[plug] Logging of email

Peter Wright pete at cygnus.uwa.edu.au
Mon Nov 8 16:34:32 WST 1999 

On Mon, Nov 08, 1999 at 03:34:51PM +0800, Paul Baumgarten wrote:
> >
[ paul wrote: ]
> >I would also like to be able to be selective in which accounts are
> >logged as I don't really want to be reading every staff member's
> >email.
[ max wrote: ]
> >A bit rude reading anybody's I would have thought.
> >Cheers max
> 
> Part of the Job Description as far as high school student's use of
> email is concerned I'm afraid.  It's either that or we don't give
> them _any_ email access.

Just to make my point clear at the outset, Paul, I'm very much not
intending to bash you (or your employer, mostly). I understand that
you are an employee and almost certainly don't have the final say in
how something like this would be handled (although I hope that they
listen to you a bit at least :). I think the idea of giving students
access to email at school is good and should be encouraged.

The things I'm interested in are pretty much the standard sort of
things whenever issues like reading someone else's email come up.

1. What is the school hoping to prevent? Abusive email? Porn
distribution? Other "offensive" content distribution? Excessive
bandwidth consumption? The last is relatively easy to monitor without
reading the content of mail, can be prevented to a certain extent by
setting a size limit and monitoring the overall consumption by each
person. Some of the others can to some degree be limited in the same
way.

2. Is there a methodology thought out for how the reading might
happen? At one extreme, you could have someone reading every mail
to/from every person, for which the disadvantages are obvious. Perhaps
scanning for .jpg attachments? rude keywords? names of teachers? all
three combined? :) Or perhaps just logging all mail sent/received by
students and reading them only when you get a complaint from someone
about something?

> For what it is worth they are warned that all email is read.

Is anything clever being done to prevent them using encryption? Hell,
even a simple cipher would defeat all keyword scans and make the job
of the person set to scan the emails hell, but I don't think anyone
bothering to use encryption at all would bother using a simple cipher.

I'm guessing you're probably just relying on the fact that encryption
is unlikely to be widely used unless a few clever kids start
encouraging the others :)... and of course if someone was doing
something like sending abusive mail to someone else it would have to
be unencrypted. It'd be interesting to hear about if you did come
across a case where a certain student was transferring "bad" stuff,
but you couldn't make use of the mail logs to prove it because of
encryption.

> Regards
> 
> Paul Baumgarten

Pete.
-- 
http://cygnus.uwa.edu.au/~pete/

--
"Open Standards, Open Documents, and Open Source"

  -- Scott Bradner (Open Sources, 1999 O'Reilly and Associates)

More information about the plug mailing list