From: glen mccready
To: email@example.com Date: Wed, 16 Oct 1996 10:34:08 -0400
Forwarded-by: Keith Bostic <firstname.lastname@example.org> from the Defense Logistics Agency From: To: DISTAA (Commanders' Only) Subject: Unauthorized Mail Date: Monday, September 30, 1996 1:53PM The world of communications is moving rapidly forward. With that movement come changes in the many ways we perform our daily business. Electronic mail is just one of those important changes. We must all do our part to assure that the tools we are given to perform our daily routines are not jeopardized by outsiders, poor controls, or abuse. Procedures are being developed and tested for Terminal Area Security Officers (TASOs) to monitor certain types of unauthorized activity. Commercial, (COM) or educational, (EDU), addresses that are used during mail, must be monitored and supervisors notified if discrepancies are found. Consideration must be given to allow the user to communicate with places and persons that are business related. The office of Command Security, Information Systems Security Officer, (ISSO), recommends that any user that has sent OR received mail between commercial addresses that are questionable on a regular basis (more than 5 times a week), or individual cases of OBVIOUS abuse, be questioned in the presence of his/her supervisor as to the validity of those addressees. Failure to adhere to prescribed policy and regulations are punishable offenses. DLAR 5200.17 Para VII, subpart P, subpart, 1, 3, and 4, apply. NOTE: Joint Ethics Regulations make allowances for certain personal correspondence through government resources. Such correspondence includes, but is not limited to, morale boosting messages for friends and relatives away from home in the armed forces, limited, infrequent non-official messages, and messages about retirement parties. Examples of correspondence that would be prohibited are: pornographic activity, child abuse, and activity that would bear bad reflection on the individual or government as a whole. All TASOs are requested to make periodic checks to assure that the personnel they are responsible for are not abusing the mail systems. The following paragraph shows ACTUAL addresses that DCMDE users have been in communication with and are examples of probable abuse. email@example.com firstname.lastname@example.org email@example.com (frequent messages) firstname.lastname@example.org email@example.com (possible valid address) firstname.lastname@example.org email@example.com This list could go on and on. I have provided these as examples only. There are several instances where the commercial addresses are valid for work reasons. "firstname.lastname@example.org" is for a user at the Pratt Whitney Plant at East Hartford CT and is a valid address for email between government and PW personnel. Similar acceptable examples have been found for many contractors. Much of this usage can be equated to usage of the telephone systems. Personnel are allowed, in certain limited instances to call their spouse, children and family members for such things as changes in schedules, extended tdy, and emergency uses. Although email is much less immediate, some of these same types of circumstances will be encountered. Good judgment, as always, should be exercised in all cases. Request all employees at your organization be provided a copy of this guidance. Questions on policy contained herein may be addressed to Joseph E. Holland, III, Information Systems Security Officer, at email email@example.com or (617) 753-3204, DSN 955-3204. Your anticipated cooperation is greatly appreciated.