On Tue, 2 Apr 1996, George Janczuk JZKGEQ - AMPLN1 wrote:
> Now, a few respondents have mentioned aesthetics and ease-of-use as
> reasons for using schemes such as
> firstname_lastname @
organisation .
com .
country .
There are arguments for and
> against this sort of scheme (see the "Why are you so hostile to using full
> names for e-mail addresses?" section in the Sendmail FAQ for a counter
> argument) - however, I am more interested in the security aspects
> involved, as this is the point being debated.
Your CEO is named Peter Smith Peter_Smith @
organization .
com
You hire Pete Smith to work on graphics for the widget brochures.
Your VP finance sends email regarding the layoff of 500 employees with a
breakdown by department and the names of several managers to be axed
along with the managers current salaries. He addresses it to
Pete_Smith @
organization .
com
Ooops! UNO-what hits the fan after Pete posts this on a public company-wide
discussion group...
> security argument as some door knocking information becomes available.
Run an SMTP proxy like smapd to prevent door-knocking.
> Lastly, the non-obvious mail-box ID sees to (albeit, once again by
> obscurity) make it somewhat harder to be the target for mail-bombs or
> abusive mail when only the name of the intended recipient is known (eg:
> dissatisfied customers trying to contact the MD directly,
Bingo! Guess what Bill Gates email address is? Hint, it's not
billg @
microsoft .
com, in fact it is not even known by most MS employees.
This was done precisely because he became the target of crank email.
Michael Dillon Voice: +1-604-546-8022
Memra Software Inc. Fax: +1-604-546-3049
http://www.memra.com E-mail: michael @
memra .
com
Follow-Ups:
References:
|
|
