NHSmail Enabling collaboration for health and social care


Service Status

Last updated: 16/07/2018 11:00

This page provides you with up-to-date information on the status of the NHSmail services and any key known issues impacting users.

It is recommended that you regularly check these pages. For further information on any High Severity Service Incidents (HSSI) please refer to the NHS Digital Service Status Page (via N3/HSCN/NHS connection).

Email Gateway/Relay Status
Incoming Internet Email
Outgoing Internet Email
Internal NHS Email
NHSmail Status
Portal (administration tools)
Outlook Web Access (www.nhs.net)
Email Client Access (Outlook)
Mobile/Tablet Access

High Severity Service Incidents

In the event of High Severity Service Incidents (HSSIs), information will be provided in this section. You can also see any HSSIs raised within the last 7 days.

  • Threat: Malware Delivery Campaign Using Spoofed NHS Email Addresses

    CareCERT is aware of a recent spam email campaign which uses spoofed @hscic.gov.uk and @nhs.net email addresses to deliver a malicious link which, when clicked, downloads a malicious JavaScript attachment containing malware.

    Example email:

    You have received an invoice from PLACE HSCIC (HEALTH AND SOCIAL CARE INFORMATION CENTRE) [SPOOFED EMAIL ADDRESS] for £3,534.49. To view, print or download a JS copy of your invoice, click the link below:




    Malware Name: Trojan.Script.Heuristic-js.iacgm

    Malware file hashes:

    • MD5 3b8927da0cdca9e657e3d75fc9cb862a
    • SHA1 016be72b4cf73850dceee1c83f88656de7064578
    • SHA256 2a24f47fde8ed12f583cddb3da17068e3d5e6587bd0bf3fb4ea6338606200d92

    Remediation for Users:

    • Do not open attachments or follow links within unsolicited emails.
    • Verify the legitimacy of any requests via email by contacting the sender through official channels.
    • Report any suspected spam email to NHSmail at spamreports@nhs.net using CareCERT Best practice guide: Reporting suspicious/unsolicited/spam emails within the NHS.
    • If you suspect your computer has become infected with a virus then unplug the network cable, turn off your Wi-Fi or power down your computer and immediately report the suspected infection to your IT support provider.

    Organisations Should Ensure:

    • A robust program of education and awareness training is delivered to users to ensure they don’t open attachments or follow links within unsolicited emails.
    • All operating systems, antivirus and other security products are kept up to date.
    • All day to day computer activities such as email and internet are performed using non-administrative accounts.
    • Strong password policies are in place and password reuse is discouraged.
    • Network, proxy and firewall logs should be monitored for suspicious activity.

  • Threat: CareCERT (NHS Digital) is aware of Social Engineering Targeting CCGs and GPs which NHS employees need to be aware of.

    Attackers are setting up email accounts registered on webmail services such as Hotmail in the name of an employee at a CCG/GP practice or supplier.

    The attacker uses the email account to target a staff member at the CCG/GP (for example a GP Practice Manager) to convince them to transfer funds to a UK bank account.

    Generally untargeted spam emails containing malicious attachments are easy for the trained eye to spot, whereas targeted (spear fishing) campaigns can be much more convincing: The attacker establishes a dialogue and the user expects a response containing instructions, a link or an attachment which they are likely to act upon.

    Remediation: If you receive an email from a familiar organisation or contact which you believe to be suspicious (such as an unusual payment request) from an organisation:

    • Do not open attachments or follow links from suspicious emails.
    • Validate the request by contacting the organisation or person through normal established channels (e.g. make a phone call or manually navigate to the organisations website.)
    • Report all suspected spam to NHSmail via spamreports@nhs.net for analysis and blocking.

    For further information see:

  • SPAM Emails Containing Phishing Website Links: NHSmail 2 support teams have identified a series of SPAM emails containing phishing website links being sent to users. An account with a nhs.net address is claiming to be from an IT Support Team and is asking users to verify their account by providing their credentials and password. This is not from the NHSmail2 support team. Users should never click any provided link to verify their accounts. This account has now been deactivated but certain user's may have received an email with a provided link.

  • Outgoing Internet Email – Blacklisting: NHSmail is periodically experiencing issues relating to blacklisting. Please review the Known Issues below for further information.

  • 15/05/2018 18:30 - 6423106 - IMAP and POP settings reverting to a disabled state

    Issue Description: As part of the work to implement anti-spoofing on NHSmail and protect the security of the platform, between 14 and 30 April 2018, some changes were made to reduce access to the SMTP, POP and IMAP protocols for email accounts.

    This has had an impact on the current SMTP/POP and IMAP settings for a small number of accounts integrated for use with applications. This may result in messages not being sent or received when using these applications.

    24/05/2018 12:30: Current update - Recommended that account settings are checked locally and report any incidents to the service desk.

NHSmail News

Things that are happening on the service that may impact your use of it.

