question regarding US requirements for journaling public email (possible legislation?)

Steven Bellovin smb at
Fri Jan 6 13:59:50 UTC 2012

On Jan 5, 2012, at 11:05 37PM, Suresh Ramasubramanian wrote:

> There's no shortage of stuff that reaches you 80..90 days after the fact
> The UK voluntary retention rules make a lot more sense, compared to "a
> few days", which is entirely impractical
> On Fri, Jan 6, 2012 at 9:30 AM,  <Valdis.Kletnieks at> wrote:
>> You need to track down a miscreant user *right now*? You got the last 48 hours
>> of logs right at hand.  It's been a week? Meh, if somebody's been getting hit by
>> a DDoS for a week and is just now calling you, the fact they have a DDoS is the
>> least of their problems. Toss the logs. :)

The answer from the EFF is the same: retain what *you* have an
operational or administrative need for.  This is very different from a
legislative mandate for multiyear retention.

		--Steve Bellovin,

More information about the NANOG mailing list