Table of Contents
Automatic Mail Forwarding
From 15 june 2023 the university has installed a 'no automatic mail forwarding to external email address' policy. For details, please read UL policy Automatic Forwarding to external email address or read the policy document
The University mail servers have been changed to revoke automatic mail forwarding to addresses outside the leidenuniv.nl domain. This is done to make sure mails with General Data Protection Regulation (GDPR) sensitive data are not automatically forwarded to places where the university does not have a GDPR processing agreement.
Since the Observatory has its own mail server we have to implement the university policy ourselves, but can be much more creative than rigorously disable all forwarding, we have negotiated with the University that any mail containing GDPR sensitive data (for example, personal data or potential relevant information for cyberattackers) will have the word 'Vertrouwelijk' or 'Confidential' in the subject of that mail. Given this identification, we have implemented a filter in your .procmailrc file that redirects any such mail back into your INBOX thus taking it out of the stream that allows you forwarding to an external email address.
In short, any email marked 'Vertrouwelijk' or 'Confidential' will go to your INBOX and all other email you can forward to you favorite external (to leidenuniv.nl) email system. So you do not have to change anything, except look at your Sterrewacht inbox once in a while to see if a LeidenUniv GDPR sensitive mail has been sent to you. Our filter can (optionally) inform you that such an event has occurred.
Note: If you write a confidential GDPR sensitive email to a Leiden employee you must mark that mail with 'Vertrouwelijk' or 'Confidential' (put this word in the mail Subject) to adhere to the University Mail Forwarding policy.
We have installed, at the beginning of your .procmailrc file, a ruleset that will do the above mentioned actions. So please do not remove that as it helps you to adhere to the university policy while retaining your automatic forward (if set).
Email encryption
None of these measures actually do anything about the confidentiality of your mail; mails are still stored clear text on our email servers or on any other destination server unless you encrypt them.
If you care about privacy or if you handle sensitive information in your email correspondence, we strongly advise you use encrypted emails. This is rather easy to set up following this guide.
Info message
Our filtering rule set allows one bit of customization: if the variable INFOMESSAGE is set to yes, you will
receive a mail informing you that a message matching marked as confidential has been received and left in your INBOX so you will know to check there.
Links
