Re: disallow freemail
geraldf_at_westernsaw.com
Date: 02/27/04
- Previous message: Duffy H: "FW: Email Issues"
- Maybe in reply to: haji din: "disallow freemail"
- Next in thread: Endre.Szekely-Bencedi_at_hu-tcs.com: "Re: disallow freemail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: ahbh99@yahoo.com, security-basics@securityfocus.com Date: Thu, 26 Feb 2004 17:06:43 -0800
Two points related to this topic:
1)As using freemail subverts efforts to implement email security, by our
signed company policy, it is forbidden.
The problem is that there are hundreds of freemail and webmail servers in
existence. It is not possible to block them all. Therefore, company policy
states any ATTEMPT to use such is considered grounds for suspension or
termination. Shopping for email servers that will allow a backdoor into
the company will get you called in for a "conference". Succeeding in these
efforts will get the employee escorted to their car.
This especially includes members of the IT dept, where the level of
knowledge and the level of trust should be such that this type of action
would be avoided at all cost.
2)I find it odd that someone should address this issue using a yahoo
account... with one exception.
If one needs to use the list to discuss matters concerning the internal
architecture of their company, it is wise to use the anonimity of a yahoo,
etc account. For example, IMHO to publish that a SQL 7, a SQL 2000 server
(which I read on the list today), or a particular major application or a
particular piece of hardware is in use inside the company's border and to
identify the company is to paint a bulls-eye on a hacker's target. Of
course, obscurity is never a defense. But we should at least make them work
HARD.
I believe its called the principle of the low-hanging fruit. The easy ones
are picked first.
gerald frank
"Select * from users where clue > 0"
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Previous message: Duffy H: "FW: Email Issues"
- Maybe in reply to: haji din: "disallow freemail"
- Next in thread: Endre.Szekely-Bencedi_at_hu-tcs.com: "Re: disallow freemail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
