You think you have received an email with spam or malware etc. from TU Graz?
Of course this is possible, but it is quite unlikely. Up to this point, except for a few emails sent via phished accounts, all emails (i. e. the sender) were fake.
Did someone complain that you sent him an email with spam or viruses?
Of course, your computer could be infected with "malicious code" or malware (= viruses, Trojans, worms, …) and send emails unnoticed by you, but it is more likely that on another system your email address is specified as the sender address (forging the sender address without a digital signature is very easy!).
Even if you receive an email that you are not sure really comes from TU: if possible, analyze the header yourself (see below) or ask your IT officer. If you are unsure, he or she can also ask the postmaster: asking once too often is less harmful than passing on too much data once too often!
Since Oct. 1th 2021 we have activated SPF/DMARC, i. e. email servers that support this will no longer accept emails with forged TU Graz addresses or will only accept emails with TU Graz sender addresses if these emails were sent via the relay servers of TU Graz. If you still send emails with a TU address via an external server by mistake, you will receive a warning from mailgate@tugraz.at.
You Seem to be the Sender Yourself?
In waves it happens again and again that addresses of Graz University of Technology are misused as senders in spam emails. This is exactly what SPF/DMARC is for. If you receive complaints, please inform the complainants that their provider should use SPF/DMARC.
However, if the analysis of the header of the email shows that the email was indeed sent via one of the SMTP servers of Graz University of Technology, please contact ZID immediately, because this means that an account of Graz University of Technology (does not necessarily have to be your account) has been taken over.
Example of a Part of an Email Header
Received: from [some IP address] (helo=something.tugraz.at) by some host with smtp (some MTA) … Received: from some other server ([some other address]) by some other host with … Reply-To: <something@sonething.tugraz.at> Date: … Message-ID: <some (invalid) message ID> From: <something@something.tugraz.at> To: <your@mail.address> …
Received: from MBX00n.tugraz.local (129.27.x.y) by MBX00n.tugraz.local (129.27.x.y) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1466.3 via Mailbox Transport; Mon, 7 Jan 2019 09:13:37 +0100 Received: from MBX00n.tugraz.local (129.27.x.y) by MBX00n.tugraz.local (129.27.48.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1466.3; Mon, 7 Jan 2019 09:13:36 +0100 Received: from MBX00n.tugraz.local ([fe80::2861:8e5:5ef1:50a0]) by MBX00n.tugraz.local ([fe80::2861:8e5:5ef1:50a0%3]) with mapi id 15.01.1466.003; Mon, 7 Jan 2019 09:13:36 +0100
Received: from exchange.tugraz.at (exchangelg.tugraz.at [129.27.2.220]) by mailrelay.tugraz.at (Postfix) with ESMTPS id 43Yq2G5T7lz3wGN for <Ihre Adresse>; Tue, 8 Jan 2019 11:56:38 +0100 (CET) … Received: from MBX00n.tugraz.local (129.27.x.y) by MBX00n.tugraz.local (129.27.48.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1466.3; Tue, 8 Jan 2019 11:56:38 +0100 Received: from MBX00n.tugraz.local ([fe80::a006:9678:a370:a44b]) by MBX00n.tugraz.local ([fe80::a006:9678:a370:a44b%2]) with mapi id 15.01.1466.003; Tue, 8 Jan 2019 11:56:38 +0100
Received: from wo.auch.immer (wo.auch.immer [a.b.c.d]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 43YpF30Lpjz1DDZ1 for <Ihre Adresse>; Tue, 8 Jan 2019 11:20:54 +0100 (CET)
Received: from server.tugraz.at (server.tugraz.at [129.27.x.y]) by mrelay.tugraz.at (Postfix) with ESMTPSA id 43Y78w4wTKz2XXls for <Ihre Adresse>; Mon, 7 Jan 2019 09:00:00 +0100 (CET) … Received: by server.tugraz.at (irgendein MTA, from userid nnn) id 5B1F0AA2216; Mon, 7 Jan 2019 09:00:00 +0100 (CET)
Examine the Header of the Fake Email More Closely