  • Skype for Business will be available intermittently for a day due to a planned activity. This activity is scheduled to take place on 22nd July (Sunday). During this activity, any active chat windows will pause (the input area will be greyed out, preventing anymore messages) and users will be logged out.

    At the point the Skype platform is taken offline, users will be presented with a message, “(User) can't receive IMs right now. Status is unavailable or offline.” Any active calls at the time the platform is taken offline will continue. Users will be auto logged in when the platform is brought back online.

    If you are a Local Administrator, please ensure that this is communicated to your userbase and that business continuity plans are in place for Instant Messenger and Presence.

  • Changes are being made to stop spoofing on the NHSmail service. The NHSmail Spoofing Guide outlines what spoofing is, why these changes are being made and how they will be implemented.

    Email communications have commenced to email addresses which are currently spoofing, highlighting what action needs to be taken and by when.

    Guidance is available in the Portal Local Administrator Guide on how to enable / disable NHSmail SMTP / POP / IMAP settings.

Portal Releases, Known Issues and Guidance

Please see the current known issues outlined below:

  • Issue Description: There is an issue wherein owners are being removed when they update their SDLs, due to the "Add myself as owner" box defaulting to an un-checked state.

    Latest Update and Guidance: This is currently being investigated under PRB0077151 and will be fixed in a future release. As an interim workaround, owners must ensure that the "Add myself as owner" box is always checked when the SDL is updated, otherwise the user will remove themselves as an owner.

  • Issue Description: Mobile report doesn’t correctly show mobile device policies applied through the new security groups.

    Latest Update and Guidance: This is currently being investigated under PBI9941 and will be fixed in a future release.

  • Issue Description: Removing owners from a shared mailbox also removes their membership.

    Latest Update and Guidance: Re-add the owner as a member once they have been removed if membership is still desired.

  • Issue Description: When changing email address the UI accepts email addresses starting and ending with a ‘.’ or with consecutive ‘.’. These are invalid so can’t be saved but the UI presents them as ‘available’.

    Latest Update and Guidance: This is currently being investigated under PBI9938 and will be fixed in a future release.

  • Issue Description: After populating the notes field, if the user then navigates to a user operation (password reset etc) that navigates away from the main page – the notes field is cleared and must be re-populated. Existing notes remain populated in this scenario

    Latest Update and Guidance: This is currently being investigated under PBI9919 and will be fixed in a future release.

  • Issue Description: While trying to open up a SDL with defined owners, the page doesn't load the owners list at first go. A manual refresh is required to populate the owners.

    Latest Update and Guidance: Refresh the page one or two times to pull the owners into view.

  • Issue Description: There is an issue wherein the modal message doesn't show up when Admins set the new security group policy for the SDL.

    Latest Update and Guidance: This is currently being investigated under PBI9852 and will be fixed in a future release.

  • Issue Description: When an account is enabled or flagged as Leaver, an error message comes up, "An exception has occurred. Cannot move user in enable operation. Use the Move user cmdlet instead".

    Latest Update and Guidance: This is currently being investigated under PRB0065567 and will be fixed in a future release. Although the error message comes up, the action is getting executed fine in the back-end. If you get the error message, please refresh the page after a few seconds and you will see that the action (enabling or any other action) is processed successfully.

  • Issue Description: There is an issue with the push connector functionality where CSV files are not being processed.

    Latest Update and Guidance: This is currently being investigated under PBI700000433718 and will be fixed in a future release.

  • Issue Description: When an account is created through the Portal user interface, using the Portal .CSV Upload tools, or via TanSync, the account remains in a status of Pending instead of becoming Active.

    Latest Update and Guidance: This issue remains under investigation, but the NHSmail team are taking regular action to correct this problem and in many cases without further action being required from the Local Administrator.

    During each working day our engineers are correcting accounts that remain in the status of Pending. This activity occurs in the morning, at lunchtime and late afternoon. With this in mind, we would ask that Local Administrators allow time for this process to complete and re-review the status of the account later in the day before choosing to raise a support ticket with the NHSmail Helpdesk.

    Following the account correction the vast majority of accounts will become Active, however a few accounts may become Disabled or may require re-creating.

    • For Active accounts, no further action is required.
    • For Disabled accounts the Local Administrator should Enable them. They will then become Active.
    • If an account remains in Pending state after 24 hours please re-create the account and disregard the Pending account which will eventually be cleaned up and removed from mailbox reports etc.

  • Issue Description: Creating or updating accounts in bulk using the CSV Upload functionality of the Portal can result in the creation of duplicate accounts with an incremental email address (e.g. joe.bloggs@nhs.net, joe.bloggs1@nhs.net, joe.bloggs2@nhs.net) or accounts that sit in a status of Pending and do not progress to Active.

