[unisog] Still need a "security" address?

Russell Fulton r.fulton at auckland.ac.nz
Thu Feb 22 05:31:36 GMT 2007



Gary Buhrmaster wrote:
>> Is it out of line to consider assigning the email alias "security AT
>> Oberlin DOT edu" to the folks in blue while expecting /network/ security
>> issues to be addressed to "abuse?"
>>     
>
> Well, RFC 2142 clearly states that "security@<site>" should
> be associated with "Security bulletins and queries" (under
> the Network Operations area, long before most sites even
> had the concept of a separate cyber security group).
>
>   
After I had persuaded Unisafe that having an email alias was a good idea
the immediately wanted 'security'  I pointed to RFC 2142 and said "no
way" but we will gateway it for you.   As I have said elsewhere that
works well.  About once every two or three weeks we get an email for
building security and I have a stock email that I send to the originator
politely point out the correct address.  The invariable response is
"Thanks!".

Russell



More information about the unisog mailing list