On 11/08/2012 10:44 AM, John Hardin wrote: >> >> This is a client of ours (a law firm) and not the company that I work >> for. *I* know there's probably nothing sensitive in there, but just to >> cover my ass I'd need to get permission to send the results off-site. > > Only the list of rules which hit is publicly visible, the actual content > of the message is not. Any leakage of confidential information is very > unlikely.
I know, but there chance isn't zero. For example, I wouldn't want to mass-check a corpus of emails to my girlfriend, and have it report that they hit LOTS_OF_VIAGRA. Likewise, things like LOTTO_AGENT can reveal that someone communicated with a claims manager. I've explained both sides, and as long as it's a non-zero chance, they aren't having it. It isn't even that there's a risk of leaking anything -- the fact that anything at all is sent could be used as justification for a pain-in-the-ass investigation that nobody wants. >> From their perspective, it's just simpler to say no: it's not worth the >> time or effort to even think about if there's a minute chance of it >> coming back to bite them legally. > > I will take a look at "claims manager" in the 419 rules. > I appreciate it, thanks.
