• Policy Statement: Account Eligibility
• Policy Statement: Email addresses
• Policy Statement: Username Changes
• Policy Statement: Office Accounts
• Policy Statement: Email Forwarding
• Policy Statement: Quotas
• Policy Statement: Email Blocking
• Policy Statement: Account Access
• Policy Statement: Client Responsibilities
• Policy Statement: Account Termination
• Policy Statement: Account Privacy
• Policy Statement: Public Records

Policy Statement: Account Eligibility

ITS will only issue email accounts to individuals that meet the eligibility requirements. ITS will only issue one personal email account to each eligible individual.

Background Information

ITS is responsible for issuing email accounts on the University central servers. ITS has established eligibility requirements for email accounts to manage and secure the computing environment. By limiting account privileges to people that meet the eligibility requirements, ITS is better able to allocate resources to individuals actively working on University projects. ITS is also better able to identify and locate people that have misused computing facilities.

Policy Details

An individual must have a current affiliation with the University. Affiliations include University employees (faculty and staff), currently enrolled students, retirees, and guests. Guest account requests are evaluated by ITS on a case-by-case basis.

An individual must acquire a BGSU authentication account prior to requesting other server accounts.

An individual must agree to abide by the policies and responsibilities outlined in the University’s Acceptable Use Policy.
Back to top.

Policy Statement: Email addresses

ITS has rules and standards for email usernames and the corresponding email addresses.

Background Information

Individuals can acquire an email account upon meeting University affiliation requirements. When registering for an email account, the client must choose a username. This username will be used for all server accounts (including email) that the individual requests throughout his or her affiliation with the University.

Different server systems have different username requirements. Due to the broad use of this username, ITS has established rules and standards for usernames to meet the requirements of the various server systems.

Policy Details

Individuals requesting an email account will choose from a list of available usernames. These usernames will be derived from the client’s first, middle, and last names. The requestor must select a username from the choices provided. ITS will not accommodate requests for special or “vanity” usernames.

Usernames will not be available for selection by new subscribers until the previous owner’s email account has been deleted for at least three months. This is done to help avoid confusion when messages meant for the original owner of the username are sent to the new owner.

If a client leaves the university for an extended period and his or her account is terminated, ITS cannot guarantee that the account username will be available if that client returns to the university at a later date.
Back to top.

Policy Statement: Username Changes

ITS will only change a client’s username when a client has legally changed their name. This also changes the client’s username for other server accounts.

Background Information

As part of the email account acquisition process, a client is required to choose a single unique username from a list of available options derived from their first, middle and last names. This unique username is then used as the account name for every server account provided to the client. To minimize administrative overhead and to assure accurate record keeping, ITS has established strict rules for initiating a username change.

Policy Details

ITS will accept requests for changing a client’s username if the client presents ITS with proof of a legal name change. The client should have their name changed on the Administrative Computer Systems (Human Resources and/or Student Information System) before requesting a username change. ITS will then process the username change and change all server account names assigned to that client.

ITS cannot change an individual’s name on the Administrative Computer Systems. The client must make this request through Registration and Records.
Back to top.

Policy Statement: Office Accounts

Departments and offices can obtain office email accounts for business correspondence. Multiple individuals within the department can access these accounts to process the incoming mail.

Background Information

The University provides email as a tool for conducting the business of departments, academic offices, and ultimately the University. Office accounts are intended to streamline the operations of departments and offices by providing accounts for group use. These accounts allow multiple individuals within a department to access and respond to incoming mail. These office accounts also allow the departments to advertise an email address that corresponds to a department or function, rather than an individual. These accounts are intended to minimize the impact of staffing changes and absences and eliminate the need for one person to access another individual’s email account to perform University business.

Policy Details

Offices and Departments can obtain office email accounts by submitting a request to the ITS Technology Support Center. The requesting office or department will need to choose a name for the account (preferably 8 to 12 characters long) that is not already in use.

Office accounts have the same restrictions and quotas as faculty and staff email accounts and can be accessed through Webmail, Eudora and other POP and IMAP mail clients.

ITS has the right to limit the number of office accounts granted to a department or office.
Back to top.

Policy Statement: Email Forwarding

The owner of a BGSU E-mail account can have the account forwarded to an email address outside of the BGSU domain.

Background Information

Clients must register for a BGSU E-mail account to acquire other server accounts. ITS recognizes that many individuals already have email accounts when they join the University community. To simplify management of individual’s email accounts, ITS allows BGSU E-Mail accounts to be forwarded to an email address outside the BGSU domain.

