Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

Statement and Purpose


Table of Contents


This policy clarifies the conditions and terms under which Seattle Pacific University authorizes third-party email senders to send email to internal SPU recipients without being subject to SPU's default mail-filter restrictions. Such authorization infers a trust relationship between the external and SPU email systems, whereby a third-party can "impersonate" email as if originating from SPU. Additionally, authorized third-party senders reach external email accounts (non-SPU) as if they were part of the university, thereby impacting the overall reputation of SPU email services. In order to maintain the integrity and brand of SPU email communications, and to prevent spam, phishing and other email security risks affecting both internal and eternal recipients, the following restrictions and requirements are involved in the authorization of third-party email senders.

Entities Affected By This Policy

All University faculty, staff, students and alumni; entities desiring to send emails to SPU and external recipients originating from within the SPU M365 tenant.




Policy Version: 0.02

Responsible Office: Computer and Information Systems, Office of University Communications
Responsible Executive:
  CIO

Effective Date: February 2024
Last Updated:  
February 2024


Requirements for Establishment: Purpose


Third-party email sender relationships shall be authorized exclusively for entities and service providers conducting official university business under contract with Seattle Pacific University.
Such contractual relationships may include:

  • Software-as-a-Service (SaaS) vendors with whom on-going email communications to students, faculty, staff and alumni is essential. Examples include Blackbaud, Qualtrics, Terra Dotta, StarRez, Slate.
  • Services which support academic resources at the campus level. Example: Inter-Library Loan system.
  • University-wide marketing and survey platforms that have an ongoing contractual relationship with the university. 
    • Currently, Mail Chimp is the preferred/recommended third-party email entity supported by the Office of University Communications. 


Requirements for Establishment: Technology


Authorized third-party senders must be capable of configuring the three primary authentication methods with SPU mail servers:

  • Domain Keys Identified Mail (DKIM) - cryptographic verification of the sender's identity;
  • Sender Policy Framework (SPF) - IP address(es) of authorized email servers; and 
  • Domain-based Message Authentication, Reporting & Conformance (DMARC) - integrity checking of DKIM and SPF scoring.


Periodic Review


Authorization of these third-party senders is reviewed on an annual basis; technical requirements set forth by Computer and Information Systems.


Related Policies and Procedures


  • No labels