All accesses to the email systems are logged for the purposes of system administration, bug tracking, usage statistics and to trace misuse. In the case of misuse relevant information may be passed to security teams at other sites as part of an investigation. Otherwise the information is not passed to any third party except as required by law. Logs are kept for 28 days.
The following data is logged for all user accesses: user name, address of calling site or machine, time of session, duration of the session, programs used and commands issued.
In the case of mail logs the sender and recipients of each message are logged.
Hermes webmail uses an HTTP session cookie to maintain the integrity of your webmail session and support the use of tabbed browsing with webmail. This cookie expires when your browser is shut down. This is constructed using your current Hermes session ID and a random alpha-numeric value. This cookie is essential for the provision of the service.