On Tue, 2 Apr 1996, George Janczuk JZKGEQ - AMPLN1 wrote:
> Now, a few respondents have mentioned aesthetics and ease-of-use as
> reasons for using schemes such as
> firstname_lastname @
There are arguments for and
> against this sort of scheme (see the "Why are you so hostile to using full
> names for e-mail addresses?" section in the Sendmail FAQ for a counter
> argument) - however, I am more interested in the security aspects
> involved, as this is the point being debated.
Your CEO is named Peter Smith Peter_Smith @
You hire Pete Smith to work on graphics for the widget brochures.
Your VP finance sends email regarding the layoff of 500 employees with a
breakdown by department and the names of several managers to be axed
along with the managers current salaries. He addresses it to
Ooops! UNO-what hits the fan after Pete posts this on a public company-wide
> security argument as some door knocking information becomes available.
Run an SMTP proxy like smapd to prevent door-knocking.
> Lastly, the non-obvious mail-box ID sees to (albeit, once again by
> obscurity) make it somewhat harder to be the target for mail-bombs or
> abusive mail when only the name of the intended recipient is known (eg:
> dissatisfied customers trying to contact the MD directly,
Bingo! Guess what Bill Gates email address is? Hint, it's not
com, in fact it is not even known by most MS employees.
This was done precisely because he became the target of crank email.
Michael Dillon Voice: +1-604-546-8022
Memra Software Inc. Fax: +1-604-546-3049
http://www.memra.com E-mail: michael @