    Latest Update and Guidance: Although not the sole reason for duplicate accounts and accounts that result in a pending status, the volume of accounts that are included in a single CSV Upload submission is a significant contributor to the the issues being experienced. Likewise, the timing of the CSV Upload submissions can also contribute to a larger volume of issues being experienced during processing. A fix for this issue is currently under review with the expectation that it will be deployed under a future Portal release.

    As a workaround until the fix is deployed, the following recommendations should be followed:

    • Submit files for CSV Upload processing in batches no larger than 500 accounts per file
    • Try to avoid submitting files for CSV Upload during times of day that usage of the Portal is at its peak. Typically this is between 09:00 - 10:30 and between 13:00 - 14:00 Monday to Friday.
    • Avoid re-submitting the same file multiple times

  • Issue Description: When performing a simple search whilst trying to add a user to a Shared Mailbox, a Static Distribution list, or within Admin section (Local Administrators only) the results take an excessive amount of time to return or the search times out.

    Latest Update and Guidance: There is a known issue with the Simple Search options at peak times and this is looking to be optimised in a future Portal release. When adding users to Shared Mailboxes or Static Distribution lists please where possible use the Advanced Search using the email address of the user you are trying to add. Local Administrators have an additional option to support the activities they perform that is impacted by this simple search issue. LAs could run a Mailbox extract (Reports -> Mailbox Report) so they can then identify the users email address in that extract and search for it directly in Advanced Search so the result is found much quicker.

  • Issue Description: There is a known issue with Dynamic Distribution Lists that target a very large volume of recipients whereby a DDL cannot be created or edited due to a timeout error.

    Latest Update - 01/02/2018: A fix was implemented during December 2017 that enabled large DDLs to be created and edited normally and users should proceed to use the Portal user interface to action. However it has been identified that there remains an issue with the creation/editing extremely large DDLs that target more than approximately 21,000 recipients. Whilst a fix for this is being developed, if a new DDL that fails creation or you are unable to edit an existing DDL, please raise a request with the NHSmail Helpdesk quoting the DDL email address and the rule you wish to apply. The DDL will be created/amended as requested by an engineer.

  • Issue Description: When navigating to a Pending Static or Dynamic Distribution List via Profile > Distribution Lists then Administrators may not see the ‘Approve’ or ‘Reject’ buttons.

    Latest Update and Guidance: If you are an Administrator and have a Static or Dynamic Distribution List requiring your review you must find it by navigating to Admin > Distribution Lists. Do not attempt to approve by going via the Profile area.

  • Issue Description: It has been identified that a small number of accounts are getting stuck in the status of either Enabling or Disabling when an account is being attempted to be Enabled or Disabled in the Portal. Problem references PBI700000413347 and PBI700000413348 have been raised to investigate the root cause.

    User Impact: When accounts are stuck in either of these two statuses the Local Administrator will be unable to carry out a password reset or unlock and the end-user will be unable to log into their NHSmail account.

    Latest Update and Guidance: If after leaving the Portal record in the User Management screens and going back into the effected account details the status is still showing as Enabling or Disabling, the Local Administrator should attempt to Disable the account again and wait for confirmation that the action has been successful. If the aim was to disable the account not further action should be required. If the aim was to Enable the account, then the Local Administrator should click on Enable again to complete the process.

    In the event that this process is still unsuccessful then the Local Administrator should log a ticket with the NHSmail helpdesk for support.

  • Issue Description: When an end-user is having difficulty logging into the NHSmail Portal and has tried to use incorrect or expired credentials the account will lock for security purposes after 12 attempts and require support from a member of the Local IT Helpdesk or a Local Administrator to unlock and if necessary carry out a password reset. However, from the point of the last login attempt that has caused an account lock it can take up to 5 minutes for the updated account status (Locked) to be reflected in the NHSmail Portal.

    User Impact: If after the number of incorrect login attempts have been made a password reset is carried out prior to the Portal reflecting the Locked status, the account will not be able to be logged into with the temporary password given.

    Latest Update and Guidance: Please can Local IT Helpdesks and Local Administrators wait 5 minutes from the last attempted login to be sure that the account status has been updated successfully? This will ensure that accounts are in the correct status before a password reset is performed.

    If it is suspected that an account has hit this issue, the Local IT Helpdesk or a Local Administrator should re-check the account status. If the account showing as Locked, perform an Unlock and if necessary a further Password Reset. If the account is Active, please log a ticket with the NHSmail Helpdesk for further investigation.

  • Issue Description: There will be a delay of 15 – 20 minutes from when a user is removed as a shared mailbox owner to when their access is revoked.

    User Impact: Users will experience a delay from when they remove shared mailbox ownership to when access is actually removed.

    Latest Update and Guidance:

    Users should allow 20 minutes after removing access to a shared mailbox before the change will take place.

Portal Release - 21st June 2018

The following defect fixes and new Portal features were deployed on the evening of Thursday, 21st June 2018:

  • 8983 – Tooltip for Custom Attribute section on details pages – This PBI will provide tooltip text for the custom attribute section of the details page. This text will provide an explanation of what they are and how they can be used in DDL rules once populated.

