Quoth John W Baxter on Mon, Jun 12, 2000:
> At 17:20 +0100 6/12/2000, Nigel Metheringham wrote:
> >Adding footers to mail in the MTA is wrong because:-
> > 1. It breaks digital signatures. As these became legally binding
> > in the last few weeks thats particularly bad timing
>
> The digital signatures aren't yet legally binding in the US. October 1,
> 2000 if nothing goes wrong with the conference committee compromise between
> House and Senate.
So? It's useful for systems that understand them. It's not
about laws, it's about practice -- you want to be able to check
whether the message has been sent by the person whom it claims to
be sent by.
> > 3. It is illegal under German and Dutch law to change the body of
> > a mail message in transit. It might potentially be illegal in
> > the UK under European law.
>
> Is the message, per that law, "in transit" when it is still bouncing around
> inside the originating mail system? The law could be clear one way or the
> other; it might not be.
I think it should be defined as "in transit". The use's MUA has
sent the message already. Often, the tampering (adding
disclaimers and such) is done on the mail hub, after it has
already left the sender's machine. No matter if it's Windoze or
UNIX. What would you say if the local post office were adding
disclaimers to your paper mail?
> > 4. Since the delivered message body was produced by the MTA (not the
> > originator since you modified it), the MTA operator could
> > potentially be sued for any content.
> > [Its interesting that adding a disclaimer of liability *could*
> > be making you liable for the message :-) ]
>
> Yes...although in the corporate environment that's probably not an issue:
> the company probably already is liable for what its employees send out.
> (Depending on national law.)
And for what they say on the phone to their friends while at
work. Give me a break, eh?
> Alternative (which fails for encrypted mail without provisions for the MTA
> to decrypt outgoing mail to check):
>
> The sender is required to add the disclaimer, via the signature mechanism
> in the MUA. The MTA refuses to send along messages which don't meet that
> requirement, bouncing them back to sender and/or sender's boss.
Ah. What about really official messages, like press releases and
such sent by mail? Official press releases don't represent the
views of the company, do they?
> If the
> message is "in transit" at that moment that too might be illegal somewhere
> (in which case the company's recourse would seem to be to stop using email)
> ["must deliver mail which has been accepted if technically possible" sorts
> of requirements].
>
> Meanwhile, the system administrator, faced with a demand by management to
> press on with this can either ignore the reasons not to or find another job
> and let the successor worry about it.
A hand grenade thrown to the right place in the right time can
solve a lot of issues.
Including the issue I encountered today. But that's a rant for a
different place. Anybody want to fly today?
Vadik.
--
Bell Labs Unix -- Reach out and grep someone.