Re: [Exim] Lesgislation

Pàgina inicial
Delete this message
Reply to this message
Autor: Ian A B Eiloart
Data:  
A: exim-users
Assumpte: Re: [Exim] Lesgislation
--On lunes, 8 marzo 2004 09:49 +0000 Jethro R Binks
<jethro.binks@???> wrote:

> On Mon, 8 Mar 2004, Ron McKeating wrote:
>
>> Does anybody on the list have any pointers to guidance on this. I
>> understand under RIPA it is illegal to make an interception of an email
>> without both the sender and recipient agreeing. Obviously to comply with
>> that you would not be able to do any spam filtering or virus scanning.
>> And what about back ups? is that counted as an interception.
>
>


I don't know if there is any legal case history on this, but I'll bet that
you could argue in court that if you can't intercept the mail, then you
can't deliver it. Therefore, the sender and recipient must implicitly agree
that you can scan mail by automatic processes (probably not in person,
though) in order to deliver it.

In any case, without scanning the mail, you can't determine who the real
sender is, so you can't determine whether you have their consent. Nor can
you determine whether you are aiding and abetting breaches of privacy laws,
by delivering spam, for example.

Even when you have scanned the mail to find the apparent sender (from the
envelope or headers), you may find by scanning the mail content that there
is a virus in the content. In that case, there is no human agent involved.

Ultimately, mail scanning is the method we use to determine whether we have
the consent of the recipient to place the mail in their inbox. Furthermore,
if your users have been notified of an acceptable use policy, and if that
policy is well written, then you should be OK.


--
Ian Eiloart
Servers Team
Sussex University ITS