http:// qmail.jms1.net / privacy.shtml

Privacy Policy

All the cool web sites are posting privacy policies, and somebody asked me if I had one, so I figured I should write one.

Privacy is a very important issue to me. I know that I'm very hesitant about providing any kind of personally identifiable information when I visit web sites, and by the same token I'm being very careful to NOT collect any more information than I need to when people visit my sites.

To sum it all up in one sentence, I don't WANT your private information beyond what I might need for troubleshooting my own server, and I am doing everything I can to prevent my server from collecting any more than it needs to.


Log Contents

Web Server

When you visit web pages on my server, the web server automatically keeps log files which contain the following:

As you can see, it's fairly standard stuff. These are the same data which are collected by pretty much every web server on the internet.

Email

When qmail handles a message on my server, the following information is logged:

DNS Services

This machine is an authoritative DNS server for several domains, and also serves an RBL (realtime blacklist) containing entries for IPs from which I do not wish to receive mail. As such, it receives and answers requests from the outside world regarding those domains. The following information is logged for each query:

XMPP/Jabber Server

This machine is running an XMPP, or "Jabber", server. This is a form of IM (instant messaging) which does not rely on any one central server, such as "AOL Messenger", "MSN Messenger", or "Yahoo Chat". The XMPP protocol is used as the underlying protocol of "Google Chat", which means that Gmail users are able to chat with other Jabber users.

At a former job, I watched somebody (a sheriff's deputy in uniform, standing in my office) call the operator of one of the largest IM networks in the world, and ask for a list of everybody who a particular user had been chatting with for the previous three months. Twenty minutes later, this company emailed him SIX months' worth of FULL TRANSCRIPTS of the conversations. There was no court order, subpoena, or even a FAX on department letterhead... just a voice on the phone who claimed to be "Deputy so-and-so from the XYZ Sheriff's department."

The jabber services on this machine only log the following:

To say it very plainly, no message contents are ever logged. Neither is the message routing information (i.e. "John sent a message to Frank"), however by correlating the times of the c2s and s2s connections, it may be possible to figure out that one or more messages were passed between two or more users (i.e. a traffic analysis.)

The closest thing to logging messages is the PostgreSQL database, which contains each user's "buddy list" and authentication information, as well as any undelivered messages. If a user sends a message to somebody who isn't connected, or receives a message while they are not connected, the messages are held in the database until they can be delivered to the recipient. Once the message is delivered, it is deleted from the database.


Log file retention


Cookies

Cookies are small pieces of text which a web server hands to a browser, and which a browser sends back to that web server whenever requesting a new page. Cookies are used to overcome a limitation of the HTTP protocol, the lack of support for persistent sessions. Web servers handle requests from multiple clients at the same time, and each request is logically separate from any other request. By using cookies, a server-side application can keep different clients separate from each other, and can maintain a "state" for each client. This makes things like shopping carts possible.

The cookie mechanism can be abused, however. If a page includes content (such as banner ads) from a third party, and that third party includes cookies with their responses (as all banner-ad companies do), your browser will normally keep their cookies as well- and if you visit some other page on a different site, which happens to include content from the same third party, that first cookie goes back with the new request- which means this third party is able to track your visits to BOTH web sites under the same identifier. This behaviour is exactly why DoubleClick was sued back in January 2000- a case which they ultimately settled after two and a half years.

The only times I use cookies on my web sites are:


Javascript

Some web sites embed javascript code into their pages which find ways to track you. I don't do anything like that. The only times I use javascript are:


Google Ads

I have been participating in Google's AdSense program for the past few years, allowing Google to place banner ads at the bottom of most of the pages on the site.

The AdSense program is implemented by my including a block of HTML code supplied by Google at the bottom of every page. This block of HTML does use both javascript and cookies. The javascript code and the cookies are both tied to, and supplied by, Google. In particular, those cookies are never sent to my server- they are only sent to Google's servers, when your browser retrives the content for the ad itself. My only involvement is that, whenever somebody clicks on an ad, Google adds a little bit of money to my account- and when the account reaches USD $100.00, they send me a check. I'm certainly not getting rich off of it, but it is kinda nice to get those checks every once in a while.

Google has notified me that on 2009-04-08, they will start using what they call "interest-based advertising." I'm supposed to refer people to Google's Advertising and Privacy page for information about Google's policies, so I've provided the link.

With that out of the way, here's what I think is actually happening. You may remember that Google bought out DoubleClick a while back. It looks like Google is going to start using DoubleClick's system to select the ads it shows, rather than using their current system, which chooses ads based on the content of the page in which the ad appears. This also means that any Google ads served will be adding to that database of what people are interested in- basically, anybody who sees a Google ad served by my web site will be adding "qmail" to the list of things DoubleClick knows they're interested in.

I'm not comfortable helping Google, or anybody, build a database like this- especially since its primary use is to show advertising, which is something I don't particularly like to begin with.

So I'm going to make a few recommendations about how you can protect yourself from what I personally see as an invasive system.

I'm not entirely comfortable with the idea of continuing to host Adsense ads, if they're going to tie into the DoubleClick cookies. I've been blocking both the ads and the cookies from my own browsers for several years, however others may not mind being tracked like this- and if you don't mind being tracked (and occasionally clicking an ad or two) then I don't mind if Google wants to pay me for your clicks. The point is that it's an INFORMED decision on your part.


Other considerations

If you have any questions about this policy, please contact me at the email address listed below.