On Fri, 2006-07-14 at 11:21 +0200, Arnt Gulbrandsen wrote:
If you only reject (ie. you don't secretly store), reject sometimes also
lets you out of storage rules. For example, here in Germany HGB§257 may
(AFAIK there have been no test cases) require businesses to store
certain categories of email for a number of years. The safe ways to
deal with that are a) to store all mail for that long, even the spam,
b) have some human pick out the false positives from the spam and
determine what must be stored, and c) reject the presumed spam at SMTP
time, so it's not received in the first place.
Would it be worth someone's getting a legal review of this issue? A few
folks on this list are with companies that have general counsels, and it
might be worth asking the question, "What if we get sued for not being
aware of something that came in an email that got protocol rejected?"
My *guess* is that there is probably some existing case law about what
happens when a letter is lost by the post office, or misdirected, or
otherwise not delivered as usual. Some of this case law may even be
hundreds of years old in countries with common-law systems.
Aaron