GT Email FAQs

July 5, 2016

What is Email Forwarding for Life (EMFL)?
The Georgia Tech Alumni Association offers a lifetime email forwarding address to Georgia Tech alumni who have a pre-established email account with a third party.

Who is eligible for EMFL?
Any student who has completed at least one semester and who leaves Georgia Tech on good terms is considered an alum and is eligible for EMFL.

How is email forwarding different from regular email?
Email forwarding simply forwards email to an already established email account. The main difference between an email forwarding alias and an email account is that the alias does not come with storage space for messages. Email forwarding works with an email account by forwarding messages sent to an alias to the email account specified as the forwarding address.

Can I use EMFL without an email account?
No. There must be a pre-established third party email account where messages can be forwarded.

Does email forwarding delay delivery of email?
Under most circumstances, no. However, messages may be delayed slightly if the Georgia Tech email servers have trouble contacting the third party servers where messages are forwarded.

How many EMFL aliases can I have?
Each subscriber can set up one self-assigned email alias.

If I never use my EMFL alias, will it go away?
Yes. The Alumni Association regularly disables EMFL aliases that are not being used and generate consistent hard bounces (undeliverable returned email) from invalid forwarding addresses.

Can disabled EMFL aliases ever be claimed by someone other than the original owner?
No. Disabled EMFL aliases can never be claimed by anyone other than the original owner to prevent impersonation and identity theft.

Will my EMFL alias be kept private?
EMFL subscribers may periodically receive email communications from the Alumni Association, Georgia Tech, and/or affiliated organizations. The Alumni Association and Georgia Tech will take reasonable steps to protect the privacy of EMFL subscribers, including but not limited to, not making EMFL aliases available to any non-affiliated organization.

What policies govern the EMFL service?
The Georgia Tech Email for Life policy was originally established in 2006, and it addresses eligibility criteria and proper use of EMFL services provided by Georgia Tech, while recognizing that the Terms of Use for the service may change periodically.

I'm a graduating senior or recent graduate. Does EMFL mean I can keep my "My GaTech" email account?
No. Students lose access to the My GaTech/Zimbra/Office 365 service after having been away from Georgia Tech for more than one full semester. Prior to expiration, graduates should download their email from My GaTech via IMAP to a third party email account or desktop email client. It is important to then visit the PASSPORT site and update the forwarding address a third party email account.

I'm a graduating senior or recent graduate. I've been forwarding my campus email to a third party email account since I started attending Georgia Tech. Will that forwarding address continue to work for EMFL?
Yes and no. Students who forward email to two locations (a third party email account as well as their My GaTech account) will need to update the forwarding address by visiting the PASSPORT site. This is because the student's account will expire one full semester after graduation, and will cause hard bounces (undeliverable returned email) to be generated from the alias, even though the third party email account is valid.

How do I establish an EMFL alias?
To establish an EMFL alias or change the email address where an alias forwards, please visit the PASSPORT site:

  1. Log in, and click on the "Email Aliases" link on the left hand side under the "Email" section.
  2. Under the section labeled " alias" click on the button labeled "Edit destination."

How do I change the email address where my EMFL alias forwards?
To establish an EMFL alias or change the email address where an alias forwards, please visit the PASSPORT site:

  1. Log in, and click on the "Email Aliases" link on the left hand side under the "Email" section.
  2. Under the section labeled " alias" click on the button labeled "Edit destination."

Can EMFL forward to multiple email addresses?
No. For each EMFL alias, messages can only be forwarded to one unique forwarding address.

I already have an alias. Can I get an alias instead?
Yes. To establish an EMFL alias or change the email address where an alias forwards, please visit the PASSPORT site:

  1. Log in, and click on the "Email Aliases" link on the left hand side under the "Email" section.
  2. Under the section labeled " alias" click on the button labeled "Edit destination."

Can I send FROM my EMFL alias through my ISP?
In some cases, yes. However, some ISPs such as Gmail have recently implemented anti-spam measures and policies such as Domain-based Message Authentication, Reporting & Conformance (DMARC) such that you will be unable to send from your alias without mail server credentials.

Officially Georgia Tech does not currently have a plan in place for providing external SMTP-Auth. However, messages sent to your EMFL alias will continue to be delivered to your inbox.

I use Gmail, and received a warning that my EMFL messages aren't secure/encrypted.
For a full explanation of this Gmail feature, please visit the Official Gmail Blog post titled "Making email safer for you" dated February 9, 2016.

Since Google implemented this new feature, we have received a handful of questions from alumni on the topic. (Rightfully so, as this is part of Google's intention here - to point out to its users when others are not using encryption in transit so the community can pressure them into employing TLS). The mail infrastructure for email forwarding is maintained by the Institute. TLS encryption in transit for email messages will be an included suggestion in planning for the next round of infrastructure changes to the campus mail routing architecture.

