Skip to content

FAQ Mail

What are the host names of the IMAP and SMTP servers?

  • IMAP or

  • SMTP

Visit the page for iOS or Android for more information about email-client configuration settings on your mobile device.

How to set a vacation message/auto-reply (out of office)?

Use Webmail to set your vacation message/auto-reply (out of office):

  1. Login to the webmail client
  2. Select Preferences, select Mail
  3. Choose Vacation
  4. Check the box Enable vacation auto reply
  5. Compose your auto reply message
  6. Set the appropriate information like in the example screenshot
  7. Save by clicking on the green circle with the white disk icon at the top right.

How to set mail forwarding?

Use Webmail to configure forwarding your mail.

  1. Login to the Webmail client
  2. Select Preferences, select Mail
  3. Choose Forward
  4. Check Forward incoming messages
  5. Enter email addresses
  6. Check Keep a copy in case you want to save your mail in your inbox as well.
  7. Save by clicking on the green circle with the white disk icon at the top right.

Use caution when forwarding email

Forwarding email is primarily meant to forward to another internal address (e.g. a colleague for when you are on holiday). External email providers are increasingly rejecting email that was forwarded without the explicit permission of the sender's organisation. Your forwared message might get dropped. Always keep a copy to guarantee you are not losing any messages.

Note on GDPR & external providers

Forwarding email to an external provider may be in violation of the GDPR privacy law. If a forwared email contains personal information about others (name, email, telephone, address information, pictures), it should not be forwarded without the senders consent. Please ensure compliance with GDPR before activating an email forward rule to an external provider.

Can I import my Nikhef mail to my Gmail?

No, you may not. Sharing your Nikhef SSO password with Google is a violation of our Acceptable Use Policy ). Letting Google retrieve emails from our mail server using your account, is not allowed.

How to define mail delivery filter rules?

Use Webmail to define the filter rules for the delivery of the mail in your mail folders:

  1. Login to the Webmail client
  2. Select Preferences, select Mail
  3. Choose Filter
  4. Enter a filter name and rules in the entry box and click OK when you're done.
  5. Save by clicking on the green circle with the white disk icon at the top right.
  6. You can also edit and delete filters after they have been created.

Note: Be aware of the sequence of the rules in the folder. For instance do not put your spam filtering rule at the end of the list.

The filter rules are transferred to the server and become active globally.

Can I use the Nikhef address book in Webmail?

Yes, the Nikhef address book is available in the Nikhef Webmail, you do not have to configure anything. The Nikhef address book is provisioned by the LDAP directory service and contains all active Nikhef computer accounts.

Do we have a spam filter?

We have an external party—SURFmailfilter—who provides spam and other mail filtering. You can find a lot of information about what they do and how it works on their SURF Wiki (in Dutch).

What to do with SPAM-tagged mails?

The SURFmailfilter takes a decision to tag a mail as SPAM or not. You can decide what to do with SPAM-tagged mails: nothing, store in folder or throw away.

  • Do nothing: easy, mails labelled with ***SPAM*** in the header will be stored in your Inbox folder.
  • Store in a folder: create a mail-filter rule which delivers emails labelled with ***SPAM*** in the header into a spam folder.
  • Throw away: create a mail-filter rule which delivers emails labelled with ***SPAM*** in the header into the special folder /dev/null.

Can I configure block and allow lists for incoming mail to my account?

No; we have an external party for that. You can, however, create your own filters as listed above.

Does Nikhef filter my mail sent to the outside world?

Yes it does to block unwanted malicious mail from your account to destinations outside Nikhef. Have a look for more details.

What is the biggest file I can send via email?

The maximum message size, including attachments, for incoming and internal mail messages is set to 20MB.

In the case you want to deal with larger attachments it is recommended to use a web-based file transfer service like Filesender (recommended) or WeTransfer.

How do I to create a mailing list?

Nikhef has a Mailman server. Contact the Helpdesk to create one for you. Check Mailing Lists page for instructions.

What are the login from unusual locations messages?

What is this message: Login of Your Name (login name) to Nikhef from an unusual location: Country?

A major problem in IT security is compromised user accounts. This happens through phishing, customer database breaches at large companies, spreading incidents in collaborating infrastructures, etc.

Unless attackers execute actions that trigger alarms (ex. bulk spam mail), it is difficult to detect that an account has been compromised.

To address this problem CERN, Google, Apple and others have implemented tools that helps their users detect potentially malicious logins to their accounts.

Nikhef provides this functionality through the: Login from unusual location warning system.

How it works

When you connect to Nikhef services over the internet, the warning system checks if the remote IP address used to sign in to Nikhef is from a known/trusted pool of IP addresses.

If the remote IP address/user account combination is unknown to the system, it sends a mail to the user, with the time and place (geographical location remote IP) of the sign-in. If you do not recognize the time/remote IP location you are then asked to contact Nikhef-Helpdesk.

