Last updated: 22-MAR-2026
at 07:44 PM IST
CONSAM emailing server Governance Charter
1.
Purpose: This document establishes governance
principles for the secure, reliable, and user-autonomous operation of the
CONSAM Email System. The objective is to ensure:
1.1.
Secure communication
1.2.
Protection against spam, abuse, and unauthorized access
1.3.
User independence (minimal admin dependency)
2.
Core Policies
2.1.
Password Security Policy: Strong password
enforcement shall be implemented across all mailboxes to prevent unauthorized
access and hacking attempts.
2.1.1.
Password complexity requirements shall be enforced:
2.1.1.1.
Minimum defined length
2.1.1.2.
Combination of uppercase, lowercase, numeric, and special
characters
NOTE: Achieved as per confirmation regd.
vide: CIL-CEO-EMM.24.307.01
2.2.
Spam Scoring: The email server shall implement a
structured spam scoring mechanism to evaluate incoming emails.
2.2.1.
Each incoming email shall be assigned a Spam Score based
on predefined filtering parameters
2.2.2.
Any email exceeding the defined threshold (Spam Score
> 5) shall be automatically classified as SPAM and directed to the Junk
folder
2.2.3.
This mechanism is implemented to ensure:
2.2.3.1.
Protection against unsolicited and potentially harmful
emails
2.2.3.2.
Reduction of inbox clutter
2.2.3.3.
Enhanced overall email security and user experience
2.2.4.
The defined spam score threshold shall be subject to
periodic review based on system performance and observed behaviour
NOTE: Achieved as per confirmation regd.
vide: CIL-CEO-EMM.25.234.06
2.3.
Spam Handling & User Control Policy: The system shall
provide intelligent spam filtering along with user-level control mechanisms.
2.3.1.
Users shall have the ability to:
2.3.1.1.
Mark emails as SPAM
2.3.1.2.
Mark emails as NOT SPAM
2.3.1.3.
Mailbox-level blocking and unblocking of senders shall be
supported.
2.3.1.4.
Blocking/unblocking actions shall be independent per
mailbox and shall not affect other users.
2.3.1.5.
Previously blocked senders may be restored by user action
without administrative intervention.
NOTE: Achieved as per confirmation regd. vide:
CIL-CEO-EMM.25.260.01
2.4.
Outgoing emails & IP Reputation Protection:
2.4.1.
SMTP Security: Strict SMTP controls shall be enforced to prevent
unauthorized usage and protect server reputation.
2.4.1.1.
SMTP authentication shall be mandatory; open relay shall
be strictly prohibited
2.4.1.2.
Sender identity restrictions shall be enforced to ensure
that users cannot impersonate or spoof other internal email addresses
2.4.2.
Outgoing Malware Protection: All outgoing emails
shall be scanned to prevent transmission of malicious content.
2.4.2.1.
Malware scanning shall be implemented using ClamAV or equivalent
2.4.2.2.
Emails containing infected attachments shall be rejected
at source and shall not be allowed to exit the server
2.4.3.
Outgoing Spam Control: Outgoing email traffic shall be
monitored and controlled to prevent spam generation.
2.4.3.1.
Rspamd or equivalent spam
filtering system shall be active for outbound scanning
2.4.3.2.
A defined spam threshold shall be enforced: Emails
exceeding the threshold (Score ≥ 40) shall be rejected, not merely tagged
2.4.3.3.
This ensures that spam-like or suspicious emails do not
impact IP reputation or domain credibility
2.4.4.
Rate Limiting Controls: Email sending limits shall be enforced
to prevent abuse and maintain controlled traffic flow
2.4.4.1.
Per Mailbox:
·
Burst Limit: 5 emails per 15 minutes
·
Hourly Limit: 30 emails
·
Daily Limit: 200 emails
2.4.4.2.
Per Domain (Aggregate):
·
Burst Limit: 20 emails per 15 minutes
·
Hourly Limit: 100 emails
·
Daily Limit: 1000 emails
NOTE: Achieved as per confirmation regd.
vide: CIL-CEO-EMM.25.146.06 when testing was exclusively conducted on consamconndign.com
2.5.
To be added
3.
Continuous Improvement Principle: This document is
evolutionary in nature.
3.1.
Policies shall be refined based on:
3.1.1.
Testing outcomes
3.1.2.
User behaviour patterns
3.1.3.
Security observations
Status: Active Governance
Document
Authority: CONSAM Mail System Administration