> On Wed, Mar 18, 2009 at 3:01 PM, Garrett D'Amore > <gdamore at sun.com> wrote: > > Hugh McIntyre wrote: > >> > >> Alan Coopersmith wrote: > >>> > >>> Note that the new filtering will not allow > publication of cases whose > >>> mail logs contain such garbage mail signatures as > "This email message is > >>> for the sole use of the intended recipient(s) and > may contain > >>> confidential > >>> and privileged information." > >> > >> This seems a bit of a drawback, and worth a filter > to bounce messages back > >> to avoid a bunch of cases inadvertently becoming > closed. > >> > >> Is the filter triggering off "confidential" > anywhere in the message (which > >> would seem bad) or only in a signature or other > intentional header? > > > > I think the script under consideration has > blacklist words like > > "confidential" "proprietary" or "engineering only". > ? It appears that the > > filter is not very smart about the context where > these occur, and it would > > probably be best to avoid any of those words in any > ARC case mail going > > forward. > > > > In case its not obvious, yes, I think this > restriction is silly and likely > > to cause far more problems than it solves. ?But > don't ask me, I just work > > here. ;-) > > > > Do I understand correctly that any email to a public > mailing list > which contains any of the above words would cause the > case to be > unavailable? > > This seems like it's trivially exploitable.
And more importantly, is likely to result in random messages being missing from the public site because they happen to contain something that gets caught by the filter! What problem are you trying to solve by implementing this? Cheers Andrew. -- This message posted from opensolaris.org
