Security Issues in Internet E-mail and their Solutions
E-mail has become one of the most widely used means of daily communication. It is quick, inexpensive and convenient. However, despite these advantages, one should be aware of security issues in e-mail communication. These issues include privacy, content integrity and identity integrity.

In the Internet, when an e-mail message, which is normally in plain text format, is sent between two distant sites, it will generally pass through dozens of machines on its way. Any of these can read and record the message for future use. Privacy, content integrity and identity integrity are nonexistent. That means if someone gains unauthorized access to an e-mail mailbox or knows how to tap into a network connection and assemble the information flowing through it, he/she can read the content. That also means the content of e-mail can be changed and the e-mail address of the sender can be forged.

There are partial solutions for the security issues in e-mail communication. One is to encrypt an e-mail message before it is transmitted from a "post office," or server, to the recipient. The Campus-wide E-mail System (Mailserv) provides encryption and these protocols are supported by many popular e-mail programs such as Netscape Mail and Outlook Express. For a detailed description and the steps to implement this solution, please see http://www.cuhk.edu.hk/itsc/network/app/email/security/securityissues.html.

Another solution and a complete e-mail security package is digital certification. A digital certificate provides the elements that are necessary for providing the solutions for the privacy, authentication and integrity issues in e-mail. The use of these elements in a digital certificate for encrypting e-mail and signing e-mail has been documented at http://www.cuhk.edu.hk/ca.

Gigabit Ethernet Backbone
The campus backbone technology has been enhanced from an ATM (Asynchronous Transfer Mode) to a Gigabit Ethernet. This technology provides a data rate of 1 billion bits per second (one gigabit). Connections between switches can therefore be made at 155Mbps or up to 1000Mbps. Existing Ethernet LANs with 10 and 100 Mbps network cards can feed into a Gigabit Ethernet backbone. However, if your department wants to enjoy a faster connection service, your computers and equipment should support 10/100/1000BaseT standard.

Dial-up Quota Scheme Over the Summer
A summer quota scheme for Dial-up Services has been effective on June 4 until September 2, 2001. Under this scheme, the weekly dial-up quota and prime periods for staff users remain unchanged. For student users, the weekly dial-up quota is 3700 and the prime period is from 2pm to 1am daily. As usual, the weekly default Dial-up Access Quota for ResNet users will be half of that of general users.

Please visit http://www.cuhk.edu.hk/itsc/network/dialup/quota for the scheme details.

Guidelines on Software Compliance with the Amended Copyright Ordinance
In view of the commencement of the Intellectual Property (Miscellaneous Amendments) Ordinance 2000 on April 1, 2001, ITSC has published guidelines on software compliance with the amended copyright ordinance. Departments are urged to observe these guidelines in controlling the proper use of software in their departments. These include "Departments' Immediate Actions for Computer Software Compliance", "Guidelines for Effective Software Management" and "Guidelines for Compliance on the Use of Computer Software and Internet".

Pleas visit http://www.cuhk.edu.hk/itsc/about/policies.html#software for details.

Maintenance Schedule from June 2001 to December 2001
Most of the centrally managed computer systems need to be shut down regularly for maintenance work, which include user file back ups, system testing, software/hardware upgrades, and hardware preventive maintenance. Therefore, we suggest you avoid scheduling important computing activities during the maintenance periods.

You can now obtain the maintenance schedule from June 2001 to December 2001 on the web at http://www.cuhk.edu.hk/itsc/sys_ava/maint.html and from the CUHK anonymous FTP server, ftp.cuhk.edu.hk, which is placed under cuhk/itsc/maint/itsc-sch0701.doc. In addition, a paper copy has been sent to departments and various college laboratories for posting.

More About Vacation Function
In the last issue, we introduced you to the Vacation function on Mailserv and some of you enquired about its use in other e-mail systems. Most of your enquiries are about the use of a vacation function in the e-mail address of "yourname@cuhk.edu.hk". This address provides an e-mail forwarding service that allows you to redirect all your e-mail to an e-mail address, such as b123456@mailserv.cuhk.edu.hk or sharonc@itsc.cuhk.edu.hk, specified in the "Maildrop" field of the system.

If the specified e-mail address is in the form of "your-computing-id@mailserv.cuhk.edu.hk", you can use the vacation function introduced in the last issue. However, if you are using your department e-mail systems, you should consult your LAN administrator for the function details. For example, some departments have implemented Outlook mail and their users have an e-mail address like "username@deptname.cuhk.edu.hk". These users should then invoke the "Out of Office Assistant" command in the "Tool" Menu to activate the vacation function.

Check your e-mail address in the On-line Directory Service http://www.cuhk.edu.hk/itsc/directory and consult your LAN administrator for details! You may also further contact us at http://helpdesk.itsc.cuhk.edu.hk or postmaster@cuhk.edu.hk