[opensuse] help needed for setting up local mail server
Hello: I would like to set up a local email server. I have a linux server which is connected to the internet (WAN) and to a local network (LAN). I want the server to fetch messages from different mailboxes provided by my ISP, and store (and backup) those messages. LAN clients would fetch messages from this linux server and not directly from my ISP. Messages from LAN clients would be sent (and backed up) through/by the server using my ISP's SMTP server. All email traffic (all incoming and outgoing) messages should have a backup which can not be modified by the clients. Do I have to set up a mail transfer agent on the server, or use fetchmail to receive the messages, or both? Please give me a few hints how to proceed or what the options are. Links to tutorials and manuals are also welcome. Thanks, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
Hello:
I would like to set up a local email server. I have a linux server which is connected to the internet (WAN) and to a local network (LAN). I want the server to fetch messages from different mailboxes provided by my ISP, and store (and backup) those messages. LAN clients would fetch messages from this linux server and not directly from my ISP.
So far, so good :-) I've run this for a long, long while. Basically it uses fetchmail to read in and and an IMAP server to let local LAN clients access the store. Refinements include using spam/AV checking on the input, filtering of messages into different boxes and more. The big steps is to integrate with Postfix You can find many How-To articles for this on the web. Look/Google for these terms fetchmail, imap, dovecot, spamassassin, procmail, postfix PLEASE NOTE: the above is based you saying "I want the server to fetch messages from different mailboxes provided by my ISP". If you want to have a published gateway of your own domain and and a specific SMTP listener then that is different.
Messages from LAN clients would be sent (and backed up) through/by the server using my ISP's SMTP server. All email traffic (all incoming and outgoing) messages should have a backup which can not be modified by the clients.
You can do this by running something like Postfix or Exim on your server. Clients on the LAN direct outgoing mail to the server. Perhaps your firewall should prevent other than the server sending email out. However that won't stop people using WebMail. If you have something like Postfix running, you can also have fetchmail bringing in the mail and routing though Postfix as the MDA for whatever processing/archiving. I'm hesitant to archive incoming mail unless you are dealing with some legal requirement. SPAM in one form or another, be it true "unsolicited commercial" or just notifications that are read-once and throw away, or simply things that are going to be archived elsewhere such as this list, are all not worth archiving obsessively.
Do I have to set up a mail transfer agent on the server, or use fetchmail to receive the messages, or both? Please give me a few hints how to proceed or what the options are. Links to tutorials and manuals are also welcome.
There's just so much out there on how to do this and minor variations. The "doing" often gives you a better idea of what you actually want and how complex you want it to be. There are many, many micro-decisions along the way, such as the decision to use mbox or maildir formats. All the programs, dovecot, procmail, fetchmail, spamassassin, etc, have many configuration options, and even deciding "I don't need that, ignore it" can be overwhelming. Start small and build. oh, and learn a lot of acronyms! Yes there are canned solutions out there in the How-To, but dropping in the deep end might make debugging horrendous since there's no incremental learning and you won't know what "works so far". -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-17 16:41, Istvan Gabor wrote:
I want the server to fetch messages from different mailboxes provided by my ISP,
That means fetchmail.
and store (and backup) those messages.
That means a mail filter or processor, like procmail, or some other mail server filters (sieve?). Or via postfix, I think.
LAN clients would fetch messages from this linux server and not directly from my ISP.
That means an imap/pop3 server, like dovecot or courier.
Messages from LAN clients would be sent (and backed up) through/by the server using my ISP's SMTP server.
That means postfix or sendmail (SMTP server).
All email traffic (all incoming and outgoing) messages should have a backup which can not be modified by the clients.
Just store them on a different server or directory. There are several recipes around.
Please give me a few hints how to proceed or what the options are.
The Linux documentation project, if I remember the name right, has some old howtos on the subject. The details may have changed, but the basics remain valid, and they are well written. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Sub, 2015-01-17 at 21:50 +0100, Carlos E. R. wrote:
I want the server to fetch messages from different mailboxes provided by my ISP,
That means fetchmail.
