RE: [cobalt-users] RaQ2 - CERT virus rule for sendmail - question

["Rodolfo J. Paiz" <rpaiz@xxxxxxxxxxxxxx>]

I fully agree with Jeff. Please keep in mind the eventual consequences of
your actions and all their possible results. We have also decided to stick
with the very simple, clear message that we are not responsible for
*anything* contained in the bitstream of traffic going through our
infrastructure. Content is entirely the responsibility of the creator, and
its use (of nonuse) is entirely the responsibility of the recipient.

We even turned down a nice opportunity to make a fair amount of money
selling antivirus and security products to our customers. Instead, we merely
recommend them and get a (smaller) finder's fee from the software maker. But
in this way, we derive absolutely no responsibility, even in the customers'
minds, for anything that can happen to them.

My suggestion: make it clear to your users that you are adhere to the
highest standards of ethics, and that you forbid anything to happen in your
infrastructure that so much as touches their data in order to ensure their
privacy and the integrity of their data. But... in order to do this, you
must leave them alone and therefore they must protect themselves.

Every time I say this to someone, they nod wisely and say "Yes, of course,
you're doing what you must. Thank you for making me do my own security and
antivirus in the name of privacy and free speech." Works like a charm...

------
Rodolfo J. Paiz
rpaiz@xxxxxxxxxxxxxx <mailto:rpaiz@xxxxxxxxxxxxxx>