NHSmail Enabling collaboration for health and social care


Service Status

Last updated: 12/11/2018 15:15

Unfortunately, following the enabling of the anti-spoofing controls, some organisations have been experiencing issues with implementing the guidance provided. To allow organisations time to overcome these issues, we have reversed the anti-spoofing changes and will re-introduce them within the next few weeks, with the exact date confirmed nearer the time after additional work is completed with system suppliers. In the meantime, please continue to regularly check the junk email folder within your mailbox.

This page provides you with up-to-date information on the status of the NHSmail services and any key known issues impacting users.

It is recommended that you regularly check these pages. For further information on any High Severity Service Incidents (HSSI) please refer to the NHS Digital Service Status Page (via N3/HSCN/NHS connection).

Email Gateway/Relay Status
Incoming Internet Email
Outgoing Internet Email
Internal NHS Email
NHSmail Status
Portal (administration tools)
Outlook Web Access (www.nhs.net)
Email Client Access (Outlook)
Mobile/Tablet Access

Complaints and Escalations Process

If you have any complaints about the NHSmail service, please email the national helpdesk. If you wish to raise an escalation, further information is available within the drop-down menu below.

  • NHSmail helpdesk

    LAs and users have the option to escalate incidents they feel have not been dealt with in an appropriate way or where the resolution provided does not answer the original query. Support is in place to deal with escalations 24/7.

    NHSmail helpdesk escalation process steps:

    • The LA / user provides the original ticket reference for the escalation being raised to the helpdesk.
    • The LA / user to provide an explanation of the reasons for the escalation and why the previous feedback has not provided the solution required.
    • The helpdesk should then perform an escalation to the appropriate Subject Matter Expert (SME).
    • If the escalation response is not acceptable then a further escalation can be requested to a higher level
    • Once the issue has been resolved, the helpdesk (or SME that has been dealing with escalation) will notify the originator of the issue via telephone / email to confirm closure of the escalation before actual closure of the incident takes place.

    Feedback mailbox

    The NHSmail Live Service Team also deals with escalations, via the ‘feedback’ mailbox. The team will check the following details before raising an escalation with the supplier:

    • If the incident / issue has already been recorded at the NHSmail helpdesk. If not, the LA / user will be asked to contact the helpdesk unless the incident / issue has service, security or clinical impact concerns.
    • If the incident / issue is still within agreed Service Level Agreements (SLAs) for the severity type (if it has already been raised with the helpdesk), the LA / user will be advised to contact the helpdesk for an update. The agreed incident resolution time is 48 hours excluding non-core hours, non-core hours are 22:00 until 07:00 so effectively this is 3 working days.
    • If a response has been provided by the helpdesk and this has not resolved the issue, and it’s still within 72 hours of the ticket being resolved / closed, the LA / user will be advised to contact the helpdesk to request that the ticket is re-opened.

    If an incident / issue remains unresolved after the above steps have been taken, it will be escalated by the NHSmail Live Service Team to the supplier.

High Severity Service Incidents

In the event of High Severity Service Incidents (HSSIs), information will be provided in this section. You can also see any HSSIs raised within the last 7 days.

  • Threat: Malware Delivery Campaign Using Spoofed NHS Email Addresses

    CareCERT is aware of a recent spam email campaign which uses spoofed @hscic.gov.uk and @nhs.net email addresses to deliver a malicious link which, when clicked, downloads a malicious JavaScript attachment containing malware.

    Example email:

    You have received an invoice from PLACE HSCIC (HEALTH AND SOCIAL CARE INFORMATION CENTRE) [SPOOFED EMAIL ADDRESS] for £3,534.49. To view, print or download a JS copy of your invoice, click the link below:




    Malware Name: Trojan.Script.Heuristic-js.iacgm

    Malware file hashes:

    • MD5 3b8927da0cdca9e657e3d75fc9cb862a
    • SHA1 016be72b4cf73850dceee1c83f88656de7064578
    • SHA256 2a24f47fde8ed12f583cddb3da17068e3d5e6587bd0bf3fb4ea6338606200d92

    Remediation for Users:

    • Do not open attachments or follow links within unsolicited emails.
    • Verify the legitimacy of any requests via email by contacting the sender through official channels.
    • Report any suspected spam email to NHSmail at spamreports@nhs.net using CareCERT Best practice guide: Reporting suspicious/unsolicited/spam emails within the NHS.
    • If you suspect your computer has become infected with a virus then unplug the network cable, turn off your Wi-Fi or power down your computer and immediately report the suspected infection to your IT support provider.

    Organisations Should Ensure:

    • A robust program of education and awareness training is delivered to users to ensure they don’t open attachments or follow links within unsolicited emails.
    • All operating systems, antivirus and other security products are kept up to date.
    • All day to day computer activities such as email and internet are performed using non-administrative accounts.
    • Strong password policies are in place and password reuse is discouraged.
    • Network, proxy and firewall logs should be monitored for suspicious activity.

  • Threat: CareCERT (NHS Digital) is aware of Social Engineering Targeting CCGs and GPs which NHS employees need to be aware of.

    Attackers are setting up email accounts registered on webmail services such as Hotmail in the name of an employee at a CCG/GP practice or supplier.