Is EMFL filtered at the server for spam?
Yes, to a degree. Georgia Tech performs some server-side filtering on all mail passing through its servers to prevent malware infections from being spread and to block phishing attempts. However, blocking of messages for EMFL aliases is only performed if the message is 90% likely to be spam because it is very difficult to catch only the bad stuff. The Association does not want to risk blocking subscribers' legitimate messages.

Occasionally, enough spam does get through, and ISPs will block Georgia Tech domains. In extreme cases, ISP blocking may cause a delivery backlog or delay. Georgia Tech is proactive about taking steps to remove blacklists placed on the email forwarding servers by independent ISPs as it becomes aware of them, but assumes no responsibility for these acts or results thereof.

How can I filter EMFL against spam on my own?
Georgia Tech's email servers perform "tagging." Every email message passing through the servers is evaluated across several factors, and then tagged with an overall score between 0% (not spam) and 100% (definitely spam). The hidden email headers of any EMFL forwarded message will contain a line that reads: "X-GT-Spam-Rating: #####". The pound characters correspond with the spam score of the message. In the example here, the spam score contains five-pound characters, and is rated at 50% (likely spam).

Many email clients and services allow filtering by keywords in message headers. EMFL subscribers can use the GT-Spam-Rating tag to set client-side spam filters that are more effective than blacklisting subjects or senders. One only needs to block anything with the keywords "X-GT-Spam-Rating: #####" and fine-tune the sensitivity of the filter by increasing or decreasing the number of pound characters.

Additionally, alumni can help improve spam tagging by forwarding received spam messages *as attachments* to

What is phishing?
Phishing is the attempt to fraudulently acquire valuable information such as usernames, passwords, and credit card details by using email or other communications to impersonate a trustworthy entity. These messages typically pose as if they are from companies of frequently-used and popular services such as Apple, American Express, Intuit, UPS, and US Airways, to name a few.

I received a phishing message. How can the Alumni Association have allowed its EMFL database to be hacked?
In recent years, everyone with an email address has been subjected to spam and phishing attempts, and EMFL subscribers are no exception. Given that Georgia Tech is a leading technology Institution, it is a large target for frequent phishing attempts. All EMFL aliases are part of the Institute domain space and will unfortunately have large amounts of spam being delivered.

While common security principles dictate that no system is ever 100% secure, the fact that alumni are receiving phishing messages does not imply that the Association's databases or email systems have been compromised.

It is difficult to know exactly how spammers collect addresses because there are many different techniques. Popular methods include using bots (automated programs to look through various kinds of Internet traffic and harvest email addresses), and dictionary attacks (systematically sending email messages to common names or words used in email addresses).

How can I identify a phishing message?
Common phishing methods include:

  • Forged email addresses – Don't reply to unsolicited email and don't open email attachments. It is easy for spammers to create fake email headers, so never assume an email is real by looking at the addresses. One might be able to spot fake addresses by checking for misspellings, but this method isn't foolproof.
  • Fake hyperlinks – When in doubt, never click on a link in an unsolicited or suspicious email message. Scam email messages can contain hidden links to fraudulent websites asking you to enter your login and account information. If an email threatens you with account closure if you don't log on soon, you could be the target of a phishing attack. You may be able to tell if a link is real by hovering your mouse cursor over it and looking at the bottom of your browser to see the hidden URL — it will look different than the one you see on the surface.
  • Fraudulent websites – Phony websites mimic real sites by copying company logos, images, and site designs. Malicious webmasters can also use HTML, Flash, or Javascript to mask or change a browser address. If you must visit a financial or banking site, type its known address into the URL bar manually and use an updated browser with anti-phishing plug-ins or extensions that can warn you about forged, high-risk sites. Additionally, you may want to consider making use of a Live CD exclusively for online banking.

How can I protect myself from phishing attacks?

  • If you suspect you have received a phishing email message, please forward it *as an attachment* to This will help refine system message scanning.
  • Never respond to email messages asking for account, password, banking, or credit card information.
  • Do not open attachments or click any hyperlinks.
  • Do not respond to text or voicemail messages that ask you to call a number and enter your account number and pin.
  • Make sure you use antivirus software, keep it updated, and scan your system regularly.
  • Make sure you use an updated web browser that includes anti-phishing security features.
  • Make sure you stay up-to-date on the latest releases and patches for your operating systems and critical programs. These releases are frequently security related.

Who can I contact if I have further questions?

If you have a question or concern not listed here, please contact