1999-01-12-05:02:27 Arik Sudman: > Our security officer asked us (the techies) to enable content filtering on > outgoing Email (smtp). I understand that there are some products in that > area. Does anyone knows about such product? > > I also doubt the merits of such a product. The reason is that they really > want to stop email that may expose restricted business data. However those > products usually work by identifying keywords or phrases. How can one define > words that belong to "restricted data"? I think that is only suitable to > check for offending word and such. anyway, I asked them how they do it on > "snail mail" so I will do the same on Email... (they do not). Youch. The best advice would be "don't go there". Unless your security officer is also putting in place a security desk where your briefcase and pockets get searched on the way out the door --- and the content of the electronic memory of PIMs and so on. And body cavities. Oh, and all phone lines better be monitored as well. All outbound paper mail opened and examined. All trash searched or burned. Windows don't open. Sewage screened. Don't try and put in place security practices on electronic systems that are inconsistently more strict than those on non-electronic systems, it just annoys people for no benefit. Now if you _do_ live in such a fiendishly high-security setting, then the answer is easy: just set up the inside delivery relay so it spools all outbound traffic to a queue for analysis. Then take a mail user agent and configure it to let you read that queue, and read all outbound email by hand; after reading it and checking it for bogosity, hand-carry it outside the firewall. Be sure you don't let through anything you don't entirely and completely understand down to the last bit. Reformat text on the way out to destroy silly games played with whitespace. Don't allow images or any other kind of binary attachment whatsoever. If you see messages that don't quite make sense, or seem repetitive, or in any other way odd, stop 'em. This kind of mail screening has occasionally been attempted for real correspondence in wartime. I'm sure it's good for catching the stupid spies. The job of a censor is hard, it requires careful judgement, and the only way to be even close to safe is to err way on the side of caution, and even then some stuff will slip through. No way in hades to automate it effectively. -Bennett - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
