Dean Anderson wrote:
On Mon, 22 Sep 2003, Doug Royer wrote:
You do not seem to be getting the message the MTA and MUA MAY be the same
program. So NOT true.
I do. Even in the same program, they are different functions. The MTA
should return a bounce. You should always get a bounce, in response to an
error. You should never get "no such domain" in response to typing in an
email address to an MUA.
No bounce - it was never sent becuse the MUA checked first to see if
the target domain even existed priror to sending the email.
This isn't broken. You won't send any messages because you won't get to
the "data" command. You will get an SMTP error code. The message is never
delivered to Verisign.
The fact that a 3rd party knows (or can tell) that user X tried
to send email to user Y can be a violation of HIPPA security.
The 3rd pary *is* verisign. And it is free to change its policy at any
harvist those addresses.
No. Because the 3rd party didn't know that X tried to send mail to Y. The
domain doesn't exist, so Y's identity has not been revealed. Only
non-registered domains go to Verisign.
The HIPPA argument doesn't fly at all. However, Verisign is also subject
to the ECPA, and may not disclose the contents email, any more than any
other communications providers can. No confidentiality (HIPPA or
otherwise) is broken.
I'm not sure if you are ignorant of HIPPA, the ECPA, or just
fear-mongering. I guess all those people who used to say there were no
laws on the internet must now be thinking "well, there ought to be". Well,
they're in luck. It just happens there are laws already.
You reall do not have a clue about HIPPA regulations.
Doug Royer | http://INET-Consulting.com
Doug(_at_)Royer(_dot_)com | Office: (208)612-INET
http://Royer.com/People/Doug | Fax: (866)594-8574
| Cell: (208)520-4044
We Do Standards - You Need Standards
Description: S/MIME Cryptographic Signature