> I'm afraid that your reading of SOX compliance is not widely > practiced. If you block an E-mail, and it is never received by a > person covered by SOX, then there is no reason to archive it.
You're correct. The goal of e-mail archival for public companies is not to create an audit trail of all *attempted* communication, but to monitor the endpoints and content of successful electronic communication. Only messages delivered to a user-facing message store need to be archived. If a company has user-facing spam quarantine into which users can log in with individual accounts and read full messages, this does need to be archived under the law. On the other hand, (a) if such a quarantine only shows message metadata, or if it's available only to administrative personnel (both of these necessitating that messages be moved into a user-facing store before reading); (b) if you delete messages immediately after acceptance; or, most obviously, (c) if you reject messages at connection time -- you are not required to archive related data. There are plenty of other circumstances in which logs of attempted communication would be requested and/or required, but not under SOX and NASD/SEC regs. --Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