    The attacker uses the email account to target a staff member at the CCG/GP (for example a GP Practice Manager) to convince them to transfer funds to a UK bank account.

    Generally untargeted spam emails containing malicious attachments are easy for the trained eye to spot, whereas targeted (spear fishing) campaigns can be much more convincing: The attacker establishes a dialogue and the user expects a response containing instructions, a link or an attachment which they are likely to act upon.

    Remediation: If you receive an email from a familiar organisation or contact which you believe to be suspicious (such as an unusual payment request) from an organisation:

    • Do not open attachments or follow links from suspicious emails.
    • Validate the request by contacting the organisation or person through normal established channels (e.g. make a phone call or manually navigate to the organisations website.)
    • Report all suspected spam to NHSmail via spamreports@nhs.net for analysis and blocking.

    For further information see:

  • SPAM Emails Containing Phishing Website Links: NHSmail 2 support teams have identified a series of SPAM emails containing phishing website links being sent to users. An account with a nhs.net address is claiming to be from an IT Support Team and is asking users to verify their account by providing their credentials and password. This is not from the NHSmail2 support team. Users should never click any provided link to verify their accounts. This account has now been deactivated but certain user's may have received an email with a provided link.

  • Outgoing Internet Email – Blacklisting: NHSmail is periodically experiencing issues relating to blacklisting. Please review the Known Issues below for further information.

  • 17/10/2018 12:08 - INC8186773 - Skype for Business Dial-in conferencing issues

    Issue Description: Some users are unable to dial into NHSmail Skype for Business conferences from standard telephone networks. Instant messaging, presence, VoIP audio calls and conferences, and video calls and conferences are unaffected.

    17/10/2018 12:30: Resolved - Following a restart of services on the Skype for Business SBC servers, dial-in conferencing functionality has been restored and operating normally.

  • 20/09/2018 - INC7880707 - NHSmail Relay e-mail delivery delays

    Issue Description: NHSmail Relay delivery delay for some e-mails.

    Users may experience a delivery delay with some e-mails routed via one of the NHSmail Relay data centres. This issue is currently being investigated but the backlog of emails is currently clearing.

    20/09/2018 17:30: Resolved - Queues have cleared and the issue has been resolved.

NHSmail News

Things that are happening on the service that may impact your use of it.

  • Following a recent review of how account lockout incidents are dealt with, a step by step guide has been published to assist the Local Administrator community and users by providing information on how to resolve the most common forms of repeated lockouts. This guide is located in the Policy and Guidance section of the Portal help pages, under General Guidance

  • Unfortunately, following the enabling of the anti-spoofing controls, some organisations have been experiencing issues with implementing the guidance provided. To allow organisations time to overcome these issues, we have reversed the anti-spoofing changes and will re-introduce them within the next few weeks, with the exact date confirmed nearer the time after additional work is completed with system suppliers. In the meantime, please continue to regularly check the junk email folder within your mailbox.

    This security improvement is intended to help keep NHSmail safe and to improve the way that incoming emails are processed to stop spoofing on the NHSmail Service. The NHSmail Spoofing Guide outlines what spoofing is and why these changes are being made.

    Any emails spoofing @nhs.net will be directed to a recipient’s ‘junk’ mailbox instead of the inbox. The email will still be received, but it will be directed to the junk mail folder.

    From early spring 2019, spoofing will be blocked completely from the NHSmail Service.

    Additional information is available on the anti-spoofing controls on the Policy and Guidance page of the Portal under ‘General Guidance’:.

    Guidance is also available in the Portal Local Administrator Guide on how to enable / disable NHSmail SMTP / POP / IMAP settings.

  • The Business Continuity and Disaster Recovery (BCDR) test, that was scheduled for 22 and 23 September 2018, has been postponed to March 2019. Specific dates will be published here closer to the time.

    We do not expect any impact on end users during the course of the test, however Local Administrators should review their local business continuity arrangements as a precaution. If there are any organisations involved in self-migration NHSmail activity, a pause should be planned once dates are confirmed.

  • Please find detailed below the dates / times of the upcoming Local Administrator webinars and open sessions. Further information, along with an invitation, will be sent to all Primary / Local Administrators around a week before the scheduled session.

    Date Time Session
    Thursday 29 November 2018 11:00-11:45 Open session
    Wednesday 30 January 2019 11:00-12:00 Webinar
    Wednesday 27 February 2019 11:00-11:45 Open session
  • The annual user satisfaction survey is now closed. Thank you for all of the responses received. Results will be published on this site in due course.

Portal Releases, Known Issues and Guidance

Please see the current known issues outlined below:

  • Issue Description: There is an issue whereby the ‘Delete OneDrive’ button is available under the Actions section of the User Details page in the portal for user accounts that don’t have an Office 365 license.

    Latest Update and Guidance: This is being investigated by the development team with a view to ensuring all ineligible accounts have the button greyed out. The fix will be deployed in a future portal release.

  • Issue Description: There is an issue wherein owners are being removed when they update their SDLs, due to the "Add myself as owner" box defaulting to an un-checked state.

