C
chris02 - 2011
Hi all,
We are in the process of pulling all our documentation together to become compliant with 27001, but one policy I am not sure about.
The beginnings of our 'Bulk Email Policy' are below and I would very much appreciate your thoughts. Is it good enough, does it cover the relevant points of 27001, does anything need to be added?
Many thanks
Chris
Bulk Email Policy
There are recognised ways of creating and sending bulk E-mails which should be adhered to whenever possible.
The preferred mechanism for high volume bulk e-mail should be the ..... List Server which is designed specifically for this purpose; a good example is e... which goes to 50K+ ..... Members once a week.
The other mechanisms available are Catalyst or Outlook; both of these have limitations which are outlined below.
1. Guidelines for List Server
The List Server manages mailings for groups of users. It produces multiple copies of a standard message, each addressed to a different email drawn from a pre-defined list of up to 100K recipients in a single mailing.
To establish if the List Server should be used for any particular requirement please contact the Service Desk in the first instance.
Guidelines are available for groups to use this service on the link below
F:\List server (LS)\Policies & Info\List server Jan 06 draft guidance notes version 2.1.doc
2. Guidelines when using Outlook
This is fairly easy to use but you should be aware of the following restrictions to its use:
• Ensure that the email addresses are placed in the ‘BCC’ (Blind Carbon Copy) field and NOT the ‘To’ or ‘CC’ fields. This is to ensure that the email address of each person on the list is not divulged to other recipients. Failure to comply could involve legal action under the Data Protection Act against both the Society and the member of staff.
• Limit the number of addresses. We recommend a limit of 500 depending on size of the email. Emails above this limit must use the List Server. Contact the Service Desk if you need more information on how to do this.
• Limit the total size of the emails to 50Mb. (e.g. you can send 100 emails of ½Mb or 25 of 2Mb).
• Unless the email is extremely urgent, it is recommended that the email be delayed for transmission. (This option is available by going to VIEW – OPTIONS – “Do not deliver before”). Please enter a value later than 17:00 - and the later the better.
• It is also advisable to contact the Service desk to inform them of any “very” large emails as there may be an impact on Outlook services if several are sent at once.
Within the Office application of Word it is also possible to create an “email mail merge” from an Excel spreadsheet or table of data – the same limitations apply as above.
3. Guidelines when using Catalyst
Within this mail engine, there are two settings regarding mail delivery – a limit on the size of any individual message; and a limit on the total size of all the messages sent in any one session.
Size Parameters:
Any message (including any attachments it contains) must be less than 2Mb in size. Moreover, the total size of all the messages that can be sent in any one session must not exceed 100Mb.
For example:
sending an email of 3Mb to someone would fail; sending 100 emails, each of 2Mb would fail; sending 500 emails, each of 0.5 Mb would fail.
On the other hand, sending an email of 2Mb or less would be fine; sending 100 emails each of 1Mb or less would succeed; as would sending 500 of 200Kb.
It is very unlikely that sending an email with no attachments to a lot of people would come anywhere close to the limit.
Taking care to assess the number and size of your bulk mailing and ensuring it is not over the limit will enable any bulk mails you send to get delivered successfully.
To do this, find out the total number of emails to be sent (Y) and the total size of the actual message (Z). As long as the total of Y x Z is not more than 100Mb – and the individual message is not larger than 2Mb - they will get sent.
If the total looks like being more than 100Mb, the best solution would be to send the mail in more than one batch. You can do the second one immediately after the first one – the only important thing is that you don’t try and send all the emails in one go.
NOTE.
In the event that someone is sending a very large email to a very large number of people and not sure how to approach it then please discuss the issue with IT. It may be possible to temporarily increase limits is some cases. However, for security and performance reasons we don’t want to leave the limits too high all the time.
We are in the process of pulling all our documentation together to become compliant with 27001, but one policy I am not sure about.
The beginnings of our 'Bulk Email Policy' are below and I would very much appreciate your thoughts. Is it good enough, does it cover the relevant points of 27001, does anything need to be added?
Many thanks
Chris
Bulk Email Policy
There are recognised ways of creating and sending bulk E-mails which should be adhered to whenever possible.
The preferred mechanism for high volume bulk e-mail should be the ..... List Server which is designed specifically for this purpose; a good example is e... which goes to 50K+ ..... Members once a week.
The other mechanisms available are Catalyst or Outlook; both of these have limitations which are outlined below.
1. Guidelines for List Server
The List Server manages mailings for groups of users. It produces multiple copies of a standard message, each addressed to a different email drawn from a pre-defined list of up to 100K recipients in a single mailing.
To establish if the List Server should be used for any particular requirement please contact the Service Desk in the first instance.
Guidelines are available for groups to use this service on the link below
F:\List server (LS)\Policies & Info\List server Jan 06 draft guidance notes version 2.1.doc
2. Guidelines when using Outlook
This is fairly easy to use but you should be aware of the following restrictions to its use:
• Ensure that the email addresses are placed in the ‘BCC’ (Blind Carbon Copy) field and NOT the ‘To’ or ‘CC’ fields. This is to ensure that the email address of each person on the list is not divulged to other recipients. Failure to comply could involve legal action under the Data Protection Act against both the Society and the member of staff.
• Limit the number of addresses. We recommend a limit of 500 depending on size of the email. Emails above this limit must use the List Server. Contact the Service Desk if you need more information on how to do this.
• Limit the total size of the emails to 50Mb. (e.g. you can send 100 emails of ½Mb or 25 of 2Mb).
• Unless the email is extremely urgent, it is recommended that the email be delayed for transmission. (This option is available by going to VIEW – OPTIONS – “Do not deliver before”). Please enter a value later than 17:00 - and the later the better.
• It is also advisable to contact the Service desk to inform them of any “very” large emails as there may be an impact on Outlook services if several are sent at once.
Within the Office application of Word it is also possible to create an “email mail merge” from an Excel spreadsheet or table of data – the same limitations apply as above.
3. Guidelines when using Catalyst
Within this mail engine, there are two settings regarding mail delivery – a limit on the size of any individual message; and a limit on the total size of all the messages sent in any one session.
Size Parameters:
Any message (including any attachments it contains) must be less than 2Mb in size. Moreover, the total size of all the messages that can be sent in any one session must not exceed 100Mb.
For example:
sending an email of 3Mb to someone would fail; sending 100 emails, each of 2Mb would fail; sending 500 emails, each of 0.5 Mb would fail.
On the other hand, sending an email of 2Mb or less would be fine; sending 100 emails each of 1Mb or less would succeed; as would sending 500 of 200Kb.
It is very unlikely that sending an email with no attachments to a lot of people would come anywhere close to the limit.
Taking care to assess the number and size of your bulk mailing and ensuring it is not over the limit will enable any bulk mails you send to get delivered successfully.
To do this, find out the total number of emails to be sent (Y) and the total size of the actual message (Z). As long as the total of Y x Z is not more than 100Mb – and the individual message is not larger than 2Mb - they will get sent.
If the total looks like being more than 100Mb, the best solution would be to send the mail in more than one batch. You can do the second one immediately after the first one – the only important thing is that you don’t try and send all the emails in one go.
NOTE.
In the event that someone is sending a very large email to a very large number of people and not sure how to approach it then please discuss the issue with IT. It may be possible to temporarily increase limits is some cases. However, for security and performance reasons we don’t want to leave the limits too high all the time.