Thats an ethics issue. Cant speak for other sysadmins, but, pretty
much I consider user data on my harddrive private and under no
circumstance allow it out. heck, if need be I will snap www backup
CDR in to mini pieces if the need and situ. gets deep in the doo-doo.
1) Can we trust the Administrator of the Mail Server ?
Hrm..... 80% of the time i would say YES. but if they no disclose
their security precautions (loaded rifle man at door to MDF:o)) and
policies then i'd bewary and use something like PGP for the secrets.
Then again encrypting/obscuring can mark you for observation.. so
better to not encrypt. hrm, can the county sheriff listen in on
2.4ghz dss yet?
2) Security Precautions taken by the Internet Service Providers(ISP)
see above paragraph.
3) Protection from facilities available with Mailing Software.
write a proggy to change the root and sysadmins accts pws like every
week if you are paranoid.. or also if hacking detected.
---- Original Message ----
From: dgtsl(_at_)sri(_dot_)lanka(_dot_)net
To: ietf(_at_)ietf(_dot_)org
Subject: RE: Advice Email Security
Date: Thu, 30 May 2002 10:23:10 +0600
Dear Sir/Madam,
In outsourcing Email Services,
I wish know your experience.
Champake
Assitant Director (Information & Documentation)
Telecommunications Regulatory Commission
276 Elvitigala Mawatha,
Colombo 8,
Sri Lanka. Tel: (941) 684865 Fax: (941) 689341
Email:
dgtsl(_at_)sri(_dot_)lanka(_dot_)net/champake(_at_)sri(_dot_)lanka(_dot_)net
Web: www.geocities.com/champake or www.trc.gov.lk