    Latest Update and Guidance: This is currently being investigated under PRB0077151 and will be fixed in a future release. As an interim workaround, owners must ensure that the "Add myself as owner" box is always checked when the SDL is updated, otherwise the user will remove themselves as an owner.

  • Issue Description: Mobile report doesn’t correctly show mobile device policies applied through the new security groups.

    Latest Update and Guidance: This is currently being investigated under PBI9941 and will be fixed in a future release.

  • Issue Description: Removing owners from a shared mailbox also removes their membership.

    Latest Update and Guidance: Re-add the owner as a member once they have been removed if membership is still desired.

  • Issue Description: When changing email address the UI accepts email addresses starting and ending with a ‘.’ or with consecutive ‘.’. These are invalid so can’t be saved but the UI presents them as ‘available’.

    Latest Update and Guidance: This is currently being investigated under PBI9938 and will be fixed in a future release.

  • Issue Description: After populating the notes field, if the user then navigates to a user operation (password reset etc) that navigates away from the main page – the notes field is cleared and must be re-populated. Existing notes remain populated in this scenario

    Latest Update and Guidance: This is currently being investigated under PBI9919 and will be fixed in a future release.

  • Issue Description: While trying to open up a SDL with defined owners, the page doesn't load the owners list at first go. A manual refresh is required to populate the owners.

    Latest Update and Guidance: Refresh the page one or two times to pull the owners into view.

  • Issue Description: There is an issue wherein the modal message doesn't show up when Admins set the new security group policy for the SDL.

    Latest Update and Guidance: This is currently being investigated under PBI9852 and will be fixed in a future release.

  • Issue Description: When an account is enabled or flagged as Leaver, an error message comes up, "An exception has occurred. Cannot move user in enable operation. Use the Move user cmdlet instead".

    Latest Update and Guidance: This is currently being investigated under PRB0065567 and will be fixed in a future release. Although the error message comes up, the action is getting executed fine in the back-end. If you get the error message, please refresh the page after a few seconds and you will see that the action (enabling or any other action) is processed successfully.

  • Issue Description: There is an issue with the push connector functionality where CSV files are not being processed.

    Latest Update and Guidance: This is currently being investigated under PBI700000433718 and will be fixed in a future release.

  • Issue Description: When an account is created through the Portal user interface, using the Portal .CSV Upload tools, or via TanSync, the account remains in a status of Pending instead of becoming Active.

    Latest Update and Guidance: This issue remains under investigation, but the NHSmail team are taking regular action to correct this problem and in many cases without further action being required from the Local Administrator.

    During each working day our engineers are correcting accounts that remain in the status of Pending. This activity occurs in the morning, at lunchtime and late afternoon. With this in mind, we would ask that Local Administrators allow time for this process to complete and re-review the status of the account later in the day before choosing to raise a support ticket with the NHSmail Helpdesk.

    Following the account correction the vast majority of accounts will become Active, however a few accounts may become Disabled or may require re-creating.

    • For Active accounts, no further action is required.
    • For Disabled accounts the Local Administrator should Enable them. They will then become Active.
    • If an account remains in Pending state after 24 hours please re-create the account and disregard the Pending account which will eventually be cleaned up and removed from mailbox reports etc.

  • Issue Description: Creating or updating accounts in bulk using the CSV Upload functionality of the Portal can result in the creation of duplicate accounts with an incremental email address (e.g. joe.bloggs@nhs.net, joe.bloggs1@nhs.net, joe.bloggs2@nhs.net) or accounts that sit in a status of Pending and do not progress to Active.

    Latest Update and Guidance: Although not the sole reason for duplicate accounts and accounts that result in a pending status, the volume of accounts that are included in a single CSV Upload submission is a significant contributor to the the issues being experienced. Likewise, the timing of the CSV Upload submissions can also contribute to a larger volume of issues being experienced during processing. A fix for this issue is currently under review with the expectation that it will be deployed under a future Portal release.

    As a workaround until the fix is deployed, the following recommendations should be followed:

    • Submit files for CSV Upload processing in batches no larger than 1000 accounts per file. If the file contains more than 1000 accounts, you will recieve an error, "Can only upload 1000 users per csv upload attempt".
    • Try to avoid submitting files for CSV Upload during times of day that usage of the Portal is at its peak. Typically this is between 09:00 - 10:30 and between 13:00 - 14:00 Monday to Friday.
    • Avoid re-submitting the same file multiple times

  • Issue Description: When performing a simple search whilst trying to add a user to a Shared Mailbox, a Static Distribution list, or within Admin section (Local Administrators only) the results take an excessive amount of time to return or the search times out.

    Latest Update and Guidance: There is a known issue with the Simple Search options at peak times and this is looking to be optimised in a future Portal release. When adding users to Shared Mailboxes or Static Distribution lists please where possible use the Advanced Search using the email address of the user you are trying to add. Local Administrators have an additional option to support the activities they perform that is impacted by this simple search issue. LAs could run a Mailbox extract (Reports -> Mailbox Report) so they can then identify the users email address in that extract and search for it directly in Advanced Search so the result is found much quicker.

  • Issue Description: There is a known issue with Dynamic Distribution Lists that target a very large volume of recipients whereby a DDL cannot be created or edited due to a timeout error.

