Come Rob My House

"Come Rob My House"

That's how a criminal reads your Out of Office Auto Reply e-mails. In the criminal's eyes the rest of your e-mail goes something like this:

"For the next week or two I have left my house unattended as I travel for work and/or vacation. If you're going to take my stuff, make sure you do so before I get back on the 15th. You're only challenge is to figure out where I live. But, that won't be too hard as my e-mail signature and/or social networks pages offer up plenty of clues..."

But you say: I didn't send an Out of Office Auto Reply to any criminals! Are you really that sure? Do you know exactly where all of your auto-replies go? Do you subscribe to any mailing lists? Do you personally know all of the list members? Are you absolutely sure you didn't auto-reply to the list? Are you absolutely sure no one auto-forwards your e-mails elsewhere? Are you sure your auto-reply didn't get archived to a public web site?

The point here is:

You are most likely providing sensitive personal information in your auto-replies.
You have no idea where your auto-replies end up.
Criminals, by their very nature, like easy / safe targets.
Criminals can be anywhere.

Our recommendations:

Don't send auto-replies. If you always carry a Blackberry or smartphone with you everywhere you go, you're not really away from your e-mail. If you are really away from your e-mail, get someone else to watch your account. Forwarding a copy of your e-mail to an appropriate co-worker would likely be more productive.
Don't force your employees to use auto-replies. After reading this, can't you see the potential liability you may be creating by requiring auto-replies?
If you still feel you must use auto-replies, configure your auto-replies to only reply to known senders. Yes, this is more work, but, at least you then have a better idea of where your auto-replies are going. Also, try to eliminate or limit the sensitive personal information you are including in your auto-replies.
Use role based accounts (sales@, info@, etc.) to handle e-mails from new and existing customers that don't require a specific person to answer the e-mail. These role based addresses can easily be directed to multiple people so that e-mails can always be handled in a timely fashion.

I welcome your comments and questions!

-Bob

Robert Sanderson's blog

We Answer Your Questions: FAQ

Q: What is the maximum e-mail attachment size?

A: The ETRN.com e-mail servers do not limit the size of individual e-mail attachments. The ETRN.com e-mail servers do impose a 400 MB maximum total message size limit. Individual customers can choose a smaller message size limit. We can also customize the handling of "over-sized" e-mails. Please contact us to discuss your specific needs. A couple of important facts:

1. Attachments are typically encoded in what is called Base64^[1]. As a result, the actual length of MIME-compliant Base64-encoded binary data is usually about 137% of the original file size.

2. E-mails often contain both plain text and HTML components. This also increases the overall size of the e-mail.

1. en.wikipedia.org/wiki/Base64 Read More FAQs