Come Rob My House

"Come Rob My House"

That's how a criminal reads your Out of Office Auto Reply e-mails.  In the criminal's eyes the rest of your e-mail goes something like this:

"For the next week or two I have left my house unattended as I travel for work and/or vacation.  If you're going to take my stuff, make sure you do so before I get back on the 15th.  You're only challenge is to figure out where I live.  But, that won't be too hard as my e-mail signature and/or social networks pages offer up plenty of clues..."

But you say: I didn't send an Out of Office Auto Reply to any criminals!  Are you really that sure?  Do you know exactly where all of your auto-replies go?  Do you subscribe to any mailing lists?  Do you personally know all of the list members?  Are you absolutely sure you didn't auto-reply to the list?  Are you absolutely sure no one auto-forwards your e-mails elsewhere?  Are you sure your auto-reply didn't get archived to a public web site?

The point here is:

  • You are most likely providing sensitive personal information in your auto-replies.
  • You have no idea where your auto-replies end up.
  • Criminals, by their very nature, like easy / safe targets.
  • Criminals can be anywhere.

Our recommendations:

  • Don't send auto-replies.  If you always carry a Blackberry or smartphone with you everywhere you go, you're not really away from your e-mail.  If you are really away from your e-mail, get someone else to watch your account.  Forwarding a copy of your e-mail to an appropriate co-worker would likely be more productive.
  • Don't force your employees to use auto-replies.  After reading this, can't you see the potential liability you may be creating by requiring auto-replies?
  • If you still feel you must use auto-replies, configure your auto-replies to only reply to known senders.  Yes, this is more work, but, at least you then have a better idea of where your auto-replies are going.  Also, try to eliminate or limit the sensitive personal information you are including in your auto-replies.
  • Use role based accounts (sales@, info@, etc.) to handle e-mails from new and existing customers that don't require a specific person to answer the e-mail.  These role based addresses can easily be directed to multiple people so that e-mails can always be handled in a timely fashion.  

I welcome your comments and questions!


We Answer Your Questions: FAQ

Q: What is the maximum e-mail attachment size?

A: The e-mail servers do not limit the size of individual e-mail attachments. The e-mail servers do impose a 400 MB maximum total message size limit. Individual customers can choose a smaller message size limit. We can also customize the handling of "over-sized" e-mails. Please contact us to discuss your specific needs. A couple of important facts:

1. Attachments are typically encoded in what is called Base64[1]. As a result, the actual length of MIME-compliant Base64-encoded binary data is usually about 137% of the original file size.

2. E-mails often contain both plain text and HTML components. This also increases the overall size of the e-mail.