The University of Texas at San Antonio
Office of Information Technology
Office of Information Security (OIS) Standards
OIS 13 – Standard for Email Management
I. STANDARD STATEMENT
UTSA provides electronic mail accounts for use by students, faculty members, staff and others affiliated with the university, and sets policy for the appropriate use of email to further its mission and goals. This standard supplements the email policies articulated in the UTSA Acceptable Use Policy .
II. RATIONALE
This standard supports HOP Policy 8-12 Information Resources Use and Security Policy.
III. SCOPE
This standard applies to all UTSA faculty, staff, and students.
IV. CONTACTS
If you have any questions about OIS 13 – Standard for Email Management contact the following office:
The Office of Information Security
IV. PROCEDURES
RETENTION OF EMAIL MESSAGES
2. Email must be managed in accordance with the UTSA Records Retention policy and schedule. The staff of OIT will back up email messages* according to announced schedules, but the owner of the account is responsible for maintaining records pursuant to the UTSA Record Retention Schedule and deleting records that are no longer needed, as indicated in the Records Retention policy. Most casual email messages are “transitory records” and can be discarded after their purpose is served.
Standard Email Retention Guidelines
ROLE | RETENTION PERIOD |
emeritus faculty | retain for as long as emeritus status is active |
faculty (retired) | 1 year + 90 days from date of retirement |
staff (retired) | 180 days from date of retirement |
separated employee | 180 days from separation date |
separated student-worker | 180 days from separation date |
3. University staff and/or faculty that contract with external third parties should be aware that some third-party hosted solutions contain their own email delivery systems that are outside of OIT control. Some of these third-party hosted systems will attempt to impersonate official University email addresses (ending in “@utsa.edu”) to send email directly on behalf of University users. These methods may result in University email getting marked as “spam” or rejected due to concerns about the authenticity of the sender.
OIT will assist with integrating third-party hosted email systems utilizing the following solutions:
- External domain – The third-party hosted solution uses its own domain to send emails, and does not need to impersonate official UTSA email addresses.
- Subdomain – A new or existing subdomain belonging to the department making the request will be created or re-purposed. All official emails sent by the third-party hosted solution will use “@subdomain.utsa.edu” and not “@utsa.edu”.
- Authenticated SMTP relay –An SMTP relay requiring username and password, can be utilized for the hosted service to use in order to send email through the official UTSA email system (Microsoft Exchange Online). The emails sent via this system will conform to all UTSA and Microsoft policies regarding message size, attachments, and limits on the volume of email that is sent.
The use of Sender Policy Framework (SPF) to impersonate official UTSA email addresses by a third-party hosted service is not allowed.
__________________________________________________________________________
Effective Date: June 15, 2011
Last Revised: June 7, 2018
Last Reviewed: June 7, 2018