Educause Security Discussion mailing list archives
Re: Email Disclaimers
From: Alan Amesbury <amesbury () OITSEC UMN EDU>
Date: Wed, 28 Mar 2012 17:17:34 -0500
Eh, I'm late to this party, but I'd say those disclaimers are only somewhat less useless than putting a similar disclaimer into your SMTP banner. For example:
% dig mx example.edu ;example.edu. IN MX example.edu. 18000 IN MX 10 mail.example.edu. % nc mail.example.edu 25220 mail.example.edu ESMTP By connecting to this server you agree that you will only send e-mail to authorized recipients. Sending your e-mail to unauthorized recipients, whether deliberate or accidental, will result in you being billed for cleanup time incurred in trying to eradicate all copies of the e-mail. This work is billed in one hour increments at $350/hour, with a ten hour minimum.
QUIT 221 2.0.0 ByeIn theory this would prevent e-mail from being sent to unauthorized recipients, with the option to bill for cleanup in cases where unauthorized recipients receive the e-mail and it has to be cleaned up.
That said, if you believe this would be effective in preventing people from sending unauthorized e-mails to the system above, I would very much like to be your consultant in implementing said system.
-- Alan Amesbury OIT Security and Assurance University of Minnesota
Current thread:
- Re: Email Disclaimers, (continued)
- Re: Email Disclaimers David Curry (Mar 12)
- Re: Email Disclaimers Christopher Hickernell (Mar 12)
- Re: Email Disclaimers Pete Hickey (Mar 12)
- Re: Email Disclaimers Valdis Kletnieks (Mar 12)
- Re: Email Disclaimers Simon Pedersen (Mar 12)
- Re: Email Disclaimers David Curry (Mar 12)
- Re: Email Disclaimers Louis APONTE (Mar 12)
- Re: Email Disclaimers Hugh Burley (Mar 13)
- Re: Email Disclaimers David Gillett (Mar 13)
- Re: Email Disclaimers Jacobson, Dick (Mar 13)
- Re: Email Disclaimers David Gillett (Mar 13)
- Re: Email Disclaimers Dennis Tracz (Mar 13)
- Re: Email Disclaimers Alan Amesbury (Mar 28)