Sorry about the previous my poor mind is dead this week.. Just finishing off
with Cronic Bronchitis attack..
Anyways: As for this, in a corporate sense, it should be in your policies,
like here I notified all our employees I may log their e-mail if I feel that it's
being abused, or used for suspicious behaviour.
Such as a recent case in which someone was due to be fired, because of his
attempting to sell the company without the Boards knowledge, hence I was
asked to monitor for this type of information, which can be criminal.
I don't like doing it, because it adds countless hours of scanning through e-
mail, but it was a necessary evil.
But this also leads to the fact that I have notified many customers that any
executable attachments may be checked over so as to determine if they are
infected or not, which I maybe actually look into 1 of 10 of these messages.
These are the ones that are infected but do not come up in virus scanning,
but surely was infected, after I did a strings on the file.
I also do not have much spam going through our server, though I do view it all
to determine if it's spam or not.. But if I didn't do it, we have on average 100
spam messages/day coming in, so it is alot of work, but again it's work..
On 2 Oct 2000, at 10:55, Paul Robinson wrote:
> On Mon, 02 Oct 2000, Vadim Vygonets wrote:
>
> > Cool. Reject attachment. What if your business partner wants to
> > sent a picture of a new whatever-you're-dealing-with to your CEO
> > for purchace approval? Eh? Exim is a very nice software, but
> > the filtering mechanism doesn't have an 'if business_related'
> > directive yet.
>
> Rejecting attatchments, especially when CEOs are involved is a *GREAT* idea. I
> once worked for a company (when we only had a P133 with 128Mb of RAM as the
> primary MX), where the CEO decided to send a 20Mb Word document to all-staff@
> and we were able to watch sendmail fall over lots in a sort of drunken
> saturday-night "Where's my kebab?" kind of way.
>
> Seriously though, a company does have the right to be able to ask for certain
> rules to be obeyed, but they must explicitly tell employees that their mail is
> being read, phone calls monitored, etc. otherwise they can get into all sorts of
> trouble.
>
> I agree with the sentiment however that this sort of behaviour is generally not
> required by any company working in a general commercial context. There of course
> has to be some constraints put in place if an employee is working in a
> commercially sensitive environment, or indeed any environment where the work may
> be considered "sensitive" in some manner. This is more of a case of protecting
> the employee from false aligations than anything else, and is reasonable.
>
> Generally though, this sort of debate is redundant. It's hard enough to get
> decent staff these days as it is, without scaring them off because you won't let
> them share a few attatchments. CPU cycles and disk space on the mail server are
> cheap - staff aren't. Guess who wins at my company? :-)
>
> --
> Paul Robinson -----------------------------------------------------------
> ______________/ Technical Director @ Akitanet -- http://www.akita.co.uk/ |
> | Sales:- T: +44 1869 337088 F: +44 1869 337488 E: sales@??? | |
> Techs:- T: +44 161 228 6388 F: +44 161 228 6387 E: root@??? | | PO
> Box 604, Manchester, M60 3PR / Centerpoint, Deddington, Oxon,OX15 0SG |
> |__________________________________________________________________________|
>
>
---
Jason Robertson
Network Analyst
jason@???
http://www.astroadvice.com