On Tue, 26 Aug 2008, Marc Perkel wrote:
Robert Schetterer wrote:
thats could be seen as a security risk
cause in rare cases you may recieve legal mails
i.e at an network outage etc
We don't actually receive and emails. Everything is turned away with a
451.
So you say.
Marc, the point is that not everyone will _trust_ you to do that with
their mail, regardless of how earnestly you claim there's no risk. In
fact, regardless of the admin's personal paranoia level, in some cases
they may expose themselves and their firms to legal liability by doing so.
The only way you will get security-conscious admins to participate is to
do what was suggested before: write a SMTP daemon that they can audit the
source code for and install on a machine that they control, and that
reports auditable anonymous statistics back to a collection point you
control.
Granted, that's not as easy for you as just saying "point your ternary MX
at my server", but that's what it will take.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
We have to realize that people who run the government can and do
change. Our society and laws must assume that bad people -
criminals even - will run the government, at least part of the
time. -- John Gilmore
-----------------------------------------------------------------------
2 days until Exercise Your Rights day
