On Mon, 19 Dec 2005, Bill Hacker wrote:
>
> Sadly NOT, in and of itself, in full compliance with the UK ordinance.
I believe that for the puposes of registration with the Information
Commissioner, our University registration is sufficient. However we ought
to have an explicit privacy policy for exim.org.
> Rather than see obfuscation, however, it would seem advisable for more
> posters to set up test accounts that belong to no person, yet have the
> same patterns as 'live' accounts. Anyone capable of operating an MTA
> should be able to do that - obfuscation not needed, and no worry about
> the ordinances.
Indeed. The main problem with obfuscation IME is when domains are
obfuscated, because it's harder to verify if the problem is a DNS
configuration error or an Exim configuration error. Obfuscation of local
parts is less of a problem, so long as it is done consistently. Domain
names are not personal data, so obfuscating them does not protect
against DPA violations.
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