    Latest Update - 01/02/2018: A fix was implemented during December 2017 that enabled large DDLs to be created and edited normally and users should proceed to use the Portal user interface to action. However it has been identified that there remains an issue with the creation/editing extremely large DDLs that target more than approximately 21,000 recipients. Whilst a fix for this is being developed, if a new DDL that fails creation or you are unable to edit an existing DDL, please raise a request with the NHSmail Helpdesk quoting the DDL email address and the rule you wish to apply. The DDL will be created/amended as requested by an engineer.

  • Issue Description: When navigating to a Pending Static or Dynamic Distribution List via Profile > Distribution Lists then Administrators may not see the ‘Approve’ or ‘Reject’ buttons.

    Latest Update and Guidance: If you are an Administrator and have a Static or Dynamic Distribution List requiring your review you must find it by navigating to Admin > Distribution Lists. Do not attempt to approve by going via the Profile area.

  • Issue Description: It has been identified that a small number of accounts are getting stuck in the status of either Enabling or Disabling when an account is being attempted to be Enabled or Disabled in the Portal. Problem references PBI700000413347 and PBI700000413348 have been raised to investigate the root cause.

    User Impact: When accounts are stuck in either of these two statuses the Local Administrator will be unable to carry out a password reset or unlock and the end-user will be unable to log into their NHSmail account.

    Latest Update and Guidance: If after leaving the Portal record in the User Management screens and going back into the effected account details the status is still showing as Enabling or Disabling, the Local Administrator should attempt to Disable the account again and wait for confirmation that the action has been successful. If the aim was to disable the account not further action should be required. If the aim was to Enable the account, then the Local Administrator should click on Enable again to complete the process.

    In the event that this process is still unsuccessful then the Local Administrator should log a ticket with the NHSmail helpdesk for support.

  • Issue Description: When an end-user is having difficulty logging into the NHSmail Portal and has tried to use incorrect or expired credentials the account will lock for security purposes after 12 attempts and require support from a member of the Local IT Helpdesk or a Local Administrator to unlock and if necessary carry out a password reset. However, from the point of the last login attempt that has caused an account lock it can take several minutes for the updated account status (Locked) to be reflected in the NHSmail Portal.

    User Impact: If after the number of incorrect login attempts have been made a password reset is carried out prior to the Portal reflecting the Locked status, the account will not be able to be logged into with the temporary password given.

    Latest Update and Guidance: Please can the Local IT Helpdesks and Local Administrators ensure that a minimum of 5 minutes has elapsed from the last login attempt to be sure that the account status has been updated successfully? An interval of more than 5 minutes may be required at peak times. This will ensure accounts are in the correct status before a password reset is performed.

    If it is suspected that an account has hit this issue, the Local IT Helpdesk or a Local Administrator should re-check the account status. If the account showing as Locked, perform an Unlock and if necessary a further Password Reset. If the account is Active, please log a ticket with the NHSmail Helpdesk for further investigation.

  • Issue Description: There will be a delay of 15 – 20 minutes from when a user is removed as a shared mailbox owner to when their access is revoked.

    User Impact: Users will experience a delay from when they remove shared mailbox ownership to when access is actually removed.

    Latest Update and Guidance:

    Users should allow 20 minutes after removing access to a shared mailbox before the change will take place.

Portal Release - 18th October 2018

The following defect fixes and new Portal features were deployed on the evening of Thursday, 18th October 2018:

  • 13901 – PODS - OTP generation for Locum - This PBI will enable an API for generating OTP for Locum users whose GMC number is provided as input and send a OTP invite email to the respective users.

  • 14095 – PODS - IG Toolkit question change - This PBI changes the IG toolkit question and support link in all the PODS UI.

  • 14125 – Locum registration step 0 - This PBI is to develop Locum step 0 that comprises of questionnaire and locum details form.

  • 14126 – PODS - Locum registration step 1 - This PBI will take care of all the task required to complete Locum registration like creating user account, sending welcome email, password on number provided etc. Also sending AUP reminder for Locum users.

  • 14146 – PODS - Locum NPL import job - This PBI will read NPL import file from S3 bucket and import it in DB.

  • 14953 – PODS - NAS Managed flag at Org level - This PBI will add NAS Managed flag is needed to identify the organisations that have NAS support in DB and UI.

  • 13777 – Expose O365 groups on the user details -> Permissions Pages - This PBI allows an LA of a user to view the O365 Team Channels they belong to through the User Details -> Permission pages. The LA can also use this view to remove permissions to that Teams channel for the user.

  • 8259 – Resource Mailbox - Set Auto Booking Response - This PBI aims at allowing LAs to change booking response/calendar processing attribute of Resource Mailbox they have control of. This feature will be available after successful creation of resource mailbox on the edit page, should the LA wish to change this from the default setting.

  • 15781 – DB Changes for Mailbox Hygiene Release 1 - This PBI is a technical pre-requisite in preparation of Mailbox Hygiene Release 1 which is targeted towards the end of the year.

  • There was no bug fix deployed in this release.

