On Wed, Mar 19, 2008 at 6:47 PM, Gordon Messmer <yiny...@eburg.com> wrote:
Jerry Amundson wrote:
But a solution to either one solves both.
Basically, aren't we saying(?):
1. As a company, mandate *no* signatures on the mail client for the
2. Require SMTP AUTH.
3. Globally filter such that the script uses auth info to lookup
fullname, title, etc. externally
4. Add txt/html formatted signature as needed.
See? Simple. ;-)
Yes, it is simple. If someone wants to do append signatures for legal
or policy reasons, I wouldn't remark. However, anyone who thinks that
enforcing this policy on their mail server will secure them against
fraud committed by employees (giving themselves inappropriate titles)
should be set straight. It won't.
HOw do you distinguish between inbound and outbound smtp? I know for
instance on my setup, I can catch inbound messages with maildrop
filters because they are part of the local delivery process, but how
do I hook a filter into courier so that it only catches outbound smtp