If you do not react, the system will automatically add domain of the IP address stated in the warning message to the trusted pool.

At the beginning you will receive a few mails from the warning system, in particular if you are using Nikhef mail on your mobile devices (phones, tablets, etc). The mails will get less once the usual domains have been added to the trusted pool for you.


  • You are working behind your desk at Nikhef and receive a warning mail that your account was used from Bangkok to read email. Since you are not in Thailand at that moment, apparently someone else has logged in with your credentials. You should report this as soon as possible to the CT Helpdesk or Please forward the warning email that you received because the information in the mail headers is important. See Security Incidents for more informtaion.
  • You are traveling to a hotel in Rome. In the train between the airport and the hotel you are reading email via your smartphone. You may receive an email that your account was used to connect from an Italian mobile network operator. This is correct and you don't need to take any action. After arriving in the hotel you connect to the WiFi and read email again. You will receive another warning message because this hotel is a new location. Again, you don't need to take action. The next day you connect again via the hotel WiFi to read your email. This time you will not receive a warning message because the hotel's WiFi network has been registered as known origin.
These warning mails have the following content:
[English follows Dutch]

Geachte Erika Mustermann,

U, of iemand die zich als u voordeed, heeft ingelogged vanaf onderstaande
locatie. U ontvangt deze waarschuwing omdat het de eerste keer is dat u vanaf
deze plek inlogde. Wilt u controleren of u het inderdaad zelf was die
hiervandaan inlogde? En zo niet, ons - de Nikhef helpdesk op telefoonnr 2200,
zie onder - onmiddellijk waarschuwen?

  Eerste verbinding op: Aug 31 12:55:21
  Verbinding vanaf:     SURFsara Science Park Watergraafsmeer (WTCW)
                        Amsterdam, Netherlands
               (unknown, no name given!)
  Gebruikte dienst:     Email reading (with an IMAP client)

Is de verbinding inderdaad door u gemaakt?

- als dat NIET ZO IS:
  dan is er op uw account <login_name> waarschijnlijk ingebroken.
  Neem direct contact op met de Nikhef helpdesk, op telefoonnummer
  020 592 2200, of stuur een mail naar security .at.

- was u dit WEL:
  u kunt deze mail negeren. U krijgt dan geen verdere meldingen
  van ons over onze diensten die u vanaf deze locatie gebruikt.

Heeft u nog vragen of opmerkingen, stuur die dan naar security .at.

Bij voorbaat dank!
  Nikhef helpdesk en de computer security groep.

------------------------------------------------- QfU0FUoA4p on gallego ----

Dear Erika Mustermann:

We have noticed that you, or someone pretending to be you, logged in
from the location detailed below. You receive this warning as it's the
first time we've seen you login from there. Please check if it was
indeed you. If it was not you, contact us immediately (call or mail
to the address below).

  First connection:  Aug 31 12:55:21
  Connection from:   SURFsara Science Park Watergraafsmeer (WTCW)
                     Amsterdam, Netherlands
            (unknown, no name given!)
  Connection to:     Email reading (with an IMAP client)

Please CHECK that this connection was really made by you:

- If NOT:
  Your account <login_name> has most probably been broken into.
  Immediately contact the Nikhef helpdesk at phone number
  +31 20 592 2200, or mail to security .at.

- If YES:
  then please ignore this e-mail. You will not get another
  e-mail notification for any of your sessions from the domains listed
  above (also not for other services you access from there).

If you have any questions or comments please contact us at security .at.

Thank you for your collaboration,
  Nikhef helpdesk and security team.

Why we have it

We noticed that most of the connections to compromised Nikhef accounts came from locations the affected user had no relation to and therefore would have been recognized by the user to be suspicious. With this tool you can improve the security of your Nikhef account. Please do not ignore the messages and check the important bits of the warning messages (First Connection / From / Service or Eerste verbinding /Verbinnding van af / Gebruiktedienst).

This has been proven to be a very effective method to detect compromised accounts by our colleagues at CERN.

I received a warning email and I am not sure whether I connected from that location. What should I do?

In case of doubt, contact the Helpdesk or send an email to

I don't like these emails. Can I unsubscribe from this service?

No, it is not possible to unsubscribe. Compromised accounts can be hard to detect, whereas their damage is quite expensive.

Why do I receive so many warning emails?

The system sends an email the first time you connect from that network. After a while, networks are registered as known (trusted) locations and you will receive fewer emails.

Everyday I read my email from my mobile phone using the 3G/4G network. Will I receive an email every day?

No, you may receive a warning the first day, but after that the network is a known location. However, this depends on the correct registration of the "owner" of the network (IP block). If a mobile provider uses various network blocks that are registered to different parties, you may get more than one email. Unfortunately, we cannot prevent that from happening.

During my visit to I did not receive a warning email. How is that possible?

Either you have visited before, or you connected from one of the white-listed networks for which no warnings are sent (such as certain mobile phone networks or frequently visited institutes).