IT Services



Student Society/Club : Secondary Guidelines


Contents

These secondary guidelines provide general orientation in the IT Services web page system and other facilities. There is no obligation to comply with these suggestions but note that a file recovery fee will be chargeable if files are lost for any reason other than failure of IT Services systems, also that file recovery is not necessarily possible when files have only been in the system for a short time.



1. Account Management

When you use the IT Services self-registration facilities on https://register.it.ox.ac.uk/ you must give the society's account name and password when prompted.

If you have previously used a Webauth authenticated service in the same browser session you will be connected under the previous account name. To get round this, either close all sessions using the same browser then start a fresh session, or you could open a completely different browser program when using your Society account.

You need to manage the account as follows:



2. Web site



3. Email address



4. Mailing lists



5. Account Expiry



6. Guidelines for Society/Club mailing lists.

This information generally has secondary guideline status but a small number of points, clearly indicated, must be treated as primary guidelines. In some options, there is different guidance for the society's main discussion list and for special lists such as committee members only.

To manage lists for the Society, any authorised user of the Society account goes to https://maillist.ox.ac.uk/ and logs in using the Society's Single Sign-On username and password. For each list, the following management facilities are offered:

The following sections describe recommended settings for Society accounts.



6.1. Configure options

Select configure for the principal configuration settings for the mailing list.

Set the options you require and then use the Make Changes button at the bottom of the page. In some cases, you have to switch on the main option first before you can set other options associated with it.



6.1.1. Configure options - Archives

The following settings can be enabled or disabled.

  1. All messages to be archived.
  2. Only moderators are allowed to access the archive.
  3. Archive access requests from addresses which are not subscribed to the mailing list will be rejected.
  4. Archives will be available for public web browsing.

For the main Society mailing list, option 1 must (primary guideline) be switched on so that all messages are archived. This allows the full message history to be traced if any dispute should arise in connection with the list. The other options can be set according to the society's needs. For lists restricted to the Committee or other small controlled groups, archiving may be desirable but it is not essential.



6.1.2. Configure options - Subscribers

The following settings can be enabled or disabled.

  1. List will respond to any subscribe and unsubscribe requests and allow public archive retrieval.
  2. Subscription requests to the mailing list and digest will be passed to the moderators.

For special lists, such as committee members only, it may be best to switch off both options and add email addresses of list members manually via the main Subscribers function.

If it is practical for you to check all subscription requests, enabling both options allows your moderators to control who joins the mailing list. You need to name one or more moderators for this to work.

Switching 1 on and 2 off will allow anyone to subscribe to the list. In this case, you should review the subscribers list, at least monthly (primary guideline), to check for anything unusual, particularly any concentration of names from a single outside organisation. If there is a problem with unwanted subscribers, it is sensible to have subscriptions moderated as above, at least temporarily.

The proportion of non-University subscribers to the list should be controlled, as for the number of non-University members who are allowed into membership of the society. As a rule of thumb, the number of addresses ending in ox.ac.uk should be at least 80% of the total (primary guideline).



6.1.3. Configure options - Posting

"Posting" is sending a message to the list. The following settings can be enabled or disabled.

  1. Posts from addresses other than those in the "Allow Posters" list will be rejected.
  2. Posts to the mailing list from addresses in the "Deny Posters" list will be rejected
  3. All posts to the mailing list will be moderated.
  4. Posts from addresses other than moderators will be rejected.
  5. Allow subscribed email addresses to post to the list.

For a general members' list which is only for sending information, the people allowed to post should be placed in the moderators list and the above settings should be 1-2 off, 3-4 on, 5 off. Posters will have to moderate their own messages, but this protects against their email addresses being forged.

For a general members' list which is a discussion forum, ideally the settings should be 1 off, 2-3 on, 4 off, 5 on. All postings will be moderated (you must enter at least one email address in the moderators list) but anyone can post a message unless they are temporarily in the "deny posters" list. If you wish to exercise the "deny posters" option, you should be sure that your society's constitution allows for this. If it is not practical to moderate all postings, option 3 can be switched off, but you should be prepared to switch it back on, or to set the list temporarily as an information-only list as above, if any undesirable postings start to occur. If serious problems are reported to IT Services, or if the committee requests help in controlling a difficult situation, IT Services will if it appears necessary reconfigure the list so that only the Senior Member can post messages until any dispute is resolved.

For more private lists, such as committee members, you may wish to be more relaxed about moderating messages (e.g. 1-4 off, 5 on), but remember to set the Subscribers options (see above) to stop any other people adding themselves. Note however that if you do not moderate messages, there is a risk of forged messages being accepted.



6.1.4. Configure options - Others

Please see the Other Options section of the EZMLM list owners' guide for additional details.

  1. A prefix such as the list name can be added at the front of the subject for all messages. This is useful for the recipient, to distinguish list messages from personal messages.
  2. A minimum and maximum message size can be set. A non-zero minimum size prevents empty messages from being sent accidentally, and the maximum reduces the risk of filling a subscriber's INBOX if the list gets very active.
  3. A trailer text can be added at the end of each message, for example including unsubscribing information so the list administrators are not bothered with trivial queries.
  4. Stripping unwanted message-types. You are recommended to restrict messages to plain text, which is acceptable to all browsers and consumes the least storage space. Pictures etc can be placed on the society web site and a link included in the email message.
  5. Remove or add email headers, for example to control "Reply-to:" options.


6.1.5. Configure options - User Notification

Notify new subscribers when they are added via the web interface. The text that is sent is called "sub-ok"; to edit it see the "Text Files" section.



6.1.6. Configure options - Settings

These are mainly for fine-tuning the Others options above.

  • Spam filtering: it is a sensible precaution to enable spam filtering. The default level of 5 is suitable in most cases.
  • Moderation time: maximum time a message will wait to be moderated. If you have a limited number of moderators, you may wish to set this to at least 192 hours (8 days) to allow for absences. You have to select option 3 in the "Posting" section, for this to have effect. When the list is moderated any messages not accepted or rejected by a moderator within this period of time will be rejected automatically.
  • Mime types to strip from all outgoing mail: when you select option 3 in the "Others" above, a default list of message-part types will be inserted. This list is usually appropriate as it stands.


6.2. Subscribers



6.3. Moderators



6.4. Allow Posters



6.5. Deny Posters



6.6. Text Files



6.7. Logs



6.8. Managers



7. Knowledge and Training

The Regulations of the Rules Committee now require that the IT Officer and Webmaster for a Society account (and anyone else registered to use it) shall have an appropriate level of IT knowledge, to be supplemented by IT Services training facilities if necessary.

You can assess your level of IT knowledge by taking some of the tests at the web site http://learnit.ox.ac.uk/. The following tests at the Fundamental IT Skills level are relevant:

or an equivalent level of knowledge if you do not use the Windows operating system. Your score will indicate whether you should undertake additional training.

The following tests will also be relevant if you intend to use the particular facilities:

Account users should familiarise themselves with the information indicated in the following subsections.



7.1. Email



7.2. Web site



7.3. Linux account

The linux account provides Unix processing capability and secure storage of 500Mb. This could be used to save backups of Society records, such as membership data, even if the normal processing is with Windows utilities such as Excel. This may be particularly useful at Committee handover time. Account users are not expected to have any in-depth Unix knowledge. Direct use of Unix facilities may cause long-term problems if the next Committee does not have the relevant specialised knowledge. Files can be uploaded and downloaded using a secure FTP (sftp) program such as SSH Secure File Transfer Client.



7.4. Data Protection Act

As non-commercial organisations, Societies will not usually need to register under the Data Protection Act 1998. However, anyone handling information about living people, for example membership lists, is a Data Controller for purposes of the Act and does need to comply with the Data Protection Principles. See the official Government web site if you think you may need to register. A summary of the principles is in the Regulations and Notes of Guidance issued by the Proctors and Assessor. It is important that your data is secure (backed-up) and kept private - if you have your own computer, ensure that all valid usernames (such as Administrator) have a private password. Physical backup media must be locked away. If a public computer is used, programs must be closed properly and any data placed on the hard disk must be deleted (and the Recycle Bin or equivalent emptied) before you leave the computer.