Contents Background Central Email Spam Filtering Policy Central Email Forwarding Policy and Procedures Retention of Deleted Email Email with Forged Header Information Email: User Responsibilities Email: Public Records, E-discovery, and Privacy/Security Background The purpose of these policies is to Ensure that adequate resources are available to all of our account holders to carry out their academic and professional responsibilities Provide a proactive central spam filtering service for the UB community Prevent situations where non-UB email providers block the delivery of all UB email to their systems. Inform users of their responsibilities in using the central email system Inform users about the release of email as public records under New York State Freedom of Information Laws and the release of email under new federal e-discovery rules Central Email SPAM Filtering Policy In order to manage spam proactively, all new central email accounts will be created with spam filtering enabled. Inbound messages will be scanned and rated, and messages rated as having an 80% or higher probability of being spam will be filed in a user folder named "spam." Messages will be removed after they have been held in the "spam" folder for 30 days. Users should periodically review the spam folder and move any messages they want to save. NOTE: Central email spam filtering applies only to email read via central email accounts, not to email forwarded to non-central accounts. Email messages, originating from UB servers destined for non-UB addresses, with a spam rating of 80% or more will be dropped (i.e., will not be sent), since the email is highly likely to be originating from a compromised or misconfigured machine on campus acting as a spam bot. This measure is being implemented to prevent UB from, becoming gray- or black-listed by ISPs, blocking delivery of all UB email to their systems. Central Email Forwarding Policy and Procedures In order to manage spam proactively, email forwarding that negatively impacts our central email servers will be disabled/removed. Central email forwarding addresses of students will be preserved for 6 months after their graduation/departure. Forwarding addresses of faculty and staff who leave UB employment will be preserved for a time period ranging from one day to 6 months following the date of their departure, depending on the nature of their departure (resignation, termination). Retirees may continue to keep their UB IT accounts and use UB central email services including forwarding if they wish. Each month a probe of all forwarded addresses of non-affiliated users (students who have left the university; employees who have resigned or been terminated) will be conducted. The probe will require an acknowledgement from the user. If no acknowledgement is received to the probe within 30 days, the email forwarding will be removed. Retention of Deleted Email UB retains email centrally for disaster recovery purposes alone. Deleted messages (messages in the trash/recycle bin) are retained for 30 days. Originators and recipients of email are responsible for identifying and saving documents that must be retained in order to comply with federal, state, or local laws and to meet operational, legal, audit, research, or other requirements. Email with Forged Header Information Sending email with forged header information (specifically with a forged FROM line) is prohibited. The central email service will not accept email for nonexistent UBIT account names. User Responsibilities The UB central email system is used as an official channel of communication. Faculty, students, and staff are responsible for reading UB email regularly for official University communications. Those who forward their UB email to a non-UB account are responsible for managing their disk quota for the non-UB account to ensure that there is enough disk space for new email. They are also responsible for keeping their email forwarding addresses up-to-date, ensuring that UB email is being forwarded to a functioning email address. Email forwarding addresses can be updated at: http://ldap.buffalo.edu/forward.htm. The use of UB email systems is also subject to the normal requirements of legal and ethical behavior within the University community. Policies and regulations that apply to other forms of communication at the University also apply to email. Please see the Computer and Network Use Policy for more information on acceptable use of University IT resources. UB provides email systems for activities and functions supporting its mission of teaching, learning, research and discovery, and service. Email: Public Records, E-discovery, and Privacy/Security Email may contain official University correspondence as well as non-official correspondence, attachments, and forms transmitted electronically. It is important for all users to note that copies of email messages, including personal communications, may be released to the public under the New York State Freedom of Information Law. In addition, all email messages including personal email may be subject to and released in response to various government and court-ordered legal actions. New federal rules regarding discovery of electronically-stored evidence require the preservation and production/disclosure of any electronic evidence that is regularly and routinely available, including email messages, when there is an expectation of litigation. Contacts Please contact the following office if you have questions or comments about this policy and procedures: IT Policy Officer Office of the CIO 517 Capen University at Buffalo 716-645-7979 peters@buffalo.edu