Why not getmail? Sincerely, Gour -- A person is said to be elevated in yoga when, having renounced all material desires, he neither acts for sense gratification nor engages in fruitive activities.
On 2015-01-17 23:12, Gour wrote:
On Sub, 2015-01-17 at 21:50 +0100, Carlos E. R. wrote:
I want the server to fetch messages from different mailboxes provided by my ISP,
That means fetchmail.
Why not getmail?
Well, it is a possibility, true. In my case, getmail was not up to par when I did the configuration, years ago. I don't remember why. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 01/17/2015 05:12 PM, Gour wrote:
On Sub, 2015-01-17 at 21:50 +0100, Carlos E. R. wrote:
I want the server to fetch messages from different mailboxes provided by my ISP,
That means fetchmail.
Why not getmail?
The main advantage getmail has over fetchmail is that since getmail is written in python, and interpretive language like sell and perl, it can avoid the problems relating to buffer overflow that C coding has. Whether this is relevant or not is an interesting point. Fetchmail isn't shown to have buffer overflow problems. I'll grant you that getmail can be simpler than fetchmail because it isn't so capable, but in most cases, and I suspect Istvan's case, 98% of what fetchmail can do can be ignored and the config file will trivial. Mine deals with about 40 accounts and except for name/server/password every entry is the same. I could wite a geenrtor that reads lines of three fields in from a file to dynamically generate the fetchmail config! -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-17 23:25, Anton Aylward wrote:
On 01/17/2015 05:12 PM, Gour wrote:
Why not getmail?
The main advantage getmail has over fetchmail is that since getmail is written in python, and interpretive language like sell and perl, it can avoid the problems relating to buffer overflow that C coding has.
A fetcher that could simultaneously talk imap with several/many accounts, with permanent listening, not polling, would be a big advantage. I know none with this capability. Fetchmail can only do one account this way, IIRC. It can do many with periodic poll, of course. getmail, dunno. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
Hello:
I would like to set up a local email server. I have a linux server which is connected to the internet (WAN) and to a local network (LAN). I want the server to fetch messages from different mailboxes provided by my ISP, and store (and backup) those messages. LAN clients would fetch messages from this linux server and not directly from my ISP. Messages from LAN clients would be sent (and backed up) through/by the server using my ISP's SMTP server. All email traffic (all incoming and outgoing) messages should have a backup which can not be modified by the clients. Do I have to set up a mail transfer agent on the server, or use fetchmail to receive the messages, or both? Please give me a few hints how to proceed or what the options are. Links to tutorials and manuals are also welcome.
I have done just that with IMAP and fetchmail. I currently have Dovecot running here, but last I tried, I couldn't get it to use the same directory as fetchmail, so I just set up a POP account on my email app to pull messages from my ISP and then move them to the IMAP account. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
Hello:
I would like to set up a local email server. I have a linux server which is connected to the internet (WAN) and to a local network (LAN). I want the server to fetch messages from different mailboxes provided by my ISP, and store (and backup) those messages. LAN clients would fetch messages from this linux server and not directly from my ISP. Messages from LAN clients would be sent (and backed up) through/by the server using my ISP's SMTP server. All email traffic (all incoming and outgoing) messages should have a backup which can not be modified by the clients. Do I have to set up a mail transfer agent on the server, or use fetchmail to receive the messages, or both? Please give me a few hints how to proceed or what the options are. Links to tutorials and manuals are also welcome.
I have done just that with IMAP and fetchmail. I currently have Dovecot running here, but last I tried, I couldn't get it to use the same directory as fetchmail, so I just set up a POP account on my email app to pull messages from my ISP and then move them to the IMAP account. I am accomplishing what you seek (and then some) by using Sendmail for SMTP, Cyrus IMAP for imap/pop3, fetchmail to pull from ISP accounts, and
On 01/17/2015 02:57 PM, James Knott wrote: procmail to process incoming messages. I also have spamassasin in the incoming message stream (invoked via procmail) for spam control. -- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/17/2015 04:14 PM, Moby wrote:
... by using Sendmail for SMTP ...