  • 10240 – Integration changes for organisations to self-manage RaFT capabilities - This PBI will allow global and tenant admins to configure skype options (conferencing, voice/video and file transfer) at an organisation level. Admins with authorisations role can configure call recording at a user level.

  • 9233 – Allow Owner to Export/Import SDL Members - This PBI will allow an owner of an SDL to perform an import/export of recipients.

  • 4689 – User able to update clinical specialty, work area and role in their profile - This PBI will enable the user to update their clinical specialty, work area and role from their profile page.

  • 9992 – User Policy Search API - This PBI covers the creation of an API to retrieve saved user policies, using simple search criteria. Policies returned will be owned by the organisation that the logged in User is a Local Administrator for.

  • 9979 – User Policy Search Pages - This PBI covers the creation of a new screen allowing an administrator to search for created User Policies within their permissible scope.

  • 9978 – User Policy Management Menu Item - This PBI covers the addition of a new item on the Admin Menu allowing Administrators access to the User Policy functionality added for O365.

  • 9977 – Create User Policy Screen - This PBI covers the creation of a new screen allowing administrators to create a new User Policy through the NHSMail portal.

  • 10036 – Check if an Organisation has got O365 services enabled - This PBI covers the development of an API which will be used to determine if an administrator should be shown O365 Settings when creating and editing a User Policy.

  • 10039 – Retrieve available O365 licences for an Organisation - This PBI covers the development of an API which will retrieve all the available licences for an O365 enabled organisation. These will be shown to the user to select the correct licence type that is required for the user policy.

  • 10380 – Creation of a User Policy - This PBI covers the development of an API and validations to create the User Policy within the NHSMail portal DB.

  • 10840 – Adding a member to a User Policy - This PBI covers validations and searches required for adding members to a user policy. Only members from within the owning organisation can be added to the policy. If a policy has been mapped to an O365 licence, a user will only be able to add users if there available licences.

  • 10040 – Retrieve available applications - This PBI covers the development of an API to retrieve the available applications for the specified licence type. Access to these applications can then be controlled through the NHSMail portal.

  • 11009 – New O365 Admin Role - This PBI will add a new temporary O365 Admin role to the Portal application. This is to restrict access to the O365 Admin features during the beta pilots.

  • 7537 – DL’s stuck in Pending after LOA Authorisation – Fix implemented to prevent authorised Distribution Lists from remaining in a pending state after approval by an LOA.

  • 9685 – Inconsistency in audit search result if criteria is based on target object only - Fix implemented to correctly display audit results when only a target object is included within the target object field.

  • 9931 – R1.13 - Inconsistent caching issue prevents loading SDL owners list - Fix implemented to correctly load the SDL owners list when an SDL is opened in the edit view.

  • 9540 – Statistics / Dashboard Report - Fix implemented to correctly calculate active/inactive percentage values with the total value equalling 100. This fix will apply to the active/inactive users chart within the statistics section of the portal as well as the dashboard report.

  • 8770 – Admins with authorisations role unable to update user subscription - Fix implemented to allow users with an authorisations role to be able to manage a user’s top up subscriptions (mailbox size and skype subscriptions/settings).

  • 9547 – Unable to mark inactive accounts as Leaver - Fix implemented to prevent an inactive account marked as a leaver “Active (Leaver)” from reverting back to an inactive status after the page has been reloaded.

  • 9561 – Admin->Mover Leaver Report doesn't include users who are joined through Transfer operation - Fix implemented to include users within the Mover Leaver Report who are transferred from one organisation to another as opposed to just capturing users who move to another Org through the Leaver/Joiner process.

  • 10527 – TANSync able to create invalid .nhs.uk accounts - Fix implemented to prevent TanSync from creating entries other than nhs.net accounts.

  • 8978 – Unable to add locked user to shared mailbox membership - Fix implemented to allow users in a locked status to be visible in the user picker for adding to shared mailboxes.

  • 9669 – Warning message on permissions removal action needs to be consistent - Fix implemented to make the warning message consistent.

  • 9230 – When the account is locked, last updated field is getting updated - Fix implemented to update the “Updated By” field in addition to the “Last Updated” field when the account is locked for scheduled task execution.

  • 11054 – NULL Samaccountname (Pending accounts) prevents user creates - Fix implemented to update the create user action to prevent a SamAccountName from being created with a NULL value.

  • 9701 – Time out when creating/updating - Fix implemented to increase the timeout interval for DDL creation to prevent a timeout error for larger DDL’s.

Skype For Business Known Issues

The key known issues affecting the Skype for Business desktop / mobile application are outlined below. These known issues are seperated out into Instant Messenging and Presence (NHSmail core service) and Audio and Video Conferencing (NHSmail additional service):

Instant Messaging and Presence

  • Issue Description:'Send a meeting' invite from Skype for Business option does not work for users who have outlook configured on their local machine (both via N3 and Internet)

    Latest Update and Guidance:This is expected behaviour whilst audio and video conferencing is not enabled. Users do not need take any action.

