Arnold Consulting Policies

This page is updated from time to time as new policies are formulated and approved. Check this page for updates on a regular basis. You can use the "last updated" date at the bottom to determine whether any changes were made since your last visit.

The key words "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as defined in BCP 14 (RFC 2119).

Avoiding Spam

Spam is unsolicited mass email. It is often commercial in nature, but can also be sent for political or other motives. Email can also be used for legitimate marketing purposes, if great care is used to send mailings only to those who request them. See Sending Mass Mail below for details.

You SHOULD take care to provide your email address only to companies and Web sites from which you would like to receive mail. You SHOULD read the privacy policy of any Web site to which you submit information. By submiting information, you could be granting permissions to share your email address and other personal information with contract mass mailers!

You SHOULD NOT buy anything from a spammer. If the spammer is an otherwise reputable company, you MAY send a polite complaint to the Postmaster or Webmaster address for the company, or a personal contact (such as a sales person), explaining that unsolicited commercial email is an abusive business practice and it has tarnished the company's reputation in your mind.

You MUST NOT use any "remove" technique proposed in mail you do not remember requesting. Most "remove" techiques are hoaxes, and like spam, "remove" messages waste time and system resouces. Spammers sometimes use "remove" techniques to confirm addresses, selling the confirmed addresses to other spammers, and causing the victim to receive even more spam.

You SHOULD NOT click on any link or display any image in a spam message. Spammers use the feedback obtained from image and link references to confirm your e-mail address and to determine what subjects and senders are most likely to induce you to open their mail and what content is most likely to get past your spam filters. Consider switching to mail software that allows you to read all mail as plain text and to not load remote images in mail and news.

You SHOULD simply delete any unrequested email. If spam from a single source is persistant, offensive, or contains or offers child pornography, you SHOULD report it to the Arnold Consulting abuse desk for forwarding to the spammer's Internet service provider, or for child pornography, to the Cyber Tipline, operated by the National Center for Missing and Exploited Children (NCMEC).

When sending to large numbers of recipients, you SHOULD protect the privacy of their e-mail addresses by sending them as blind courtesy copies (Bccs), or by using a mailing list that does not expand the addresses into the headers.

Child Pornography

Child pornography is defined in U.S. federal and state statutes. See the summary and U.S. Code references at the NCMEC Web site.

You MUST NOT forward or download child pornography. (Doing so is a violation of the federal laws.) Instead, you SHOULD report it, and spam advertising child pornography, by telephone to +1 608 278 7700 (preferred) or by e-mail to the abuse desk. An abuse desk technician will remove it from your mailbox and transmit it to the NCMEC.

Sending Mass Mail

You SHOULD use only Web sites and Confirmed Opt-In mailing lists for Internet advertising.

You MUST use only ethical and responsible methods for collecting electronic mail addresses for mass mailings. In particular, you MUST send mail only to those who have specifically requested to receive that type of mail, and whose addresses you have confirmed by receiving a response to a request for confirmation mailed to the candidate addresses.

The default choice for receiving bulk mail that you offer when you collect electronic mail address SHOULD be "no mail".

You MUST NOT purchase or use so-called "opt-in" lists developed by others.

You MUST provide a working Web or electronic mail address for opting out of future mailings on each message you send.

You MUST promptly cease mailings to anyone who so requests.

For each complaint to Arnold's abuse mailbox about your mass mailing, you will be subject to a handling fee of $25.00 if you can substantiate the recipient confirmed that they wished to receive that type of mail, or $100.00 if no confirmation can be proved or if it was for a different type of mailing. Should the Arnold mail servers be listed on an Internet black list as a result of your mass mailing, you will be subject to a clean up fee of $250.00 plus a consulting charge for the necessary work to get the Arnold servers off the list, at the current rate for straight time or overtime.

For more information on mass mailing on the Internet, and what is proper and improper, see RFC 2635. For additional suggestions on using the power of the Internet for responsible advertising and customer communications, see RFC 3098.

Chain Letters

[Added 18 March 2004]

You MUST NOT send or forward chain letters.

You SHOULD immediately delete chain letters.

Chain letters often offer something for free, such as travel, a wireless telephone, or just "good luck", for forwarding mail to some number of other computer users or to "everyone you know". They are all hoaxes, and are not harmless--they waste time and computer resources, and can be a headache for computer support staff.

Computer Viruses

[Updated 18 March 2004]

Every computer user must take precautions to avoid contracting or transmitting computer viruses and other malicious programs ("malware").

You MUST NOT download programs directly from the Internet. Programs may be viruses, or infected with viruses. Programs MUST be checked, then installed, by Arnold's security officer.

You SHOULD NOT download office documents directly from the Internet. Office documents include word-processing documents, spreadsheets, presentations and other complex files that can include macros and other forms of "active content". You SHOULD request information in simple formats that cannot be infected, including plain text, rich text, comma-separated values, and images.

You MUST NOT open unsolicited files you receive in electronic mail, including programs, archives, greeting cards, and screen savers. Even files that appear to be from people you know about subjects you've previously discussed MUST NOT be opened until you confirm with the sender the contents and purpose of the mail. Viruses frequently forge senders and steal mailbox content to induce you to open them.

You MUST NOT play games or use screen savers that were not supplied with your system's operating system. If you are not certain of the origin of any program, you MUST NOT use it.

You MUST NOT send or open password-protected archives. Password-protected ZIP archives are currently responsible for the transmission of the W32/Bagle family of viruses. Password-protected archives cannot be scanned by our virus-scanning software, and so are replaced with text warnings by the Arnold mail servers.

If you need to compress a file and assure its privacy, you SHOULD first create a ZIP archive without a password, then use strong PGP or S/MIME encryption to send the file. Assistance is available from Arnold's security officer on these procedures.

You MUST inform Arnold's security officer immediately if you suspect that your computer has become infected by a virus.

Virus Warnings/Hoaxes

Virus Hoaxes are a form of chain letter. To prevent the spread of virus hoaxes, and to insure all authentic security instructions are recognized and followed and bogus "security instructions" are ignored, this policy has been adopted.

You MUST NOT forward any virus warnings of any kind to anyone other than Arnold's security officer, Steve Arnold. It doesn't matter if the virus warnings came from an anti-virus vendor or were confirmed by a large computer company or your best friend.

You MUST either delete virus warnings (preferred) or send them to Dr. Arnold and to him alone.

You MUST read and comply with all virus warnings sent to Arnold staff and customers with Dr. Arnold's digital signature. You MUST ignore all virus warnings from any other source, and warnings not signed with Dr. Arnold's digital signature, even if apparently from Dr. Arnold. If you have any questions on how to verify a digital signature, telephone Dr. Arnold for assistance.

Back to the Arnold Consulting Welcome Page

This page was last updated 27 May 2013, and has been visited 9,996 times.

Copyright © Arnold Consulting, 2001-2013. All rights reserved, except you may download this page to view it, and you may print a single copy for personal use. Arnold® is a registered trademark and service mark of Arnold Consulting. Some of the names and marks here are trademarks of others. Author: SLA
Valid XHTML 1.0!