Table of Contents

Data Retention

Server Management > System Settings > Data Retention

Preface

Like any other Linux server BlueOnyx will also gather logfiles that contain information about system and network related events. Such as which IP addresses tried to connect to which services and what transactions they performed while doing so.

Web server logs contain information classified as personal data by default under the European Union’s General Data Protection Regulation ('GDPR' in English or 'Datenschutz-Grundverordnung' 'DSGVO' in German). The new privacy regulation comes in effect in May 2018, and just about everyone who does any business with the EU or EU clients needs to take action now to either become compliant or to provide means to their clients so that they can become compliant. Even if the laws are stupid to begin with.

That is why BlueOnyx released an update for BlueOnyx 5207R, 5208R and 5209R on 30th of April 2018 to allow BlueOnyx users to adjust their servers to comply better with the 'GDPR'/'DSGVO'.

More information on the new regulation:

Wikipedia: GDPR Wikipedia: DSGVO

We at BlueOnyx are no lawyers. We provide software. Hence we cannot and will not guarantee that any BlueOnyx in any shape or form is compliant with the 'GDPR'. Just setting a few checkboxes in the BlueOnyx GUI interface alone will not guarantee that your server complies with the GDPR.

However: The tools we give you at hand are a stepping stone that aids you in crossing off one or two items on the list of reaching compliance.

Logfile Retention

(All information hereafter assumes you DO have the updates from 24th May 2018 (and later) installed).

By default BlueOnyx 5207R/5208R/5209R keep 14 days of logfiles in /var/log/. After 14 days these logfiles are deleted from /var/log/. German BlueOnyx operators are advised to store logfiles for no longer than 7 days.

However: Some usage information from these logs (pertaining to HTTP, HTTPS, FTP and Email) is extracted daily from the combined logs and is moved over to the /logs/ directories of the individual Virtual Sites that were end-point for that traffic. The information gathered this way is made available to the Server Admin as well as the respective siteAdmin's via the BlueOnyx GUI interface in various places, such as:

Further processing of such aggregated logfile data is also handled by 'Webalizer', 'SendmailAnalyzer' (both are included in BlueOnyx by default) and optional PKGs such as 'AWStats'.

As the logfile data (and the generated statistics) contain personal information such as IP addresses this data falls squarely within the scope of the 'GDPR' and must be handled with care.

Data Expiry

The BlueOnyx GUI by default keeps the Virtual Site logfile snippets for 5 years. Individual (shorter) retention periods can be configured on a per Virtual Site level.

The updates from 30th April 2018 and 24th May 2018 introduce the following changes in that regards:

Doing so will remove historical logfiles and statistics, so that from then on only properly anonymized historical usage information is stored for a configurable amount of time.

Additional Services

A BlueOnyx server may also contain other third party additions or modifications which fall under the scope of the 'GDPR'. Compliance of these additional components is outside of the scope of what BlueOnyx provides or stands for.

AV-SPAM

The optional 'AV-SPAM' Package for BlueOnyx also does forms of data retention, depending on how it is configured. Some of that also falls under the scope of the GDPR. For example the feature 'Milter-GeoIP' (if enabled) tracks IP addresses of SMTP- and SMTP-Auth connections and stores them into a MySQL/MariaDB database to aggregate a history of email volume and sender behavior (to track illegal sending attempts). Naturally this information is not anonymized, as that would defeat the purpose. Under the GDPR it may be necessary for you to obtain and preserve documentation of the consent of your email users to this kind of data aggregation.

However: There is a checkbox named 'AV-SPAM data expiry' which can be set. If set, all MySQL/MariaDB data pertaining to 'Milter-GeoIP' will be expired at the end of the retention period specified under 'Vsite Usage Information'.