----- Original Message -----
From: "Paul Hoffman / IMC" <phoffman(_at_)imc(_dot_)org>
To: "Hadmut Danisch" <hadmut(_at_)danisch(_dot_)de>
Cc: <mail-ng(_at_)imc(_dot_)org>
Sent: Saturday, February 07, 2004 5:45 PM
Subject: Re: Legal Requirements?
Instead giving rhetorical questions, state your requirement.
Right.
If CAN-SPAM is used a model and basis for what might be possibly demanded
of you in the likelihood you are contacted to provide information or you
wish to report a violation to the CAN-SPAM cops:
o Sysops need to be able to provide tracking information on a moment notice.
o Spammers need to provide history of bulk mail/specific user transactions
on a moment notice.
o Sysops need to be able to save tracking information for X time frame.
o Sysops need "Alerts" so that they have to waste time analyzing logs for
abuse.
If ECPA is used a model:
o Sysops need to make sure that accepted mail is not lost. (Must be
delivered or returned).
o Sysops need to make sure that accepted mail is not altered (No tampering
with user mail content)
o Sysops need to make sure that private mail is honored and maintained
(Privacy). See below.
o Sysops need to provide authorship information for possible tout cases
o Employers need to make sure that they MONITOR/DELAY/KILL employee mail.
(Employers are exempt to ECPA no tampering/privacy laws).
About privacy:
- Sysops need private mail to have a message header that says "Private Mail"
that is independent of the software handling of private mail.
I can explain this if required.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com