Skype For Business Known Issues

The key known issues affecting the Skype for Business desktop / mobile application are outlined below. These known issues are seperated out into Instant Messenging and Presence (NHSmail core service) and Audio and Video Conferencing (NHSmail additional service):

Instant Messaging and Presence

  • Issue Description:'Send a meeting' invite from Skype for Business option does not work for users who have outlook configured on their local machine (both via N3 and Internet)

    Latest Update and Guidance:This is expected behaviour whilst audio and video conferencing is not enabled. Users do not need take any action.

    Steps to re-create:

    1. User right-clicks on a contact in their contact list
    2. User selects ‘Schedule a Meeting’

    This results in no action being taken.

  • Issue Description:Once the address book download is completed (approx. a day across platform), the user can search contacts within their organisaiton and Instant Message each other without having the need to add them in their local contacts list. Only applicable to thick client.

    Latest Update and Guidance:Users should use the full email address for searching for their contacts until the address book download is completed.

    Steps to re-create:

    1. User searches for another user in Skype for Business using only first and surname before full address book sync has completed

    This results in the user receiving the error message ‘Address book synchronizing. Results may not be current.’. The user should search using the full email address when searching for users in the Skype for Business IM window. When searching for any users external to a user’s organisation, they should always search by email address.

  • Issue Description:Users on Windows XP platform will not be able to use desktop clients. To avoid compatibility and latency issue during IM they're advised to use web clients (> IE 9.0)

    Latest Update and Guidance:The product is not compatible with Windows XP. Please refer to the Service Configuration Guide.

  • Issue Description: Users receive an error message similar to “Cannot synchronize address book” or “Skype for Business can’t sync with your organisation’s address book right now”. This address book synchronisation failure is due to a bug in Microsoft Office 2016.

    Latest Update and Guidance: There is a requirement for local IT teams to update MS Office to the latest version to fix this issue. Users should speak with their Local Administrator for further guidance.

Audio and Video Conferencing

  • Issue Description: The Skype for Business mobile application does not support content sharing through peer-to-peer calls when one participant is on a desktop device and the other on a mobile device.

    The issue does not impact Skype for Business meetings but only direct peer-to-peer calls from the Skype for Business desktop application to the Skype for Business mobile application.

    User Impact: Users on a mobile device will be unable to view content being shared on a peer-to-peer call. The user on the desktop will be unaware that the content is not viewable unless the mobile device user notifies them.

    Latest Update and Guidance:

    Guidance for Users: Rather than initiating a peer-to-peer call, the desktop application user should use the 'Meet Now' feature in Skype for Business and invite the mobile user to join the Skype for Business meeting by following the instructions below:

    1. Open the Skype for Business desktop application
    2. Click the drop down arrow next to the settings icon and select Meet Now

    3. Add people to the meeting by clicking Invite More People
    4. Type the name or email address of the person you want to add in the box. Select the correct user from the list and click OK
  • Issue Description: Users who are enabled for Instant Messaging and Presence-only cannot join the audio/video for Skype for Business Meetings. The Skype for Business desktop application will launch and join the call, but no audio/video will be available.

    User Impact: The user is unable to join the audio/video of the audio/video for the Skype for Business Meeting.

    Latest Update and Guidance:

    Guidance for Users: The user should join the call via the Skype for Business web application as a guest. User should follow the instructions below to join as a guest:

    1. Open the Skype for Business Meeting from Outlook / Outlook Web App
    2. If available in the meeting invitation, click Skype for Business Web App as per the screen shot below.
    3. If this link is not available in the meeting invitation do the following;
      • Right click on Join Skype Meeting and select Copy Hyperlink .
      • Open a new browser window
      • Paste the copied URL into the browser box and add ?sl=1 at the end e.g. https://join.nhsmeeting.com/meet/ted.jones/V5T8957J?sl=1
      • Press Enter to open the meeting via the Skype for Business web application.
    4. Click Sign in as a guest to the meeting

    5. Click to download the Skype for Business Web App plug-in if not previously completed

    6. If the meeting does not automatically launch in the web application, click Join the meeting
  • Issue Description: Occasionally, Skype for Business Meetings may not launch due to connectivity issues following clicking the Join Skype Meeting from a meeting invitation.

    User Impact: User is unable to join the Skype for Business Meeting.

    Guidance for Users: Users experiencing this issue should try joining again after 30 seconds. If this issue persists, users should contact their Local IT Support Team for further support.

  • Issue Description: When a user clicks Join Skype Meeting from a meeting invitation, they are directed to meet.nhs.net which subsequently launches the Skype for Business desktop application or web application as appropriate. In some instances, a security log-in will pop up. The user will experience that they are unable to log in using their NHSmail credentials.

    User Impact: The user may occasionally experience a security login pop-up when attempting to join a Skype for Business meeting. If the user attempts to log in, they will receive an error message.

    Guidance for Users: Users should click Cancel when faced with the security pop-up pictured below. Once cancelled, the Skype for Business desktop application or web application should launch successfully.

  • Issue Description: Shared Notes will not be available for meeting participants to view or modify content during meetings if all conference/ call attendees do not have OneNote installed on their PCs.

    User Impact: This may cause some confusion for users as the 'Shared Notes' option will still appear in the desktop application regardless of whether they have OneNote installed or not.

    Guidance for Users: Users are advised to capture meeting notes via a different method or install OneNote to utilise this feature.