I would not recommend sendmail to Istvan, not for someone new to setting this all up. Postfix was written to overcome the problems with Sendmail. While those were declared to be a fix for the security problems, in reality it turned out to be a fix for the problems with configuring sendmail. Let not belittle either; a comprehensive SMTP service program is going to be complex if it is going to deal with every situation, so don't expect the configuration process to be trivial. But at least Postifx has "english sounding" (in the COBOL sense) variable names and a simple grammar, and a set of config files each of which addresses just one aspect. I'm not saying that sendmail hasn't evolved. I'm just saying that Postix was a clean sheet and was trying to address the problems with Sendmail. I grew up with sendmail in the 1980s and though the 1990s and hated it. Just about ever other SMTP or MTA program was easier to understand, the SMail- series, for example, MMDF, ZMailer, qmail and more recent ones, are easier to work with than sendmail. If you are a sendmail guru or comfortable with sendmail, then all power to you, but for someone new to setting up a MTA my advice is to go with something like Postfix. It is modern and mainstream. Take a look at http://en.wikipedia.org/wiki/Comparison_of_mail_servers http://en.wikipedia.org/wiki/Message_transfer_agent -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/17/2015 03:58 PM, Anton Aylward wrote:
... by using Sendmail for SMTP ... I would not recommend sendmail to Istvan, not for someone new to setting
On 01/17/2015 04:14 PM, Moby wrote: this all up. Postfix was written to overcome the problems with Sendmail. While those were declared to be a fix for the security problems, in reality it turned out to be a fix for the problems with configuring sendmail.
Let not belittle either; a comprehensive SMTP service program is going to be complex if it is going to deal with every situation, so don't expect the configuration process to be trivial. But at least Postifx has "english sounding" (in the COBOL sense) variable names and a simple grammar, and a set of config files each of which addresses just one aspect.
I'm not saying that sendmail hasn't evolved. I'm just saying that Postix was a clean sheet and was trying to address the problems with Sendmail.
I grew up with sendmail in the 1980s and though the 1990s and hated it. Just about ever other SMTP or MTA program was easier to understand, the SMail- series, for example, MMDF, ZMailer, qmail and more recent ones, are easier to work with than sendmail.
If you are a sendmail guru or comfortable with sendmail, then all power to you, but for someone new to setting up a MTA my advice is to go with something like Postfix. It is modern and mainstream.
Take a look at http://en.wikipedia.org/wiki/Comparison_of_mail_servers
http://en.wikipedia.org/wiki/Message_transfer_agent Full agree Anton. Were I to do this today, I would go with postfix. I started with sendmail many many moons ago and did not move my main email system to postfix - yet. For someone starting fresh, I would recommend Postfix as well.
-- --Moby They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 17 Jan 2015, james.knott@rogers.com wrote:
I have done just that with IMAP and fetchmail. I currently have Dovecot running here, but last I tried, I couldn't get it to use the same directory as fetchmail, so I just set up a POP account on my email app to pull messages from my ISP and then move them to the IMAP account.
My Workflow for this is: fetchmail-> postfix-> procmail+spmaassassin-> procmail then delivery to dovecot mailboxes with "dovecot-lda" (part of dovecot). Charles -- "The world is beating a path to our door" -- Bruce Perens, (Open Sources, 1999 O'Reilly and Associates)
On 2015-01-18 08:47, Charles Philip Chan wrote:
My Workflow for this is:
fetchmail-> postfix-> procmail+spmaassassin-> procmail then delivery to dovecot mailboxes with "dovecot-lda" (part of dovecot).
