Firewall Wizards mailing list archives

Re: Screening Outgoing Mail for Content

From: Dean_Ethier () dmr ca
Date: Wed, 5 Aug 1998 13:20:11 -0600

Sounds to me that just about anything you implement would be just too easy
to fool.  How would you deal with attachments?  Docs saved to a graphics
format?  Encrypted docs?  I would suggest that if management can't live
within the confines of a clearly defined and well thought out security
policy, they not consider connecting to external systems.




"Bruce B. Platt" <Bruce.Platt () comport com> on 08/04/98 08:10:41 AM

Please respond to "Bruce B. Platt" <Bruce.Platt () comport com>

To:   firewall-wizards () nfr net
cc:    (bcc: Dean Ethier/DMR/CA)
Subject:  Screening Outgoing Mail for Content




Someone asked me to suggest a method to screen outbound mail for content.

That is, to screen all messages destined outside the local domain for
certain key words and
then forward the message to an internal "censor" if it contains words on
the
"forbidden" word list.

They are looking to "ensure" that outbound mail doesn't contain information
which may
compromise the interests of one of their clients if sent to another client.
They have no internet connection,
and no outbound mail as a consequence of this concern.

I quote the words censor and ensure since I personally believe this sort of
concern is best not managed by a
machine, an algorithm, or an heuristic, but rather by policy.

Nevertheless, I can conceive using a perl script as part of a mail proxy to
do this job on the message text,
but other than using something like Inso's Outside In, I am at a loss as to
how to how to suggest screening
the contents of compound documents like a spreadsheet, a word processing
document, or a .pdf file, as examples.

Clearly there are other concerns that they should have regarding security,
like ensuring confidential information
doesn't leave on floppies; as well as some serious thought regarding the
ethical impact of screning mail, and so forth.

Does anyone have any experience with this sort of requirement, and how it
might be accomplished?

Thanks and regards,

Bruce
+--------------------------------------+
Bruce B. Platt, Ph.D.
Comport Consulting Corporation
78 Orchard Street, Ramsey, NJ 07446
Phone: 201-236-0505  Fax: 201-236-1335
bbp () comport com, bruce@ bruce.platt@

Current thread:

Re: Screening Outgoing Mail for Content and other things, (continued)
- - - Re: Screening Outgoing Mail for Content and other things cfb (Aug 06)
    - Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 05)
- Re: Screening Outgoing Mail for Content Bennett Todd (Aug 05)
- Re: Screening Outgoing Mail for Content Joseph S. D. Yao (Aug 05)
  - Re: Screening Outgoing Mail for Content Ted Doty (Aug 05)
- RE: Screening Outgoing Mail for Content Yakov Kravets (Aug 06)
- Re: Screening Mail Policy&Product Rick Smith (Aug 07)
  - Re: Screening Mail Policy&Product Paul Woodie (Aug 09)
- Re: Screening Outgoing Mail for Content Dave O'Shea (Aug 05)
- Re: Screening Outgoing Mail for Content Godfrey_Cureton (Aug 05)
- Re: Screening Outgoing Mail for Content Dean_Ethier (Aug 05)
- Re: Screening Outgoing Mail for Content Peter Jeremy (Aug 05)
- RE: Screening Outgoing Mail for Content Steven Deutsch (Aug 05)
- Re: Screening Outgoing Mail for Content Dave O'Shea (Aug 05)
- Re: Screening Outgoing Mail for Content Bruce B. Platt (Aug 07)
- RE: Screening Outgoing Mail for Content Noller2G (Aug 07)
- RE: Screening Outgoing Mail for Content Francis, Catherine (Aug 07)
- Re: Screening Outgoing Mail for Content Chris Crozier (Aug 09)
  - Re: Screening Outgoing Mail for Content Perry E. Metzger (Aug 09)
    - RE: Screening Outgoing Mail for Content Chris Crozier (Aug 10)
  - Re: Screening Outgoing Mail for Content Joseph S. D. Yao (Aug 10)

(Thread continues...)