The Information Technology Security Policy (ITSP) establishes a structure to safeguard us from cyber security attacks such as phishing email attacks, spam, and unwanted marketing calls.
The Email Customization policy states that all State employees, whose email will be published in the public domain, must limit the information they include in their signature block. If your email must be out in the public, your signature block should only contain necessary information such as your name and department. Do not include your individual phone number, or individual email addresses. By doing so, it prevents that information from being mined and sold. Following this policy will protect you and other State employees from unwanted marketing calls, spam, and phishing email attacks.
If your email is not in the public domain, it is still good practice to limit the information included in your out of office (OOO) replies. Only enter the bare minimum of information about your absence in your OOO reply. A great example is:
I am out of the office with limited (or no) access to email. Please contact name if you need immediate assistance.
To read more, click on the ITSP shortcut on your desktop and take a look at policies 230.44 and 230.45.