I use the same. Well, no, I also have amavis (for the antivirus check, not spam). -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
... and store (and backup) those messages.
and
Messages from LAN clients would be sent (and backed up)
Is there come regulatory compliance issue here? Please give more context. http://en.wikipedia.org/wiki/Email_archiving#Regulatory_Compliance -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Thank you all for your input. Regarding the MTA, I have looked at postfix and also exim. I will start with exim, I guess, I've read it's a little bit simpler to set it up. For fetching mail some advise fetchmail or getmail ( https://www.debian.org/doc/manuals/debian-reference/ch06.en.html#_the_mail_s...). Anton Aylward írta:
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
... and store (and backup) those messages.
and
Messages from LAN clients would be sent (and backed up)
Is there come regulatory compliance issue here? Please give more context.
http://en.wikipedia.org/wiki/Email_archiving#Regulatory_Compliance
Kind of. Not by law, but since different users will handle the clients (receive and answer mails) I would like to prevent the possibility of accidental loss of messages. I don't care if spam is backed up as well. Thanks again, Istvan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sub, 2015-01-17 at 23:22 +0100, Istvan Gabor wrote:
Regarding the MTA, I have looked at postfix and also exim. I will start with exim, I guess, I've read it's a little bit simpler to set it up.
If simplicity is concerned, then, please, take a look at OpenSMTPD (https://www.opensmtpd.org/) which is, imho, much simpler to setup then Exim/Postfix and I plan to migrate my email server at Linode to it.
For fetching mail some advise fetchmail or getmail
As far as fetchmail vs getmail see: http://pyropus.ca/software/getmail/faq.html#faq-about-why Sincerelely, Gour -- Abandoning all attachment to the results of his activities, ever satisfied and independent, he performs no fruitive action, although engaged in all kinds of undertakings. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-18 08:45, Gour wrote:
As far as fetchmail vs getmail see:
Basically, it only says that fetchmail has (had?) several bugs or problems, dated 10 years ago. It does not compare the features of both programs in order to make an impartial decision, based on 2015 data. But I see this paragraph: +++—-—-—-—-—-—-—- Do I have to run sendmail or another MTA to use getmail? No. getmail delivers directly to maildirs, mboxrd files, or via arbitrary MDAs, and never injects mail via SMTP, so no MTA is necessary. —-—-—-—-—-—-—-++- Well, I want to inject via smtp, because that way I get a bunch of other possibilities. That is, I do not need support by the fetcher of, say, filtering. I can use the many published methods that are available when mail is delivered via an SMTP server. Ie: fetchmail -> postfix -> procmail, spamassassin, amavis, whatever. I see fetchmail as more flexible. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 2015-01-17 23:01, Anton Aylward wrote:
On 01/17/2015 10:41 AM, Istvan Gabor wrote:
... and store (and backup) those messages.
and
Messages from LAN clients would be sent (and backed up)
Is there come regulatory compliance issue here? Please give more context.
http://en.wikipedia.org/wiki/Email_archiving#Regulatory_Compliance
One thing that paragraph doesn't say (I have not read the entire article yet) is that archiving of all email content at the server would be illegal in my country (Spain), as far as I know. With court rulings against business doing it. I'm unsure if a written agreement by all users would waive rights to mail secrecy allowing archival. Maybe you could archive for backup, but you can ensure that no one reads the email of another person... On the other hand, I believe there is a mandate to keep the headers by mail providers for a period of time (one year? two?). How many headers, I'm unsure. And probably you need a court order for access to them. I'm not a law expert. IANAL, that's it. So, make sure about the laws of the country were this server is setup. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 01/17/2015 05:32 PM, Carlos E. R. wrote:
So, make sure about the laws of the country were this server is setup.
That's it in a nutshell! But recall, in many jurisdictions, if you are using mail at work for business purposes, the mail is the property of the company, so privacy is over-ridden. Your employer has the right to monitor your work product, and you may be prevented from using corporate resources (aka your corporate supplied laptops or PC) for private use such as accessing your person (e.g.) hotmail or aol account. If you work for a bank or brokerage there's another whole pile of regulations to do with both data leakage and recording of client communications. -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-17 23:43, Anton Aylward wrote:
On 01/17/2015 05:32 PM, Carlos E. R. wrote:
So, make sure about the laws of the country were this server is setup.
That's it in a nutshell!
