"Hallam-Baker, Phillip" replied:
Suppose the original message, copied into the bounce,
contains pornography which is illegal under English law.
First off, there is nothing that requires you to copy anything into the
If I reject at SMPT time with a 5**, it is common practice, over which I have no
control, for the offering MTA to include the message content. Nevertheless I
will have been the 'agent' requesting that message to be propogated, when it was
I who knew that it had been forged.
Also note the repost of terry(_at_)ashtonwoodshomes(_dot_)com
Secondly if it is an automatic process your liability would be no greater
than it would be following original SMTP.
I am legally liable for any process I put in place, automated or manual.
Original SMTP had no way of telling me 'this is a forgery'.
The whole point of this thread is that it appears to me that Sender-ID may
change the legal liabilities and obligations. In the absence of authoritative
legal advice, I choose caution, I choose not to deploy Sender-ID.
There is no English law against 'pornography', the actual offense is
publication of obscenity.
I never said there was. I was using teminology which would be appropriate for an
In any case, substitute Phishing a.k.a. Attempted Fraud throughout my argument,
if you prefer.
There is a whole rack of issues here, first publication on the Internet has
been addressed in the English courts, there has to be actual knowledge or at
the very least a constructive effort to avoid knowledge of the contents for
publication to have occured. Then when you get into the obscenity
definitions you have a whole rack of further intent issues.
Are you / your employer / Microsoft / the IETF prepared to indemnify my
businesses against prosocution?
If you are worried about creating liability don't copy information.
All I need to do to avoid this worry is to not deploy Sender-ID. Then I can
continue with my business of copying and moving information with a clear