    Steps to re-create:

    1. User right-clicks on a contact in their contact list
    2. User selects ‘Schedule a Meeting’

    This results in no action being taken.

  • Issue Description:Once the address book download is completed (approx. a day across platform), the user can search contacts within their organisaiton and Instant Message each other without having the need to add them in their local contacts list. Only applicable to thick client.

    Latest Update and Guidance:Users should use the full email address for searching for their contacts until the address book download is completed.

    Steps to re-create:

    1. User searches for another user in Skype for Business using only first and surname before full address book sync has completed

    This results in the user receiving the error message ‘Address book synchronizing. Results may not be current.’. The user should search using the full email address when searching for users in the Skype for Business IM window. When searching for any users external to a user’s organisation, they should always search by email address.

  • Issue Description:Users on Windows XP platform will not be able to use desktop clients. To avoid compatibility and latency issue during IM they're advised to use web clients (> IE 9.0)

    Latest Update and Guidance:The product is not compatible with Windows XP. Please refer to the Service Configuration Guide.

  • Issue Description: Users receive an error message similar to “Cannot synchronize address book” or “Skype for Business can’t sync with your organisation’s address book right now”. This address book synchronisation failure is due to a bug in Microsoft Office 2016.

    Latest Update and Guidance: There is a requirement for local IT teams to update MS Office to the latest version to fix this issue. Users should speak with their Local Administrator for further guidance.

Audio and Video Conferencing

  • Issue Description: The Skype for Business mobile application does not support content sharing through peer-to-peer calls when one participant is on a desktop device and the other on a mobile device.

    The issue does not impact Skype for Business meetings but only direct peer-to-peer calls from the Skype for Business desktop application to the Skype for Business mobile application.

    User Impact: Users on a mobile device will be unable to view content being shared on a peer-to-peer call. The user on the desktop will be unaware that the content is not viewable unless the mobile device user notifies them.

    Latest Update and Guidance:

    Guidance for Users: Rather than initiating a peer-to-peer call, the desktop application user should use the 'Meet Now' feature in Skype for Business and invite the mobile user to join the Skype for Business meeting by following the instructions below:

    1. Open the Skype for Business desktop application
    2. Click the drop down arrow next to the settings icon and select Meet Now

    3. Add people to the meeting by clicking Invite More People
    4. Type the name or email address of the person you want to add in the box. Select the correct user from the list and click OK
  • Issue Description: Users who are enabled for Instant Messaging and Presence-only cannot join the audio/video for Skype for Business Meetings. The Skype for Business desktop application will launch and join the call, but no audio/video will be available.

    User Impact: The user is unable to join the audio/video of the audio/video for the Skype for Business Meeting.

    Latest Update and Guidance:

    Guidance for Users: The user should join the call via the Skype for Business web application as a guest. User should follow the instructions below to join as a guest:

    1. Open the Skype for Business Meeting from Outlook / Outlook Web App
    2. If available in the meeting invitation, click Skype for Business Web App as per the screen shot below.
    3. If this link is not available in the meeting invitation do the following;
      • Right click on Join Skype Meeting and select Copy Hyperlink .
      • Open a new browser window
      • Paste the copied URL into the browser box and add ?sl=1 at the end e.g. https://join.nhsmeeting.com/meet/ted.jones/V5T8957J?sl=1
      • Press Enter to open the meeting via the Skype for Business web application.
    4. Click Sign in as a guest to the meeting

    5. Click to download the Skype for Business Web App plug-in if not previously completed

    6. If the meeting does not automatically launch in the web application, click Join the meeting
  • Issue Description: Occasionally, Skype for Business Meetings may not launch due to connectivity issues following clicking the Join Skype Meeting from a meeting invitation.

    User Impact: User is unable to join the Skype for Business Meeting.

    Guidance for Users: Users experiencing this issue should try joining again after 30 seconds. If this issue persists, users should contact their Local IT Support Team for further support.

  • Issue Description: When a user clicks Join Skype Meeting from a meeting invitation, they are directed to meet.nhs.net which subsequently launches the Skype for Business desktop application or web application as appropriate. In some instances, a security log-in will pop up. The user will experience that they are unable to log in using their NHSmail credentials.

    User Impact: The user may occasionally experience a security login pop-up when attempting to join a Skype for Business meeting. If the user attempts to log in, they will receive an error message.

    Guidance for Users: Users should click Cancel when faced with the security pop-up pictured below. Once cancelled, the Skype for Business desktop application or web application should launch successfully.

  • Issue Description: Shared Notes will not be available for meeting participants to view or modify content during meetings if all conference/ call attendees do not have OneNote installed on their PCs.