General Known Issues and Guidance

This section provides information and guidance on the common issues and questions raised by users of NHSmail. You can use the dropdowns below to show more information on each of the issues

  • Issue Description: There is an issue with Chrome browser where a Zero Width Space (​) character is sometimes prefixed to the body of the email that has been composed via OWA, in Chrome. When the email is then sent, the recipient sees the Zero Width Space displayed as a "?" in the email.

    Latest Update and Guidance: This occurs only while using the Chrome browser which is being investigated by Chromium under the bug 578155. The workaround is to access OWA via browsers other than Chrome such as Internet Explorer or Firefox if this is seen to be causing an issue for end users.

  • Issue Description: Users who administer a large number of contacts across multiple organisations can get an error when searching for contacts if their search isn’t narrow enough as the amount of data returned from the search is too large.

    An example of the error message received is as follows:

    Latest Update and Guidance: Narrowing the search using the Advanced search filters allows results to be displayed. For guidance on narrowing down the search, please see 'Advanced Search' section in the LA Admin Guide.

  • Issue Description: Some government organisations have tested turning off the family domain ‘GCSX’ on 29th June 2018 and this resulted in some organisations being unable to send emails to some email addresses ending .gcsx.gov.uk since then.

    Latest Update and Guidance:This is in preparation for the retirement of the .gcsx.gov.uk domain in March 2019 (https://www.gov.uk/guidance/securing-government-email). If you experience similar issues whereby you are unable to send emails to a local government organisation, then please inform them that you are not able to send emails to their .gcsx.gov.uk email address and to determine the best alternative means of communication.

  • Issue Description: Outlook performance issues with folders in secondary mailbox.

    Latest Update and Guidance: Perfomance issues may be noticed with folders in secondary Microsoft Exchange Server mailboxes in Outlook 2016, 2013, 2010 and 2007 versions. New items may not appear or seem missing in secondary mailbox, deleted items may still appear in secondary mailbox or Outlook keeps crashing erratically. To solve these issues, please follow the guidance availabe in the Microsoft KB article.

  • Issue Description: Outlook performance issues when many shared folders or mailboxes are open. Additionally, users may encounter an error message when making changes or additions to a calendar, such as:

    "You don't have permission to create an entry in this folder. Right-click the folder, then click Properties to check your permissions for the folder. See the folder owner or your administrator to change your permissions."

    Latest Update and Guidance: It is a known issue within Outlook that an error occurs when making changes or additions to a calendar. The recommendation by Microsoft is to have 5 shared folders or mailboxes, but on a faster connection this can be as high as 10 or more. For more details please follow the Microsoft KB article.

  • Issue Description: All the folders of a mailbox do not load or appear in Outlook.

    Latest Update and Guidance: It is a known issue with Outlook that all the folders do not load or appear if there are too many folders within the mailbox. If there are more than 500 folders in the mailbox, it is likely to cause performance issues in Outlook. More details can be found in the Microsoft KB article.

  • Issue Description: When accessing email (OWA) from the portal via Safari 11.1 on MacOS High Sierra, users receive an error message as shown below and when accessing email (OWA) from the portal via Safari 11.1 on iOS, users get a bank screen.

    An example of the error received on MacOS is as follows:

    Latest Update and Guidance: The root cause of the issue is currently being investigated. As an interim workaround for MacOS and iOS, please follow the below:

    • For MacOS - Logout and clear cookies, then go to email.nhs.net directly (bypassing the portal) or use an alternate browser such as Chrome.
    • For iOS - Click the blue email icon (as shown below) after logging in to the portal www.nhs.net to access email.

  • Issue Description: When attempting to send an email to an existing address, a non-delivery report is received stating that 'The message wasn't delivered to anyone because there are too many recipients. The limit is 0. This message has 1 recipients'.

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance: This kind of non-delivery report is received when the user sends email without agreeing to the AUP and setting security questions in Portal. Users need to accept the AUP and set security questions before being able to send emails – otherwise will receive this error when sending emails.

  • Issue Description: Although users are either correctly set up as members of shared mailboxes, or delegates with ‘Send As’ rights to user mailboxes in the Portal they still receive the following message in a non-delivery report when sending from the account in the Outlook Client, getting the error message as :

    "This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user."

    Latest Update and Guidance:This issues occurs when using an auto-complete entry that already resides in the Outlook Client auto-complete cache, and this needs to be removed and replaced with the 'From' mailbox selected directly from the Global Address List (GAL). Please attempt the following steps to resolve the issue:

    1. Go to the inbox of the shared mailbox you wish to send an email from in the Outlook Client.

    2. Click on 'New Email'.

    3. Click on the 'From' drop-down button and it should show user's personal nhs.net email address along with possibly the shared mailbox email address user is trying to send from. If the shared mailbox exists in the list click on the X next to the email address to remove the auto-complete entry. If the shared mailbox is not in the list, go to step 4.

