how to deal with mail retention/archival.

Adam Tauno Williams awilliam at whitemice.org
Fri Aug 26 13:31:02 EDT 2016 

On Fri, 2016-08-26 at 16:13 +0000, Shawn Bakhtiar via Info-cyrus wrote:
> > On Aug 26, 2016, at 8:35 AM, Giuseppe Ravasio (LU) via Info-cyrus <
> > info-cyrus at lists.andrew.cmu.edu> wrote:
> > I saw that someone proposed to make a sort of abuse of delayed
> > expunge,
> > but I think that in order to comply with regulatory retention 
> > should be better considering some specific software.
> I don't see how using delayed expunge would really be consider abuse,
> the documentation makes mention of its use for this very reason.

+1


> We use rsync to make a duplicate of the email spool to a file server
> at regular intervals, which eventually makes its way to tape.


Same here.  And always_bcc to a shared folder which is dumped to an
MBOX file via fetchmail at an interval.  Those can be archived or even
shipped off-site.

> Although we don't have regulatory requirements I've had to do a few
> recoveries and have done so without problem. 

I always advise people to be hesitant about "we don't have regulatory
requirements" as if you are a legal corporation of any kind, in almost
all of the 50 states [United States], you are under data retention
rules - even if you don't know it.  Which you will discover when you
are involved in a law suit - saying "uhh... yeah, we don't have those e
-mails" will not be good.

> > Finding something in the delayed_expunge folders after many years
> > of archive will absolutely be a nightmare!

Most states [again the United States] allow a corporation to have on
file a documented data retention policy that states how long you retain
e-mails;  which if you comply with you will be OK.  The policy just
needs to be 'reasonable'.  For example: where I work we say 120 days. 
 No need - at least for legal reasons - to have years of archives.

Obviously requirements vary by industry - but almost everyone is
actually under some kind of requirement.

-- 
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems Administrator, Python Developer, LPI / NCLA

More information about the Info-cyrus mailing list