[ale] Disclaimer notice in sendmail and excluding cell phone addresses

Bob Toxen transam at verysecurelinux.com
Fri Aug 24 18:44:40 EDT 2007 

Those messages are both to advise the honest and for "due diligence",
which means that the sending organization made an attempt to protect
the information.

There may be a way in the sendmail.cf (or submit.cf) file to append
text, perhaps similar to the way it can be caused to invoke procmail
for postprocessing.  Hint: write a script to append the text.

REAL MEN AND WOMEN will hack sendmail's C code to do this.

Bob Toxen
bob at verysecurelinux.com               [Please use for email to me]
http://www.verysecurelinux.com        [Network&Linux/Unix security consulting]
http://www.realworldlinuxsecurity.com [My book:"Real World Linux Security 2/e"]
Quality Linux & UNIX security and SysAdmin & software consulting since 1990.
Quality spam and virus filters.

"Microsoft: Unsafe at any clock speed!"
   -- Bob Toxen 10/03/2002

On Fri, Aug 24, 2007 at 04:16:33PM -0400, Michael B. Trausch wrote:
> James P. Kinney III, on 08/24/2007 04:00 PM said:

> > In fact, appending to email that is digitally signed to authenticate a
> > sender will break all current authentication processes. Thus the legals
> > will have no idea if the bad email was sent _really_ by mary in
> > accounting or fred in receiving. :)


> Well, that's what encryption is for!  Many (at least larger)
> organizations seem to use S/MIME internally, though I wish they'd use
> OpenPGP.  But, that's beside the point...

> I've never understood the point of these disclaimers.  Anything
> transmitted over the Internet can be intercepted, logged, printed, waved
> around in front of someone's mother, etc., so without encryption, there
> is no such thing as encryption, nor the possibility of a reasonable
> expectation of such...

> That having said, why are those messages always at the *bottom* of a
> message?  You know, after you've read the thing, then you're supposed to
> get a set of terms and conditions with it?  It would seem to me like the
> entire thing has no effect.  It's like FAXes that have the same sort of
> thing.

> When I have a FAX number, I once received a FAX that was a complete
> record of a mental health patient somewhere in Utah.  When I called back
> the person to report that the FAX went to the wrong spot, the person I
> was nice enough to inform that they misdialed starting making all sorts
> of hairy demands, as if I were a criminal for her error in dialing.
> Right...

> 	-- Mike

> -- 
> Michael B. Trausch              Internet Mail & Jabber: mike at trausch.us
> Phone:  (404) 592-5746 x1                        http://www.trausch.us/
> Mobile: (678) 522-7934            VoIP: 6453 at sip.trausch.us, 861384 at fwd

More information about the Ale mailing list