Dean Anderson wrote:
On Mon, 22 Sep 2003, Doug Royer wrote:
You do not seem to be getting the message the MTA and MUA MAY be the same
program. So NOT true.
I do. Even in the same program, they are different functions. The MTA should return a bounce. You should always get a bounce, in response to an error. You should never get "no such domain" in response to typing in an email address to an MUA.
No bounce - it was never sent becuse the MUA checked first to see if the target domain even existed priror to sending the email.
This isn't broken. You won't send any messages because you won't get to
the "data" command. You will get an SMTP error code. The message is never
delivered to Verisign.
The fact that a 3rd party knows (or can tell) that user X tried to send email to user Y can be a violation of HIPPA security.
The 3rd pary *is* verisign. And it is free to change its policy at any time and
harvist those addresses.
No. Because the 3rd party didn't know that X tried to send mail to Y. The domain doesn't exist, so Y's identity has not been revealed. Only non-registered domains go to Verisign.
The HIPPA argument doesn't fly at all. However, Verisign is also subject to the ECPA, and may not disclose the contents email, any more than any other communications providers can. No confidentiality (HIPPA or otherwise) is broken.
I'm not sure if you are ignorant of HIPPA, the ECPA, or just fear-mongering. I guess all those people who used to say there were no laws on the internet must now be thinking "well, there ought to be". Well, they're in luck. It just happens there are laws already.
You reall do not have a clue about HIPPA regulations.
--
Doug Royer | http://INET-Consulting.com -------------------------------|-----------------------------
Doug@Royer.com | Office: (208)612-INET
http://Royer.com/People/Doug | Fax: (866)594-8574
| Cell: (208)520-4044
We Do Standards - You Need Standards
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature