Since Jul 26, 1999
G. K. Chesterton
A clear and concise explanation of university e-mail systems by BilltheDrill, a Univ Systems Administrator
Deleted Email Showing She Forwarded Classified Information To Her Daughter
11/5/2016, 1:07:31; 67 of 67
Billthedrill to Covenantor
".... That email address has an incomplete domain name - it's almost certainly AJ66@nyu.edu, a student email address requested through HERE. These typically are serviced after the student becomes an alumnus. Our university changes the domain after that and deletes the old account after whatever data transfer (i.e. old emails) is requested...or not.
Apparently NYU does not. Such mailboxes may be aliases, i.e., may be linked to another email address such that anything addressed to A ends up at B seamlessly, that transfer taking place behind whatever security the original addressee has in place. That isn't visible to the public at large; at the server level it is visible within the individual account properties and recorded in the SMTP logs. It's quite recoverable if you know what you're looking for and when, although what you get from the logs is a record of transmission, not the data themselves - this is metadata. Naturally that is available only to someone with administrator credentials.
If in fact the nyu.edu mailbox is the final destination, the user would have to log into the NYU email system to retrieve it, which generates log records of its own.
The problem is that such logs are rightfully protected by the IT security in place, and a law enforcement agency needs a search warrant to force university staff to retrieve them or allow access.
If these emails are kept locally they are also nearly certainly backed up somewhere besides the online server. Hence deletion takes them away from the primary server but they are recoverable if the mailbox is otherwise recoverable, sometimes from tape, sometimes spinning disk, sometimes the Cloud. Typically this is within a fairly short time window - 30-90 days - lest the amount of backups become onerous to manage and susceptible to abusive legal recovery. So if they're deleted by the user they can only be recovered for a limited time.
Use of this service in this manner is almost certainly outside of the scope of a university's Service Level Agreement, and to use it to pass classified information is entirely illegal and subject to severe penalties such as expulsion and exposure to federal espionage laws.<>
Any email administrator worthy of his salt would immediately be on the line to University Counsel and to the FBI upon detection....