We can't store logs indefinitely, as they contain privacy information.
On another hand, logs are rather important to detect breaches, attacks pattern, troubleshoot issues, so they need to be stored a certain amount of time.
I'd recommend a 1 year retention delay.
Actions needed
- Document the log retention delay at https://agora.nasqueron.org/Privacy/Mail
- Document the log rotation mechanism at Privacy/Records of processing activities for P-004: https://agora.nasqueron.org/Privacy/Records_of_processing_activities#P-004._Mail_infrastructure
- Implement technically the rotation