Effective 23.2.1998

• vision, mission, objectives, and functions
• definitions
• role and responsibilities

• operational framework
• network connection
• security
• IP addressing
• domain naming
• services access
• technology standards

• data standard
• electronic government domain
• information update
• e-mail
• firewall
• state IT resource security
• use of approved software
• acceptable use
• anti-virus

Electronic Mail

1. Electronic Mail Services

1. The State Government shall maintain one central e-mail system for all government officials (including the ministers) and officers with standard naming convention as determined by the System Administrator.

2. Applications for new e-mail accounts should submit their requests (electronically or otherwise) to the nearest Kumpulan Sokongan IT (KSIT) for processing. Information required include the name of the person, IC, post, mailing address and telephone and fax contacts.

3. To ensure uninterruptible e-mail services, government officers on transfer should notify the nearest Kumpulan Sokongan IT (KSIT) one week in advance.

4. All e-mail account holders are requested to manage their correspondences as per the Management and Retention guidelines.

5. The System Operator shall conduct "housekeeping" activities once every three months to ensure that the accounts are properly maintained.

6. All account holders are encouraged to change their passwords from time to time. This is to minimise the breach of security and confidentiality.

7. E-mail account holders shall abide by the rules and conditions as instituted by the System Administrator or System Operator from time to time.

2. Size and Attachments

1. Email is provided to enhance the performance of the Government. Unnecessarily large e-mail messages or e-mail with unnecessarily large attachments create congestion within and between e-mail systems. This congestion results in long delays and unnecessary costs for the storage and transport of the said e-mail. Just a few excessively large messages can create a number of e-mail delivery delays and other "performance" failures for many users.

2. To help manage the potential for e-mail system congestion (and some type of denial of service attacks), controls on interagency and extra-governmental e-mail size should be in place:

1. Most mail systems are able to accommodate exchanges of e-mail (including attachments) of up to 1.5 megabytes. Agencies, therefore, should configure systems to accommodate e-mail up to 1.5 megabytes, and are encouraged to set limits within their systems to prevent larger e-mail from being routinely transmitted outside. Your agency is encouraged to adopt this limit so as to accommodate end-users expectations and to provide for a level of consistency among government agencies.

2. Ensure that your agency's Message Transport Agent (MTA) is a version that support the SMTP Service Extension for Message Size Declaration (i.e., "SIZE="). See Internet Engineering Taskforce (IETF) Standard 10. This will allow your system to reject large e-mails before they are sent to (and congest) your agency's system. It will allow others to reject large e-mails from your agency.

3. Assuming that your agency is using "sendmail" version 8.7 or later, consider using the command-line switch "-R hdrs" so that receiving sites (using ESMTP) will only return the headers of a rejected e-mail in any bounced mail notifications. This prevents large attachments from bouncing around among several e-mail systems in the event of a delivery problem.

4. Consider configuring your agency's MTA so that over sized e-mails, if sent, are placed in a deferred queue for attempted delivery during off-peak periods. The SMTP "Precedence" header line can be used to establish the mail queue processing priority in most MTAs.

5. While different agency missions require the transmission of information of various sizes and e-mail may be an appropriate means, consideration should be given to alternatives. For example, files or documents intended for wide distribution could be placed on a Web server. Then the Uniform Resource Locator (URL) for the file could be sent via e-mail or otherwise posted. The URL could be either the Hypertext Transport Protocol (http) or the File Transport Protocol (ftp) version.

3. Management and Retention

A message sent or received by e-mail in the conduct of public business is, by law, a public record, which falls within three broad categories:

1. Transitory records, including copies posted to several persons and casual and routine communications similar to telephone conversations.

2. Public records with a less than permanent retention period; and

3. Public records with a permanent or permanent/archival retention period.

Retention guidelines for each of these categories follows:

1. Transitory - No retention requirement. Public officials and employees receiving such communications may delete them immediately.

2. Less than Permanent - Follow retention period for equivalent hard copy records as specified in an approved retention schedule.  May be in the form of a hard copy print-out or it may be stored electronically. The retention must be in a form where the data can be retrieved and interpreted for the legal retention period.

3. Permanent or Permanent/Archival - Retention may be in the form of a hard-copy printout.  The information must be eye readable without interpretation.

Depending upon the function of the public record being generated by e-mail, state agencies may take steps to institute procedures for routinely printing e-mail records, including all transmissions and receipt data in the system, and filing the printouts in the normal course of business.