Email services are provided to the Tufts community in support of the teaching, learning and research mission of the University and the administrative functions to carry out that mission. Users of Tufts email services are expected to act in accordance with the Information Stewardship Policies and with professional and personal courtesy and conduct. Email may not be used for unlawful activities. This policy and related policies provide the framework in which all email services are provided and used at Tufts.
To clarify terms used within these policies, the following definitions are provided:
An email account is the location where mail is actually delivered. It is a combination of a login username and password and disk space. A person may have several e-mail accounts on different computers or email servers.
The actual name of the account as typed in at the Username prompt when logging onto email.
Email name address
The email@example.com address is the name address or alias. It is linked to a preferred email account but is, itself, not an account username, but rather a permanent email alias. Use of the name address ensures that the email address will remain the same the whole time one is at Tufts.
Email delivery address
The firstname.lastname@example.org address is the delivery address. Each e-mail account has its own unique delivery address which can be given out to correspondents as one's e-mail address or a person may opt to use the email name address in addition to or instead of the delivery address.
Preferred email account
If a person has more than one email account, they will need to select a preferred email account which should be the account that receives most mail from correspondents. The name address will be linked to the preferred email account for direct delivery.
Users of email must adhere to the Information Stewardship Policies.
Users are to take precautions to prevent the unauthorized use of e-mail account passwords. Passwords are not to be shared with others and their confidentiality is to be strictly maintained. In choosing passwords, users should select codes that are difficult to guess and should change them on a regular basis. Users will be held accountable for all actions performed with their passwords, including those performed by other individuals as a result of user negligence in protecting passwords. Email administrators and other computer support staff will not ask you for your password.
No one is to use another individual's account, with or without permission.
Email accounts are assigned a disk quota on the email server, which can only be increased based on valid business justification. Users should not rely on disk space on email servers for the purposes of archiving or record retention.
When a student graduates or a person terminates employment at Tufts, their e-mail account will be locked after 4 notifications via email or sooner depending on the situation.
Email accounts can be immediately locked upon the request of the department head or dean.
Email name addresses (email@example.com) are held from use for one year to avoid possible confusion of mail delivery. The email username will be withheld from general use for 7 years.
- Email name addresses are generated from the user's legal name and must be unique. Duplicate names are resolved based an alternate name selected by the affected user(s).
- Email usernames and email name addresses may be changed when a user legally changes their name. Upon request, messages sent to the former email address may be forwarded for a period of ninety days. Requests for forwarding services must be made to the department email administrator thirty days prior to the effective date of the legal name change.
Group or Departmental Accounts
In some situations, a single point of contact is required where multiple individuals manage service requests. These accounts are permitted as follows:
- The department head will determine when a group account is required to conduct the business of the department and will be responsible for all of the account activities, including use of it by authorized and unauthorized employees and will sign a responsible use statement indicating this is so.
- Passwords will be set to automatically expire at a frequent rate to ensure that passwords are being used appropriately.
- Standard quotas will apply to all accounts created (these are not designed to store mail messages).
- Account usernames and addresses will be assigned to these accounts as appropriate.
Email Distribution Lists
- Mailing lists may be used for purposes related to teaching, course-work, research, and administration at Tufts University and University sanctioned student activities.
- Commercial use of mailing lists, except for authorized Tufts University business is prohibited.
- See the separate Mailing List Policy.
Tufts University publishes directory information, including email addresses for faculty, staff, and students. Electronic directory services are provided on the Web in the form of the Tufts University Online Directory and within your mail browser. The Tufts University Online Directory is available for anyone at Tufts and elsewhere to locate faculty, staff and students at Tufts. Email may be sent directly from directory records. The Tufts Online Directory is an integral part of the Tufts email services providing email lookup and delivery.
The Tufts University electronic and printed directories are provided solely for the purpose of assisting individuals to contact one another. Information in the directories may not be extracted by any means for the creation of distribution lists for use by businesses or other organizations outside of Tufts. Use of directory information for solicitation of business or donations is expressly prohibited.
- Students who have requested privacy locks with their Registrar will not appear in the online directory. The setting of a privacy lock means that the student will not be listed in any online directories and will not be able to use their name address (firstname.lastname@example.org form). Email addresses for individuals with privacy locks will be based on the e-mail delivery address (email@example.com).
- Faculty and staff may elect to remove personal contact information (including phone numbers and email address) from the online University directory. Personal contact information includes campus address, campus phone numbers, and email address. Removal of personal contact information from the online directories means that the individual will not be able to use their email name address (firstname.lastname@example.org). Email addresses for individuals with contact information removed from the directories will be based on the email delivery address (email@example.com).
Security, Privacy and Confidentiality
- Tufts cannot guarantee the security, privacy, and confidentiality of email. Users should not assume confidentiality of their email. Users are not advised to send confidential University communications (as determined by law, policy, etc.) via email. Examples of why email confidentiality cannot be guaranteed are:
- Email may be subject to disclosure under law.
- Back-up copies may be retained for periods of time and in locations unknown to senders and recipients even if the user has deleted it from their account or PC.
- In the course of routine systems maintenance, troubleshooting and mail delivery problem resolution, network or systems staff may inadvertently see the content of email messages.
- Password protections are advised but cannot be guaranteed.
- Senders can mask their identity.
- Messages can be easily forwarded without permission to individuals or groups, even though it violates copyright law.
- Messages can be intercepted while in transit through the network.
- Forwarded messages can be altered from the original.
- Encryption and digital signatures are evolving technologies and are not yet widely available for use at Tufts.
- Once a message is received on a machine outside of Tufts, all of the above concerns continue to apply.
- In the event of a system disaster, email will be restored to the state of user email accounts on that server at the time of the last back-up. As messages may be received and subsequently deleted or lost since the last backup, Tufts cannot guarantee that all messages can be restored.
Email Abuse and Policy Enforcement
Email services are provided to the Tufts community to conduct University business.
- Violations of the Email and Tufts University Information Stewardship Policies will be subject to disciplinary action and violators may have their email account suspended during any investigation.
The following is a non-exhaustive list of examples of email abuse:
- Excess personal use that interferes with University business by burdening the network or systems or by interfering employment obligations.
- Interference with other people's use of email.
- Intentional unauthorized access of other people's email.
- Sending spam, chain letters, letter bombs or any other type of widespread distribution of unsolicited email.
- Forging email.
- Giving the impression you are representing the University unless you are authorized to do so.
- Use of email for commercial activities or personal gain (except as covered by the Policy on Rights and Responsibilities with Respect to Intellectual Property and the Information Stewardship Policies).
- Sending of offensive or abusive messages.
- Conducting unlawful activities.
Email abuse may be reported to firstname.lastname@example.org. Reports of abuse will be investigated and handled as appropriate. In all cases, do not delete any evidence or message(s) as they can be used as evidence.
Responsibility for Email Policies
University Information Technology (UIT) is responsible for implementing this policy, in cooperation with:
- Information Technology Council
- Dean(s) of Faculty and the Dean of Students for each school
- Vice President of Human Resources
- University Counsel
The University has the right to change this policy as necessary.