Policy Details

ITS will honor requests made by the account owner to have email sent to their BGSU E-mail account forwarded to an email address outside the BGSU domain. Clients must make these requests in person by visiting the Technology Support Center with a valid photo ID. To protect the security and privacy of a client’s email account, ITS cannot honor forwarding requests made by telephone or sent via a third-party email account.

In cases where it is not practical for the client to come to the TSC to request a forward, ITS will accept forwarding requests that are sent from the BGSU Email account affected by the forward, as long as the client is able to provide other information to verify their identity.

ITS will not allow email to be forwarded from an individual’s BGSU E-Mail address to another individual’s BGSU email address.

ITS will immediately remove any forward that is suspected of creating an email routing loop or other delivery problems.
Back to top.

Policy Statement: Quotas

ITS will establish and enforce quotas on email directory space provided to account holders. When an account is over its quota, new mail cannot be delivered to that account until the account holder has deleted old mail to make space for new messages.

Background Information

The email server has a limited amount of disk space. The servers will not run efficiently when the available disk space nears depletion. ITS is responsible for maintaining the email server availability and performance. To ensure that disk space problems do not hamper performance, ITS has established disk quotas for server accounts. These quotas allow for a fair distribution of available disk space.

Policy Details

ITS has established email quotas based on the expected number of accounts and the available disk space. Different quotas may be set for different groups (i.e.: faculty may have higher quotas than students on certain servers). Current quotas are 30 megabytes for student accounts and 50 megabytes for faculty, staff and office accounts.

ITS cannot permanently raise an account’s quota. Disk space on all servers is limited by a variety of hard constraints. In addition to the hardware limits, costs of upgrading or adding disk space are often prohibitive. To ensure equity for all current and future account holders on a given server, ITS will not permanently raise quotas for clients.
Back to top.

Policy Statement: Email Blocking

ITS reserves the right to block any incoming email messages that might cause email server problems, problems for the email users, or problems for the University’s network.

Background Information

Email can be used to transport virus-infected files or programs that can disrupt the email servers and the email user community. Email can also be used to broadly deliver information that is inappropriate or a nuisance (unsolicited bulk email, also known as “spam.”) To protect the University community and University resources from such threats, ITS may block specific messages, senders or domains from the University’s domain. These blocks may be set on a temporary or permanent basis depending on the nature of the threat.

Policy Details

ITS may use anti-virus software to automatically block messages that appear to be infected by a virus.

ITS may use “black-hole” lists to protect against known email abusers and sites with open relays. At times, legitimate senders may be blocked if they are sending from a site that has left itself open to abuse because of weak security.

ITS may manually set blocks on specific senders or domains when they are suspected of sending messages that are deemed inappropriate or a threat to our environment.

ITS will set size limits for email messages. The current maximum size for a single message is 10 megabytes. Limiting the size of messages keeps individual accounts from exceeding their quotas and protects the University network from excessive traffic. Email messages that exceed the size limit will be blocked from entering the email server.

Email messages must properly identify the sender. Email messages that are found to not properly identify the sender will be blocked from entering the email server.
Back to top.

Policy Statement: Account Access

ITS reserves the right to restrict email server access methods to those appropriate for the intended use of a server. For security reasons, these methods are generally restricted to the lowest level of access needed to perform the intended functions of the server.

Background Information

ITS is responsible for securing the University’s email environment. ITS evaluates the intended use of a server in conjunction with the security risks introduced by various account access methods to establish the best account access policy. In general, the least access necessary to provide the necessary services will be granted.

Policy Details

Email accounts can only be accessed with email software (like Eudora) that follows Post Office Protocol (POP) or Internet Message Access Protocol (IMAP). Clients can use the ITS-provided WebMail interface to access their accounts, which uses the IMAP protocol to access the servers. No telnet access to the email servers will be granted to end users.
Back to top.

Policy Statement: Client Responsibilities

Account holders have responsibilities that must be met as part of the privilege of email access. Account holders are expected to live up to these responsibilities or lose their access privileges.

Background Information

The email server environment is a shared environment. Since the account holders are a diverse group, and since email access is critical to University business, it is essential that each account holder use the servers responsibly.

Policy Details

An account holder is responsible for the use of his or her email account, and may not give anyone else access to that account. Conversely, account holders may not, in any way, try to obtain access any account other then their own.