But recall, in many jurisdictions, if you are using mail at work for business purposes, the mail is the property of the company, so privacy is over-ridden. Your employer has the right to monitor your work product, and you may be prevented from using corporate resources (aka your corporate supplied laptops or PC) for private use such as accessing your person (e.g.) hotmail or aol account.
Yes, but interestingly, in Spain there have been court rulings that said, more or less, that the employer had no right to read his employee email and use the findings for firing him or something of the sort. He not only had to revert the firing and pay a penalization for improper firing, but pay another penalty for violating email secrecy. This was a decade ago, so I may well remember the details wrong. Maybe it was not company email, but email written at the company on company time, on a private email account. I'm unsure after these years. I have a friend who may fill me in the details of this, but he is on a trip and he will not explain what he knows over email. I want to satisfy my curiosity about this :-) I do know that European laws on privacy are rather more strict than in the USA, though. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
Carlos E. R. wrote:
On 2015-01-17 23:43, Anton Aylward wrote:
On 01/17/2015 05:32 PM, Carlos E. R. wrote:
So, make sure about the laws of the country were this server is setup.
That's it in a nutshell!
But recall, in many jurisdictions, if you are using mail at work for business purposes, the mail is the property of the company, so privacy> is over-ridden. Your employer has the right to monitor your work product, and you may be prevented from using corporate resources (aka your corporate supplied laptops or PC) for private use such as accessing your person (e.g.) hotmail or aol account.
Yes, but interestingly, in Spain there have been court rulings that said, more or less, that the employer had no right to read his employee email and use the findings for firing him or something of the sort.
Note - reading != archiving. Also note, a machine reading the email != the employer reading the email. -- Per Jessen, Zürich (6.9°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/18/2015 03:54 AM, Per Jessen wrote:
Note - reading != archiving. Also note, a machine reading the email != the employer reading the email.
Many still have trouble with this since, for example, courts & judges and politicians, don't understand that this is all just electrons and that moving them around and processing them often has no analogue in the physical world so physical world case law and practices do not hold. When I can five you something and not give it up myself, our ideas of property and individuality, and hence theft, and hence a whole pile of other stuff, has to change. The traditional legal system held that "what did they take?" and "what is missing?" were essentially the same. So if an employer's email system makes copies of all email going though the system it owns, regardless of whether that email is personal or corporate ... Then what? Perhaps there is some legal requirement for the corporate side and there's no way to differentiate. So unless a dispute comes up there is no need for the email to be viewed by humans. In fact even if a dispute comes up it may only be scanned by a search engine and the personal email never brought forward. So there is a kind of "Schrodinger's Cat" situation. If the email is stored but never read (thing GMail) then what's the privacy violation? Contrariwise: if I get a legal demand in the post as physical mail, say, for example, property taxes, and I never open the envelope and read it and so never respond, then in due course the local government will institute procedures that might ultimate have them foreclosing. "Not reading the (e)mail ..." might turn out to be a side issue compared to possessing a copy. In which case we have to deal with the issue of high density storage permitting you to have a copy of something such a a trade secret in a hidden file you didn't even know existed on a USB stick. Did you steal it? Was it planted there to involve you, or was it like the Sony rootkit incident, put there "at manufacturing"? Why does this all matter? If you are setting up an email system either as a corporate resource or a public service or even "for friends" then you are going to be faced with some legal issues eventually. Perhaps you are subject now to regulatory requirements. Perhaps your jurisdiction imposes privacy laws. You better find out and you better stay up to date as laws and regulations change. You may all well be friends right now, but friends have failings out... http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal -- /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-18 09:54, Per Jessen wrote:
Carlos E. R. wrote:
Note - reading != archiving. Also note, a machine reading the email != the employer reading the email.
True enough. However, the effects of the distinction will depend on the legislation of the country. Maybe (in my country) the mail can be archived, but then they may require a permission or order to use the backup, for something different than restoring a backup. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
Carlos E. R. wrote:
On 2015-01-18 09:54, Per Jessen wrote:
Carlos E. R. wrote:
Note - reading != archiving. Also note, a machine reading the email != the employer reading the email.
True enough.
