Roland Perry - "is an ISP a 'Person'?"

[Andrew Cormack]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk 
> [mailto:ukcrypto-admin@chiark.greenend.org.uk] On Behalf Of 
> Peter Fairbrother
> Sent: 03 October 2002 20:01
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Re: Roland Perry - "is an ISP a 'Person'?"
> 
> But do such systems actually exist? Is it possible to run a 
> mailserver that scans mail for spam and viruses without 
> occasionally having to look at mail? Would anyone with 
> practical experience care (or dare) to comment on this 
> please, as it's an important point?

Yes, very much so. There are plenty of sites that run Spamassassin or
Mailscanner in completely hands-off mode. The software is configured
merely to add an X- header to the mail to indicate what "score" it
achieved on the spam/virus rating, and it's up to end-users to install
filters in their mailclients to act on those headers. My experience of
running Exim was that it too was install and forget - I certainly didn't
need to look at the content of messages passing through to check that
all was well.

If RIPA is interpreted so that that sort of system is performing
"interception" then a lot of the Act seems to disappear into a puff of
circular logic "operating a network is interception, and it's lawful for
a network operator to operate a network", and any protection it might
have given to end-users Human Rights, by distinguishing between humans
looking at mail and computers doing so, vanishes along with it. The idea
of a large chunk of the Act reducing to a tautology is quite appealing
to me as a lapsed mathematician, but my human side keeps kicking in to
say that it feels there *is* a difference between Exim reading all my
messages and postmaster reading them. Sad if the law indeed doesn't make
that distinction and offer me some protection.

Andrew