An account holder is responsible for the security of his or her account password. This includes changing that password on a regular basis and ensuring that no one else knows it. It is also the account holder’s responsibility to remember passwords that they set for their accounts.

An account holder may not deliberately perform acts that will disrupt the normal operation or diminish the performance of the network, servers, or other devices on the University network.

An account holder must abide by the terms of all software licensing agreements and copyright laws.

An account holder must abide by the rules established for the server where the account is housed. The account holder must follow all rules regarding quotas, server access methods, usage restrictions, etc.

An account holder must adhere to the responsibilities and policies dictated in Bowling Green State University's Acceptable Use Policy.
Back to top.

Policy Statement: Account Termination

Email accounts will be administratively disabled and deleted within an established time interval after the account holder is no longer affiliated with the University.

Background Information

ITS is responsible for managing email accounts on the University email servers. ITS has established account termination policies in conjunction with a variety of measures taken to secure the email environment. By limiting email account privileges to people that have an active affiliation with the University, ITS can focus the resources and support toward the proper subscriber group. This allows current students, faculty and staff to get priority service.

Policy Details

Email accounts held by individuals that violate University policies, policies established in the BGSU Acceptable Use Policy, or any ITS established policies will be eligible for immediate administrative lockdown.

Email accounts held by students will be eligible for deletion twenty weeks after their affiliation as a student with the University has ended. ITS will make efforts to notify account holders in advance of the account deletion so that transitional arrangements can be made. It is the client’s responsibility to publicize a new email address to his or her correspondents. It is best for the client to begin using and publicizing a new account before the termination of the BGSU E-mail account to minimize disruption.

Email accounts held by faculty and staff will be eligible for deletion two weeks after their resignation or termination. Faculty and staff must make arrangements prior to their departure from the University to publicize a new email address.

Email accounts are eligible for deletion two weeks after the University has been notified that the account holder is deceased. Account privacy policies apply to all accounts, even after a client’s death.

Email accounts may be deleted at ITS discretion any time after they are eligible for deletion. A delay in the deletion process does not imply a right by the client to extended access to that account. Clients can have their accounts deleted earlier than scheduled by placing a request through the Technology Support Center.
Back to top.

Policy Statement: Account Privacy

ITS will honor the account holder’s right to privacy. As necessary for email administration, ITS reserves the right to examine, log, capture, archive, inspect, and preserve any messages stored on the University central servers.

Background Information

ITS is responsible for managing and supporting the University email servers. This responsibility requires ITS to investigate and analyze server performance and security issues. At times, these efforts require ITS personnel to examine, log, capture, archive, inspect, and preserve messages in client accounts. ITS will honor the account holder’s right to privacy except in cases where there are security violations, policy violations, and/or violations of the law.

Policy Details

Individuals 18 years of age or older are considered to be adults in the State of Ohio and are therefore responsible for their own actions. ITS cannot honor requests from the parents of these individuals to release email account information or terminate email privileges for these individuals.

ITS employees are required to protect the account holder’s right to privacy based on the confidentiality rules in the ITS Code of Ethics. Any violation by ITS employees of this code of ethics is considered grounds for dismissal.

Any email account that is associated with or suspected of being associated with security violations, policy violations, and/or violations of the law may be examined, logged, captured, archived, inspected, or preserved as part of a formal investigation. Any account found to be in violation may be turned over to University officials, law enforcement officials, officials of the court, or other officials engaged in an investigation.
Back to top.

Policy Statement: Public Records

Email correspondence that relates to the organization, functions, policies, decisions, procedures, operations or other activities of the University may be considered public documents under Ohio’s Sunshine Laws. BGSU employees are responsible for maintaining these records. ITS does not assume responsibility to maintain archives of public record documents for its email clients.

Background Information

ITS is responsible for managing and supporting the University email servers. This responsibility includes maintaining backups of the email system in case of catastrophic or system failures. These archives are expired on a regular schedule and only include messages that were in a client's account at the time of a backup. Our resources do not allow for a more extensive archive of public record documents of the type required by Ohio laws. Also, since personal correspondence is often mixed with business correspondence in BGSU email accounts, ITS disclosure of contents of email accounts in response to public records requests might also mean disclosing personal correspondence.

Policy Details

BGSU employees are responsible for maintaining records of correspondence that relates to University business. This includes electronic mail that may be subject to disclosure under Ohio’s Sunshine Laws. ITS recommends that employees familiarize themselves with these laws and with BGSU’s document retention policies and maintain their records accordingly.
Back to top.