    4. The 'From' drop-down list should persist, so click on the 'Other Email Address..' option.

    5. Rather than starting to type in the email address, click on the 'From' button to bring up the GAL.

    6. Find the shared mailbox in the GAL and double-click on it. The GAL will disappear and populate the 'From' box.

    7. Ensure that the 'Send Using' option is showing as your personal nhs.net email address.

    8. Click on 'OK'.

    9. Try to send an email.

  • Issue Description: When attempting to send an email to an existing address stored in your email auto-complete selection list, or a new email address typed in manually, a non-delivery report is received stating that 'The email address you entered couldn't be found. Please check the recipient's email address and try to resend the message. If the problem continues, please contact your helpdesk.'

    An example of the message received within the non-delivery report is as follows:

    Latest Update and Guidance:

    This kind of non-delivery report is typically received due to one of two reasons.

    • Firstly, the email address may have been typed incorrectly. Please double-check the email address you are sending to. If it is an NHSmail address, try adding the address from the Global Address List (click on the 'To...' button within the Outlook Client). If it is an nhs.uk address or an email outside of the NHS, please re-confirm with the recipient that the address you are sending to exists.
    • Secondly if looking further down the non-delivery report you see a message similar to the example below it is likely that the issue is caused by a corrupt auto-complete entry in the Outlook Client software which is easily corrected. Follow the guidance below to help correct this issue.

    Please follow the steps below to remove the auto-complete entry and then find the distribution list within the Global Address List (GAL):

    • Begin typing the name of the distribution list you want to use into a blank email within the Outlook Client software and you will see the auto-complete option similar to the following:

    • Click on the black cross to remove the entry from your Outlook Client auto-complete library.
    • Click on the To: button within the new email to access the Global Address List.
    • Type in the name or email address and click ‘Go’. Note: ensure that the ‘More columns’ radio button is chosen as shown in the example below which will search the email address column too.

    • Click the ‘OK’ button to return to your email. You should now be able to send successfully to the email address.

    In the event that this guidance does not resolve the issue, then please raise a ticket with your local IT Helpdesk or alternatively the NHSmail Helpdesk for additional assistance on this issue.

  • Auto-mapping is the automatic addition to the Outlook Client of any delegate or shared mailbox a user has security permissions to. The auto-mapping of mailboxes that a user has permissions to is enabled by design across the NHSmail platform. 

    The auto-mapping of accounts cannot be disabled on a per user basis, or across specific organisations. Mailboxes will be removed when the user’s permissions to the mailbox are also removed via the Portal by the mailbox owner or a Local Administrator. This decision has been taken to assist users with the adding of mailboxes they have permissions to access automatically rather than have to add mailboxes manually and to prompt the removal of the mailbox permissions after they are no longer required by the user.

  • When using the Outlook Client software connected to a local organisation domain, users should be aware that when prompted for NHSmail login credentials Outlook by typically offers the local domain username and only requests a password. NHSmail users should check closely the username that is being offered and if it is not your NHSmail email address choose the 'Use a different account' option to allow you to type in a replacement username (your NHSmail email address) and then add your NHSmail password.

    Likewise, when adding an NHSmail account to the Outlook Client for the first time the software defaults to the local domain username when following the account setup wizard. To add your NHSmail email address, simply start deleting characters from the email address text box and the window will expand to allow you to enter your NHSmail credentials.

  • Issue Description: The NHSmail Service experiences periodic issues relating to blacklisting. This is where external email and spam filtering services block email being sent from NHSmail to other email providers.

    Real Time Blacklists (RBL) is a measure employed across the industry to identify and block unsolicited (spam/phishing) email. There are thousands of RBL services operating using their own business rules. RBL services operate reactively and automatically blacklist network addresses. Receiving systems (e.g. other email providers) will typically check incoming email against one or multiple RBL provides. If the email is being sent from a listed system, the email is then rejected by the recipient system. Due to this, email to and from the Internet is never guaranteed for delivery.

    The NHSmail 2 Email Gateway has been designed to minimise the occurrences of RBL listing. Despite all the active design improvements there is still a residual risk that email across the Internet (i.e. to external domains such as Gmail) cannot be guaranteed for delivery. Proactive monitoring is in place to identify when blacklisting occurs to ensure the NHSmail Team can respond as quickly as possible to apply for de-listing. The de-listing process is dependent on third party organisations’ process and can take several hours for the process to complete.

    User Impact: Users may receive a non-delivery receipt following trying to send an email to an external email domain - for example, firstname.lastname@gmail.com. Email sent to external domains that block NHSmail will not be received by the recipient.

    Guidance for Users:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. Users do not need to report these issues to the NHSmail Helpdesk.

    Guidance for NHSmail LOAs:

    The NHSmail Team continue to work with the third party providers to apply for de-listing. This can take several hours for resolution. LOAs do not need to report these issues to the NHSmail Helpdesk.

    If your organisation relies on sending or receiving email to and from the Internet, you should ensure:

    • You know which systems rely on sending and receiving email to and from the internet and the business impact for each system if email is blocked
    • Have a business continuity plan in place for business critical services
    • You have monitoring systems in place to detect message delivery issues
    • Your systems have the ability to re-send messages that have not been delivered both individually and in bulk
    • Those sending you email also have the ability to re-send messages that have not been delivered both individually and in bulk
    • Your organisation is able to sustain not being able to send or receive email for up to four days to/from internet addresses
    • Where you have a reliance on time critical guaranteed communication you should have alternative methods of communication in place such as system to system electronic data interchange N.B. SMS messaging is not a guaranteed or secure delivery method
    • Outgoing email is scanned for spam and antivirus before being sent

    Guidance for External Email Services (e.g. NHS.UK and secure government email services):

    It is highly unlikely that email delivery between NHSmail, secure government email services and N3 hosted NHS.UK email services will ever be impacted by blacklisting. However, we recommend that organisations whitelist the previously provided and current NHSmail deliver IP address to avoid receipt issues from NHSmail. This will reduce the residual, highly unlikely, risk of NHSmail being blocked by local reputational databases.

