Squid isn't designed with this purpose in mind.
Legally and morally, you'd be on very shaky ground implementing it even
if it were. In fact, it has recently been found by a circuit court to
be an invasion of employees privacy to monitor internet usage at
anywhere near that level (in other words: email--even company provided
email--is considered private and cannot be viewed without a warrant or
probable cause). This is only in the US, of course...but I expect
privacy laws are equally strict or will become so shortly elsewhere in
the world. You /might/ be able to get away with it if you required all
employees to sign an agreement that all mail sent from the office would
be logged and monitored. But even this probably wouldn't prevent your
company from becoming the target of privacy lawsuits. So don't do it.
Your choices here are:
1. continue to allow email from the office, and implement a strict
company wide policy about what can be sent out via any type of email.
Requiring signing of an NDA or similar gives you legal remedy in the
event someone in your company does send out secret information and it
damages your company.
2. block all email, both web-based, and POP/IMAP based. Good luck with
implementing this one--not an easy task, and certainly counter-productive.
BTW-How are those strip searches at the end of the day working out?
After all without a strip search of every person leaving the building,
how do you know someone isn't carrying out a drawing tucked into their
pants leg?
Sorry to be so cynical here, but I think you're getting a bit carried
away with technology. Just because you /could/ monitor every single bit
that traverses your network, and it's a lot easier to do so without
being noticed...it doesn't mean that you are excused from thinking about
whether you /should/. Common decency and respect for employees privacy
matter regardless of whether it is on the internet or in their briefcase.
Bill Delphenich wrote:
> We have some users who use web-based mailers from their workstations,
> like Hot-mail. If such a user sends an e-mail from a web-based mail
> system and attaches a file to it, Squid doesn't seem to know anything
> about it. Squid knows he composed a message and sent a message, but does
> not record what was in the message, who it went to, or if anything was
> attached to it. That means a bad guy could mail CAD drawings from here
> in the office to anybody anywhere, attached to such mail, and we
> wouldn't know anything about it.
>
> Is there anything Squid can do to log this? Is there a logging option I
> can turn on to get this kind of data? Or is it all happening on the
> other guy's web site and this type of information will only appear in
> the logs at the web site mailer that processed the mail?
>
> Thanks for any assistance.
--
Joe Cooper <joe@swelltech.com>
Affordable Web Caching Proxy Appliances
http://www.swelltech.com
Received on Fri Aug 10 2001 - 09:25:16 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:01:33 MST