Versions Compared

Old Version 4

changes.mady.by.user Duguay, Gerard

Saved on

compared with

New Version 5

changes.mady.by.user Duguay, Gerard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Statement and Purpose

Table of Contents

This policy clarifies the conditions and terms under which Seattle Pacific University authorizes external email senders to send email to internal SPU recipients without being subject to SPU's default mail-filter restrictions. Such authorization infers a trust relationship between the external and SPU email systems, whereby a third-party can "impersonate" email as if originating from SPU. In order to maintain the integrity and brand of official university Seattle Pacific University communications, and to prevent spam, phishing and other email security risks, the following restrictions and requirements are involved in the authorization of external email senders.

Entities Affected By This Policy

All University faculty, staff, students and alumni; entities desiring to send mass emails to SPU recipients originating from within the SPU M365 tenant.


Table of Contents
maxLevel2
indent20px
excludeTable of Contents


Panel
borderColorgrey
borderStylesolid

Policy Version: 0.0102

Responsible Office: (Title of the Office/Dept responsible) Computer and Information Systems, Office of University Communications
Responsible Executive:  (Title of the Executive, i.e.: Asst. VP for Risk Management)CIO

Effective Date: February 2024
Last Updated:  February 2024


Requirements for Establishment: Purpose

The establishment of authorized email senders in the SPU tenant is reserved exclusively for official university business with entities and service providers under contract with the university. Such contractual relationships may include:

  • Software-as-a-Service (SaaS) vendors with whom on-going email communications to students, faculty, staff is essential. Examples include (CanvasBlackbaud, Raisers Edge...)?Qualtrics.
  • Services which support academic resources at the campus level. Example: Inter-Library Loan system.
  • University-wide marketing and survey platforms that have an ongoing contractual relationship with the university.  Examples include 
    • Currently, Slate and Mail Chimp are the only email entities supported by the Office of University Communications. 
  • Emails
sent under contractual agreement
  • from official senders must include the SPU Brand as set forth and approved by
Office of
  • University Communications.



Requirements for Establishment: Technology

It is preferred that senders be capable of configuring a DomainKeys Identified Mail (DKIM) relationship and Domain-based Message Authentication, Reporting & Conformance (DMARC) with SPU mail servers.

If DKIM is not an option, SPU may consider establishing SPF authentication relationships under certain circumstances as determined by extenuating circumstances and if Mail Chimp is not an option. Such exceptions must be reviewed and approved by University Communications ( re: SPU Brand) and Computer and Information Systems (re: Technical Requirements).


Periodic Review

Authorizations will be subject to an annual review.

SPU Brand approved by University Communications.

Technical requirements set forth by Computer and Information Systems.


Related Policies and Procedures