  • Issue Description: Based on feedback from our userbase, the NHSmail Service will be introducing controls in the future to prevent spoofing. This is where emails are sent to NHSmail pretending to be from an "@nhs.net" account, but are in fact not. As an interim measure, emails that are spoofing the Service will not be blocked, but will be stamped with the following message:

    There are no further configuration changes to email authenticity controls at this time. Advance notification and guidance will be provided to organisations prior to any restrictive measures being introduced.

    User Impact: Where an email is being sent to a user that is pretending to come from an NHSmail account, the email will be stamped with the message shown above.

    Latest Update and Guidance:

    Users do not need to take any action on these notifications. They are provided for informational purposes only by the NHSmail Team.

  • Issue Description: Some users are experiencing issues using the 'Autodiscover' function when adding NHSmail to Windows 8 and Windows 10 phones. The root cause is being investigated by the support teams. In the meantime a workaround available to manually add the account.

    Guidance for Users on Windows 8:

    To add an NHS email account to Windows phone 8, do the following:

    1. Select Settings.
    2. Scroll down and select ‘email+accounts’.
    3. Select ‘add an account’.
    4. Select ‘Exchange’.
    5. Enter your NHSMail email address in the ‘Email address’ field.
    6. Enter your NHSMail password in the ‘Password’ field.
    7. Select ‘sign in’ at the bottom of the screen.
    8. If this fails, press ‘sign in’ again.
    9. At the next screen, select ‘advanced’
    10. In the ‘Server’ field enter eas.nhs.net
    11. Select ‘sign in’
    12. Close Settings.

    Guidance for Users on Windows 10:

    To add an NHS email account to Windows phone 10, do the following:

    1. Select Settings.
    2. Scroll down and select ‘Accounts’.
    3. Select ‘Email app accounts’.
    4. Select ‘Add an account’
    5. Select ‘Exchange’
    6. Enter your NHSMail email address in the ‘Email address’ field, select Next
    7. Enter your NHSMail password in the ‘Password’ field.
    8. Select ‘sign in’ at the bottom of the screen.
    9. If this fails, press ‘sign in’ again.
    10. At the next screen, select ‘advanced’
    11. In the ‘Server’ field enter eas.nhs.net
    12. Select ‘sign in’
    13. Close Settings.

  • Issue Description: NHSmail users may experience reduced user interface performance whilst using the premium version of OWA with the IE8 browser via www.nhs.net. Refer to the Browser Version Guidance if you are unsure of which version you are using.

    It is recommended that those users who still need to use the IE8 browser to access NHSmail make use of the OWA Light user interface to avoid encountering issues. Some functions are not available in OWA Light, such as access to Shared Folders. You can find more information on the available functions in OWA Light in the Browser Comparison Guide.

    To Enable or Disable OWA Light with IE8:

    1. Click on the Settings icon at the top right of the screen and select Display Settings

    2. Select the ‘Outlook Web App version’ option then check the ‘Use the light version of Outlook Web App’ tick box.

    3. Finally, click on the ‘OK’ option at the top of the screen. You will then need to log out and log back into OWA to experience the light version.

  • Issue Description: Compatibility issues have been identified when using Outlook 2010 service pack 2. This issue mainly impacts organisations running Windows XP desktop machines, but compatibility issues may still be seen with later operating systems when running Outlook 2010 SP2. Organisations should be aware that Windows XP is no longer supported by Microsoft. This means that this software is no longer tested when new software is released and is not provided with important security updates by Microsoft.

    User Impact: Users are continually prompted to enter their username and password even if they have enter the correct credential information, as per the screenshot below:

    Latest Update and Guidance 1/12/2017:

    Guidance for Users: Users should contact their local IT support desk for guidance on this issue. As a workaround, users can access NHSmail using Outlook Web App at www.nhs.net.

    Guidance for LAs / Local IT: Organisations have a number of options :

    1. Ideally upgrade to Outlook 2016 or at a minimum Outlook 2013 SP1

    2. Where upgrading is not possible organisations running Outlook 2010 Service Pack 2 and connecting via MAPI over HTTP should also deploy the hotfixes referenced by the following Knowledgebase articles;

    3) Where it is not possible to deploy the patches organisations should use Outlook Anywhere to access email.

NHSmail Service Level Performance Summary

This section publishes a summary of Accenture's monthly performance against the service levels agreed with NHS Digital to provide the NHSmail service. Each month's performance summary is provided in PDF format and available for download using the links provided in the table below If you have any questions or queries related regarding the published performance summary information please contact feedback@nhs.net.

Month Performance Summary Link
August 2018 Link
July 2018 Link
June 2018 Link