However, the effects of the distinction will depend on the legislation of the country.
Maybe (in my country) the mail can be archived, but then they may require a permission or order to use the backup, for something different than restoring a backup.
Certainly. Archiving of email is one of the service offerings of my company, and we have researched many of the EU legislations/ jurisdictions very carefully. I am not an expert, but my understanding is that the above is the general situation, i.e. : reading != archiving and a machine reading the email != the employer reading the email. plus what you added - once the mail has been archived, the only access is by court order, with the exception of the person involved permitting the access or accessing the archive him/herself. Optionally, we encrypt the archive using a customer's key, meaning any and all access is under control of the customer. (removing any legal liabilities on our part). -- Per Jessen, Zürich (6.9°C) http://www.dns24.ch/ - free dynamic DNS, made in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2015-01-18 20:07, Per Jessen wrote:
Carlos E. R. wrote:
On 2015-01-18 09:54, Per Jessen wrote:
Carlos E. R. wrote:
Note - reading != archiving. Also note, a machine reading the email != the employer reading the email.
True enough.
However, the effects of the distinction will depend on the legislation of the country.
Maybe (in my country) the mail can be archived, but then they may require a permission or order to use the backup, for something different than restoring a backup.
Certainly. Archiving of email is one of the service offerings of my company, and we have researched many of the EU legislations/ jurisdictions very carefully. I am not an expert, but my understanding is that the above is the general situation, i.e. :
reading != archiving and a machine reading the email != the employer reading the email.
plus what you added - once the mail has been archived, the only access is by court order, with the exception of the person involved permitting the access or accessing the archive him/herself.
Optionally, we encrypt the archive using a customer's key, meaning any and all access is under control of the customer. (removing any legal liabilities on our part).
That makes a lot of sense. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 01/17/2015 06:39 PM, Carlos E. R. wrote:
On 2015-01-17 23:43, Anton Aylward wrote:
On 01/17/2015 05:32 PM, Carlos E. R. wrote:
So, make sure about the laws of the country were this server is setup.
That's it in a nutshell!
But recall, in many jurisdictions, if you are using mail at work for business purposes, the mail is the property of the company, so privacy is over-ridden. Your employer has the right to monitor your work product, and you may be prevented from using corporate resources (aka your corporate supplied laptops or PC) for private use such as accessing your person (e.g.) hotmail or aol account.
Yes, but interestingly, in Spain there have been court rulings that said, more or less, that the employer had no right to read his employee email and use the findings for firing him or something of the sort. He not only had to revert the firing and pay a penalization for improper firing, but pay another penalty for violating email secrecy. This was a decade ago, so I may well remember the details wrong. Maybe it was not company email, but email written at the company on company time, on a private email account. I'm unsure after these years.
Laws and court rulings tend to evolve over time, and sometimes courts and governments, even of the same country, become antagonistic. Are the courts & judges state appointees or elected officials, for example? Corporations are often held to be individuals, even when that gets to be ridiculous[1].
I have a friend who may fill me in the details of this, but he is on a trip and he will not explain what he knows over email. I want to satisfy my curiosity about this :-)
I'd be interested in hearing what he has to say and how the internally between corporate rights and individuals rights is playing out there.
I do know that European laws on privacy are rather more strict than in the USA, though.
That is so. As Chomsky and others have said, the US idea of Democracy is about preserving the top-down power structures while instituting a system driven by elections, whereas the European model is about the electorate delegating power and representation upwards. An emerging property from the way we all have each dealt with our civil wars & revolutions. A side effect of this is that in the USA corporations can wield more power and authority than individuals, so issues like "use of corporate resources" over-ride individual rights. Although its argued as such, this is not so much about "rights" as it is about culture and tradition. [1] http://www.autoblog.com/2013/01/07/california-man-using-corporations-are-peo... but also http://www.autoblog.com/2013/01/12/update-corporations-are-not-people-in-car... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (8)
-
Anton Aylward -
Carlos E. R. -
Charles Philip Chan -
Gour -
Istvan Gabor -
James Knott -
Moby -
Per Jessen