I saw a very interesting mail reject message today on one of my mailing lists …
You are receiving this message because you have attempted to send an e-mail containing confidential information. Examples of confidential information include, but are not limited to social security numbers, birth dates, account numbers, policy numbers, medical history, financial history, personal phone numbers and user IDs. Another example of sending confidential information would be combining any two or more of the following: name, address, identification numbers (employee number, phone number), organizational affiliation (place of employment). This information may be contained in the body of the message or any attachments.
I looked at the body of the message it was rejecting (which was included in it’s entirety), and noticed that the message referenced dummy social security numbers (the message discusses SQL techniques).
Of course, based on the warning message, it would probably reject ANY numeric text that was included in a message at all.
I suspect that the company, who’s server rejected the message, does not have a problem with email volume … since the majority of email sent to them is probably rejected.
I really wonder about companies that have such incredibly draconian content rules. How do they stay in business?
As a cynic, I think the management promoting such tight rules expects their employees to work around it with Gmail, etc. That also lets the company off the email retention rules hook.
Yes, but this causes even LESS security.
It’s the email equivalent of instituting very complex password rules … which end up making people write down passwords in easy to find locations (post-it notes on the monitor).