    User Impact: This may cause some confusion for users as the 'Shared Notes' option will still appear in the desktop application regardless of whether they have OneNote installed or not.

    Guidance for Users: Users are advised to capture meeting notes via a different method or install OneNote to utilise this feature.

General Known Issues and Guidance

This section provides information and guidance on the common issues and questions raised by users of NHSmail. You can use the dropdowns below to show more information on each of the issues

  • Issue Description: Some government organisations have tested turning off the family domain ‘GCSX’ on 29th June 2018 and this resulted in some organisations being unable to send emails to some email addresses ending .gcsx.gov.uk since then.

    Latest Update and Guidance:This is in preparation for the retirement of the .gcsx.gov.uk domain in March 2019 (https://www.gov.uk/guidance/securing-government-email). If you experience similar issues whereby you are unable to send emails to a local government organisation, then please inform them that you are not able to send emails to their .gcsx.gov.uk email address and to determine the best alternative means of communication.

  • Issue Description: Outlook performance issues with folders in secondary mailbox.

    Latest Update and Guidance: Perfomance issues may be noticed with folders in secondary Microsoft Exchange Server mailboxes in Outlook 2016, 2013, 2010 and 2007 versions. New items may not appear or seem missing in secondary mailbox, deleted items may still appear in secondary mailbox or Outlook keeps crashing erratically. To solve these issues, please follow the guidance availabe in the Microsoft KB article.

  • Issue Description: Outlook performance issues when many shared folders or mailboxes are open. Additionally, users may encounter an error message when making changes or additions to a calendar, such as:

    "You don't have permission to create an entry in this folder. Right-click the folder, then click Properties to check your permissions for the folder. See the folder owner or your administrator to change your permissions."

    Latest Update and Guidance: It is a known issue within Outlook that an error occurs when making changes or additions to a calendar. The recommendation by Microsoft is to have 5 shared folders or mailboxes, but on a faster connection this can be as high as 10 or more. For more details please follow the Microsoft KB article.

  • Issue Description: All the folders of a mailbox do not load or appear in Outlook.

    Latest Update and Guidance: It is a known issue with Outlook that all the folders do not load or appear if there are too many folders within the mailbox. If there are more than 500 folders in the mailbox, it is likely to cause performance issues in Outlook. More details can be found in the Microsoft KB article.

  • Issue Description: When accessing email (OWA) from the portal via Safari 11.1 on MacOS High Sierra, users receive an error message as shown below and when accessing email (OWA) from the portal via Safari 11.1 on iOS, users get a bank screen.

    An example of the error received on MacOS is as follows:

    Latest Update and Guidance: The root cause of the issue is currently being investigated. As an interim workaround for MacOS and iOS, please follow the below:

    • For MacOS - Logout and clear cookies, then go to email.nhs.net directly (bypassing the portal) or use an alternate browser such as Chrome.
    • For iOS - Click the blue email icon (as shown below) after logging in to the portal www.nhs.net to access email.

  • Issue Description: When attempting to send an email to an existing address, a non-delivery report is received stating that 'The message wasn't delivered to anyone because there are too many recipients. The limit is 0. This message has 1 recipients'.

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance: This kind of non-delivery report is received when the user sends email without agreeing to the AUP and setting security questions in Portal. Users need to accept the AUP and set security questions before being able to send emails – otherwise will receive this error when sending emails.

  • Issue Description: Although users are either correctly set up as members of shared mailboxes, or delegates with ‘Send As’ rights to user mailboxes in the Portal they still receive the following message in a non-delivery report when sending from the account in the Outlook Client, getting the error message as :

    "This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user."

    Latest Update and Guidance:This issues occurs when using an auto-complete entry that already resides in the Outlook Client auto-complete cache, and this needs to be removed and replaced with the 'From' mailbox selected directly from the Global Address List (GAL). Please attempt the following steps to resolve the issue:

    1. Go to the inbox of the shared mailbox you wish to send an email from in the Outlook Client.

    2. Click on 'New Email'.

    3. Click on the 'From' drop-down button and it should show user's personal nhs.net email address along with possibly the shared mailbox email address user is trying to send from. If the shared mailbox exists in the list click on the X next to the email address to remove the auto-complete entry. If the shared mailbox is not in the list, go to step 4.

    4. The 'From' drop-down list should persist, so click on the 'Other Email Address..' option.

    5. Rather than starting to type in the email address, click on the 'From' button to bring up the GAL.

    6. Find the shared mailbox in the GAL and double-click on it. The GAL will disappear and populate the 'From' box.

    7. Ensure that the 'Send Using' option is showing as your personal nhs.net email address.

    8. Click on 'OK'.

    9. Try to send an email.

  • Issue Description: When attempting to send an email to an existing address stored in your email auto-complete selection list, or a new email address typed in manually, a non-delivery report is received stating that 'The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your helpdesk.'

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance:

    This kind of non-delivery report is typically received due to one of two reasons.

