E-mail Privacy

Warner Losh imp at solbourne.com
Fri May 24 17:46:01 AEST 1991 

In article <15110 at ccncsu.ColoState.EDU> conca at handel.cs.colostate.edu (michael vincen conca) writes:
>   Yesterday, this employee was terminated.  He/she was allowed to gather
>   their things and purge all of their personal files from the system.  Today,
>   my boss asked if it would be possible to retrieve this employee's E-mail
>   off of backup, find the memo, and print it out in case it was needed as 
>   evidence in a possible court case.

I won't cover the legal aspects, since I'm not a lawyer.  Things I do
know (all of this is SMTP mail):

	1) It is possible to forge E-Mail with VERY LITTLE effort.  I
	   have done it in the past and it is UNTRACEABLE.
	2) I don't think that it is admisable evidence in a court of
	   law since it can be tampered with in a number of ways.
	   First, I can edit the mbox file (or whatever) once I get
	   the mail.  Second, Just because a mail message has user
	   foo as the sender doesn't mean that user foo sent the mail
	   message (see #1).

Basically, you can't prove that a given piece of e-mail was actually
sent by the person who claims it was sent by, unless someone saw them
send the mail message.  It is not possible, in general, to even prove
that someone got a copy and read the mail.  The accused could very
easily deny ever getting the mail message.  Unless you saw the person
read the mail, you can't prove that he did, even if you can show the
mail in his in box and then later in his out box.  User interfaces can
do some odd things to mail.  Also, the accused could argue that you
tampered with the evidence (you do have the capability to do that
(even if you wouldn't) since you are root).

Unless you gave this person a paper copy of the Memo on some official
looking letterhead, then I'd say that you wouldn't have very strong
evidence to be used in a court of law.  It would boil down to your
word against his (which is what it was before).

VMS's mail system has similar holes, btw.

Warner

P.S.  Privacy enhanced mail doesn't solve most of these issues,
although it makes it harder to forge mail (but not completely
impossible).
-- 
Warner Losh		imp at Solbourne.COM
The question to everyone's answer is usually asked from within

More information about the Comp.unix.admin mailing list