At 17:17 09/07/96 -0700, Michael Dillon wrote:
>This is easier than you think. If you print out copies of all messages
>with full headers as well as your log files then you may find that the
>courts accept that as conclusive proof. There have been cases in the USA
>where such evidence was accepted. You should make sure to do the printouts
>immediately in front of witnesses and then have them notarized.
I don't know about the position in the USA. However the person making the
threats is in the UK and would have to be sued here. In a very recent case
computer evidence was declared inadmissable because the organisation relying
on it refused to allow the defendant's security consultant access to their
system to carry out a security audit. [The case of policeman assumed of
fraud over phantom cash-machine withdrawals.] In the case of trying to
prove the source of e-mail, you would have to audit every machine that had
contributed to the headers. I think this would be a helpless cause.
Log files may be considered "conclusive proof" in the USA, but they quite
rightly aren't in the UK.