other email providers) will typically check incoming email against one or multiple RBL provides. If the email is being sent from a listed system, the email is then rejected by the recipient system. Due to this, email to and from the Internet is never guaranteed for delivery.

    The NHSmail 2 Email Gateway has been designed to minimise the occurrences of RBL listing. Despite all the active design improvements there is still a residual risk that email across the Internet (i.e. to external domains such as Gmail) cannot be guaranteed for delivery. Proactive monitoring is in place to identify when blacklisting occurs to ensure the NHSmail Team can respond as quickly as possible to apply for de-listing. The de-listing process is dependent on third party organisations’ process and can take several hours for the process to complete.

    User Impact: Users may receive a non-delivery receipt following trying to send an email to an external email domain - for example, firstname.lastname@gmail.com. Email sent to external domains that block NHSmail will not be received by the recipient.

    Guidance for Users:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. Users do not need to report these issues to the NHSmail Helpdesk.

    Guidance for NHSmail LOAs:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. LOAs do not need to report these issues to the NHSmail Helpdesk.

    If your organisation relies on sending or receiving email to and from the Internet, you should ensure:

    • You know which systems rely on sending and receiving email to and from the internet and the business impact for each system if email is blocked
    • Have a business continuity plan in place for business critical services
    • You have monitoring systems in place to detect message delivery issues
    • Your systems have the ability to re-send messages that have not been delivered both individually and in bulk
    • Those sending you email also have the ability to re-send messages that have not been delivered both individually and in bulk
    • Your organisation is able to sustain not being able to send or receive email for up to four days to/from internet addresses
    • Where you have a reliance on time critical guaranteed communication you should have alternative methods of communication in place such as system to system electronic data interchange N.B. SMS messaging is not a guaranteed or secure delivery method
    • Outgoing email is scanned for spam and antivirus before being sent

    Guidance for External Email Services (e.g. NHS.UK and secure government email services):

    It is highly unlikely that email delivery between NHSmail, secure government email services and N3 hosted NHS.UK email services will ever be impacted by blacklisting. However, we recommend that organisations whitelist the previously provided and current NHSmail deliver IP address to avoid receipt issues from NHSmail. This will reduce the residual, highly unlikely, risk of NHSmail being blocked by local reputational databases.

  • Issue Description: Based on feedback from our userbase, the NHSmail Service will be introducing controls in the future to prevent spoofing. This is where emails are sent to NHSmail pretending to be from an "@nhs.net" account, but are in fact not. As an interim measure, emails that are spoofing the Service will not be blocked, but will be stamped with the following message:

    There are no further configuration changes to email authenticity controls at this time. Advance notification and guidance will be provided to organisations prior to any restrictive measures being introduced.

    User Impact: Where an email is being sent to a user that is pretending to come from an NHSmail account, the email will be stamped with the message shown above.

    Latest Update and Guidance:

    Users do not need to take any action on these notifications. They are provided for informational purposes only by the NHSmail Team.

  • Issue Description: Some users are experiencing issues using the 'Autodiscover' function when adding NHSmail to Windows 8 and Windows 10 phones. The root cause is being investigated by the support teams. In the meantime a workaround available to manually add the account.

    Guidance for Users on Windows 8:

    To add an NHS email account to Windows phone 8, do the following:

    1. Select Settings.
    2. Scroll down and select ‘email+accounts’.
    3. Select ‘add an account’.
    4. Select ‘Exchange’.
    5. Enter your NHSMail email address in the ‘Email address’ field.
    6. Enter your NHSMail password in the ‘Password’ field.
    7. Select ‘sign in’ at the bottom of the screen.
    8. If this fails, press ‘sign in’ again.
    9. At the next screen, select ‘advanced’
    10. In the ‘Server’ field enter eas.nhs.net
    11. Select ‘sign in’
    12. Close Settings.

    Guidance for Users on Windows 10:

    To add an NHS email account to Windows phone 10, do the following:

    1. Select Settings.
    2. Scroll down and select ‘Accounts’.
    3. Select ‘Email app accounts’.
    4. Select ‘Add an account’
    5. Select ‘Exchange’
    6. Enter your NHSMail email address in the ‘Email address’ field, select Next
    7. Enter your NHSMail password in the ‘Password’ field.
    8. Select ‘sign in’ at the bottom of the screen.
    9. If this fails, press ‘sign in’ again.
    10. At the next screen, select ‘advanced’
    11. In the ‘Server’ field enter eas.nhs.net
    12. Select ‘sign in’
    13. Close Settings.

  • Issue Description: NHSmail users may experience reduced user interface performance whilst using the premium version of OWA with the IE8 browser via www.nhs.net. Refer to the Browser Version Guidance if you are unsure of which version you are using.

    It is recommended that those users who still need to use the IE8 browser to access NHSmail make use of the OWA Light user interface to avoid encountering issues. Some functions are not available in OWA Light, such as access to Shared Folders. You can find more information on the available functions in OWA Light in the Browser Comparison Guide.

    To Enable or Disable OWA Light with IE8:

    1. Click on the Settings icon at the top right of the screen and select Display Settings

    2. Select the ‘Outlook Web App version’ option then check the ‘Use the light version of Outlook Web App’ tick box.

    3. Finally, click on the ‘OK’ option at the top of the screen. You will then need to log out and log back into OWA to experience the light version.

  • Issue Description: Compatibility issues have been identified when using Outlook 2010 service pack 2. This issue mainly impacts organisations running Windows XP desktop machines, but compatibility issues may still be seen with later operating systems when running Outlook 2010 SP2. Organisations should be aware that Windows XP is no longer supported by Microsoft. This means that this software is no longer tested when new software is released and is not provided with important security updates by Microsoft.

    User Impact: Users are continually prompted to enter their username and password even if they have enter the correct credential information, as per the screenshot below:

    Latest Update and Guidance 1/12/2017:

    Guidance for Users: Users should contact their local IT support desk for guidance on this issue. As a workaround, users can access NHSmail using Outlook Web App at www.nhs.net.

    Guidance for LAs / Local IT: Organisations have a number of options :

    1. Ideally upgrade to Outlook 2016 or at a minimum Outlook 2013 SP1

    2. Where upgrading is not possible organisations running Outlook 2010 Service Pack 2 and connecting via MAPI over HTTP should also deploy the hotfixes referenced by the following Knowledgebase articles;


    3) Where it is not possible to deploy the patches organisations should use Outlook Anywhere to access email.


NHSmail Service Level Performance Summary

This section publishes a summary of Accenture's monthly performance against the service levels agreed with NHS Digital to provide the NHSmail service. Each month's performance summary is provided in PDF format and available for download using the links provided in the table below If you have any questions or queries related regarding the published performance summary information please contact feedback@nhs.net.

Month Performance Summary Link
November 2018 Link
October 2018 Link
September 2018 Link