    • Firstly, the email address may have been typed incorrectly. Please double-check the email address you are sending to. If it is an NHSmail address, try adding the address from the Global Address List (click on the 'To...' button within the Outlook Client). If it is an nhs.uk address or an email outside of the NHS, please re-confirm with the recipient that the address you are sending to exists.
    • Secondly if looking further down the non-delivery report you see a message similar to the example below it is likely that the issue is caused by a corrupt auto-complete entry in the Outlook Client software which is easily corrected. Follow the guidance below to help correct this issue.

    Please follow the steps below to remove the auto-complete entry and then find the distribution list within the Global Address List (GAL):

    • Begin typing the name of the distribution list you want to use into a blank email within the Outlook Client software and you will see the auto-complete option similar to the following:

    • Click on the black cross to remove the entry from your Outlook Client auto-complete library.
    • Click on the To: button within the new email to access the Global Address List.
    • Type in the name or email address and click ‘Go’. Note: ensure that the ‘More columns’ radio button is chosen as shown in the example below which will search the email address column too.

    • Click the ‘OK’ button to return to your email. You should now be able to send successfully to the email address.

    In the event that this guidance does not resolve the issue, then please raise a ticket with your local IT Helpdesk or alternatively the NHSmail Helpdesk for additional assistance on this issue.

  • Auto-mapping is the automatic addition to the Outlook Client of any delegate or shared mailbox a user has security permissions to. The auto-mapping of mailboxes that a user has permissions to is enabled by design across the NHSmail platform. 

    The auto-mapping of accounts cannot be disabled on a per user basis, or across specific organisations. Mailboxes will be removed when the user’s permissions to the mailbox are also removed via the Portal by the mailbox owner or a Local Administrator. This decision has been taken to assist users with the adding of mailboxes they have permissions to access automatically rather than have to add mailboxes manually and to prompt the removal of the mailbox permissions after they are no longer required by the user.

  • When using the Outlook Client software connected to a local organisation domain, users should be aware that when prompted for NHSmail login credentials Outlook by typically offers the local domain username and only requests a password. NHSmail users should check closely the username that is being offered and if it is not your NHSmail email address choose the 'Use a different account' option to allow you to type in a replacement username (your NHSmail email address) and then add your NHSmail password.

    Likewise, when adding an NHSmail account to the Outlook Client for the first time the software defaults to the local domain username when following the account setup wizard. To add your NHSmail email address, simply start deleting characters from the email address text box and the window will expand to allow you to enter your NHSmail credentials.

  • Issue Description: The NHSmail Service experiences periodic issues relating to blacklisting. This is where external email and spam filtering services block email being sent from NHSmail to other email providers.

    Real Time Blacklists (RBL) is a measure employed across the industry to identify and block unsolicited (spam/phishing) email. There are thousands of RBL services operating using their own business rules. RBL services operate reactively and automatically blacklist network addresses. Receiving systems (e.g. other email providers) will typically check incoming email against one or multiple RBL provides. If the email is being sent from a listed system, the email is then rejected by the recipient system. Due to this, email to and from the Internet is never guaranteed for delivery.

    The NHSmail 2 Email Gateway has been designed to minimise the occurrences of RBL listing. Despite all the active design improvements there is still a residual risk that email across the Internet (i.e. to external domains such as Gmail) cannot be guaranteed for delivery. Proactive monitoring is in place to identify when blacklisting occurs to ensure the NHSmail Team can respond as quickly as possible to apply for de-listing. The de-listing process is dependent on third party organisations’ process and can take several hours for the process to complete.

    User Impact: Users may receive a non-delivery receipt following trying to send an email to an external email domain - for example, firstname.lastname@gmail.com. Email sent to external domains that block NHSmail will not be received by the recipient.

    Guidance for Users:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. Users do not need to report these issues to the NHSmail Helpdesk.

    Guidance for NHSmail LOAs:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. LOAs do not need to report these issues to the NHSmail Helpdesk.

    If your organisation relies on sending or receiving email to and from the Internet, you should ensure:

    • You know which systems rely on sending and receiving email to and from the internet and the business impact for each system if email is blocked
    • Have a business continuity plan in place for business critical services
    • You have monitoring systems in place to detect message delivery issues
    • Your systems have the ability to re-send messages that have not been delivered both individually and in bulk
    • Those sending you email also have the ability to re-send messages that have not been delivered both individually and in bulk
    • Your organisation is able to sustain not being able to send or receive email for up to four days to/from internet addresses
    • Where you have a reliance on time critical guaranteed communication you should have alternative methods of communication in place such as system to system electronic data interchange N.B. SMS messaging is not a guaranteed or secure delivery method
    • Outgoing email is scanned for spam and antivirus before being sent

    Guidance for External Email Services (e.g. NHS.UK and secure government email services):

    It is highly unlikely that email delivery between NHSmail, secure government email services and N3 hosted NHS.UK email services will ever be impacted by blacklisting. However, we recommend that organisations whitelist the previously provided and current NHSmail deliver IP address to avoid receipt issues from NHSmail. This will reduce the residual, highly unlikely, risk of NHSmail being blocked by local reputational databases.

