|
List Info
Thread: Re: Helpful query for dbmail 1.x and MySQL
|
|
| Re: Helpful query for dbmail 1.x and
MySQL |
|
2005-04-20 07:42:24 |
Simon Lange wrote:
>
>
> Jeff Brenton wrote:
>
>> The perfect solution to this is to send out
periodic "privacy notices" to
>> users, pointing out that anything left on the
system, including mail
>> left in
>> the trash folder, is subject to seizure during any
official inquiry.
>>
>>
> does not work in germany. a federal law is a federal
law and sending
> notices prior to violate against them is no solution.
even contract must
> not violate (even in parts only) federal law.
>
> in germany you must not delete mails from other users.
the *only*
> solution would be to get an explicit permission per
case by every
> individual user *before* deleting their trash folder.
>
Would this not imply that a spam-assasin type solution would
also be
illegal if it 'auto-deletes' detected spam?
--
Dominic Amann, Linux Based Solutions Ltd., <http://www.lbs.ca/>
18 Candlewood Cr, Toronto, ON M3J 1G8
Tel: (416) 678-2297
_______________________________________________
Dbmail mailing list
Dbmail dbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| Re: Helpful query for dbmail 1.x and
MySQL |
|
2005-04-20 11:19:14 |
On Wednesday 20 April 2005 05:42 am, Dominic Amann wrote:
> Simon Lange wrote:
> > Jeff Brenton wrote:
> >> The perfect solution to this is to send out
periodic "privacy notices"
> >> to users, pointing out that anything left on
the system, including mail
> >> left in
> >> the trash folder, is subject to seizure during
any official inquiry.
> >
> > does not work in germany. a federal law is a
federal law and sending
> > notices prior to violate against them is no
solution. even contract must
> > not violate (even in parts only) federal law.
> >
> > in germany you must not delete mails from other
users. the *only*
> > solution would be to get an explicit permission
per case by every
> > individual user *before* deleting their trash
folder.
>
> Would this not imply that a spam-assasin type solution
would also be
> illegal if it 'auto-deletes' detected spam?
Interesting.. that would seem to fit the law..
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| Re: Helpful query for dbmail 1.x and
MySQL |
|
2005-04-20 15:31:06 |
[Note: I don't know law, I don't do law. IANAL. This is only
valid for
Germany, perhaps not even there]
On Wednesday 20 April 2005 14:42, Dominic Amann wrote:
> in germany you must not delete mails from other users.
the *only*
> > solution would be to get an explicit permission
per case by every
> > individual user *before* deleting their trash
folder.
> Would this not imply that a spam-assasin type solution
would also be
> illegal if it 'auto-deletes' detected spam?
Mostly.
Summarising from an article in the German monthly
"Linux Magazin" [1] and my
own inquiries:
0a. If it is your own mail, do whatever you want
0b. If it's not your mail, you can't touch it. You _must_
not look at it
(except for correct delivery), you _must_ not change the
contents. You _must_
not suppress it
1. No deletion (auto-deleting users' trash cans should
probably be OK)
2. Automated spam- oder virus scanning only allowed as
opt-in-solution
3. If it does contain spam/viruses you _must_ not silently
delete the message.
The only way out: assign it to a spam-folder. Which the user
has to empty
himself any way he wants. Some people use another opt-in for
automatic
deletion, I don't know if that's allowed.
4. If you are a company: just forbid your employees to do
private mail. Then
all incoming mails are, by default, the company's, which you
can scan and
throw away at will. This is a position that is mostly, but
not universally,
accepted
If you think that's difficult to live with, you are right. A
university I know
was unable to install a spam filter at their incoming line
due to these
regulations (and boy, they'd have needed a *huge* trashcan).
If you're an
ISP, it's living hell.
If you think it's cool that somebody's taking good care of
privacy, I tend to
agree with you nonetheless. Come on over and we'll have a
beer.
[1] Fred Andresen: "Leeren verboten!", Linux
Magazin, September 2004, pp.
78-79
--
With best regards,
Florian Weber
PGP key ID: A34C32F9
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| Re: Helpful query for dbmail 1.x and
MySQL |
|
2005-04-20 16:28:53 |
Sorry for top-postins.
I can see the intention of the law makers, but I wonder if
there
will be any user who will be willing to underwrite the risk
that
he/she will be exposing the system...
I am betting, if you handed them a piece of paper to chose
whether
they would turn over their rights (to machine-inspect and
delete any
message) or underwriting the potential security risks
(damage other
peoples property/data), they would go for the former.
I bet this would work for Universities --I am not sure if
ISPs would
like to do that though.
>>Would this not imply that a spam-assasin type
solution would also be
>>illegal if it 'auto-deletes' detected spam?
>
> Summarising from an article in the German monthly
"Linux Magazin" [1] and my
> own inquiries:
>
> 0a. If it is your own mail, do whatever you want
> 0b. If it's not your mail, you can't touch it. You
_must_ not look at it
> (except for correct delivery), you _must_ not change
the contents. You _must_
> not suppress it
>
> 1. No deletion (auto-deleting users' trash cans should
probably be OK)
> 2. Automated spam- oder virus scanning only allowed as
opt-in-solution
> 3. If it does contain spam/viruses you _must_ not
silently delete the message.
> The only way out: assign it to a spam-folder. Which the
user has to empty
> himself any way he wants. Some people use another
opt-in for automatic
> deletion, I don't know if that's allowed.
>
> 4. If you are a company: just forbid your employees to
do private mail. Then
> all incoming mails are, by default, the company's,
which you can scan and
> throw away at will. This is a position that is mostly,
but not universally,
> accepted
>
> If you think that's difficult to live with, you are
right. A university I know
> was unable to install a spam filter at their incoming
line due to these
> regulations (and boy, they'd have needed a *huge*
trashcan). If you're an
> ISP, it's living hell.
>
> If you think it's cool that somebody's taking good care
of privacy, I tend to
> agree with you nonetheless. Come on over and we'll have
a beer.
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| Re: Helpful query for dbmail 1.x and
MySQL |
|
2005-04-20 22:44:36 |
Micah Stevens writes:
> On Wednesday 20 April 2005 05:42 am, Dominic Amann
wrote:
>> Simon Lange wrote:
>> > in germany you must not delete mails from
other users. the *only*
>> > solution would be to get an explicit
permission per case by every
>> > individual user *before* deleting their trash
folder.
>>
>> Would this not imply that a spam-assasin type
solution would also be
>> illegal if it 'auto-deletes' detected spam?
>
> Interesting.. that would seem to fit the law..
Anyone who operates a mail service, has a contractual
relationship with
its users, and may be subject to German law should really
consult a
lawyer. Don't trust mailing list mavens.
(Have I consulted one? Yes I have. What Florian Weber writes
seems
correct as far as it goes, but it's far from exhaustive.)
Arnt
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
[1-5]
|
|