Intended recipient
Roland Perry
lists at internetpolicyagency.com
Tue Sep 13 12:14:18 BST 2011
In article <20110913111247.0000627a at surtees.fenrir.org.uk>, Brian
Morrison <bdm at fenrir.org.uk> writes
>>Their stated aim was to intercept (small i)
>> emails, of course.
>
>Not as such, they are only "intercepting" email that otherwise would
>have been marked as a failed delivery because there was no MX record
>for the incorrect domain name.
That's very pertinent to my original question - who is the intended
recipient. If the sender has perpetrated a typo, who exactly (legally)
did they intend to send it to?
>They could have done this without storing the message bodies, all they
>were interested in were the headers which their mail server
>legitimately processed.
They also looked at the bodies I think (strongly implied by Figure 1).
<http://www.wired.com/images_blogs/threatlevel/2011/09/Doppelganger.Doma
ins.pdf>
But even if they were just "intercepting" the headers, that doesn't
change any of my questions (it's only where people are legally looking
at [only] traffic data that we have to be picky about the difference
between headers and bodies).
>It should be sufficient to simply list the number of incorrectly
>addressed emails they received.
That would be a different, and simpler, study than this appeared to be.
If done in the UK would you be looking at a RIPA 3(3) exemption for
that? My questions are probably about interpretation of 3(1).
--
Roland Perry
More information about the ukcrypto
mailing list