Policy: Electronic Mail (E-Mail) and Messaging


University electronic mail and messaging is to be used to enhance and facilitate teaching, learning, scholarly research, support academic experiences, and to facilitate the effective business and administrative processes of the University. It is not to be used for personal or political gain.

These policies are applicable to all users (departments, organizations, individuals) of any Cal Poly e-mail system. Users are expected to comply with all applicable laws and university policies affecting the use of e-mail and related systems, including but not limited to responsible use, computer accounts, passwords, information security, and software licensing.

The university reserves the right to limit the size of individual mail messages being transmitted through university resources.

Cal Poly reserves the right to send e-mail to its own users.


  • Altering electronic communications to hide one's identity or to impersonate another individual is considered misrepresentation and/or forgery and is prohibited under this policy. All e-mail, news posts, chat sessions, or any other form of electronic communication must contain the sender's real name and/or e-mail address.
  • Initiating or forwarding "chain letters" or e-mail are prohibited on university e-mail systems and the Internet as a whole. Chain e-mail can be identified by phrases such as "please pass this on to your friends" or similar inducements that encourage the recipient to forward the message.
  • The practice of bombarding someone with a large volume of unsolicited mail in an attempt to disrupt them or their site is known as "mail bombing". Mail bombs have the effect of seriously degrading system performance and may have legal consequences. This practice is strictly prohibited on Cal Poly systems.
  • The practice of sending unsolicited commercial advertisements or solicitations (SPAM) via e-mail is regulated by applicable laws.
    • On-campus users found in violation of these laws could be subject to criminal prosecution, civil prosecution, administrative action, and/or loss of some or all computing privileges.
    • Cal Poly users such messages are responsible for notifying the sender to stop. If the sender refuses to comply or does not provide a valid means for users to be removed from their list, the recipient may take civil action against them. The University will not typically act on the employee's behalf to stop unsolicited email messages.
  • Use of electronic communications, including e-mail, with the intent to annoy, harass and/or physically threaten other individuals is prohibited.
  • Use of State resources, including e-mail, for anyone's personal or political gain is prohibited. This includes promoting off-campus sales and services.
  • Operation of unofficial e-mail reflectors is prohibited. An e-mail reflector is the automated or otherwise forwarding of a mail message to multiple recipients triggered by the content or headers of the mail message being forwarded. Authorized reflectors include calpoly.edu, alumni.calpoly.edu and reflectors established by the system administrators of the University machines affected.
  • Users are prohibited from sending messages to large numbers of users except as defined in the procedures accompanying this policy. Official mailings to large numbers of users should conform to the "Large Mailings and Broadcast Messages" section of this policy.
  • E-mail messages may not include any user's identification number (e.g., social security number), should include only unique identifying information that is pertinent to the message being conveyed, and should not reference any student's academic record or confidential employee information.


Large group mailings are permitted only if sent via authorized distribution methods to reduce the system load. Mailings exceeding the number of addressees specified in the procedures must use system aliases, public distribution lists (PDLs) or a system-operated utility. This applies to all inter-machine e-mail as well as campuswide e-mail systems. Examples of system aliases and PDLs include class lists, college/department lists (e.g., faculty and staff rosters), committees, student clubs, other official University organizations, and specific discussion/topic groups.

System aliases and PDLs are to be used only for the purpose for which they were created. For example, class aliases are for use by classes in class discussions and dissemination of information within the context of the specified class. Student club aliases are for disseminating official club information. All other aliases are for use by specific units or members to disseminate or share information.

Use of such aliases by non-authorized personnel constitutes a violation of this policy. Official aliases may not be used to broadcast unofficial and/or unauthorized messages. Aliases established to broadcast information may not be used without the express permission of the owner of the list.

For other large group mailings, use of system authorized distribution methods is encouraged, especially when extremely large numbers of users are involved or when the speed with which the message being delivered is not critical. 

Messages being "broadcast" to campuswide groups (e.g., all faculty, staff, and/or students) must use an approved broadcast method and meet the following criteria:

  • Other means of communication are not timely and the nature of the event was such that timely announcement via other methods could not be accommodated
  • An appropriate target audience can be determined
  • Could be of significant benefit to all of the targeted audience
  • Must comply with applicable university policies on use of State resources
  • Prevents significant inconvenience that the lack of the information would cause to the targeted audience
  • Must be approved by the president, vice president, or dean
  • Must be approved by the Chief Information Officer (CIO) or designee

Units within the university, such as a college or department, may initiate broadcast messages containing official university business to their own constituent groups without seeking the approval of the CIO, but should still observe these criteria. Such mailings should be consistent with the policy, standards, guidelines and procedures for using Electronic Mail as an Official Means of Communication to Students.

Broadcast messages should originate from a departmental or unit account, e.g., library, rather than an individual or personal account.

The university reserves the right to perform broadcast mailings which are related to emergencies and university physical plant conditions or activities for which urgent notice is required and that will potentially affect most of the recipients.


E-mail should be avoided as a means of communicating confidential or sensitive material, inasmuch as confidentiality cannot be guaranteed on the Internet.

It is against university policy for system administrators to monitor the contents of files or messages unless necessary to preserve either system integrity or continued e-mail delivery. Moreover, copies of messages are kept on system backups and may be retained for periods of time and locations unknown to you. In addition, e-mail messages can be intercepted, copied, read, forged, destroyed, or misused by others for mischievous purposes.

E-mail, whether or not created or stored on university equipment, may constitute a university record subject to disclosure under the California Public Records Act or other laws, or as a result of litigation. This includes email-related data stored on a machine's hard drive, regardless of machine ownership. Copies of e-mail must be provided in response to a public record request or legally issued subpoena, subject to very limited exceptions, as with all other documents created and retained at the University.


Effective Date Actions Taken
September 15, 2006 Removed references to specific technologies no longer in use. Removed links to specific laws and procedures. Replaced term "data security and integrity" with "information security"; "an appropriate statement" with "a valid means"; "your" with "a". Added links to other policies and websites where appropriate.
September 16, 1999 Date of last policy update/revision.


Related Content

Best Practices

10 Best Pactices

Our 10 Best Pactices

Contact Us

Contact Information Security at 756-7000


Did you know?

Stay Safe Online Tips