Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Administrivia] MS Exchange

from [mfossi] Network Security [Permanent Link]
Subject: [Administrivia] MS Exchange
Date: Fri, 28 Jul 2006 21:06:00 -0600 (MDT)
Ok, I think this thread has drifted out of the scope of this list. Any further posts as to the legal value of these disclaimers will be rejected, however, any posts about the implementation will be accepted.

If anyone wants to continue the legal side of the thread, I think that the Security Management list <security-management@securityfocus.com> would be a better forum.

Marc Fossi
Symantec Corp.
www.symantec.com


On Fri, 28 Jul 2006, Thor (Hammer of God) wrote:

Particularly when with email, in with cell phones, there can be no
"expectation of privacy."  Yet, lawyers (and others involved in the legal
system) engage in confidential conversations/material via email and cell
phone all the time.   I had several law firms as clients who sent private
information (unencrypted) between doctors, other lawyers, insurance
companies, credit agencies, you name it over SMTP all day every day.

T

-- Legal Disclaimer --
This email was intended only for those people that it was intended for.  You
may or may not be an intended recipient.  If you are not the intended
recipient, you may not read, delete, forward, store, alter, respond, or
otherwise alter this email in any way.  If you have received this email in
error, please delete it, delete it from your deleted items, and then reply
back to the sender stating that you were not the intended recipient.  Please
note that if you do reply back to the sender, you show your intent that the
original sender, who will now be the recipient, is indeed supposed to be the
now intended recipient of your reply.  If the original sender replies back
to your message where you stated that you were not the indented recipient of
the first message with the intent to thank you, you will then become the
indented recipient of the second email, but you still won't be the indented
recipient of the first email, and all of your base are belong to us.
-----------------------


On 7/28/06 10:36 AM, "Jeffrey Wei" <jeffrey.wei@cubic.com> spoketh to all:

Can someone explain to me how a disclaimer at the bottom of an email can
do anything, legally?  Was there a case study where the disclaimer
worked in the court of law???

Let's take a lawyer communication for example.  We all know that there
is privilege communication for lawyers and I fail to see how putting a
disclaimer or some stupid legal blurb at the end of an email would stop
the third party from disseminating information that he/she accidentally
intercepts?

Jeff

-----Original Message-----
From: Tupker, Mike [mailto:mtupker@mtmercy.edu]
Sent: Friday, July 28, 2006 6:52 AM
To: dave kleiman; focus-ms@securityfocus.com
Subject: RE: MS Exchange

I've been looking into this a little as well. The cheapest way to do it
that I've found, if you are using exchange, is with an SMTP event sink.
Many spam filters that I've seen have the ability to append text to
emails as well. The only one that I can think of off hand is GFI Mail
Essentials. http://gfi.com/mes/

I'm not sure if these would allow you to pull info from AD though. I
hope this helps a little.


Mike Tupker

-----Original Message-----
From: dave kleiman [mailto:dave@davekleiman.com]
Sent: Thursday, July 27, 2006 4:48 PM
To: focus-ms@securityfocus.com
Subject: MS Exchange


Can anyone recommend a auto-signature application that adds signatures
to
outgoing email and those annoying legal disclaimers?

It needs to black the user from making changes to the sig / disclaimer.

Additionally, it needs to pull variables from AD (e.g. Organization,
Title,
Department)

Most important, it needs to work! I have tried a couple and they crashed
and
burned, either the sig did not pull AD info properly or the user could
override it.


Respectfully,

Dave Kleiman


------------------------------------------------------------------------
---
------------------------------------------------------------------------
---


------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

---
[This E-mail scanned for Spam and Viruses by
http://www.innovationnetworks.ca]


---------------------------------------------------------------------------
---------------------------------------------------------------------------







---------------------------------------------------------------------------
---------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: MS Exchange, Jason Wieland
Next by Date:  RE: Password Filtering, M. Burnett
Previous by Thread:  Re: MS Exchange, Thor (Hammer of God)
Next by Thread:  RE: MS Exchange, dave kleiman
Indexes:  [Date] [Thread] [Top] [All Lists]