  • Issue Description: Based on feedback from our userbase, the NHSmail Service will be introducing controls in the future to prevent spoofing. This is where emails are sent to NHSmail pretending to be from an "@nhs.net" account, but are in fact not. As an interim measure, emails that are spoofing the Service will not be blocked, but will be stamped with the following message:

    There are no further configuration changes to email authenticity controls at this time. Advance notification and guidance will be provided to organisations prior to any restrictive measures being introduced.

    User Impact: Where an email is being sent to a user that is pretending to come from an NHSmail account, the email will be stamped with the message shown above.

    Latest Update and Guidance:

    Users do not need to take any action on these notifications. They are provided for informational purposes only by the NHSmail Team.

  • Issue Description: Some users are experiencing issues using the 'Autodiscover' function when adding NHSmail to Windows 8 and Windows 10 phones. The root cause is being investigated by the support teams. In the meantime a workaround available to manually add the account.

    Guidance for Users on Windows 8:

    To add an NHS email account to Windows phone 8, do the following:

    1. Select Settings.
    2. Scroll down and select ‘email+accounts’.
    3. Select ‘add an account’.
    4. Select ‘Exchange’.
    5. Enter your NHSMail email address in the ‘Email address’ field.
    6. Enter your NHSMail password in the ‘Password’ field.
    7. Select ‘sign in’ at the bottom of the screen.
    8. If this fails, press ‘sign in’ again.
    9. At the next screen, select ‘advanced’
    10. In the ‘Server’ field enter eas.nhs.net
    11. Select ‘sign in’
    12. Close Settings.

    Guidance for Users on Windows 10:

    To add an NHS email account to Windows phone 10, do the following:

    1. Select Settings.
    2. Scroll down and select ‘Accounts’.
    3. Select ‘Email app accounts’.
    4. Select ‘Add an account’
    5. Select ‘Exchange’
    6. Enter your NHSMail email address in the ‘Email address’ field, select Next
    7. Enter your NHSMail password in the ‘Password’ field.
    8. Select ‘sign in’ at the bottom of the screen.
    9. If this fails, press ‘sign in’ again.
    10. At the next screen, select ‘advanced’
    11. In the ‘Server’ field enter eas.nhs.net
    12. Select ‘sign in’
    13. Close Settings.

  • Issue Description: NHSmail users may experience reduced user interface performance whilst using the premium version of OWA with the IE8 browser via www.nhs.net. Refer to the Browser Version Guidance if you are unsure of which version you are using.

    It is recommended that those users who still need to use the IE8 browser to access NHSmail make use of the OWA Light user interface to avoid encountering issues. Some functions are not available in OWA Light, such as access to Shared Folders. You can find more information on the available functions in OWA Light in the Browser Comparison Guide.

    To Enable or Disable OWA Light with IE8:

    1. Click on the Settings icon at the top right of the screen and select Display Settings

    2. Select the ‘Outlook Web App version’ option then check the ‘Use the light version of Outlook Web App’ tick box.

    3. Finally, click on the ‘OK’ option at the top of the screen. You will then need to log out and log back into OWA to experience the light version.

  • Issue Description: Compatibility issues have been identified when using Outlook 2010 service pack 2. This issue mainly impacts organisations running Windows XP desktop machines, but compatibility issues may still be seen with later operating systems when running Outlook 2010 SP2. Organisations should be aware that Windows XP is no longer supported by Microsoft. This means that this software is no longer tested when new software is released and is not provided with important security updates by Microsoft.

    User Impact: Users are continually prompted to enter their username and password even if they have enter the correct credential information, as per the screenshot below:

    Latest Update and Guidance 1/12/2017:

    Guidance for Users: Users should contact their local IT support desk for guidance on this issue. As a workaround, users can access NHSmail using Outlook Web App at www.nhs.net.

    Guidance for LAs / Local IT: Organisations have a number of options :

    1. Ideally upgrade to Outlook 2016 or at a minimum Outlook 2013 SP1

    2. Where upgrading is not possible organisations running Outlook 2010 Service Pack 2 and connecting via MAPI over HTTP should also deploy the hotfixes referenced by the following Knowledgebase articles;

    3) Where it is not possible to deploy the patches organisations should use Outlook Anywhere to access email.


NHSmail Service Level Performance Summary

This section publishes a summary of Accenture's monthly performance against the service levels agreed with NHS Digital to provide the NHSmail service. Each month's performance summary is provided in PDF format and available for download using the links provided in the table below If you have any questions or queries related regarding the published performance summary information please contact feedback@nhs.net.

Month Performance Summary Link
May 2018 Link
April 2018 Link
March 2018 Link